Date: Thu, 11 Jul 2002 09:12:55 +0200 From: Rahul Siddharthan <rsidd@online.fr> To: Terry Lambert <tlambert2@mindspring.com> Cc: Alexey Dokuchaev <danfe@regency.nsu.ru>, Cy Schubert - CITS Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, chat@freebsd.org Subject: Re: Package system wishlist Message-ID: <20020711071255.GA264@lpt.ens.fr> In-Reply-To: <3D2CC6A9.EB0F7995@mindspring.com> References: <20020710210509.GA686@lpt.ens.fr> <3D2CA535.EC11BDA1@mindspring.com> <20020710213619.GA882@lpt.ens.fr> <3D2CBAC4.6AC3CAC9@mindspring.com> <20020710230709.GA1512@lpt.ens.fr> <3D2CC6A9.EB0F7995@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert said on Jul 10, 2002 at 16:43:37: > Rahul Siddharthan wrote: > > > I am refusing to go from 4.x to 5.x; or from 4.4 to 4.6. Whichever. > > > The important part is my refusal to change for the sake of change. > > > > Then you'd have to convince the FreeBSD security people to issue fixes > > for all branches, back to 1.0 or earlier, no? (Equivalently, to > > support version 4.4 until the year 2038.) I still don't see your > > argument for packaging components of the base system. A binary from > > FreeBSD 7.3 in 2006 is unlikely to work on your FreeBSD 4.4 system. > > > > Microsoft did support Windows 95 for a long time, but they have a > > rather less aggressive release schedule. > > No, all I'd have to convince them to do is release fixes for the > varios packages. I can install a different OpenSSH in my system, > if OpenSSH is just another component. All I have to care about is > binary backward compatability, and that's taken care of by the > dependency tracking. (a) You're still bitten by major incompatible changes in OpenSSH which could screw up your setup (config files etc, as you pointed out). (b) What about the C library, the toolkit, the rest of the "base" system? Would you like those to be packages too? In that case, I think gentoo linux's "portage" setup is just for you. The entire system is a collection of "ports" (or, to use their terminology, "ebuilds"), plus the kernel. I like it, but it's clear to me that I wouldn't trust such a thing on a server. It's for people who like the "bleeding edge" and such a terminology as "gentoo 1.2 + bugfixes" has no meaning: each component is upgraded separately to the point where it becomes gentoo 1.3, etc. Either you have nondisruptive bugfixes, or you have potentially disruptive upgrades. You can't have guaranteed-nondisruptive upgrades. And nondisruptive bugfixes are typically not supplied for outdated packages, so eventually you have to upgrade. In your example, you're at the mercy of not only the FreeBSD team but also the OpenSSH team. As of now, at least, we only depend on the FreeBSD team. - Rahul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020711071255.GA264>