Date: Sun, 16 May 2010 18:50:40 +0100 From: krad <kraduk@googlemail.com> To: Polytropon <freebsd@edvax.de> Cc: Dan Naumov <dan.naumov@gmail.com>, freebsd-questions@freebsd.org Subject: Re: How long do you go without upgrading FreeBSD to a newer release? Message-ID: <AANLkTimpMHG8PbjDPGCHEppXu7vB7le76ss3-48UDSjK@mail.gmail.com> In-Reply-To: <20100516180547.3c61a7e1.freebsd@edvax.de> References: <AANLkTilslPj7GtFD_tbliyvm7_18qeJOYqDMEca_70fa@mail.gmail.com> <20100516180547.3c61a7e1.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 16 May 2010 17:05, Polytropon <freebsd@edvax.de> wrote: > On Sun, 16 May 2010 18:42:44 +0300, Dan Naumov <dan.naumov@gmail.com> > wrote: > > Just a thought/question that has recently come to my mind: How long do > > you usually wait until upgrading to a newer release of FreeBSD? > > A quite generic answer: Only as long as needed. :-) Upgrading > often is determined by certain considerations, such as the > ability to maintain system security (again depending on the > setting and the purpose of the installation), or the require- > ment for some functionality that explicitely requires upgrading. > > > > > What's your oldest currently running installation, > > do you have any issues and are you planning on an upgrade or do you > > intend to leave it running as is until some critical piece of hardware > > breaks down, requiring a replacement? > > FreeBSD 5.4-p14 on a P2/300, 128 MB RAM, office workstation, > last update both in system and applications in 2006. > > Upgrade planning: no. > > Leave it running as long as possible: yes. > > Reason: System runs perfectly (it's not on WAN or acting as a > server, so no major security considerations). It runs better than > my FreeBSD 7 home system which awaits upgrading to 8 soon. :-) > > Oldest: 4.1 on a 486 laptop, I'm sure it still works, but it's > not in regular use. :-) > > > > The reason I am asking is: I have a 8.0 installation that I am VERY > > happy with. It runs like clockwork. eveything is properly configured > > and highly locked down, all services accessible to the outside world > > are running inside ezjail-managed jails on top of ZFS, meaning it's > > also very trivial to restore jails via snapshots, should the need ever > > arise. I don't really see myself NEEDING to upgrade for many years. > > even long after security updates stop being made for 8.0, since I can > > see myself being able to at least work my way around arising security > > issues with my configuration and to break into the real host OS and > > cause real damage would mean you have to be either really really > > dedicated, have a gun and know where I live or serve me with a > > warrant. > > If you're running services available to the outside world, keep > in mind *their* security updates also. If those require a system > update, do it, but usually they don't - you usually just upgrade > the ports in question. For servers, you should follow -p as long > as possible. If there are no further security updates for a > certain release, it MAY be a valid idea to upgrade to the new > release (e. g. 8.0 to 8.2, or what's the current release when > 8.0-p doesn't continue). > > > > > Do you liva by the "If it's not broken, don't fix it" mantra or do you > > religiously keep your OS installations up to date? > > Maybe you'll laugh, but I go with both ways. :-) I've got an > experimental system that I try "bleeding edge" software on, just > to see how well it works. Servers and workstations that I > need to RELY ON go with "not broken, not fix". > > I'm sure you'll get more answers that suggest you to really > think about what you want to do, and that determines your way, > maybe both ways, if that fits your requirements. Both ways have > their advantages and disadvantages, and it's up to you how you > handle it. > > > > > -- > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > we have some production dns caches at work running bsd 4.3, that have been there for nearly a decade. We keep the dns software on them upto date and they are locked down with a firewall. However they will be going some time this year, but thats more down to consolidation than anything else.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimpMHG8PbjDPGCHEppXu7vB7le76ss3-48UDSjK>