On Sat, Dec 1, 2012 at 9:27 PM, Peter Stuge <pe...@stuge.se> wrote: > Michael Orlitzky wrote: >> I just get annoyed with the "don't use Gentoo unless you like your >> stuff broken" attitude. > > Don't confuse stuff changing with stuff breaking - they are very > different things. > > In Gentoo stuff changes every single day. I heard that gentoo-x86 > gets some number of commits per hour, or was it per minute.. > > Stuff generally doesn't change for changes sake, but because the > change is an overall improvement to Gentoo. Gentoo being source > based is also a big part of why there are so many and frequent > changes. > > This means that anyone who wants to use Gentoo and have a system > which reliably does what they want it to do *need to pay attention*.
Anyone running any distro (that receives updates) needs to pay attention. I manage thousands of Ubuntu machines (desktops, servers, laptops, including ldap servers.) Screwups will happen. At one point, Ubuntu pushed a pam package that broke ABI and caused cron to not work. Cron broke..on thousands of my machines. At one point, Ubuntu shipped a sendmail package that would cause data loss in some edge cases that we happened to trigger, and a bunch of emails were accidentally deleted. At one point, Ubuntu shipped an nfs-utils package that would cause your machine to hang if you had kerberos in your PAM stack, locked your screen, and had a sec=krb5 NFS mounted homedirectory. The solution was to ssh into the machine and kill the screensaver process, or run kinit. This is in the Ubuntu LTS, which once released, doesn't receive updates that often (one per day perhaps..) We certainly don't review them, as most of the are fine. Gentoo receives updates at a much more rapid rate. Testing all the updates is basically not possible. Understanding the updates is basically not possible. The proper way to have a 'rock solid' LDAP system is to realize the above, that we live in an imperfect system, and manage your services appropriately. As a sysadmin, that means you schedule a maintenance window for your openLDAP stuff; so your users know it might be down, and why. That means you build binpkgs, so you can easily revert if something goes wrong. That means you have a test server. That means you have two production servers, behind anycast, or a loadbalancer; you take the first one down, do the upgrade, test, and then restore to production, then do the second server. If the first server fails testing, you still have the working server to tide you over. > > They need to pay attention to what happens upstream, and they need to > pay attention to what happens in Gentoo. Not by monitoring every > mailing list, but by monitoring what portage will do when they use > it, and by being sure that this is what they desire. USE flags are a > huge part of this. Guessing at what any USE flag means is no good, so > yes, sometimes it is needed to actually look at the ebuild to learn > what will happen. Personally I find ebuilds to be amazing as > documentation, because they are also the actual code. > > I've built some Gentoo systems tailored to specific needs which work > great but which are not getting updated, because the sysadmins who > take care of those systems since they were deployed aren't > comfortable and efficient with Gentoo. That's fine - Gentoo is > clearly not a system for everyone. > > But it *is* a fantastic system for those who are aware that a finely > tuned machine requires good care, and who are able and willing to > take such care, by being active in creation of their systems. It is > fantastic because it is so easy for Gentoo to change for the better, > which happens constantly. > > I think USE=-server is a great way to change the ebuild for the > better. I don't care at all about a news item. They are generally > only annoying me. :) > > > //Peter >
