Hi!
On Wed, Feb 15, 2006 at 10:59:22AM +0100, Timo Veith wrote:
> I have learned that it is not possible to stay at a certain level of
> package versions. You need to follow the flow, if you want to install
> security updates. I know there are projects that want to take care of
> this issue, but I think they aren't ready, yet. So I believe it could
> only be a matter of time until you have to upgrade gcc.
Yeah, this is truth. I've tried to install only security updates for
about a year, and after ~8 month I found it impossible to continue
installing security updates without updating some packages I don't wanna
update at that time... and some time later - without toolchain upgrade
and complete system recompilation as result.
And I must say - this situation was a REAL PAIN! That server was
under very high load (loadavg between 5 and 15), so I was unable
to recompile everything quickly enough, and HUGE amount of packages,
including critical for me packages, wanna to upgrade after that year
when I've installed only security updates.
For me, Gentoo has two most important advantages over other distributions:
it extraordinary flexible in selecting what and how should be installed
and it allow painless continuously updates. I think it's big mistake to
ignore these advantages!
So, I think not using ~arch and (in critical cases) freezing versions
of some important packages (like MySQL) PLUS continuously updates is best
way to ensure server security and stability.
--
WBR, Alex.
--
[email protected] mailing list
