[NCLUG] Bad question I know!

Quent quent at pobox.com
Sun Apr 15 13:17:26 MDT 2001 

This link from slashdot is apropos:

  http://securityportal.com/closet/closet20010411.html

Between what Sean's been saying about source RPMs and what that article
says I'm both elated and affraid :)

I'm sold on source RPMs now.

	Quent

On Sat, Apr 14, 2001 at 11:00:55PM -0600, Sean Reifschneider wrote:
> On Tue, Apr 10, 2001 at 12:28:58PM -0600, mike cullerton wrote:
> >now, i use slackware, download source, compile my own binaries and put them
> >where they make sense to me. i'm not a big fan of gui interfaces to
> 
> I actually started using RedHat *BECAUSE* of using Slackware.  The nice
> thing about having a package manager is that it knows what files it's
> installed, and therefore it can fairly easily back out packages that you no
> longer want, remove old files when upgrading to a new version, etc...  If
> you corrupt or overwrite a file, you can simply ask the package manager
> "Hey, what files have been modified?"
> 
> After 18 months of using a slackware system, I knew that if I had to
> re-load it, I'd have a very hard time bringing it back up to where it was
> before the re-load.  What packages did I have installed, for example.  Then
> I installed a sendmail patch 4 hours too late, and got a root compromise.
> I couldn't just re-install the OS files and copy over /usr/local -- I
> didn't trust the binaries that were on the system...
> 
> On the other hand, after 18 months, it was kind of time to do a reload
> anyway -- cruft left over from packages I tried and removed, or upgraded to
> new versions of.  This was back when I was lucky to have a 2GB hard drive,
> so it was kind of hard to say "Aww, I don't need to worry about trying to
> clean up the 100MB of cruft the old version of gcc left laying around."
> 
> I pretty much build everything from source, but I do so in the context of
> an RPM.  The RPM combines the pristine source to the package, with any
> patches, and a recipe describing how to build the binaries, and what the
> resulting list of files and directories are which get installed.
> 
> It's building from source, in a reproducable way...  The production
> sysadmin in me finds comfort in that.
> 
> Sean
> -- 
>  A computer lets you make more mistakes faster than any invention in human
>  history -- with the possible exceptions of handguns and tequila.
>                  -- Mitch Ratcliffe
> Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
> tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
>

More information about the NCLUG mailing list