On Sat, 2004-07-10 at 16:57, Rahul Sundaram wrote: > --- michael thon <mrthon@xxxxxxxxxxx> wrote: > > Greetings - I've been considering using fedora core > > 2 on a server and > > some workstations at work. But, it looks like, > > according to the fedora > > web site, that security updates, etc will only be > > provided for about 6-8 > > months after a new release. It seems that this > > short of a lifespan > > makes fedora difficult to use, even for hobbyists! > > Anyone else using > > fedora core in a production environment? > > cheers > > mt > > > > Fedora isnt meant to be used in a production > environment but many people are doing just that and > are successful. I know atleast a dozen web servers > using them. fedoralegacy.org is trying to extend the > lifespan of redhat and fedora. Please read their faq > for more explanations > For major packages used in production I have started building them from source. (apache, php, postgresql, etc) As such I can apply patches directly from the developers when needed. True, I don't use RPM for those packages but then I have a little more control over what options are included. It also makes upgrading to the latest versions easier and quicker since I don't have to wait for them to be packaged in rpm format. The other thing to consider, serious exploits or bugs don't seem to come around that often. If you have built a system that is working and you have taken precautions by putting a good firewall in front of it there is no reason that system won't be able to run for a very long time without having to upgrade anything. Concentrate on the services you have exposed (smtp, dns, http, ssh, etc) and make sure any exploits or bugs reported in those are taken care of. I think this is a valid approach. For example there are many many servers still running 7.x versions of RedHat. I still have a few RH8.0 systems myself. On top of that pay attention to the log files and run IDS software. Probably the one thing that amazes me is that many system admins don't review roots email on a regular basis. Have seen cases where there will be hundreds of messages in root's mailbox that have not been reviewed. -- Scot L. Harris webid@xxxxxxxxxx Stray Alpha Particles from memory packaging caused Hard Memory Error on Server.
