Language Selection

English French German Italian Portuguese Spanish

better stability & security

Rolling release is good for

Rolling release is good for one reason. You get the full security and bug fix updates as intended by upstream.

No amount of backporting fixes is enough to keep a system secure and bug free. It's as simple as that. If I backport fixes from kernel git tree to a stable kernel 2.6.2x release, I'm most likely going to miss a lot of fixes. Cherry picking fixes for popular bugs only isn't a solution and causes weakness in Static release distributions.

The only requirement for a rolling release to work is to keep the base system as simple as possible. Theoretically, no downstream patching should be done in packages such as glibc, gcc or kernel unless it is a patch waiting to be eventually merged in a future upstream release.

re: poll

For servers - Static release/repo.

The "theory" of rolling releases is great, but the real world application, not so much.

Servers MUST be stable and secure. With a rolling release, you rely too much on the upstream vendor not to fubar something your system must have (not that it can't be done - mainframes have been doing rolling upgrades for decades - it's just EXPENSIVE to do it right).

RHEL/CENTOS has the right business model. Forget the fluff (and or bleeding edge stuff), only put well tested software into their repo's, backport security as needed, and support the whole thing for 5 years (or longer for security patches)

Of course it doesn't really matter what method the upstream vendor uses, you still need to run a parallel test environment along side your production environment, and test everything (and I mean EVERYTHING) in the first before rolling it out on the second.

It's just easier (for me anyways) to plan your server environments (and their future) if you have static (but not the ridiculously short 6 month timeframe) releases.

Which would you say is better for a linux server?

I have heard the topic discussed in various forums and points of view.

Which would you say is the better choice for a linux based server?

Please give reasoning for your answers and not post "sux" or "rules" nonsense.

Big Bear

More in Tux Machines

Server: GNU/Linux Dominance in Supercomputers, Windows Dominance in Downtime

  • Five Supercomputers That Aren't Supercomputers
    A supercomputer, of course, isn't really a "computer." It's not one giant processor sitting atop an even larger motherboard. Instead, it's a network of thousands of computers tied together to form a single whole, dedicated to a singular set of tasks. They tend to be really fast, but according to the folks at the International Supercomputing Conference, speed is not a prerequisite for being a supercomputer. But speed does help them process tons of data quickly to help solve some of the world's most pressing problems. Summit, for example, is already booked for things such as cancer research; energy research, to model a fusion reactor and its magnetically confined plasma tohasten commercial development of fusion energy; and medical research using AI, centering around identifying patterns in the function and evolution of human proteins and cellular systems to increase understanding of Alzheimer’s, heart disease, or addiction, and to inform the drug discovery process.
  • Office 365 is suffering widespread borkage across Blighty
     

    Some users are complaining that O365 is "completely unusable" with others are reporting a noticeable slowdown, whinging that it's taking 30 minutes to send and receive emails.  

Google: VR180, Android and the Asus Chromebook Flip C101

Security Leftovers

  • Hackers May Have Already Defeated Apple’s USB Restricted Mode For iPhone
    Recently, the iPhone-maker announced a security feature to prevent unauthorized cracking of iPhones. When the device isn’t unlocked for an hour, the Lightning port can be used for nothing but charging. The feature is a part of the iOS 12 update, which is expected to launch later this month.
  • Cops Are Confident iPhone Hackers Have Found a Workaround to Apple’s New Security Feature
    Apple confirmed to The New York Times Wednesday it was going to introduce a new security feature, first reported by Motherboard. USB Restricted Mode, as the new feature is called, essentially turns the iPhone’s lightning cable port into a charge-only interface if someone hasn’t unlocked the device with its passcode within the last hour, meaning phone forensic tools shouldn’t be able to unlock phones. Naturally, this feature has sent waves throughout the mobile phone forensics and law enforcement communities, as accessing iPhones may now be substantially harder, with investigators having to rush a seized phone to an unlocking device as quickly as possible. That includes GrayKey, a relatively new and increasingly popular iPhone cracking tool. But forensics experts suggest that Grayshift, the company behind the tech, is not giving up yet.
  • How Secure Are Wi-Fi Security Cameras?
  • Trump-Kim Meeting Was a Magnet For Russian Cyberattacks

KDE: Usability and Productivity initiative, Kraft and Konsole

  • This week in Usability & Productivity, part 23
    This has been a bit of a light week for KDE’s Usability and Productivity initiative, probably because everyone’s basking in the warm glow of a well-received release: KDE Plasma 5.13 came out on Tuesday and is getting great reviews!
  • Kraft Version 0.81 Released
    I am happy to announce the release of Kraft version 0.81. Kraft is a Qt based desktop application that helps you to handle documents like quotes and invoices in your small business. Version 0.81 is a bugfix release for the previous version 0.80, which was the first stable release based on Qt5 and KDE Frameworks5. Even though it came with way more new features than just the port, it’s first release has proven it’s stability in day-to-day business now for a few month.
  • Giving Konsole some love
    I started to hack in Konsole, and first I was afraid, I was petrified. You know, touching those hardcore apps that are the center of the KDE Software Collection. I started touching it mostly because some easy to fix bugs weren’t fixed, and as every cool user knows, this is free software. So I could pay for someone to fix my bugs, or I could download the source code and try to figure out what the hell was wrong with it. I choosed the second approach.