Language Selection

English French German Italian Portuguese Spanish

better stability & security

Rolling release/repo
73% (183 votes)
Static release/repo
27% (67 votes)
Total votes: 250

Rolling release is good for

Rolling release is good for one reason. You get the full security and bug fix updates as intended by upstream.

No amount of backporting fixes is enough to keep a system secure and bug free. It's as simple as that. If I backport fixes from kernel git tree to a stable kernel 2.6.2x release, I'm most likely going to miss a lot of fixes. Cherry picking fixes for popular bugs only isn't a solution and causes weakness in Static release distributions.

The only requirement for a rolling release to work is to keep the base system as simple as possible. Theoretically, no downstream patching should be done in packages such as glibc, gcc or kernel unless it is a patch waiting to be eventually merged in a future upstream release.

re: poll

For servers - Static release/repo.

The "theory" of rolling releases is great, but the real world application, not so much.

Servers MUST be stable and secure. With a rolling release, you rely too much on the upstream vendor not to fubar something your system must have (not that it can't be done - mainframes have been doing rolling upgrades for decades - it's just EXPENSIVE to do it right).

RHEL/CENTOS has the right business model. Forget the fluff (and or bleeding edge stuff), only put well tested software into their repo's, backport security as needed, and support the whole thing for 5 years (or longer for security patches)

Of course it doesn't really matter what method the upstream vendor uses, you still need to run a parallel test environment along side your production environment, and test everything (and I mean EVERYTHING) in the first before rolling it out on the second.

It's just easier (for me anyways) to plan your server environments (and their future) if you have static (but not the ridiculously short 6 month timeframe) releases.

Which would you say is better for a linux server?

I have heard the topic discussed in various forums and points of view.

Which would you say is the better choice for a linux based server?

Please give reasoning for your answers and not post "sux" or "rules" nonsense.

Big Bear

More in Tux Machines

Red Hat's Survey in India

From Raspberry Pi to Supercomputers to the Cloud: The Linux Operating System

Linux is widely used in corporations now as the basis for everything from file servers to web servers to network security servers. The no-cost as well as commercial availability of distributions makes it an obvious choice in many scenarios. Distributions of Linux now power machines as small as the tiny Raspberry Pi to the largest supercomputers in the world. There is a wide variety of minimal and security hardened distributions, some of them designed for GPU workloads. Read more

IBM’s Systems With GNU/Linux

  • IBM Gives Power Systems Rebates For Linux Workloads
    Big Blue has made no secret whatsoever that it wants to ride the Linux wave up with the Power Systems platform, and its marketeers are doing what they can to sweeten the hardware deals as best they can without adversely affecting the top and bottom line at IBM in general and the Power Systems division in particular to help that Linux cause along.
  • Drilling Down Into IBM’s System Group
    The most obvious thing is that IBM’s revenues and profits continue to shrink, but the downside is getting smaller and smaller, and we think that IBM’s core systems business will start to level out this year and maybe even grow by the third or fourth quarter, depending on when Power9-based Power Systems and z14-based System z mainframes hit the market. In the final period of 2016, IBM’s overall revenues were $21.77 billion, down 1.1 percent from a year ago, and net income rose by nearly a point to $4.5 billion. This is sure a lot better than a year ago, when IBM’s revenues fell by 8.4 percent to $22 billion and its net income fell by 18.6 percent to $4.46 billion. For the full 2016 year, IBM’s revenues were off 2.1 percent to $79.85 billion, but its “real” systems business, which includes servers, storage, switching, systems software, databases, transaction monitors, and tech support and financing for its own iron, fell by 8.3 percent to $26.1 billion. (That’s our estimate; IBM does not break out sales this way, but we have some pretty good guesses on how it all breaks down.)

Security News

  • DB Ransom Attacks Spread to CouchDB and Hadoop [Ed: Get sysadmins who know what they are doing, as misconfigurations are expensive]
  • Security advisories for Monday
  • Return on Risk Investment
  • Widely used WebEx plugin for Chrome will execute attack code—patch now!
    The Chrome browser extension for Cisco Systems WebEx communications and collaboration service was just updated to fix a vulnerability that leaves all 20 million users susceptible to drive-by attacks that can be carried out by just about any website they visit.
  • DDoS attacks larger, more frequent and complex says Arbor
    Distributed denial-of-service (DDoS) attacks are becoming more frequent and complex, forcing businesses to deploy purpose-built DDoS protection solutions, according to a new infrastructure security report which warns that the threat landscape has been transformed by the emergence of Internet of Things (IoT) botnets. The annual worldwide infrastructure security report from Arbor Networks - the security division of NETSCOUT - reveals that the largest distributed denial-of-service (DDoS) attack reported in 2016 was 800 Gbps, a 60% increase over 2015’s largest attack of 500 Gbps.