[Sysadmin] Migrating to ServerMatrix

[David Kaufman]

David A. Ulevitch wrote:
> On Jun 19, 2004, at 5:11 AM, William Anderson wrote:
>> I favour compilation, as it means we can build Apache *exactly* the
>> way we want, and with a properly managed build script (which I have
>> something approaching) then upgrades/updates are a scoosh.  I
>> upgraded from 1.3.29 with old open/modssl/php4 to the latest version
>> in the time it took to compile, which on a P4 was only a couple of
>> minutes.


i do tend to compile the things i'm very comfortable maintaining and
upgrading, or those that i plan to heavily be tweaking.  it's the
gazillions of *other* things that i just expect to work, and securely,
like mail service on a web server, or SSH or, as in the case of l.e.o (i
thought) web service on a mail server.

> apt-get install equivs
>
> make a dummy apache package that provides all that apache-common and
> (optionally) php4 & php4-cgi so that other packages will know that
> dependency is met

while i've installed a lot of woody boxes, i built my first deb package
just the other day.  i needed perl 5.8.x for a project, and was tired of
doing this http://perlmonks.thepen.com/285799.html on each and every
server so i made a stupid little package for it.  pretty neat, but i
didn't figure out how to setup an unofficial repository for it and tell
dpkg where it lives and so all those machines will auto-upgrade one day
when i update it -- so for now it's just a quick way to install the
precompiled perl and install it into /usr/local.

> Also, regarding backports, I meant that I dislike backports packaged
> by others...you seem more than qualified to compile from source so
> take the few extra steps to learn how to make a .deb (I can help you)
> and do it yourself.  Backports are annoying in that they install in
> the standard locations when really they should be in /usr/local/ or
> /opt or /var/backports and symlinked to standard locations.

i guess that is annoying if it's not what you want.  i have thought of
backports as a godsend, because i really want my company servers running
woody for the fastest security updates, but for those few instances
where you need to support a newer feature iof postfix for example, or
mysql 4, i really appreaciate that backports.org is there, saving me all
the time of mantaining these myself.

> ... Finally,
> why trust unauthorized package makers who have not gone through the
> debian process...trust yourself. I trust you, not backports. :)

well, i'm all for self-reliance!  but i appreciate the backports
precisely because they *are* maintaied, and i don't have to do all the
maintenace.  for instance i got a samba 3 update not too long ago that i
had been waiting for, but didn't have to do myself.  same with the
recent PostgreSQL 7.4 security fix.  backports had it long before i
would have had time to do it -- most likely (had i built my own package)
i would not have gotten around to updating it until the next release.
also, in many cases the backport maintainers and the official package
maintainers are one in the same :-)

-dave