[arch-general] Arch Linux on servers?

Florian Pritz bluewind at xinu.at
Tue Jul 9 08:24:04 EDT 2013


On 09.07.2013 12:13, M Saunders wrote:
> I'm still left wondering though: who uses it on production servers? I
> mean, the distro's overall simplicity and trimmed-down base
> installation are plus points here, but surely a rolling release poses
> problems. After installation you just want security and critical bug
> fix updates for software, and not major version bumps, right?

I've seen at least 2 or 3 kernel exploits that were mitigated by newer
kernel versions (which we had, debian didn't). Obviously there have been
other issues which could only be exploited in more recent kernel
versions which didn't affect debian.

Then there are those issues where there is a patch but no new release so
it might not get fixed in arch until the next release (no security team
nor policy for such patches).

In terms of updating breakage it doesn't matter what you use, updating
will eventually result in breakage, but if you know the system well
enough you will have a much easier time fixing it.

I had a case where a few debian servers got upgraded after something
like 1.5 years and spamassassin suddenly used a lot more resources.
Since basically every package jumped lots of versions finding the
package responsible for that was kind of impossible so they just bought
a bunch more servers to deal with the higher load.

On arch you could probably narrow it down and fix the software. Might
not be cheaper and might not be what you want (cool new feature causing
the issue maybe), but at least you aren't left in the dark.

I'm not sure if either distro is more time intensive, I think you will
just spend your time differently. Also investing time in anything will
result in knowledge so I'm not sure if that's a bad thing.

If you don't know what you are doing, don't run a server with arch. But
then you shouldn't be running a server in that case anyway. As Allan
once said: "If you have to ask, then no".

I'd say neither solution (rolling-release vs "stable and secure") is
better, they are just different. Get to know your tool (distro) and
decide for yourself.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20130709/70bb4124/attachment.asc>


More information about the arch-general mailing list