[PLUG] Version creep and patching...

[Elliott Mitchell]

>From: Unknown <plug_0 at robinson-west.com>
> I often hear, "you have to upgrade or you are insecure."  Well, some
> hardware won't run the newest version of Linux.  The Linux community

Well, as long as the release you're dealing is supportted, you can patch.
Patches tend to be very small changes, hopefully the absolute minimum
needed to patch the security problem. Once the version you're dealing
with is no longer supportted by the distribution, you do have to upgrade
or be insecure (or roll your own, but that is a PITA). If you don't like
upgrades, you go with RHEL, SuSE, Debian or one based on those, enjoy the
long upgrade cycles, but endure software that is older. If you need to be
on the bleeding edge, you go with Fedora, Debian-unstable or another
such distribution, but have to bleed (upgrade frequently). There is a
whole spectrum here, depending on how often you're willing to deal with
upgrades and how close to the edge you wish to be.

> needs to reign in the bloat and realize that increasing complexity in
> the kernel is starting to become a major problem for people trying to
> use it effectively.  I'd say that inadequate documentation for the 2.4
> kernel is a problem that has carried over to 2.6 in spades.  How many
> people wonder if they have something when attempting to configure the
> 2.6.18 kernel and don't know what decision to make?  If that which is
> not in the kernel tarball to explain the choices is on the net, what
> good does that do anyone?  With sufficient bloat, not everyone can go 
> to the Net to download everything they need.  Oddly enough, most 

Well, as already mentioned, if you can't deal with sparse documentation,
*don't*! Leave it to the distribution to make choices that aren't
optimal, but cover 90% of the cases. If neither of these is acceptable,
then hire a professional system administrator, they're expensive, but
that is because they will deal with these problems.

As far as bloat, well some distributions do go for the eye candy. If you
need a minimal system, that is quite doable too. On occasion I deal with
a PPro 200 system. Obviously Gentoo is hopeless for that system, but that
is why it doesn't use Gentoo. Does surprisingly well given its age. What
were you commenting about older hardware not working with recent
distributions/software? If you can't handle it, there are plenty of
people who you can hire to handle it for you. This is also trivial
compared to what companies like a certain Redmond company *requires*.

> Americans are still limited to dial-up connections magnifying the 
> bloat issue greatly.

Again, if bandwidth is an issue, use a smaller install. Also avoid full
upgrades which suck the bandwidth.

> I don't know of any series of standard places one can look if some
> portion of the kernel documentation is wrong about where to go for 
> a particular option.  I don't know how to follow library changes, I
> am not a highly skilled programmer.  Heck, most people aren't
> programmers at all.

Yes, and that is why you go with a stable distribution that doesn't
require you to be a programmer. You choose to either deal with
difficulties on the bleeding edge, or you go for something where you
don't have to, but don't get the latest thing. You don't get both, so
make your choice.

> Upgrading is not always a viable solution.  Sometimes you don't know
> what you are breaking.  My Maple 9.0.2 for Linux does not seem to run
> on any Linuce that's newer than Fedora Core 1.  How often is it
> reasonable to do a major upgrade?  It seems that Fedora supports more
> than it's Enterprise cousins, but it turns over so rapidly.  The

Again, it is the same choice. Bleeding edge or support. You don't get
both unless someone puts in a *lot* of time. This can be you, or someone
paid by you. Make the choice.

> enterprise variants are very limited in new hardware support, so one
> loses on the equipment side of the equation.  I think dropping 386
> support in Slackware 10.1 was the wrong move.  For Linux to be better

How many 80386 class machines are still out there? Sorry, but they're
dying. If you're really that desperate to use an old machine, then the
time has to be spent. The distribution folks rightfully are moving beyond
because it is too much time for them for a trivial number of machines.
Even a WRT54GL is many times faster than an 80386 machine! The cost to
replace one with a faster machine is pennies! Far cheaper to replace them
than spend the hours of time for support.

Why is this decision such a bad one?

> Should I remind everyone, within the past three months the evaluation
> download for VMWare Workstation 5.5 was still distributed for Fedora
> Core 3?  If FC3 is so ancient and off official support, what is with
> the producers of VMware?  On the topic of VMWare, why is sound support
> only partial under Fedora Core 3?  Nothing like hearing only one 
> channel of a stereo connection.  I still haven't gotten VMWare
> Workstation 5.5 to run on Fedora Core 5.

Again, make your bloody choices and live with them! You cannot have the
whole world bowing at your feet to suit your whims unless you're willing
to pay the cost either directly in time, or indirectly with money.

Fedora is a *bleeding* edge distribution! They say very clearly that
their support cycle is a grand total of 2 years, *period* (and even that
is far longer than they originally planned on). If you do not understand
that, then what point would there be in additional documentation in the
kernel for obviously you would not bother to read it?

If you want support then choose a different bloody distribution!

> Anyone starting with Linux today will probably run into upgrade 
> issues sooner than later.  Even if you stick to purchased 
> "Enterprise" distributions, the problem isn't completely avoided.

Yeah, enterprise systems say 5 years, though often it extends a little
bit beyond that. That is what companies demand, and they are willing to
pay for that. They also get distributions that have older software. They
just plan ahead and a software upgrade once every 5 years isn't that big
a deal.

Make your choice and live with it. Don't go ranting about something
you're not willing to pay for in time or money.



Oh, one more issue, Mr Michael C Robinson. We know it is you. Sticking
in the silly "Unknown" as real name, or "plug_00" as username doesn't
fool us. Please give us some credit for a minimal amount of intelect.
You are after all asking us questions that require far more intelect
than identifying you requires.


-- 
(\___(\___(\______          --=> 8-) EHM <=--          ______/)___/)___/)
 \BS (    |         EHeM at gremlin.m5p.com PGP 8881EF59         |    )   /
  \_CS\   |  _____  -O #include <stddisclaimer.h> O-   _____  |   /  _/
    \___\_|_/82 04 A1 3C C7 B1 37 2A*E3 6E 84 DA 97 4C 40 E6\_|_/___/