On Sep 18, 2013, at 3:15 AM, Listas de Correo wrote:
how do you handle upgrades?
I run Debian GNU/Linux on all my personal servers, and
previously SuSE on thousands of machines at a previous
For certain key softwares (such as OpenLDAP, MIT Kerberos
etc, etc), I do my own packaging (both debs and rpms) on a
separate, dedicated, build machine because I don't like having
a build environment on [my] servers.
I take the latest version of the Debian GNU/Linux package (or
rpm if the target is rpm based), modify it's packaging file(s) - which
is usually debian/rules and debian/controls for debs - to suite
my needs. One of the first thing I did was disable GnuTLS and
instead link with OpenSSL (because of the reasons mentioned
earlier). This I also had to do with both Kerberos and SASL (and
a whole lot of other important softwares) if I remember correctly
So when I need to upgrade (which I haven't done in almost
two years now), then it is easy to take that package, and simply
remove the source, replace it with the new source within the
package build directory, rebuild and install (i.e. upgrading)
the new package...
Granted, I need to keep an eye out for any serious security
issues myself, but it's not that big of a problem - being part
of the relevant mailing list(s) and skim through the Subjects
is usually sufficient...
Since I'm still using packages, I get all the benefits of
upgrades, without much trouble.
The reason I haven't upgraded in such a long time is that
the current version works just fine for my need. If, however,
I can't get a 'new' feature I need to work, the very first thing
I would need to do is to upgrade. Mostly because very few
people, me included, have any real interest in supporting