Patrick Useldinger wrote:
Slackware is great, but I wonder how you can sell to
your management
that when Pat has an accident, there's no more Slackware. This is a
serious question, as I haven't figured out how to do that.
You are right on this one. In fact we use Slackware on our firewall
machine (in fact 2 mirrored machines with 8 ethernet ports on each
machine), where I changed many things (recompiled a nonmodular kernel,
deleted files, removed SETUID flags on files, etc.) for security
reasons. So it is almost a new distro ;-) For a firewall you only need
very few things (kernel, sshd and so on), so you can compile and patch
everything yourself. It would not be critical if Slackware would cease
to exist overnight. I simply told that I would not use Redhat on a
firewall for security reasons. It is much simpler to use Slackware as a
base for your own minimalistic system than Redhat. It is even not
possible to remove perl without breaking dependencies on a Redhat
system. And since the system is heavily modified, the classic pro-Redhat
arguments (support, strategic choice of one distro, etc) do not count
anymore.
But on our HP DL380 systems, it really makes sense to use Redhat
Enterprise Linux. HP provides daemons, tools and a modified Redhat
kernel to support the RAID controller (if you do not want to reboot into
the BIOS everytime you want to change something on your RAID setup),
fans (syslog entry for a failing fan), UPS and so on.
And the link to download the installation doc for
Linux says:
"Learn the basics of installing Oracle Database 10g on RHEL 2.1, RHEL 3,
or SLES 8 from the bare metal up in this brand-new installation guide
(for evaluation purposes only).".
I haven't looked into this in detail, but maybe it's worth considering
SLES, which has afaik a more realistic pricing.
I know that SuSE is an option for Oracle (but HP does not support
special features on the DL380 for SuSE yet). But be aware that Oracle
only supports Enterprise SuSE (not the consumer SuSE). And SLES is
expensive too: 404,84 Euro for 1 server/year limited to 2 CPUs:
http://www.suse.de/de/business/products/server/sles/pricing.html
Anyway, even on Redhat systems, I am beginning to use only the basic
system (kernel, libraries, etc) and recompile everything myself from
source (./configure; make; make install). Reasons for this:
1. With the introduction of RHEL, Redhat dropped many packages. MySQL
has been dropped for PostgeSQL, some PHP modules have been dropped, RHEL
only includes Apache 2 and not Apache 1.3 and so on. The reason for this
is that Redhat wants to minimalize the number of packages to support.
RHEL is supported for 5 years, much more than consumer Redhat and
especially Fedora.
2. You are not dependend on RHN anymore. It is important that you
compile everything which needs special configuration (Apache, Webserver,
Postfix, etc) from the start. If you begin with Redhat packages and if
you need to patch because of security issues but are unable to do so
(because you cannot use RHN) and are forced to use the source from the
project's home page the migration may not be easy. Reasons for this are
that files may be on other places and that you may have config files
where some options are commented out. So you are automatically using
default values for outcommented options which are different depending if
you are using Redhat's packages or the source from the project's home page.
3. You may use the workstation version (Enterprise WS) on your server,
which is *much* cheaper. The only difference between ES and WS: WS
misses some network daemons (no problem if you compile network daemons
yourself). There are no differences between WS and ES (apart from the
missing daemons), no different kernel parameters, nothing! Redhat even
recommends WS for clusters (because of the price):
http://www.redhat.com/software/rhel/comparison/
4. It is very easy to change the distro if you do not rely on the
included Apache, FTP server and so on and if you have your daemons
installed in /usr/local. But I would not push this too far: I would not
compile a new sshd (if the one in the distro just works), but just
compile the daemons critical to the users.
Greetings, Patrick Kaell