On Mon, Mar 05, 2012 at 03:48:49PM -0800, Qrux wrote: > > The feeling I get from the list (obviously that only represents the "+w" > minority) is that people are rebuilding the world if they need to upgrade. > And, if they're not doing that, they're just leaving them as is. Are there > people doing piecemeal upgrades? > You're probably sick of getting replies from me, but yes, I do upgrade some packages. Mostly I'm interested in my desktops - my server doesn't do a lot except hold my backups, my scripts, my photos, videos, and some music, and my copies of the books. I keep hoping that I'm going to find time to resume reimplementing my music index (CDs, LPs, ...) in postgresql, but LFS and BLFS keep conspiring against that. So, although I upgrade openssl and postgres on my server, the database doesn't often get any exercise.
On the desktops, I mostly only upgrade to fix known vulnerabilities. At one time (LFS-6.6 - it used a 2.6.32 kernel, which had just been selected for long term support) I attempted to keep a system up-to-date for longer than my usual <= 12 months - in the end, it became impractical (it was a bit too old for ext4, if I remember correctly, and used now-unmaintained or EOL versions such as openssl-0.9.8 and firefox-3.6). This gave me renewed respect for the distros which do offer long term support. The main principal of the way LFS does things - as I see it - is that we can't (usually) fix the toolchain if a vulnerability becomes known : I think there were some cases in the glibc-2.3 period, as well as TZ changes around then, where people managed to update glibc in place. There were also people who got to keep both parts after it broke. Instead, we have to build a new system. From this, once we have scripts to build everything then we have to keep those scripts up to date. So we rebuild fairly frequently, and in so doing we pick up newer and shinier versions of some packages. Whether those newer versions are *better* is a different question. But yes, I do piecemeal updates - my previous server was still running a 2.6.24 kernel until about a year ago because I couldn't get kernels using sda (instead of hda) to boot - ultimately the problem was lilo, but I think there were other issues on previous attempts to upgrade - originally I'd been using ide=reverse until that was dropped from the kernel. And for all that time, openssl was up to date. ĸen -- das eine Mal als Tragödie, das andere Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
