-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 02 January 2003 01:43 pm, Vincent Danen wrote:
>
> Does this same thing happen if you install of the Mandrake-supplied 9.0
> ISOs and then apply the updates after the fact? Obviously I have no
> idea what has changed with your ISOs and although I suspect the updates
> shouldn't break anything with the installer/installation, it isn't
> anything we test, for obvious reasons (time being the biggest factor).
> There is nothing else in updates that would have anything to do with
> DHCP, and the initscripts thing is a bit of a stretch, so I'm not
> convinced this is a problem from the security updates. Maybe drakconf
> has something to do with connection sharing; I don't know... I don't
> use connection sharing myself.
To explain this better. I don't remember if I tried mandrake 9.0 and then
applied the updates but the stock 9.0 worked just fine as that is what I was
using till I used this updated iso image. I may have run the security updates
but i cant remember and I can test for this if you like. As for my iso it is
the stock mandrake 9.0 installer. All I did was add the current security
updates as of about a week ago to the installer and then ran gendistrib and
makecd.
I don't usually like to install the updates when they deal with anything net
related because it breaks some part of my network. for mandrake 8.1 and 8.2
as noted below it would break only older Mac clients. they simply could not
access the internet anymore even with static ip's.
> I really would need some examples here. You're making a pretty general
> statement. All of my web servers run 8.2 and all run with current
> updates and there is nothing broken there. I've also got a few
> machines here running 9.0 and they are all current with updates.
> Granted, not all of these machines do "everything"... ie. each machine
> isn't a printer server, file server, web server, mail server, proxy
> server, ad naseum. You get the picture. I've got some regular
> web/mail/DNS/etc. servers that run with high uptimes, and desktop
> machines running 9.0 with no problems. They're not insecure default
> installs... they're defaults with updates. I haven't noticed anything
> broken, and if I did notice anything broken, rest assured they would be
> fixed rather quickly.
>
> So some examples here would be nice. I get very little feedback on
> security updates, so if there are some monumental problems, I'm not
> aware of them. If I'm not aware of them, I can't fix them.
No the only real problems I've noticed are with connection sharing. Samba,
print, file, mail, web, ftp, squid, privoxy all worked just fine only
connection sharing gets broken witch is what baffles me even more about it.
And for me I do run a main server that does all those things. I run stuff on
other servers also but for me I'm running no big network and don't need
multiple servers for all these things. Unfortunately neither do most of my
clients as they are small companies. Well really if I do sell the next one it
will be only two that I have set up. One for my city (who went with redhat
and left me to install qmail for them) and the one I'm bidding on witch will
be for the local paper.
> Ok, well, I don't use connection sharing so I don't know about that.
> Looking at the SRPMS in 9.0 and 8.2 updates, if it's broken in both as
> you indicate, I'm suspecting drakxtools, but correct me if I'm wrong.
> Not having used connection sharing, I'm not sure what package might be
> the culprit. Also, on a side note, the drak* tools updates are
> provided to me by the authors/developers. Those updates are not
> mine... I just rebuilt what I was given and tested it on my systems
> (not every conceivable scenario with them, however). If these problems
> were reported to the developers, then they never sent me anything to
> fix those packages with.
>
> But I find it strange that this is the first I'm hearing of these
> (IIRC).
Yes I guess that could be with drakx. Maybe why you have not heard is because
connection sharing seems to be used mostly by home users. I find it popular
with some of my clients because they want a desktop to look at. I guess it's
a comfort thing but they like it when it more or less acts like a windows
box. If they want a firewall they get a 300$ linksys and configure that
through the web interface. So I have not seen a market in my area at all for
snf or mnf. I do understand Vincent about not being able to test everything.
I have talked to many times in the past about joining the secteam and I still
have the signup form maybe I should go ahead and send it over if you still
need or want the help.
> You need to narrow down what is causing the problem. Is it, in both
> cases, just this connection sharing business? Is this what's causing
> your DHCP problem do you think?
I think I covered this above but yes it's only with connection sharing.
> I don't think this is the reason "Corporate America" is using RedHat or
> SuSE as opposed to Mandrake. Those distros have had their fair share
> of "breakage" due to updates as well. These things just *happen*. It
> might be a little less with RH and SuSE however, but their (paid)
> security teams (possibly QA as well) are probably 5x the size of ours,
> which makes a difference. I'm not using that as a crutch or excuse,
> just plain fact. I think the big difference here is not in the quality
> of updates but that RH and SuSE are more server-oriented than Mandrake
> is. They have server products; we don't (other than SNF/MNF but those
> are more appliance-based, not server-based).
I know but I keep talking to others who do this for a living on a much larger
scale and I always pitch mandrake to them but I get allot of well ibm doesn't
support it so we put redhat on it kinda garbage. I know quite a few freelance
network admins around the world.
> We welcome your help! I can always use another person or two (for
> obvious reasons, the volunteer secteam has to be a small but dedicated
> group) in secteam. If you have the ability/time/desire to test updates
> on older distribs, please offer your services. I would be more than
> happy to consider those folks who meet the requirements (secteam is not
> like cooker by any means!).
Thanks Vincent. I offered above before I read this. Just let me know were to
fax the secteam form to.
>
> I'm also open to suggestions on better bug reporting for updates. If
> sending an email to [EMAIL PROTECTED] is too difficult to get
> a hold of me directly, then I welcome other suggestions for how a
> person should report these bugs. Due to time constraints, I don't read
> Forum and I don't live on MandrakeExpert, so any problems reported
> there either need to be forwarded to me or cc'd to me in the first
> place. What else can be done?
>
> > Thanks for the time.
>
> Thanks for the comments. I do try to make the updates as "perfect" as
> possible, and if there are problems with them, they do need to be
> corrected and I try to be as responsive to legitimate issues as
> possible.
I know Vincent that is why I was trying to state above that I like your work.
Maybe this a bit of frustration about many things for me. I'm sorry if it
came out wrong or if it sounded harsh. I really try to support this distro
allot mostly with my own money. As stated I don't get even the little
network jobs very often but I sure do hate talking to others and getting
redhat thrown back in my face all the time. I like this distro thats why I'm
here. I really want to help make it better. Kinda what frustrated me a little
was in my first email I offered to help and got no response. I mean I was
offering.
Anyway I would like to help. Thanks.
- --
-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
Brook Humphrey
Mobile PC Medic, 420 1st, Cheney, WA 99004, 509-235-9107
http://www.webmedic.net, [EMAIL PROTECTED], [EMAIL PROTECTED]
Holiness unto the Lord
-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-~`'~-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+FL1FnT1TkA6FgPgRAg7CAKCVbYDumCn3fDSZpC/5AfXb2IkI/ACfVPbJ
ac9sXnC03gZhrChFUxVqL9M=
=v43q
-----END PGP SIGNATURE-----
