On Tue, Nov 20, 2001 at 01:28:36PM -0600, David Batey wrote: > STABILITY: is Debian a good choice for heavy lifting?
There are some legit concerns regarding the Linux kernel as opposed to the *BSD kernels as far as heavy lifting goes, but if you're considering Debian, then you probably feel that those concerns are addressed to your satisfaction. As far as distributions go, Debian's packaging quality is very high, and if you go with stable that's exactly what you get: serious stability. > I know > about apt-get for easy installation of bug/security patches; does > the ease-of-install ever compromise security or functionality? Not in my experience. If you setup apt to use the Debian security source in addition to the main apt sources, you get painless and (potentially) automatic security updates. For example, I have a cron that automatically checks for security updates and downloads them nightly, and mails the result. Usually I find out about security uploads before debian-security does. > OpenBSD is pretty secure; how does Debian compare? Is Woody ready > for prime-time yet? (If not, would an upgrade from potato to > woody likely cause hiccups?) If you setup Debian in a secure fashion (ie, install what you need, run what you need), then you'll be about as secure as OpenBSD. Many of the bugs that OpenBSD finds in their excellent code auditing get propagated elsewhere. Personally, I wouldn't run woody on a server, however I willingly make the tradeoff between newer versions of packages and stability. I have been running woody on my desktop and laptop for a couple of months, and have had very little trouble. An upgrade from potato to woody should be fairly painless (although, you probably wouldn't want to do it while your server was going at full throttle). > FUNCTIONALITY: We need DNS server packages, ssh (with ssh > tunneling available for other services), smtp/pop, web-based > scheduling/claendaring/email facilities, HTTP (apache/mod_perl) > servers, and so on... Debian ships with OpenSSH by default, although the commercial version is available. You have your choice of pre-packaged MTAs: sendmail, exim, postfix (my current favorite), and POP servers (uw, cyrus, courier). I tend to not use the pre-packaged apache in production situations, but that's because I tend to have special needs, and it's easier to just build my own. The Debian pre-packaged one is great for prototyping stuff, though, 'cause it's built in a very generic fashion, with lots of modules ready to go. > Any input is welcome -- both pro and con, of course. Debian has required the least amount of admin effort of any Unix I've adminned (Redhat, FreeBSD, Solaris). > And please CC: me directly, as I'm not on the list (yet -- but > you might help change that :). If you do decide to go with Debian, the lists are a good place to get help or advice. There are more specialized lists than debian-user, however, that might be able to provide more assitance (like debian-firewall, or debian-isp). See lists.debian.org for details. M
