We, looked at CentOS once. But, when we first needed to have Linux, it was management that decided on RHEL. And, they wouldn't go for it.
We primarily run RHEL to support one group (though they are finally starting to use Solaris ... ) And, they would be in favor of us ditching RHEL....they've been wanting to us to provide them with Ubuntu servers. Somebody in our group had commented once that if we had been running Ubuntu, the transition to cfengine would've been better since its more similar to Solaris. But, not sure if that's true. The primary admin for them back then had a way of throwing everything into cfengine...causing everything to break, and then scramble to make things work but worse and then forget about it. We have a generic firewall that's block everything except ssh from our range, because that's what we want for boxes that are still being configured (and the incident where an admin jumped a new box, and before he finished configuring it...it turned into a bot). But, his quick fix was to remove the generic firewall for his group...and forget to go back and create system specific firewalls. A while later I working on migrating an app, and noticed that there were no firewalls on our ldap servers (and policy is no off-campus access to our ldap). (especially since our ldap contains SSNs.) So, I quickly threw up a firewall and then reported that I had done it. There was lots of angry people calling after that....though in the end I had done the right thing at the time, though management caved and allowed temporary off-campus access to it. Counseling services had contracted an assistant director on the side to develop its patient management system (total violation of state conflict of interest rules), and had found he could host it off campus and it worked. He also continued to develop/support it after he had left (on the side from his new job.) And, he had a secret server in our datacenter that was also part if it (we firewalled it once we found out about it.....when he was assistant director, he had access to manage FWSM.) Counseling services has since migrated to windows servers managed by the LAN group in the datacenter. It was the only use of FreeBSD....but our Unix manager has been saying we should be running FreeBSD (instead of Linux)....especially now that it does ZFS. We also tried have our own update servers and only paying redhat for those servers, but legal said no. Of course, the bad thing is we subscribe to updates, but we're not allowed to update the Linux boxes. Because the ASAs don't want to worry about updates breaking their apps (even when it might fix it.) Though I know what that's like. Years ago I ported a commercial app to Linux (sells for about $100,000), and found one quirk. A pair of posix functions returned 1 on success and 0 on error (backwards). Like a good guy, I reported the bug (in glibc.) But, to get the app out the door, it got coded to work with the backwards return codes. A little while later, a customer ran up2date on their box...and our app stopped working. Anyways, we pay for the update servers as well as all the boxes that we never update. There are a few Linux servers that aren't that group's....but they're RHEL only because that's our only choice. I've been wanting to redo one as ubuntu.... _______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
