Vincent Danen <[EMAIL PROTECTED]> deeg zun bes op schoal um hej te kinne schrieve:
> On Wed Jan 15, 2003 at 10:32:39AM +0100, JP wrote: > > [...] > > it seems as if they try to get people to pay for the mnf updates, > > however, I dont think you will have to do so in order to get the > > updates. > > I can't speak officially on this as I'm not directly involved with MNF, > but after playing with it yesterday I do have some observations. > > In order to use the web interface for updates, you will need to pay. I > have no idea what the pricetag is. I, as of yet, have no idea how well > the web interface works (I've been playing with MNF for less than 24hrs > now). > > > first of all, i just checked a mandrake updates mirror and there is a > > seperate directory for mnf, that one could simply use (add to urpmi > > etc.) without mandrake even knowing it. > > Yup. You can use urpmi and use whatever mirror you like to get > updates. This should be just as secure as the "for pay" mirror... ie. > md5sums are available and the file is GPG clearsigned. RPM packages > can be validated via md5 and gpg sigs. thank god, no micro$$$oft practices. > The primary advantage to the for pay updates is you will have access to > them instantly. I don't know what the infrastructure for the updates > is, but I imagine there will be next to no delay for updates... you > would get them almost immediately. Relying on third-party mirrors > means a little bit of a delay, so it depends on how quickly you want > your firewall patched up (if speed is important to you, getting > "priority" updates may well be what you need/want). You also wouldn't > have to worry about free mirrors being clogged when new distribs are > released... anyone try to update software the day of a new Mdk or RH > release? Have fun getting into most public mirrors that week. no problem for me :-) I must admit though that this may indeed be a serious problem to many people, certainly if it is about some critical security update. > Anyways, you do not *need* to pay to have a fully functioning firewall > and the ability to do updates. You will have to be familiar with urpmi > (or learn it) and log in remotely in order to do the updates, but once > you add whatever mirror you want to use, a simple "urpmi.update -a; > urpmi --auto-select" is enough to keep you up to date. > > And no, there will be no "MNF updates go to public mirrors 24hrs after > they go to the for-pay mirror" stuff, so anyone worried about a delay > for non-paying people should not worry. You just have to deal with the > mirroring schedules of the third-party mirrors. > > If anyone ever wants to see how well mirrors keep up to date, there is > a fairly approximate listing on > http://www.mandrakesecure.net/en/ftp.php that will show you when the > last update was done. > > > second, this mnf is basically a (heavily modified and stripped down) > > version of mandrake 8.2. for which updates are freely available. see > > also snf, which has a similar relationship to 7.2, with many packages > > in the snf update directory being a simlink to the 7.2 updates. > > Yup, exactly. > > > all in all a rather unclear situation, as by reading the mandrake > > website one would think you have to pay for security updates. > > Nope, not at all. You're paying for access to a private FTP site. The > updates themself are "free"; meaning publically available to anyone who > wants them. Access to the private FTP site is the real issue here. > > I agree that it wasn't clearly worded, so I hope this provides a little > less confusion for those who would like to use MNF but have some > reservations thinking you might be charged for security updates. it does clarify alot indeed. as for the 'delay' one experiences when using mirror sites, I guess it basically comes down to what one uses the box for. a home user will generally care less about such things, and also have a smaller budget than say a corporate it department guy. apart from that, mnf like snf is to be used as a firewall/nat router. once properly setup, such a machine should not be running any services except a (local lan only) sshd, leaving virtually no possiblities for intrusion but the ssh packages (or a highly unlikely kernel networking related bug). in the end, it's all about priorities ;-) JP
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
