Lurching from one OS to the next is no way to go through life.
In our DataCenter we have both and I can tell you RHEL has
it's own set of difficulties. And the patching situation is not
fundamentally better it's just different. At least with our Solaris
systems kernel patches USUALLY don't break things, which
is not the case with the RHEL boxes. Even the simplest
example is I can't apply new kernels to RHEL without
breaking OpenAFS.
I have been intrigued by the Debian way of doing things
lately though. A couple of our guys use it but we don't
have it in any production role so I can't comment further.
Jeff A. Earickson wrote:
Hi,
I went back and reread Darren's rant of 29 Apr 2007 on this list,
remembering that he said bad things about u4 (and u5). But he
didn't mention that pfil would vanish from the kernel modules.
I guess this change neuters my information about replacing
Sun's version with Darren's version, found at:
http://www.colby.edu/personal/j/jaearick/sysadmin/sol10.ipfilter.upgrade
Right? Time to revise and warn against doing this for u4?
FWIW, I gave up on changing the Sun version to Darren's version
about a year ago. Sun's version works for what I need. Too much
danger and hassle in changing versions in Solaris 10.
<rant>
I'm about to start shoving Solaris out the door in favor of Linux
(probably Redhat Enterprise Server 5) ASAP. I've had it
with Sun patching in Solaris 10. While updatemanager is a nice GUI,
patching (either via GUI or smpatch) has become totally unreliable
and glacially slow. smpatch goes into a coma half the time because
of interactions with the java-version-du-jour. I patched a bunch
of systems last week, and they all downloaded kernel patch 120011-14
but none of them will actually *use* it (yes, I read the README).
I remain at 125100-10 on all of my non-u4 systems. Upgrading to
u4 on two systems failed to improve patching at all. If I can't
patch a system in timely fashion, reliably, then bye bye Sun.
It was a nice 15 years of working with you.
</rant>
Jeff Earickson
Colby College
On Wed, 10 Oct 2007, Peter Bickel wrote:
Date: Wed, 10 Oct 2007 13:11:34 +0200
From: Peter Bickel <[EMAIL PROTECTED]>
To: Jeff A. Earickson <[EMAIL PROTECTED]>
Cc: [email protected]
Subject: Re: Solaris 10 u4, where's pfil?
Hi Jeff
pfil was replaced by direkt kernel hooks in kernel 120011-14
Jeff A. Earickson schrieb:
Hi,
I just upgraded a couple of my coolthreads servers to
Solaris 10 8/07 s10s_u4wos_12b SPARC, and I've noticed
that pfil no longer appears when I do a "modinfo" on
the kernel modules. Ipfilter still appears (version 4.1.9).
What gives? Where did pfil go to?
Jeff Earickson
Colby College
