The downside (I've found) of the SuSE philosophy on maintenance of the SLES series is that they never (normally) release a new VERSION of a product to fix a problem. They just retrofit patches to the version supplied with the distro.
This has been a major headache for products like Samba, where the many bug fixes come fairly frequently in version/release upgrades. The version of Samba that came with SLES7 was 2.2.0a, which turned out to be just about unusable, so we had to "roll our own" versions of 2.2.5 and up. Same thing with Openldap, and the latest version won't even build properly on SLES7 because SuSE had to add patches to it that aren't in the base versions yet. There also seem to be product features disabled or "missing", such as Winbind in Samba, and quota support, sometimes because the various required components aren't at the right level, or often for no apparent reason at all. When this happens, there's almost no way to fix it and stay within the "official" support scheme. Don't even get me STARTED on what Yast has done to our systems on several occasions. We started with a policy that we would use Yast for all maintenance, but it's been such a headache we do everything manually now. > -----Original Message----- > From: Tzafrir Cohen [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 27, 2003 8:59 AM > To: [EMAIL PROTECTED] > Subject: Re: [LINUX-390] SLES 8 > > > On Wed, Mar 26, 2003 at 10:14:47PM -0500, Mike Ross wrote: > > On Wed, 26 Mar 2003 22:54:16 +0200, Tzafrir Cohen > <[EMAIL PROTECTED]> > > wrote: > > > > snip.. > > >* A major one: the distro is not worth much without the > patches. What > > >you download from that server is nice for testing, but it > is still not > > >enough for production, because it lacks, say, the latest sendmail > > >patch. So if you try to install this server in a production > > >environment, it will either break, or will be broken-into. > > > > > >And remember that the license of SuSE basically forbids > everybody else > > >to compit with SuSE in providing patches. So you basically have to > > >have a support contract with SuSE. > > > > How exactly does that work? What license terms do Suse > impose on, for > > instance, sendmail, in your example? I suspect the authors > of sendmail > > might be surprised to discover that Suse forbid them to > provide patches... > > > > The only 'license of SuSE' that's involved (AFAIK) is the > Yast license... > > Who guarantees you that the next errata of SuSE won't be of a remote > exploit caused/amplified by a problem in yast? > > Afterall, yast has scripts that manipulate other config files, right? > > -- > Tzafrir Cohen +---------------------------+ > http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| > mailto:[EMAIL PROTECTED] +---------------------------+ >
