search

depau / blog.depau.eu

My personal blog
https://blog.depau.eu
Other
1 stars 0 forks source link

2020/01/06/why-i-use-arch/ #2

Open utterances-bot opened 3 years ago

utterances-bot commented 3 years ago

Why I use Arch, Wayland/SwayWM and why I don't sometimes « Davide Depau's Blog

My personal blog

https://blog.depau.eu/2020/01/06/why-i-use-arch/

templalizer1284-zz commented 3 years ago

Not even FUCKING HTOP ... I mean, I can use it. I just have so many questions. Why? Why!

I shared your opinion on rhel/centos BUT in the end they are enterprise class systems not general purpose/desktop OSes. They officially contain and support only software that is needed for hosting and other related technologies. If they don't have something in their repos that doesn't mean that OS suck or devs don't care it simply means that they don't need it or its completely unimportant to the whole OS. (Thats how i get it anyway).

They are simply OSes to get servers up and running without too many things getting into administrators way. Because it the enterprise world people are very professional and they know what they are doing, they don't need htop and latest kernel they exactly know that they need httpd+mariadb+php(for example) they make their configs and go.

rhel/centos is great because it doesn't change much, its rock solid and predictable, its a perfect OS for enterprise and thats how it should be.

depau commented 3 years ago

That's the thing if people are actually experts and if they know what they're doing. Then you see software installed in the most stupid ways, I've seen software installed in the home directory with LD_LIBRARY_PATH in the environment to load the proper libraries, which would mess up everything else but not hard enough to notice it on first glance. I'm not going to go into details for a bunch of reasons, but the software in question is available in the repos of pretty much all distros except RHEL.

You would probably say okay, but if idiots use it it doesn't mean the distro is bad. I say it's the distro that causes this and many other sorts of bad sysadmin pratices. When things are easier done the stupid way than the proper way, people are gonna do them the stupid way.

It's the same as PHP, why is PHP code often full of vulnerabilities, RCE, XSS, CSRF? Can't you not write code that's safe against them in PHP? Yes you can, but the unsafe alternative looks way cleaner and it's way easier to implement and remember. Therefore I blame the language, not only the users.

rhel/centos is great because it doesn't change much, its rock solid and predictable, its a perfect OS for enterprise and thats how it should be.

RHEL ships with severely outdated software, I've seen people afraid of running fsck.xfs cause last time they tried it fucked up the entire filesystem because of a bug that was long fixed but never backported. And the only way to update it is to rebuild the software in question yourself. If this isn't getting in the way I don't know what is. I wouldn't trust a server with Red Hat software as much as I would if it were running Debian or Ubuntu.

RHEL is only good if you want to install your software once and then never touch it ever again, if you're only planning to test during the deployment and not have a separate development environment to test updates and apply them once deemed safe. Which is going to backfire the moment a new vulnerability similar to Heartbleed is found and disclosed, and the moment your system is torn open like a tuna can by a bot on the internet.

I guess that if the only thing you're running on it is containers then it's fine, but for running software on bare metal it's definitely way below my expectations for what I think is an acceptable distro.