Benjamin Smith wrote:
>
> When you install from source, you're married to that package from then on, and
> have to maintain it until the end of time! But, when you install a distro
> RPM, the good folks at RedHat and CentOS effectively maintain it. That's a
> *good thing*, since they'll most assuredly do a better job at it.
Your reasoning is sound. However, there are real-world scenarios where
you have to do this, so it's better to develop a robust secondary plan
to supplement the automatic distro yum upgrades rather than possibly
living within the restrictions of the distro (unhappily).
Take for instance MySQL -- CentOS4/RHEL4 ship 4.1.12 in some form. But,
your developer coding an application needs 4.1.18 in order to utilize
some newer SQL syntax features (INSERT ... SELECT ... ON
DUPLICATE KEY UPDATE ...). So, you end up having to install a newer set
of server binaries (carefully -- w/ MySQL, I marry custom downloads with
the RPMs, so they can co-exist) so I can meet the developer and business
needs.
Subscribing to announce mailing lists to track security releases is of
course important, or if you can't use a mailing list setting up a
monitoring software like WebSec
(http://savannah.nongnu.org/projects/websec/) is a good alternative.
My $0.02 US. :)
-te
--
Troy Engel | Systems Engineer
Fluid, Inc | http://www.fluid.com
