for newer users.
I'll leave it at that.
However - re: the guy installing openssl and having issues.
My point still stands:
I had a few RH9 machines still chugging away - I needed to install
Apache 1.3 w/ ssl (which means you have to compile everything from the
openssl src folder and point to your apache src, etc.)
The machine had the rpm version of openssl already installed and
I couldn't remove it as it would break too many deps.
I could still compile Apache 1.3 w/ SSL in /usr/local and not have any impact
whatsoever on the existing installation. I'm only linking against the libs in my new openssl dir.
At the end of the day - it's personal preference regarding housekeeping - but lets
not forget that it's not rocket science - it's a little folder of library files, they can live anywhere - as long
as you know where they are in order to link against them.
Finally - if your #centos IRC guy wanted to update his version of openssl -
1. the lastest release was Sept. 28 2006 - so I've got to believe that the current repo's would have this new version.
(a la 'yum update' or 'yum update openssl')
2. If they didn't why couldn't he 'freshen' or 'update' the current rpm with the latest rpm?
If he doesn't know the difference - sadly he really has no business whatsoever attempting to manage someones security implementation - much less the machine it's running on. (newbie or not.)
- All the best
- Peter
On 20/02/07, Jim Perrin <jperrin@xxxxxxxxx> wrote:
On 2/20/07, Peter Farrell <peter.d.farrell@xxxxxxxxx> wrote:
> RE:
> > Installing items from source is bad on an RPM based system
>
> That's simply not correct.
Oh yes it is. Just hang out in the irc support channel for a while to
get your feet wet.
> I've got a farm of 'rpm' based RedHat and RedHat derivatives. Big deal.
> If I set up a cluster of web servers that need an odd version of PHP (which
> I do);
>
Right. You're likely the exception to the general rule because you
track security updates, and you understand how source built software
and rpms relate. For 90% of the folks asking for help, this is not the
case. They will install from source, then try to install an rpm which
depends on what they just installed, and will wonder why it complains
that their source built software is not installed.
RPM is by no means perfect and I won't defend it as such, but for
newer users asking for help, preaching the gospel according to
RHEL/CentOS is a good way to get them ingrained in proper
administration habits and help them learn. Once they've learned enough
then they can move out as you and many others have done.
As an example ->
>1. Apache, PHP and MySQL will not be installed willy-nilly - each
base machine will be the bare minimum install.
You're speaking of the application stack here, which is fine. However
in #centos just yesterday we had a gentleman who was attempting to
replace the installed openssl with a newer source built version. This
would cause an endless number of update and application issues were he
even remotely successful in doing so.
There are several contributing factors to this including some
inflexibility in rpm, a lack of user understanding of RH's backporting
policy, and a lack of vendor understanding of same.
You are correct that it is very possible to have source builds and
rpms co-exist peacefully, however from a general support aspect, the
blanket statement "Installing items from source is bad on an RPM based
system" is valid. There are exceptions to every rule.
--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
