[Klug-general] Shiny New Laptop

Thu Apr 20 22:59:50 BST 2006

George Prowse wrote:
> On 20/04/06, *Karl Lattimer* <karl at nncc.info <mailto:karl at nncc.info>> wrote:
> 
>      > If you like everything to "just Work"(tm) then either use Windows or
>      > Mandriva.
> 
>     Ouch, please don't say that out loud.
> 
> 
> Well there is "just Work" and "i want to make it work".

There are many cases where this is true - this is why those distro's 
have a GUI installer. CLI is for those that *want* to know how their 
system works and to learn from the process.

Click click click click click reboot - doesn't teach anyone anything.

> 
>      > On the other hand gentoo and it's "hardened" project is used
>      > extensively for mission critical servers because of the ability to
>      > streamline it's deployment to suit any job.
> 
>     I don't agree that its ideal for this situation, I can imagine there
>     being many issues surrounding it, every user of gentoo I know has had
>     some horror stories related to it, which haven't happened to me.
> 
> 
> The reason for Gentoo as a mission critical servers is because most are 
> set up (how the admin wants it not how another admin *expects* it to be) 
> and then left. Years in the future when things need updating you often 
> need to change the distro edition which is a mission, with gentoo all 
> you need to do is change the profile and emerge -uDv world

Gentoo is my company's Distro of choice as it can be made to do exactly 
what we want it todo (full email server doing customers email hosting 
thats under 200mb? Like to see you do that with CentOS). Not to mention 
the fact that, unlike some Distros (CentOS again) as *you* compile it, 
it works best for your system (CentOS and 64Bit compared to Gentoo and 
64Bit... Gentoo won hands down).

We know exactly what is in our server, what we need to keep an eye on 
and what needs to be updated. When you have 1001 other useless app's 
that come installed with a prebuilt distro you don't have that.

> 
>     I don't think its hardened at all, i think its malleable, pliable, and
>     flexible. I see its reasoning, but seriously, I don't have that time on
>     my hands. You can't be both flexible and hardened, it simply doesn't
>     work, hardening of software or operating environment is a process of
>     reducing the system to a set of lowest common denominators where
>     something can go wrong, therefore reducing risk, stabalising by
>     reducing
>     complexity and making it easy to debug. I don't disagree that you can
>     harden gentoo, but i don't think its hardened. CentOS, wbel, rhel are
>     hardened, aswell as suse enterprise etc... these are what I call
>     hardened environments as a company has put time effort and swathes of
>     cash at making them that way, with some of the best OS developers in the
>     world.
> 
> 
>  You misunderstand, "Hardened Gentoo" is a seperate form of gentoo made 
> specifically for enterprise environments. It is designed to work with 
> such things as SELinux, PAX and RSBAC. It creates a complete hardened 
> environment including kernel and toolchain, way in excess of CentOS, 
> wbel and SuSE have.
> 

CentOS et al are not strictly hardended as I belive the toolchain used 
to build them are not hardended (I could be wrong here) so if anything, 
Gentoo Hardended is far more secure than those.

Don't get me wrong, I like gentoo - but we also use CentOS, Debian and 
FreeBSD - Each has something they are good at and thats what we use it 
for. Yes, even though I bashed CentOS up above I do like it.

Oh, and the Gentoo User Community. Most active I have seen by far.

The best tool for the job.

Alas, I have rambled enough for one night,

Alex

---
Regards,

Alex A. Smith MCP
Wired Network Ltd. Managing Director
t: 01634 452 208
e: asmith at wired-network.com
w: https://wired-network.com/

View's in this email are those of the sender and in no way reflect those 
of Wired Network Ltd.