Slashdot Mirror
Greg KH Favors Rolling Release Distros
jones_supa writes In an interesting Google+ post, the lieutenant Linux developer Greg Kroah-Hartman mentions him fully moving to rolling-release Linux distributions: 'Finally retired my last 'traditional' Linux distro box yesterday, it's all 'rolling-release' Linux systems for me. Feels good. And to preempt the ask, it's Arch Linux almost everywhere (laptop, workstation, cloud servers), CoreOS (cloud server), and Gentoo for the remaining few (laptop, server under my desk).' What's your experience? Would in the current situation a rolling-release operating system indeed be the optimal choice?
Don't bother clicking the link. The *entire* post is contained in the summary.
Support the First Amendment. Read at -1
There was an era, probably inherited from the big-iron computing model, where we strived for stability and long uptimes. We didn't install things that we didn't need (with the exception of Fortune perhaps) and locked-down the box at the network stack. Granted, it required a lot of knowledge at the beginning to make sure that the box was indeed secure, but we were proud of setting up a good, usable box that didn't need a lot of maintenance after the fact.
I guess that era is now gone, with rapid-release and lots of little things constantly needing the system to restart.
Do not look into laser with remaining eye.
The real news is, someone is still using Google Plus.
My first program:
Hell Segmentation fault
This really strikes me as something that is going to heavily depend on what the systems are actually doing, how tied to the distro-supplied software the usage is, and how often the releases are.
Even within 'rolling release' distros there is a huge variation in exactly what that means in terms of changes, updates, frequency, which parts are rolled vs versioned, user control over backdating. This combines with a bit of a matrix of use cases for one to find exactly how much manpower using such a distribution within an organization will eat up. So yeah, 'it depends' pretty much sums it up.
For a machine that you would just blindly take updates for anyways, rolling releases are probably convenient.
For mission-critical systems where every change should be tested first, it's probably a bad idea unless rolling back is very easy, as it might be in a VM-with-easy-snapshots environment.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I've been using Gentoo for many years, and temporarily switched to Funtoo on my personal laptop. I've since graduated and don't spent nearly as much time on my laptop as I used to, which these days mainly runs MythTV.
I don't think I'd continue with Gentoo - it takes too much time to sort through updates, figure out which packages need to be masked, etc. I'd rather go to Arch next, although I was considering Debian unstable.
Recently, my video card stopped being supported by the newest nvidia graphics, and the newer versions of Xorg weren't compatible. My masked list is growing as more and more packages have deeper dependancies on newer versions of Xorg. I always figured Portage should honour my masked packages and keep everything at the latest version without stepping on my masked packages, but it wants me to do everything manually. If package 1.2.3 is incompatible with my Xorg, I'll mask 1.2.3 and newer. There is a slight chance, however, that 1.2.4 will be compatible, but it doesn't matter, since Portage made me masked out 1.2.3 and newer, I'll never even know.
x86, oh yes, I'm pro.
I think rolling releases are good for developers, and gives you that whole agile thingy ...
But really what it instills is a culture of "almost got it" where you'll run the risk of breaking your user's systems and then just say "whoops, we'll fix that next time".
I think it leads to sloppy release engineering (because, after all, it's just a build), and will be fundamentally incompatible with how companies need to do IT.
And every time I see Firefox telling me "It is strongly recommended you upgrade to this version" what I really see is "holy crap, did we inject some garbage in that last one".
I think in general the "continuous release" says "we're not worried that people in the real world can't do this, and we don't care ... we'll fix it on the next release ... maybe".
So, for your personal desktop, or a sandbox, or a toy ... sure, have at it. But for a real machine, doing real work ... I think "continuous release" is a terrible idea.
Because in the real world, we're not prepared to patch Prod system just because you committed some new changes -- we have bigger issues to deal with than constantly updating software to keep you happy.
I should think nobody in a corporate environment is a fan of that. And if you're a small shop of 20 people who are risk takers ... you're not in what I'd call a corporate environment.
Lost at C:>. Found at C.
This is fine for the thin desktop and home users. As long as libreoffice and the browser work, that's fine. It's in fact, good, because it's a constant "upgrade" instead of security patch. However, this isn't at all adequate for servers running any sort of custom software, or, for that matter, desktops running corporate software. Rolling releases break software just the same as block releases, less often per "release" but just as often per evolution of the software.
I've been using Gentoo on all my personal machines for the last decade or so.
Works fine as long as you pay attention.
--dost
*sigh* back to work...
So glad we have another high quality alpha tester that happens to be a kernel dev and likes fixing everyone else's stupid bugs! ;)
Users (and devs) of stable distros will be grateful
I've been using Debian unstable in my personal computers for years. Occasionally, something breaks.
But I prefer the long term support of Debian stable and CentOS for internet facing servers and lab workstations.
Here, it's important to be able to get security fixes without fear of breaking anything for years.
Congrats you can upgrade your latest hot shite box to the latest hotness. Fantatsic. Now what about those servers that have millions of people trying to contact your business through? Hell to the No.
You want your systems to be running stable, known working, and reliable code. Who cares if it's version 10 and not version 10.0.4134. Let the dev monkies play with the updates in the background and when a service release is out test it further.
Unless there is a positive gain (security, feature release, or annual patch) then the old code is just fine. It works, don't touch it, leave it the hell alone and go play with your crap in your lab.
Another reason I hate the DevOPS movement. Combines the worst of habits of a Dev Monkey and a System Admin.
Wheel of Time: Book by Book and Sumview (summary review) Bigdady92 style: http://bigdady92.blogspot.com/
Some of us run businesses on Linux. At the company I work at, the product we give to customers is delivered using Linux platforms. We are too busy making money with Linux to be spending all day figuring out if a given software update for some unstructured "rolling release" breaks some program our business needs.
This "rolling release" nonsense is a euphemism for "we're too lazy to properly test, package, freeze, and take responsibility for a given version of our software". No, I don't want to add 20 features with potential security bugs just to fix a single security hole.
That is why we use CentOS for most of our critical servers at work. There's something to be said for 10-year support cycles.
In software development, especially server-side web development this is called continuous integration (CI for short). I have nothing against it, if automated testing, instant rollback and other things are in place. And if the distro has solid quality control and feature management. ... Somehow I doubt that though.
If a distro crew knows what they are doing, I'd trust them with rolling releases. ... Maybe I should try this Arch Linux thing out. Any experiences? Any advice?
We suffer more in our imagination than in reality. - Seneca
I was a Debian user for many years. Most of them were quite good. But Debian has fallen apart since they adopted systemd some time ago. Its quality has dropped. Its community is divided and in tatters, with the systemd advocates treating long-time Debian users like total crap. It no longer lives up to its reputation. So I suggest you don't waste your time with it. I know I don't. I've moved to FreeBSD, and I couldn't be happier. FreeBSD is a lot like Debian used to be, before it was "infected" by systemd and the systemd advocates.
Perl, and Python, and Ruby, and PHP, and *anythinthing* that randomly updates individual components without ever testing them against all the old components deserve to be shot through the head. This is no better. The random upgrade, and enforced dependency hell of components that are mismatched and never tested are *why* operating systems have releases.
Most of us don't have all night in our mommy's basement to sort out the unmentioned library update dependencies. Fedora is going through this right now with the Python3 update, and god knows I've had it with Apache, glibc, postfix, TeX and RT. When I have a paying job, I don't have the time to go fix this myself all day.
Wow so fascinating. I hear that yesterday Ted T'so farted.
rolling release, while in the case of Gentoo initially more tedious to set up than just 'click install' is a refreshing departure from packaged distros. from a devops standpoint its no more or less manageable either. I create a base gentoo image and DD it to servers. afterwards salt takes over and doles out configuration. port tree zaps, use, and merge can also be controlled and if some security vulnerability is found in a compiled option for an application, you can command your servers to recompile the affected package without that option instead of waiting for a workaround or patch, which might not be feasible in a production environment.
Good people go to bed earlier.
Greg was an active Gentoo developer.
Try Void Linux, a rolling distro that doesn't suck:
- System-wide LibreSSL by default (maybe the first linux distro to do so) ... and more.
- runit instead of systemd
- multilib aware
Agreed. Also, even if it's not _broken_, I don't want things constantly changing under my feet without even being able to meaningfully talk about what changed in different versions.
It's good to be able to say "here are the major changes between "Windows 7 and Windows 8". It's definitely good to be able to say "this software works on Windows 8", rather than "this software works on versions released between 2013-10-12 and 2015-01-03".
I personally prefer rolling release. /bin, etc. It became a bitch to maintain with all the breaking changes imposed.
I used to use Arch, until they started trashing their ecosystem. Giving up KISS by adopting systemd, moving
Ultimately I found FreeBSD's ports to be amazing rolling release system. Far more stable than Arch, you don't have to break your junk if you don't want to. And that makes me happy. The kernel moves in increments, everything else you compile or download binaries. I end up with a much more optimized and stable system than if I had stuck with Arch. Yet everything on my box is up to date.
Each has its pros and cons. I've had to use Slackware and Ubuntu for my work. They're practically zero maintenance which is probably a good thing for ~generic~ computer users.
I run Ubuntu devel on all my laptops and desktops (though still LTS on servers). It's a rolling release. I haven't had an update break a machine in a couple of years.
overthrowing the government and establishing the dictatorship of the proletariat! GNU/USA NOW!
I am absolutely not surprised by this: A well-known kernel hacker has enough systemwide understanding for the ocassional glitch to become obvious. He also uses most probably a very specific subset of programs for his day-to-day activities — I (a very far cry from his skill levels) haven't changed my main tools in over ten years. I mean, a tiling window manager, Emacs, a browser... Specific little tools can vary, but they won't jeopardize my system's overall behaviour — This means, it won't mean me spending time head-scratching to keep working.
Now, a developer is a far cry from a systems administrator. A sysadmin values stability over all things. I don't want a random upgrade to become a lost hour understanding the new configuration format of foobard.
And of course, casual users... If my wife desktop had changed from GNOME 2 to GNOME 3 without me preparing her, I'm sure she would not have appreciated it.
the lieutenant Linux developer Greg Kroah-Hartman
The what? Did he develop "lieutenant Linux," with a small L? Or is he a lieutenant like Columbo?
Other than that, what should I know about who this guy is? Because the summary (which is, I'm told, also the article) tells me nothing.
systemd is Roko's Basilisk.
Arch breaks. Often. Breakage is the trouble with rolling release distributions, and an intolerable problem for anyone not wanting to spend the time un-breaking things.
Loyal but naive Arch users are always quick to defend it, "my system has never broken" "you must be doing something wrong" etc. but these discussions are always about semantics. Just because it's a one-liner to fix doesn't mean that it isn't broken. If it requires my attention to keep working, then it's broken. Just because it is fixable doesn't mean I want to spend time fixing it.
Arch is a great way to learn Linux, and the Arch wiki is a great resource not exclusive to just Arch. But you'd have to be out of your mind to use it for anything in production. The Arch FAQ makes it pretty clear: YOU, the user, is responsible for keeping your system updated, functional and stable; but the more packages you have installed, the more likely you are to get broken when upstream updates something.
Also from Arch docs:
Warning: Do not be tempted to perform partial updates, as they are not supported by Arch Linux and may cause instability: the whole system should be upgraded when upgrading a component. Also note that infrequent system updates can complicate the update process.
Translation: You want to update package foosicle-1.2 to foosicle-1.3 because it has a security problem. Oh, you don't want to update X, Firefox, KDE, and the kernel? I hope you do want instability then. BTW, stay on top of your updates unless you want to get really hosed.
No thanks.
I use Ubuntu LTS releases on my computers at work for three reasons:
1. Reading the Arch wiki to un-fuck Java after I updated my system to fix a security issue for a different package is not a good use of my time.
2. Not a good use of my time to compile from source because the distribution ships with something ancient or doesn't have it at all (I'm looking at you, RHEL).
3. Will keep getting updates for the lifetime of the hardware.
My experiences with rolling-release software has been unpleasant, so I will continue to avoid it to the best of my ability.
Greg Kroah-HartmanFeb 3, 2015 +3
+Josh Sabboth "moving"? I've been using Arch for quite some time now (2 years or so), it's not new to me at all...
Seriously, slashdot is becoming worse and worse...
Some distros do rolling release better than others. I found that stuff broke under Arch after a 'pacman -Syu' often enough to be annoying. Under Debian testing I could recklessly do dist-upgrades and nothing broke....at least until systemd shit starting leaking in...
I like LTS releases personally. I'll go out of my way for particular bits to be new. PPAs generally help with that.
He reports to colonel Panic and general Protection-Fault :)
He comes form a S.u.S.E., SuSE, SUSE and openSUSE background where the rolling release are not that old yet. I believe they started in the 12.x or even the 13.x with it.
Before that it was a new version every 6 to 8 months and a service period for 2 to 3 years (or 7 if you had the pro with support)
Don't fight for your country, if your country does not fight for you.
Rolling-release should have been default for desktop distros from the start. Maintainers have no moral right to claim what is stable and what is not, since they do not write the code and are rarely proficient enough to judge its quality. It's the developer's prerogative and a task they manage to perform sufficiently, without the need for additional bureaucracy. Server distros are a whole different world, obviously.
Waka Waka!
IMO, rolling releases are great for desktop/laptop machines, but not so great for servers. There's something to be said for installing and configuring your OS on your work machine exactly once, for the life of the machine, and then it just stays up to date. No more twice a year upgrades that bork everything (I'm looking at you, Ubuntu) and make you reinstall anyway, no more "backport" repositories if you want to run the latest KDE or LibreOffice or whatever. Small, incremental updates are actually a lot easier to manage than giant upgrades that replace almost everything on the system.
I'm currently using Manjaro (related to Arch Linux), and I'm not looking back.
I don't. I like predictably scheduled releases. Ubuntu's release strategy particularly pleases me, with predictable releases every 6 months, and long term support releases every 2 years, with support for upgrading either from regular release to regular release, or from LTS release to LTS release.
Of course, I don't run Linux as a desktop platform, so Ubuntu still works nicely for me in a server environment. I tend to run only LTS releases on important servers (typically waiting until 6 months after an LTS release before upgrading to it, and regular releases on unimportant servers (like my home server).
Rolling distros are great if you are a technology enthusiast and completely manage your own machine. If you are supporting a large number of users or servers, you want to test a fixed configuration and deploy it to everyone once a year. In general the key to stability is to branch a code at some point and focus on bug fixes rather than new features/cleanup/refactoring.
You're only about a decade behind Anthony Towns' work on the Debian 'testing' distro.
Packages are promoted from unstable into 'testing' automatically, by a rule-driven script which looks for certain stability criteria.
It's not foolproof, but in its day, it was a huge step in the right direction for people who didn't want huge amounts of breakage, but didn't want to run ancient history either.
He's apparently abandoned the idea of a long-term stable box.
Since he's abandoned that idea, everything he says has just become useless advice at several of my IT jobs, where we depends upon long-term stability and reliability.
*AND* he's using Arch as a primary. Nope. Too much bloat.
Mark down yet another useless person to listen to on the list.
Appropriate captcha: Detached - as in this idiot is detached from reality.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
The word is "question".
Is Arch not enough? Does it not do everything Gentoo does? Performance? Curious.