cross
|
|
response 25 of 33:
| 
Sep 18 18:54 UTC 2005 |
Regarding #19; I think FreeBSD would be more reliable since (a) it
has better hardware support, (b) it has more users, and thus a
higher chance of getting bugs flushed out earlier on, and (c) has
better people working on it (Kirk McKusick, for instance). In
general, it seems more supported than OpenBSD ever will: more large
sites (like Yahoo) run off of FreeBSD than OpenBSD. There's a
reason for that. If OpenBSD was so much better, even with the
attitudes in the industry, I think you'd see more precense.
With regard to security, FreeBSD can't be much worse than OpenBSD
(we've had some pretty major holes here on Grex; not all of which
have been corrected). For instance, pick an unused tty, cat it,
and wait for someone to telnet into it. As far as I can tell,
OpenBSD 3.5 just shipped that way. Certainly, I've seen no proof
to the contrary, and I can't find anywhere that anyone configured
it to do that. But, FreeBSD also has its own source auditing
project, and they follow OpenBSD's security fixes, and you'd be
hard pressed to find many security bugs in FreeBSD that aren't also
in OpenBSD or that don't affect Grex.
Grex's problem isn't a lack of staff, it's that grex allowed a small
minority of staffers to dictate what software it would run without
really exploring the consequences of that, and with a firm belief
that they were right without anything to *really* back that up.
Those staffers more or less left and haven't been terribly active
lately (except for one in one time of major crisis, who did some
partial work and then left it unfinished for over a month, and
another who wrote a helpful email the other day but otherwise hasn't
done anything in, I think, over a year).
In retrospect, OpenBSD wasn't a good choice. Things that should
have worked in OpenBSD 3.5 just didn't (e.g., soft metadata updates
in the filesystem; these work fine on FreeBSD). However, I don't
think me or anyone else saying that is going to change anything:
the perennial responses to pointing out problems with OpenBSD are
either, ``well, we just didn't do that right...'' or, ``Wait until
the next release! That's all fixed now!'' At what point, like wth
the Bush administration, do epople just get fed up and say, ``no,
it probably won't be fixed next release, so let's do something we
have a pretty good idea will work?''
Another data point with respect to reliability.... Mnet gets much
more usage than grex now, and runs an older version of FreeBSD on
less `server-class' hardware, and seems to have far fewer reliability
problems.
The direction I'd like to see grex take is the following: Invest
in a new machine with dual AMD processors, 2GB ECC memory, a
*hardware* RAID controller going onto SATA disks (you really don't
need SCSI) and a rack-mount case. Install FreeBSD on it, and go
from there, including an audit and re-write of all the locally
installed software. I don't see it happening, though.
|