On 16 May 2010 17:05, Polytropon <[email protected]> wrote: > On Sun, 16 May 2010 18:42:44 +0300, Dan Naumov <[email protected]> > wrote: > > Just a thought/question that has recently come to my mind: How long do > > you usually wait until upgrading to a newer release of FreeBSD? > > A quite generic answer: Only as long as needed. :-) Upgrading > often is determined by certain considerations, such as the > ability to maintain system security (again depending on the > setting and the purpose of the installation), or the require- > ment for some functionality that explicitely requires upgrading. > > > > > What's your oldest currently running installation, > > do you have any issues and are you planning on an upgrade or do you > > intend to leave it running as is until some critical piece of hardware > > breaks down, requiring a replacement? > > FreeBSD 5.4-p14 on a P2/300, 128 MB RAM, office workstation, > last update both in system and applications in 2006. > > Upgrade planning: no. > > Leave it running as long as possible: yes. > > Reason: System runs perfectly (it's not on WAN or acting as a > server, so no major security considerations). It runs better than > my FreeBSD 7 home system which awaits upgrading to 8 soon. :-) > > Oldest: 4.1 on a 486 laptop, I'm sure it still works, but it's > not in regular use. :-) > > > > The reason I am asking is: I have a 8.0 installation that I am VERY > > happy with. It runs like clockwork. eveything is properly configured > > and highly locked down, all services accessible to the outside world > > are running inside ezjail-managed jails on top of ZFS, meaning it's > > also very trivial to restore jails via snapshots, should the need ever > > arise. I don't really see myself NEEDING to upgrade for many years. > > even long after security updates stop being made for 8.0, since I can > > see myself being able to at least work my way around arising security > > issues with my configuration and to break into the real host OS and > > cause real damage would mean you have to be either really really > > dedicated, have a gun and know where I live or serve me with a > > warrant. > > If you're running services available to the outside world, keep > in mind *their* security updates also. If those require a system > update, do it, but usually they don't - you usually just upgrade > the ports in question. For servers, you should follow -p as long > as possible. If there are no further security updates for a > certain release, it MAY be a valid idea to upgrade to the new > release (e. g. 8.0 to 8.2, or what's the current release when > 8.0-p doesn't continue). > > > > > Do you liva by the "If it's not broken, don't fix it" mantra or do you > > religiously keep your OS installations up to date? > > Maybe you'll laugh, but I go with both ways. :-) I've got an > experimental system that I try "bleeding edge" software on, just > to see how well it works. Servers and workstations that I > need to RELY ON go with "not broken, not fix". > > I'm sure you'll get more answers that suggest you to really > think about what you want to do, and that determines your way, > maybe both ways, if that fits your requirements. Both ways have > their advantages and disadvantages, and it's up to you how you > handle it. > > > > > -- > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > [email protected]" >
we have some production dns caches at work running bsd 4.3, that have been there for nearly a decade. We keep the dns software on them upto date and they are locked down with a firewall. However they will be going some time this year, but thats more down to consolidation than anything else. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
