That was something that impressed me when I was using Gentoo. I'm still
impressed that with how often I'm attempting to figure out how to do
something or deal with something, and my google searches lead me to some
Gentoo documentation where someone has what amounts to step-by-step for
it.
Gentoo is still my fave even though I'm currently using Fedora. The time
involved to keep everything up was just too much for me. I think
everything would have been good once I got it layed out and set up, but
getting there on a box I was trying to use productively ... wasn't
happening. I definitely learned more about Linux using Gentoo than any
other one I've tried. With the other distros I've tried, I feel like I'm
learning more about Fedora or Debian (yes, I've tried it) or Slackware
or ... or ... than actually about Linux.
On Mon, 2009-11-09 at 14:13 -0900, Christopher Howard wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> captgoodnight captgoodnight wrote:
> > I stopped using Gentoo years ago due to the use of tripwire and the abundance of changing files and such, as a security admin it was a pain to keep up with - ROI...
> >
> > Has that changed?
> >
> > ty,
> > --eddie
> >
>
> Since I don't even know what tripwire is I can't answer on that point.
>
> I'm also no security admin -- just a desktop user and an applications
> programmer. But there are plenty of people at forums.gentoo.org who
> would be glad to answer your questions.
>
> Regarding security: As far as keeping track of security issues, it seems
> pretty easy to me just to following the official Gentoo security
> announcements, which are available at the official website or through
> eselect news announcements, and which always come with specific
> recommendations and instructions. There are also a number of different
> profiles you can choose from that I handle the default options and
> configuration. On my architecture:
>
> [1] default/linux/x86/10.0
> [2] default/linux/x86/10.0/desktop *
> [3] default/linux/x86/10.0/developer
> [4] default/linux/x86/10.0/server
> [5] hardened/linux/x86/10.0
> [6] selinux/2007.0/x86
> [7] selinux/2007.0/x86/hardened
> [8] selinux/v2refpolicy/x86
> [9] selinux/v2refpolicy/x86/desktop
> [10] selinux/v2refpolicy/x86/developer
> [11] selinux/v2refpolicy/x86/hardened
> [12] selinux/v2refpolicy/x86/server
>
> Regarding adminstration: I suppose it might be a little easier
> administration-wise to use a distro that only makes non-security updates
> available in six-month or one-year periods. But even though Gentoo makes
> it possible to run software that is only a few weeks old, with all the
> latest code and features, there is nothing to stop you from updating
> your system less frequently if that is what you want to do.
>
> Usually I just update software when there is a security announcement, or
> when I really want the latest features of some game, office app, or
> development library. Gentoo lets me know before installation if an older
> package cannot co-exist with one I am trying to install.
>
> - From what I've learned so far, I would think Gentoo system
> administration would be quite doable, even in a large production
> environment, though it would require a different approach and mindset
> than what you usually expect working with your typical binary-based distro.
>
> - --
> Christopher Howard
> http://indicium.us
> http://theologia.indicium.us
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkr4of8ACgkQQ5FLNdi0BcXqagCffBEUs1kbBY1MLB5nerwq9hwz
> duoAn3yuvGg5pDlSeqc/Q5l9G5kKIZbG
> =jTg3
> -----END PGP SIGNATURE-----
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Nov 9 20:14:04 2009
This archive was generated by hypermail 2.1.8 : Mon Nov 09 2009 - 20:14:04 AKST