[sles-beta] php disappeared in beta6?

Richard Brown rbrown at suse.de
Tue May 20 02:45:29 MDT 2014 

Darren,

On Tue, 2014-05-20 at 07:29 +1000, Darren Thompson wrote:
> Richard
> 
> 
> Good point and I will concede that the "outcome" seems to be
> identical.
> 
> 
> 1. How do you register the sever to SMT during the normal installation
> workflow (I seem to have missed the option where you specify the SMT
> server URL in that registration form)?

It is my understanding (ie. do not consider this official or certain by
any means..speculation only!) that the forthcoming updates to SMT and
SUSE Manager will include a mechanism by which SLE 12 machines are able
to auto detect the presence of a nearby SMT/Manager machine.

I understand that the results of this auto detection are presented at
the point of registration (before SCC is contacted) with the user able
to choose to register against SMT/Manager instead

> 2  Now what about small sites that do not have SMT installed and don;t
> allow internet access

That's a good question, but it leads me to ask another one - how is this
small site expecting to patch their system?

Whatever the answer is to that question, is how I expect them to be able
to add the Module to their system.

One of the recurring trends in this discussion appears to be a
reluctance to install patches. I find this baffling. I understand the
realities of System Administration, having done it for over 10 years and
never managing to patch everything as fast as I wanted to, but I still
patch, and patch regularly.

This isn't just a counter to product defects and quirky scenarios, but
very real and ever present security risks - the kind of thing that
potential miscreants can and will try to use to get into your precious
SLE Server, regardless of whether it's Internet connected or 'just' on
your LAN. 
Heartbleed might not have impacted SLE 11, but there is always a chance
that the 'next big scare' could. Can you patch your systems fast enough?

I think it's probably safe to say that it is an assumption by myself and
my colleagues at SUSE that every one of our customers is going to patch
their machines, at least sometimes. That is, after all, something
customers are paying us for - the timely provision of tested patches for
the platform.

Modules (especially the Web Scripting Module which spawned this
discussion), fit into that assumption. You really don't want to run an
old version of PHP, do you?

> 3. Fundamentally, what is "wrong" with assuming the installation media
> is sufficient to build a server?

Nothing, but conversely, what is fundamentally wrong with assuming that
there is some mechanism available for patching, and using that as the
primary method of delivering a small subset of packages?
Especially when that small subset of packages is a fast-moving,
often-attacked, web software stack, where customers are likely to want
regular updates for both new features and security patches?

Regards,
	- Richard

-- 
-------------------------------------------------------------------
  Richard Brown, QA Engineer
  Phone +4991174053-361,  Fax +4991174053-483
  SUSE LINUX Products GmbH,  Maxfeldstr. 5,  D-90409 Nuernberg
  Geschaeftsfuehrer: Jeff Hawn, Jennifer Guild, Felix Imendoerffer,
  HRB 16746 (AG Nuernberg)
-------------------------------------------------------------------

More information about the sles-beta mailing list