[clug] Distro advice for server

Chris Smart chris at kororaa.org
Tue Jun 6 13:52:14 GMT 2006 

On 6/6/06 6:06 PM, "Daniel Black" <daniel.subs at internode.on.net> wrote:

> 
>> Here are some details that might affect the distro choice:
> 
> I'm going to do a shameless plug for Gentoo. Disclosure of interest I am a
> package maintainer because I just liked the way they did things.
Hey Daniel,
Nice one :) I am pretty experienced with Gentoo and find it very comfortable
to use.
> 
>> 1) It is a dual opteron machine with 8GB ram etc, h/w raid 6 controller
>> (areca 1220 pci express) and lots of hdd space.. I want to run vserver on
>> it, so that I can give virtual servers to various people. It has a tyan
>> "lights out" card, but I think this is non-distro specific.
> 
> I'd assume so too.
I can build a custom kernel with the areca driver in it, though I think as
of 2.6.15 it's in the kernel so I might not have to. Apart from that
everything else is compatible with Gentoo, but I'm not sure about other
distros.
> 
>> 
>> 2) I want to run in 64bit, but be able execute 32bit if needed.
>> 
> 64 bit it is. http://www.gentoo.org/proj/en/base/amd64/index.xml
> (with 32 bit userland if really needed)
Thanks. I have setup Gentoo 64bit on my desktop before, but never bothered
with 32bit, and then went back to 32bit cause I didn't see the point of
64bit just yet ;) But on a server it's a different story.
> 
[snip]
>
Thanks for all your package suggestions and gre / pax on vserver, etc. I
think I'm probably right with the services as I've "vhost" configured them
all on Gentoo before.

How do you maintain your Gentoo servers? I have a few scripts I use, like
one that emails me security vulnerabilities and then I go and fix them
manually.

I guess I'm not totally confident that if I update a package under Gentoo
that it's not going to break something due to lack of testing. Mind you I
haven't had this happen that I can think of, but on a server that I have to
rely on it's niggling at the back of my mind.

> 
>> 4) I guess I want some sort of "hardened" type security on it, not sure if
>> SELinux is the way to go
> 
But what would _you_ recommend? ;)
>
[snip]
> 
> Other things to consider are support lists, irc help, forums.
> 
> Further questions welcome.
Thanks! It may be best to stick with what I know, but I'm open to
suggestions. I've been trying all sorts of things. I want to do it once, and
get it all set up properly and then ready to actually _do_ something :)

-c

More information about the linux mailing list