Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Curious how many, if anyone is running stuff that is unsupported. I see threads all the time on various forums about people running distros that they can't do anything with since they went EOL. I'm curious how many people are running out of date, or otherwise dead distros with no updates / upgrade path aside from a fresh installation.
Last edited by jmgibson1981; 08-16-2018 at 10:26 AM.
Do you think perhaps this thread is better in a different forum like Linux-General versus in Server? Or are you asking specifically about server based installations?
If you'd like it moved, click report on your first post and cite your preference for forum, and someone will move the thread.
Servers are my main question. Desktops / Workstations people usually want current software so they don't think twice about installing the latest and greatest version of whatever usually.
I'm talking about that hack, I think it was Korea. Some company had servers running that hadn't been updated or kept current... 10 years or so out of date and they got hit. Why did that happen in the first place?
Another guy on the Ubuntu forums, his company installed 17.04 on production servers, deployed them. One way or another they never kept them upgraded, Now 17.10 is EOL and they can't upgrade any of these servers, at least not the official way.
I just don't understand how someone can do these things. I run a small htpc / server at home and I wouldn't dream of being caught like that. It just doesn't seem logical to me. Yet this type of thing happens in the enterprise, and people at home are always running stuff that is so old and out of date. They don't think anything of it. I guess I'm trying to understand why people do this in the first place? Is it poor planning? In the case of production workloads is it just a lack of IT budgeting? In the case of home users, is there a reason to not upgrade at all, don't fix if not broke?
Just trying to wrap my head around what seems to me to be a completely illogical line of thought.
Last edited by jmgibson1981; 08-16-2018 at 11:50 AM.
My guess is a lot of old installs which were not maintained and also inherited by a new administrator. At some point someone makes server function and integrity a priority, but not enough of a priority to purchase up to date support.
connecting to the internet, let alone as a server?
yes, i keep it up-to-date.
thankfully debian has "oldstable", but when i read that security updates will run out after a year, i did the dist-upgrade to stable.
my (non-server) desktop has been rolling for many years now.
but i have been thinking about this recently, because i installed Xubuntu on an old work laptop.
should i enable full automatic updates?
i decided to completely disable them (maybe debian would be better for something like this, but i have very little experience with GUI on debian), thinking: better it still works, even if dangerously outdated - as opposed to becoming unusable because of a borked upgrade.
of course for the foreseeable future i'll be around to do the upgrades.
Distribution: Mainly Devuan, antiX, & Void, with Tiny Core, Fatdog, & BSD thrown in.
Posts: 5,503
Rep:
The O/S should always be kept separate from the data.
I do it all the time, this way you can upgrade the system safely without affecting your data.
Unfortunately, not everybody does this, & that is where the problems lie, someone taking over a system like this doesn't want the hassel of sorting it out, so they persist with it, then leave for another job.
My personal computers are normally up to date with regular updating. Should something go wrong with an update/upgrade, it is easy to reinstall if your data & system are kept separate.
I did have some servers running EOL software. The prior management regime wasn't keeping on top of updating, and so things had been allowed to lapse. All servers now are on supported OS's.
They don't think anything of it. I guess I'm trying to understand why people do this in the first place? Is it poor planning? In the case of production workloads is it just a lack of IT budgeting? In the case of home users, is there a reason to not upgrade at all, don't fix if not broke?
Just trying to wrap my head around what seems to me to be a completely illogical line of thought.
I'd imagine it's usually to keep software (which may be custom-written) that won't run on the newer distros. Hopefully, those old distros are running in a VM or container.
Distribution: Slackware/Salix while testing others
Posts: 1,718
Rep:
Quote:
Originally Posted by dugan
I'd imagine it's usually to keep software (which may be custom-written) that won't run on the newer distros. Hopefully, those old distros are running in a VM or container.
Depending on the role EOL is not a problem, also, sometimes an OS could be officially EOL, but supported in house so to speak.
Your poll seems to assume everyone has only one system. Here we have some systems that are bleeding edge, others less so, others that are current for their distro but behind other distros and at least one that is EOL.
If some company is not willing to pay for updates, nobody will do this for them for free. Sometimes it's just a wrong priority logic of those companies. They are buying fancy cars and other "things" rather than invest into security. They feel it's wasted money. Nobody can help them if they don't get it. Eventually they will be hacked (sooner or later). It's that simple.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.