I've been working hard out of town in a situation where everything that could go wrong, did go wrong. Part of the job was getting a Red Hat box up and running, locked down, and interfaced with two IDS devices via Juniper's NSM program. Sound easy? I thought it did too. After a week of struggling, I finally realize why I love Gentoo as much as I do. Just wow.
My biggest complaint is package management. Maybe I just 'don't get' how rpms work, but I know that for every application I attempted to install, there were at least two dependencies that I had to find prior to successful installation. Additionally, when removing unnecessary packages, like CUPS and gnome's print manager, I couldn't since, for some reason, like 50 other packages depend on gnome printing and CUPS. WTF.
NSM was another story -- getting it to run on RHEL 5.1 was a challenge to begin with. I've never seen anyone embed binary packages in a shell script before, pretty sneaky Juniper. Ultimately, NSM <-> IDP communication didn't work since RHEL 5.1 is 'unsupported' as of yet. Things worked flawlessly on RHEL 4. One thing I don't get is why NSM requires a very old version of OpenSSL and PostgreSQL. Maybe you can upgrade, I didn't try.
Anyway, this post is mainly to say that Red Hat still leaves a bad taste in my mouth and I don't understand why people use it (ok fine, theres support. Great. Not good enough). There is a need for a Linux standard, but I don't think Red Hat is the right way to go. That's not to say Gentoo is, but hey, 2008.0 is out, go get it.
15 July, 2008
A week of Red Hat
2 comments:
gotta agree that portage is really nice. the way it deals w/ deps, the search flags, etc.
but waiting for OpenOffice to compile sure is a bitch, eh?
i remember that NSM installer too. did you get to work w/ setting up a network on it? i'm kinda peeved b/c i never got to roll it into prod, but it seemed unweildy so i wasn't motived to get it into production either ;)
I don't think I've ever emerged OpenOffice. Abiword, yes, but not OpenOffice. I actually emerged paludis the other day and haven't had the chance to do anything with it yet.
Regarding NSM, I only had the chance to install and add the two IDP devices -- that's all I had time for. There's a new NSM version out soon, but from what I remember about NSM when we looked at it, the more recent version seems to be much more robust and mature.
Post a Comment