Re: [linux-security] supported distributions

[Chris Demwell <cdemwell@sfu.ca>]

It supports it, and it is just as easy to do as the rest of the distributions; 
however, you'll end up with a poorer product that requires more work (ie, more 
like other distributions).

If you are concerned about limiting access to the campus, I'm sure you're also 
aware that this is possible to do without restricting ourselves to NFS. The 
chief reason that I propose otherwise is to permit easy automatic acquisition of 
new patches from off-campus as soon as they are available. A squid cache of 
packages would fetch new versions if they were present upstream, and not otherwise.

One of the major benefits of Debian is the frequently updated upstream package 
sources and simple upgrade method. The combination helps administrators keep 
machines stocked with secure, unbuggy software. Offering on-demand updates via a 
proxy solution would preserve this, whereas periodic refreshing of the entire 
package tree would require more storage (for the packages that nobody wants) and 
be less responsive than a caching solution. I don't understand what benefits 
would come with sticking to NFS other than restriction to campus which as I have 
mentioned is possible with squid.

	Chris

Martin Siegert wrote:
> On Mon, Dec 08, 2003 at 08:17:17PM -0800, Martin Siegert wrote:
> 
> 
>>5) We would like to setup a Debian distribution
>>   (/vol/vol0/distrib/debian/3.0). This will require significant amount
>>   of time. Information from the community about how to setup such a
>>   distribution would be appreciated.
> 
> 
> Sorry, I should have been more specific:
> All distributions will be NFS exported from sphinx to the campus only.
> We will neither run ftp nor web servers. If Debian does not support
> installation from NFS servers, we will not support it. Thus, more
> precisely my question is how to setup a Debian distribution so that
> it can be installed via NFS.
> 
> Cheers,
> Martin
>