I have noticed that the last few posts are being sent to the list twice. I checked my sent-mail folder, and only posted once to the list. Is there any reason for the duplicate posts please? Regards keith ------------------------------------------------------------ http://www.karsites.net http://www.raised-from-the-dead.org.uk This email address is challenge-response protected with http://www.tmda.net ------------------------------------------------------------

Your right there Marcus. I re-subscribed because I was not getting any mail. I think it was getting blocked in my ISP's spam filter. Everything is working OK now TY. Keith ------------------------------------------------------------ http://www.karsites.net http://www.raised-from-the-dead.org.uk This email address is challenge-response protected with http://www.tmda.net ------------------------------------------------------------ On Thu, 21 Sep 2006, Marcus Meissner wrote:

To: Keith Roberts From: Marcus Meissner Subject: Re: [suse-security] Double Posts to list

On Thu, Sep 21, 2006 at 08:16:32AM +0100, Keith Roberts wrote:

...

I have noticed that the last few posts are being sent to the list twice. I checked my sent-mail folder, and only posted once to the list. Is there any reason for the duplicate posts please?

You might be subscribed twice.

...

------------------------------------------------------------ http://www.karsites.net http://www.raised-from-the-dead.org.uk

This email address is challenge-response protected with http://www.tmda.net ------------------------------------------------------------

Or because of this.

ciao, Marcus

On Thursday 21 September 2006 00:07, Dirk Schreiner wrote:

Hi,

John Andersen schrieb:

...

On Wednesday 20 September 2006 14:31, Keith Roberts wrote:

[...]

...

But I begin to ask myself, what do I gain by moving from 9.2 to 10.2? For server class machines, the answer is virtually nothing.

Yet I can't responsibly continue to operate a system for which security patches will no longer be available. I'm forced into an upgrade on a production system.

Did you ever consider using SLES for _production_ Servers?

Yes, and some of my clients run SLES on my recommendation. Others are smaller businesses and chose linux because they really didn't want to pay Microsoft's prices, and would not want to pay SLES prices either. Either way, they buy a boxed set. -- _____________________________________ John Andersen

Paul Reeves schrieb:

I think this is the crux of the problem. SLES and SLED are way too expensive for non-corporate use. SuSE Professional, with a guarantee of two years of updates and a six monthly release cycle works (or worked?) for a lot of people. Most of whom would happily pay more (I reckon), but not as much as for SLES.

I don't know SuSE could make this work financially, but there is definitely a market there, in between free opensuse and SLES.

The same can be said about our customers - small companies would happily pay 200 $ for the professional version of SuSE to get 3-5 years of updates, one (stable) release per year would be enough. The times are gone where Linux was changing so fast that one needed a new version every 6 month. But SLES is out of reach for small companies, especially in competition with Windows 2003 Server on one side and with SuSE Linux Professional on the other. Greetings, Ralf

Well, personally I think the price Novell charge for SuSE Linux boxed set and manuals is quite enough. It's is nice to get the 2 years of security updates included in that. Keith ------------------------------------------------------------ http://www.karsites.net http://www.raised-from-the-dead.org.uk This email address is challenge-response protected with http://www.tmda.net ------------------------------------------------------------ On Thu, 21 Sep 2006, Paul Reeves wrote:

To: suse-security@suse.com From: Paul Reeves Subject: Re: [suse-security] Re: [Discontinued SUSE Linux Distribution: 9.2]

On Thursday 21 September 2006 10:15, John Andersen wrote:

...

...

Did you ever consider using SLES for _production_ Servers?

Yes, and some of my clients run SLES on my recommendation.

Others are smaller businesses and chose linux because they really didn't want to pay Microsoft's prices, and would not want to pay SLES prices either.

I think this is the crux of the problem. SLES and SLED are way too expensive for non-corporate use. SuSE Professional, with a guarantee of two years of updates and a six monthly release cycle works (or worked?) for a lot of people. Most of whom would happily pay more (I reckon), but not as much as for SLES.

I don't know SuSE could make this work financially, but there is definitely a market there, in between free opensuse and SLES.

Paul -- Paul Reeves

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here

On Thursday 21 September 2006 00:09, Marcus Meissner wrote:

...

I'd much prefer a patch AND upgrade in-place for a given period of time - say 5 years minimum.  I like the Ubuntu Long Term Support promise.

This is what SLES and SLED are for...

As I mentioned to Dirk, some sites I support are running SLES. I just replaced a SuSE 7.2 server with SLES, after begging the owners to upgrade for years. The box was behind a firewall and they were perfectly happy to run it forever. The only reason they upgraded was they finally filled the raid array. But at $800 per year its fairly expensive. Even the cheapest support option run $350/yr. Once they buy Windows 2003 Server, they are done paying. Its a tough sell put SLES in a small shop. A 7 person business looks very closely at an $800 maintenance contract. But I understand that SuSE/Novell have to make money if I expect them to be there in 6 years. -- _____________________________________ John Andersen

Marcus Meissner wrote

This is what SLES and SLED are for...

Just that SLES (don't know about SLED) doesn't provide me any updates for my servers that have (due to sensible data hosted on them) no access to the internet. And since *all* our IBM pSeries are configured that way, there is not even a host that could make use of your curl-solution because no one is outside the firewall and has access. And no, I'm not paying even more money for a zen-whatever software to get downloads, I've already paid enough for SLES itself, haven't I? This change of download policy is indeed such a major drawback that we do consider switching to another distribution (apart from the money) now. First you get promised 5 years of upgrade, but no one tells you "but only if each and every server running SLES can download the updates by itself from the internet". I would guess we are not the only organization that is really pi*** off by such a new policy and that will drop SLES for that reason. cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

I'm only running SuSE 9.2 But AAMOI does yup support any encryption protocols for the file transfer process Marcus? Keith ------------------------------------------------------------ http://www.karsites.net http://www.raised-from-the-dead.org.uk This email address is challenge-response protected with http://www.tmda.net ------------------------------------------------------------ On Thu, 21 Sep 2006, Marcus Meissner wrote:

To: Frank Steiner From: Marcus Meissner Subject: Re: [suse-security] Re: [Discontinued SUSE Linux Distribution: 9.2]

On Thu, Sep 21, 2006 at 12:49:45PM +0200, Frank Steiner wrote:

...

Marcus Meissner wrote

...

This is what SLES and SLED are for...

Just that SLES (don't know about SLED) doesn't provide me any updates for my servers that have (due to sensible data hosted on them) no access to the internet. And since *all* our IBM pSeries are configured that way, there is not even a host that could make use of your curl-solution because no one is outside the firewall and has access.

And no, I'm not paying even more money for a zen-whatever software to get downloads, I've already paid enough for SLES itself, haven't I?

This change of download policy is indeed such a major drawback that we do consider switching to another distribution (apart from the money) now. First you get promised 5 years of upgrade, but no one tells you "but only if each and every server running SLES can download the updates by itself from the internet".

I would guess we are not the only organization that is really pi*** off by such a new policy and that will drop SLES for that reason.

I am aware of this oversight and I do not like it either.

We offer now a script solution for this called "yup", http://support.novell.com/techcenter/psdb/0d00854c9f7f33f7a225f6d227c03de4.h... which you can use to mirror the updates to a local machine.

Ciao, Marcus

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here

Marcus Meissner wrote

I am aware of this oversight and I do not like it either.

I know you care about it from your mails on suse-linux-e...

We offer now a script solution for this called "yup", http://support.novell.com/techcenter/psdb/0d00854c9f7f33f7a225f6d227c03de4.h... which you can use to mirror the updates to a local machine.

I guess this is basically your script you posted to the mailinglist? I'm not sure about two things (and I can't test at the moment): - can I download packages from a non-sles host, say a SuSE 10.1 host? Looks like I have to register a host at Novell with some values from /etc/zmd/. Can I do that with a 10.1 host and use this one as download host? What if the host must be changed, can I re-register another host and use the new one then? - can I download packages for ppc from an i586 or x86_64 host? Otherwise this wouldn't help our SLES servers having no inet connection... cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

This all sounds promising! I will try it as soon as possible and see if I succeed. Thanks so far for pointing me there! cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *