[SGVLUG] Ubuntu .VS. FC5 as servers

Thu Aug 10 15:25:44 PDT 2006

Greg Stark wrote:
>>From what I have read, the major difference between the two, Fedora is
> SELinux (SUSE is also SELinux.)  Ubuntu claims to have closed all but the
> necessary ports.  Is that enough to be secure?

SELinux and closing ports are two completely different animals. 
"Closing ports" can mean either using a firewall (which doesn't actually 
mean you are secure, it just means your private services stay private) 
or it can mean the majority of available services are turned off. 
Fedora has a firewall and the only service on by default is sshd (and 
now Avahi -- like Apple Rendezvous) in addition to SELinux.  I really 
don't like Fedora's default firewall, it is way too basic.

SELinux is a kernel level protection against applications doing things 
they shouldn't do.  For instance, there is no reason for sendmail to 
read /etc/shadow even when it is running as root, much less write to it, 
so that kind of operation is denied.  In general, SELinux has nothing to 
do with closing ports and very little to do with network traffic at all.

> Ubuntu 6 has better management tools.

Out of curiosity, better in what way?

> FC has a 9 months life, then it becomes legacy which lasts ...?  Ubuntu 6
> will have five years of guaranteed project support.

Each release of Fedora is supported until the second test release two 
versions higher.  FC4 was supported until FC6t2 was released a few days 
ago.  FC3 was supported until FC5t2 was released.  This is typically 
about a year, but can be longer.  Legacy support is scheduled to last an 
additional two years, but in some cases has gone on much longer.

So, FC4 was supported from its release on June 13, last year to August 
7.  That was almost 14 months.

If free is the deciding factor, I believe CentOS mirrors RedHat 
Enterprise's schedule, which guarantees support for seven years.

> Which would you choose?

That's a wide open question, really.  For personal use, I prefer the 
fast paced release schedule of Fedora.  I like that it always provides 
me with the latest and greatest.  As a contributor to the project I also 
like the principles on which it was founded.

If this was going to be a system to which I was going to have pretty 
much constant access, I'd still go with Fedora.  My own familiarity 
would be a very definitive factor there.

For someone who wanted a desktop system and I probably wouldn't see it 
again for a considerable amount of time, I'd probably go with Ubuntu.

And for a server that I wouldn't see again for a long time, I would be 
inclined to use CentOS (or RHEL if they would be paying for it and 
needing the availability of RedHat's support).

If you can't count on whoever you are doing this for to do regular 
updates, being able to cron them is a serious consideration. 
Fortunately, that's very easy with both yum and apt-get.  I don't think 
it's so easy with a system like Slackware and I'm really not sure how 
you would do that with Gentoo, but I have zero experience with either of 
those.