Which Linux for Professional Admins?

LazloToth asks: "Short and sweet: with so many distributions of Linux to choose from, and so many of them good to excellent, which Linux delivers the best balance of stability, high-level support options, security, rapid updates, and ease of administration? If an admin wants to standardize on one Linux distribution and have the best of all worlds on everything from file-and-print servers to database boxes, what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"

Gentoo

[Anonymous Coward]

This answer was specifically optimized for your question.

Re:Gentoo

[Talrias]

Yes, I personally like Gentoo, but I really think this is something you have to test for yourself, like buying a new house or car. You can be recommended, surely, but the best way to choose a new product you want is to test it yourself. Wikipedia's overview/comparison of Linux distros [wikipedia.org] will give you a guide and allow you to make your own choice.

Now onto my advice. :) The most important aspect of a Linux distro, in my opinion, is the package management system. Ideally you want a system which makes it easy to upgrade, doesn't screw up configuration files, is easy to use, and has a great number of packages available.

For the record, I use Gentoo on my home computer, and Debian on my server (as well as a Windows XP box for gaming).

Chris

Re:Gentoo

[sloanster]

For the record, I use Gentoo on my home computer, and Debian on my server (as well as a Windows XP box for gaming).

Interesting. For the record, I use suse pro 9.2 on my desktop, and suse 9.2 pro on my servers. (and a suse 9.2 pro box for gaming - personally, I don't see the point of bothering with microsoft issues just to play ut2004, doom3 or quake 3 arena when those games run quite nicely on linux)

But more to point of the original discussion, my employer's requirements are different from mine, and so t

Re:Gentoo

[jspectre]

if you're new to any operating system, WTF are you doing installing it in a production environment?

new to gentoo or debian or redhat or windows. if you don't know the OS you shouldn't be pushing it in production. if you know the product enough to be hired as an administrator in it, then you should have no problems with it in a production environment.

debian isn't any easier to learn than gentoo just because you can apt-get a package vs emerge some source to compile. both distros can install a successfully working package in one line (or bork a system in one other line)

Re:Gentoo

[Pharmboy]

Er, are there any distros around that don't have this?

Perhaps the whole up2date versus yum versus yast versus apt-get debate. Easy to upgrade depends as well, since Fedora is easy to upgrade but they drop support so damn quick that you better upgrade, unless you are using software that borks unless you use a specific distro (Ensim for instance)

Personally, I see a great deal of difference in SuSe (my new fav) and debian and redhat (my first distro). In package management, configuration setup and number

Re:Gentoo

[Sweetshark]

This answer was specifically optimized for your question.
... and was installed on all systems from a once-precompiled customized .tbz.

Seriously, gentoo could make sense in a enviroment with many equally equipped systems. But otherwise I think debian or RH/FC is the way to go for larger deployments.

Re:Gentoo

[SharpFang]

stability

Below standard. Bleeding Edge, often beta.

high-level support options

None?

security

Standard. Maybe a bit above due to easy, high customizablity.

rapid updates

No. Bleeding edge is not equivalent to rapid.
apt-get upgrade apache is rapid - it takes 15s on a fast system.
emerge apache isn't rapid. It takes half a hour.

and ease of administration?

Below standard. All typical manual administration by editing standard config files. No centralized "managers".

Don't get me wrong. Typing this from a Gentoo box, and I like my Gentoo. But that's a zealot/fanboy distro. Not a pro admin distro. I keep it because I like it, I can fiddle with it, learn. I can do cool stuff with it. If I was to manage a farm of 200 different of these I'd easily go crazy.

Re:Gentoo

[somethinghollow]

Standard. Maybe a bit above due to easy, high customizablity.

You can always get hardened gentoo [gentoo.org] if you need that extra level of security...

Re:Gentoo

[sp0rk173]

Nice job missing the joke, Einstein. However, just to counter you with a bit of reason, and not dogma..

stability:
If you use their standard package set, meaning not keyed for your specific architecture, stability will not be bleeding edge. You'll be building programs with configurations that are well-tested, generally since the inception of portage.

high-level support options:
Yeah, you're right here. But as far as I'm concerned, if the bosses hired you, they should have confidence in your skills and your resourcefulness.

security:
Right here, too. Also - to me - any security in linux is standard, unless you're running an older (read: 2.4.x) kernel that doesn't have much new feature influx. At that point, kernel security approaches that of the BSD's, though I would argue that base system and system services security is still rather low due to lack of development cohesion.

rapid updates:
Wrong. Wrong wrong wrong wrong wrong. So wrong. For gentoo to be considered for a corporate environment, you would definitely set up a centralized build server, possibly with distcc installed on all of the workstations to mitigate the load, distribute it across the network and speed up compilation times. This build server would also act as a weekly package checkpoint. All of the servers and workstations would use this machine as their central package repository and using a little cron magic and universal, standardized config files, every machine would update on saturday or sunday, grab the new packages off the server, install them, and be done with it. There would be no office-drone typing emerge -u world, then going on an extremely long coffee break. If you were to set up a network of 200+ gentoo machines without making your own, custom stage three tarball, you ARE crazy.

and ease of administration:
See above. After you got the initial infrastructure in place, it would be a breeze. Assuming everything works out right. But hey, they hired you to admin the systems, right? That's what you're there for.

Now, personally i'm past my gentoo phase. Goin' back to the ol' faithful FreeBSD. But, just because Gentoo is a source-based power-user-centered distro doesnt mean you can't cook up your own in-house solution while taking advantage of the awesome tools gentoo provides. The only reason apt is faster than emerge is because emerge uses source by default, while apt-get uses binary packages by default. However, portage can use binary packages and apt-get can indeed install from source. In their default forms you're comparing apples to oranges.
Bottom Line: I can be done, and if you have the know-how, it can be done well.

Re:Gentoo

[mabinogi]

what on earth makes you think someone's going to have 200 machines with identical requirements?

We're not talking about clusters here, we're talking about a corporate network.

Machine 1. DNS Server
Machine 2. Email server
Machine 3. File Server
Machine 4. Intranet web server
Machine 5. Development server
Machine 6. Production server for internal software 1
Machine 7. Production server for internal software 2
Machine 8. Database server
Machine 9. Public web site
...
...

It's highly unlikely that all, or even most of

Re:Gentoo

[ArsonSmith]

Me: Hi, Oracle, I am having problems getting Oracle 9i to install on my Gentoo server.
Oracle: We don't support Gentoo

Me: Hi, Veritas, I am trying to set up VCS on my Gentoo cluster.
Veritas: We don't support Gentoo

Don't think Gentoo is going on any of my servers. We standardized on Suse do to the huge support structure that has been put in place with them being purchased by Novell. When you are a single admin over 112 servers you need to be sure that each one you log in to is exacly the same. Automation is key. Good vendor support is a requirement.

Re:Gentoo

[cbr2702]

By the time you start compiling your kernel before you even boot gentoo the first time, I'll have my users working on a file/print/mail server already.

In setting up a server to be used by large numbers of people over long periods of time, installation speed really doesn't matter much. It's the ongoing administration, the efficiency for the admin of the configuration and upgrading process that matters most.

Re:Gentoo

[magarity]

before you even boot gentoo the first time, I'll have my users working

Umm, maybe not... I've re-read your post a couple of times to make sure but you don't seem to have a distro picked out.

Re:Gentoo

[Penguin Follower]

You do know that you can do a stage 3 install & use prebuilt packages these days, don't you? You only have to compile the kernel. Later when you update/upgrade the system you can compile the components being upgraded/updated. Let's face it: even though many of us linux geeks like to compile stuff from scratch (stage 1 baby!) Portage is really damn cool. You've got a huge repository of packages from which to choose. All of which are just an emerge away! ;) Pretty painless management as I've experienced i

Re:Gentoo

[j-pimp]

In the "real world this is not the case. Most server software can be compiled against libriaries several generations behind. This is partially due to the magic of automake/autoconf and partly due to things not changing all that much. Also alot of the apps that get work done tend to not have anythign on the system dependant on them. For example PHP. At my previous job we setup Redhat Enterprise servers. However we needed php5 and decided to compile it from the tarball. The only thing that depended on php wa

Linux? Bah.

[Anonymous Coward]

Hurd. Master of OS's.

Goodness

[Anonymous Coward]

This should be fun to watch.

Re:Goodness

[tha_mink]

Yeah really. Asking Slashdot users which Linux to use will produce more results than asking google [google.com].

At least google won't make fun of you while you ask.

C'mon Cliff. Why post this kinda thing? What good will come from this.

[your distro] sucks...use [my distro]...

Killme now.

Wrong query.

[Spy der Mann]

Try this time with quotes [google.com].

Results 1 - 23 of 23 for "which distribution of linux should i use". (0.06 seconds).

There ya go. :)

Re:Goodness

[rlandrum]

Yeah really. Asking Slashdot users which Linux to use will produce more results than asking google.

Maybe not. Re-read the question again, and what he's really asking is what makes managers feel warm and fuzzy.

Nothing makes my managers cream in their jeans more than the words "vendor support". That alone is what drives people toward other Operating Systems (Solaris, HP-UX, Irix, Windows).

If my business was just switching to Linux, and they wanted the best, my immediate suggestion would be Redhat. It's been around for years. It's a publically traded company (which says something about it's stability), and it puts together a widely supported and recognized operating system (AS 2.1 and RHEL 3.0). In addition, it's going to run most of the proprietary database software (including Oracle and Sybase), and just about every piece of open source software you might need for running a business is included on the distro CDs.

I've been a Redhat user since 1998. I love RH 7.2, but think every free distribution since then has sucked. Which is why I have begun switching to Gentoo for my desktop. It takes awhile to compile everything, but it seems like it's gotten around dependancy hell.

In general, Redhat for business and critical systems, Gentoo for SA workstations.

Re:Goodness

[slashdot_commentator]

Using your rationalizations, I'd go Suse. Owned by a major corporation (Novell), provides support contracts, and once linux is the standard platform for their Netware services, you'll have better management software for your enterprise networks.

Can a whole story be modded as...

[cnelzie]

...flamebait? I mean come on now!

There's so many options and so many 'ways of doing things' with Linux and EVERYBODY knows they are right and everyone else is wrong or simply misguided...

Gentoo Linux users will proclaim that their distro is simply the best and the only option to go for. However, you still have a steep learning and a long setup time for building a system, which requires more then just passing knowledge of Linux, which isn't bad. It just isn't necesarily conducive to the 'standard' corporate environment. (My opinion may not match your own.)

Red Hat Linux is supported by a long standing team of Linux Engineers that has built itself around supporting the Enterprise computing environment, which makes it a good choice for such environments.

Mandrake Linux has made a name of itself for desktop use, mostly for consumer end-users, although they are working hard at making inroads to the corporate enterprise environment.

SuSe Linux/Novell is a long standing corporate computing environment corporation that should be able to provide support that equals or surpasses Red Hat. Of course, that would depend upon who you talk to.

Beyond that, there are tons of other players in the marketplace that will or won't be here in 6 months to a year.

Honestly, if I was setting up a Corporate Environment to create a standard setup across multiple servers, I would choose either Red Hat or SuSe/Novell. They are widely used distros, they both have easy to use tools, they both have certification programs, which could be used in order to certify that a support team, from the top Admin all the way down to the helpdesk jockey have a certain level of knowledge comensurate with their position as well as knowing the tools for that particular distro.

That's just my opinion anyway.

Debian

[corrosive_nf]

I say debian. Choose stable and use apt-get for updating. Yup Debian

Ubuntu

[dieman]

Hands down. Its debian, its got support, and we're going to see a new release every six months until they run out of cash. :)

Re:Ubuntu

[yamla]

I agree, though I still prefer Debian itself for servers which will not run any GUI at all. But then, I tend to be fairly conservative in my distributions for servers.

I tried FreeBSD but gave it up. The main problem was that it does not run the 4.x versions of VMWare, unfortunately still a requirement for me. However, I also found that Debian did a better job managing configuration files.

Re:Ubuntu

[syousef]

we're going to see a new release every six months until they run out of cash.

Oh yeah, that's the sort of thing I want to read when I decide to use an OS enterprise wide: "...until they run out of cash".

Re:Ubuntu

[misleb]

18 months of support is not good enough. I have servers that sit around for years which need to be up to date with all current security patches. Although apt-get dist-upgrade is not difficult to do, it is not practical to do every 18 months or so.

What about security releases? Is Ubuntu as good about security as Debian? You know, there is a reason Debian takes so long to release stable. It is very well tested. Ubuntu is a little too bleeding edge for most serious server environments. In my experience, the latest greatest packages are not generally necessary on servers. I'd stick with Debian, personally.

-matthew

Easy..

[tewmten]

Slackware of course.
KISS all the way :-)

Re:Easy..

[Psychofreak]

I am running Slackware on my own machine. [slashdot.org] I am not a guru administrator. I have found that the documentation for software installation and upgrades use a different structure than Slackware uses. This causes much confusion on my part.

I tried SuSE and Red Hat in College, but was not impressed by the limitations that the installation software created. I like booting to a command line, even though my first command is usually "startx".

I have not had the opportunity to try *BSD. While I feel that wiping my

To put it short

[A beautiful mind]

It's the administrator, not the distribution that matters the most. A different administrator might like a different system. There is no absolute objective "good".

Mod this guy up.

[nlinecomputers]

He's right. I personally like Suse. Yet I know people that will spit teeth before using Suse. I like Suse because of its ease of administration via Yast. Some hate that and perfer the command line. Gotta try'em before you use'em. Support and scalability are an issue too. I sell servers to small SOHO type offices. Most any Linux will do the job. I don't expect the download version of Suse to handle a grid cluster.

Re:To put it short

[DeckardJK]

I beg to differ... the best distribution is clearly the one with the cutest logo at any given time.

Re:To put it short

[eln]

Wrong! My distribution of choice is superior in every way to your pathetic distribution of choice. You are the lowest form of loser to think that your worthless distribution could hold a candle to the God-like superiority of my distribution.

My distribution's superiority is clearly demonstrated by it's magnificent out-of-the box handling of my obscure feature of choice. Your pathetic distribution doesn't even support my obscure feature of choice without a course of action so complex that it's madness to even contemplate it.

Clearly, my distribution of choice will utterly destroy your distribution of choice. This is so certain it is pointless for you to resist it.

Re:To put it short

[gbjbaanb]

Your pathetic distribution doesn't even support my obscure feature of choice without a course of action so complex that it's madness to even contemplate it.

*sigh*. OK, WindowsXP it is then.

Re:To put it short

[aztektum]

And answers like this (I'm not arguing the point, I think it's valid) are why Linux has made few inroads on corporate desktops. PHB's want one answer to all of their IT problems. Not "Well it depends, we could use Distro A, but Joe likes Distro B better. Although Distro C has better support..." then they end up with Windows XP because there is no "It just works." answer for Linux.

Re:To put it short

[ScuzzMonkey]

There sure are "it just works" answers for Linux... the problem is that most of the advocates for it aren't content to just name one, but instead like to listen to themselves blather on and show off their technical knowledge of the differences.

The Windows crowd, on the other hand, simply don't have enough technical knowledge to blather about and so Windows wins out. PHBs don't like to be confused.

A competent IT manager will evaluate and present the recommendation best suited for the environment, not try to hold a pointless debate in front of PHBs who don't care and won't get it.

Re:To put it short

[ScuzzMonkey]

Strictly tongue in cheek; although, as a companion observation, I would be willing to say that most people who are TRULY technically knowledgeable are not easily categorized as either Linux or Windows people... they understand the place and utility of both and are capable of managing either competently.

OS X

[simpl3x]

And, why does not our glisteny little OS-that-could not enter into the conversation here? BSD based, command-line tools, rapid fixes, missing large holes, and able to run just all of the necessary open-source applications, if they aren't already included...

I'm about ready to just move my server in-house using a Mac Mini with OS X Server. It's not like it gets huge amounts of traffic, and less than a grand isn't bad at all. Last time I ran the servers inside, they were Cobalt boxen, which illustrates my lev

So true

[BinLadenMyHero]

The parent is absolutely right.

And as a competent admin, I choose the distro that don't get in the way, that let me do the things my way. By that aspect alone, LFS [linuxfromscratch.org] would be the best, but it a bit exagerated. (I highly recommend to install it [linuxfromscratch.org] once though, if you are interested in better understanding of the system, it's parts and how they work, from boot to the password prompt and applications. I used it at my machine at home for quite some time.)

I choose Slackware. I used to install everything (after the

Flamebait -1

[Emugamer]

Don't you think that if there was a holy grail of Linux distros, that there would be more then one Linux distro? If people agreed on what you asked, there would be less distros to choose from, unfortunately all of them have their downsides, thus listen to what everyone says about their favorite distro, and do what I do, choose Slack. Oh you want a reason? How about "'caus"

Honestly I would choose slack or debian (different reasons for each) and then boot off network, change one image you change them all... then have box specific apps on the local hard drive etc. BTW: get a lot of ram

SuSE

[zogulus]

SuSE, SuSE, SuSE...

Simple & Easy - more than you could ask...

Re:SuSE

[Anonymous Coward]

Keep preaching, Faithful!

SuSE

- great administrative tools to support large networks

- rolling out new servers / workstation with auto-yast with pre-installed configuration/software

- YaST - Best configuration tool under the sun for Linux.

- 10+ years experience + now Novell.

Re:SuSE What more could you ask???

[LWATCDR]

Well he did ask for high level support and stability. SuSE is now owned by Novell so I would say that answers the high level support issue.
For support I would have to put Red Hat and SuSE at the top. I think SuSE has newer stuff than Red Hat "Not counting Fedora". Mandrake is very good but I have no idea how good their enterprise level support is. That may actually depend a lot on where you are. If you are in France Mandrake maybe a clear winner for support. In Germany SuSE may have an advantage.
If one of the BSDs is an option the best supported one is probably OS/X.

Survey says

[dzo]

Gentoo All the way. nuff said

Management

[wombatmobile]

what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"

I don't know. My management just feels fuzzy.

Re:Management

[winkydink]

Tell your boss to shave his butt. :)

Personally...

[B00yah]

I recommend Mandrake with a support license. Frequent updates, rpm based for easy package updation (bwahaha, updation), it's gotten press with being traded publicly now, so it may trigger PHB's to pull a "hey, I read about them in (insert CIO style dummy mag here)".

But that's just me.

Re:Personally...

[opkool]

Yes, Mandrake is pretty good:
* Mandrake is Linux, as it is as stable as all other Linux distros
* includes recent versions of software
* easy administration: point-and-click interfaces (with text versions using ncurses) plus the classic ssh + vi + /etc
* company commited to GPL Mandrake golden rules [mandrakesoft.com]
* LSB-compliant (Linux Standard Base)
* The company is making money (the company will be here for a long time)
* 2 main versions
- regular version (including gratis download edition)
- corporate edition (including support 24x7 and all that jazz)
And, oh, yeah, Mandrake has a native apt-get like tool called urpmi, with both GUI and text interfaces.
Peace

Define professional

[pronobozo]

If you are a professional admin, shouldn't you already know what's best?

Obvious

[pjf(at)gna.org]

> which Linux delivers the best balance of
> stability, high-level support options, security,
> rapid updates, and ease of administration

2.4

Well, SuSE or RedHat, obviously.

[PornMaster]

RedHat and SuSE both have software and hardware vendor support. You might find that companies with an existing relationship with Novell (or even a nostalgic one) will tend towards SuSE, but like in the days decades ago when "Nobody got fired for buying IBM", you'd probably have your best defense against a pink slip with RedHat.

Re:Well, SuSE or RedHat, obviously.

[SuperQ]

Yep.. I love Ubuntu (go dieman) and Debian for all of my home stuff.. but I have to say.. for all of our servers and workstations, doing just about every task we need from desktop PC's, to HPC clusters, to single machines with 16+ processors, Redhat wins hands down as the mmost stable, easy to make work, and supported by all the stupid commercial software vendors OS we have. With systems like IRIX falling by the way-side, Redhat is my fav for "on the job" stuff.

Re:Well, SuSE or RedHat, obviously.

[plj]

"Nobody got fired for buying IBM"

Oh, but you could still use that for your advantage. I bet the folks at IBM would love to sell you that Novell or RH setup -- naturally along with their own services & support contract -- and voilà, what was bought was from IBM, you got Linux, and nobody got fired. Assuming that that old rule still applies, of course...

Re:Well, SuSE or RedHat, obviously.

[FatherOfONe]

I agree to a point. However, if you are running RedHat 3.x on supported hardware and the only "major" software you are running on it is Oracle DB, they will fully support both the DB and the server. I have never had them send my back to RedHat for a question or a new/old RPM. Oracle provides it. In this example open source kinda rocks.

Granted you may be talking to someone in India who can't speak english to save his/her life, but they will support you.

Re:Well, SuSE or RedHat, obviously.

[scheme]

People on this thread have been hammering Redhat and Suse like these companies own Linux. Yes, Debian and Gentoo aren't huge companes with hundreds of programmers sitting at the edge of their seats ready to help you and instantly fix security bugs, but neither are the big guys. Redhat and Suse/Novell are Linux "Packagers". They put together a bunch of open source software written by everyone from paid full time programmers to 15 years olds in their basement.

That might have been true a few years back but it

SuSe all the way baby

[BristolCream]

We run SuSe over a cluster of several hundred servers. Extremely easy to deploy, very secure out of the box and it supports auto-updates which saves us a world of admin time.

Base install w/apache, mysql and mod_backhand takes about thirty minutes to online.

Hahah, replies should be funny

[chris09876]

This post is sure to generate a ton of replies :) Really though, it depends exactly on what you need. For the company I worked for, the most important thing was ease of maintainability. For that reason, we chose to go with Debian. It was easy to update things across multiple machines. That was the biggest appeal for us. Other distributions have other features to offer.

Please, flame away

[Raunch]

Read no further. Without having to read the reast of these posts; you can get a sense of what is to come here, and hopefully avoid some painful reading:
"I like A".
"I like B".
"A sucks and so does your mom".

PS. Apt-get rules.

Try A BSD

[devphaeton]

This is less of a flaming attempt that you might think.

Linux has always been good to me- i have no regrets. But the numbers (insert real netcraft census, not the typical BSD is dying troll) may indicate better than hype (or maybe not).

Mention OSX as a BSD if you like, but I don't know about its performance vs Free/Net/Open.. (meaning i have no experience with it) I would hope that you can boot it w/o the expensive GUI running all the time. Also, if you have existing PC hardware, Free/Net/Open will not r

Mod Topic -1 Flamebait

[IcEMaN252]

Isn't this more of a religious question than a technical one?

What is best for your everything might be best than what is best for my everything.

If I my organization does a, b, and c and requires d, e, and f, then Linux Distro G is best for me. But if you do x, y, and z and need u, v, and w, then Linux Distro T is probably better for you.

There is no _one_ answer.

Slack

[Vinson Massif]

All others pale before this mighty distro.

Yeesh, what a question. Guaranteed page refreshes and add views.

One vote for SuSE...

[badasscat]

I'm gonna give my vote to SuSE... the ease and speed of updates is one reason I've stuck with it, after giving up on Mandrake and Red Hat/Fedora. YAST2 (the built-in setup utility) is just such an easy and powerful tool, and it "just works" - you can set it to auto-update if you want (it sets up a cron job for you if you select this option), but even on manual it will identify critical patches separately from non-critical patches, which makes it easy to pick and choose.

Plus, it's Novell now, so it's owned by a "real company", which may or may not be something your own company/organization is looking for (some business do require some level of centralized accountability and support).

I've also been pleasantly surprised with SuSE 9.2 in other areas - it's the cleanest and easiest-to-use distro out of the box that I've used, with no obvious bugs that I've seen. No reason not to use it, and lots of reasons to use it. YAST2 is a big selling point, in my opinion.

Re:One vote for SuSE...

[badasscat]

I'm gonna give my vote to SuSE... the ease and speed of updates is one reason I've stuck with it, after giving up on Mandrake and Red Hat/Fedora.

Argh...this kinda came out wrong... the reasons I gave up on other distros were not specifically due to the updates (Red Hat has a nice auto-update utility as well) but for a variety of reasons. SuSE is, IMO, the most polished distro I have used overall, and that includes the very nice YAST2. I have just not had any real problems with it, whereas I've had various bits of hardware that could never be properly configured under Mandrake or RH/Fedora, despite the fact that they were supposed to work out of the box. (This included the complete inability to even set hard drive mount points under Fedora Core 3, which is what finally led me to dump Fedora altogether.)

I say Ubuntu

[xutopia]

that's what I use and I love it as both server and desktop.

Gentoo and Debian the only serious contenders

[Gherald]

> the best balance of stability, high-level support options, security, rapid updates, and ease of administration

Surely Gentoo delivers the best balance of the above. The only real disadvantage is compilation time, but that can be negated by nice'ing long emerges overnight.

Now, if stability and security are paramount I would go with Debian stable. But Gentoo is light years ahead of all contenders in the rapid updates department.

Re:Gentoo and Debian the only serious contenders

[lysander]

I, a Debian user, tried Gentoo on two machines. Here were the problems I found:

• Gentoo's idea of security updates is not yet fully developed. There should be a logical step between "this is a security problem" and "ooh, here is a new version". glsa-check needs to work in concert with portage, rather than as an afterthought. This will get better.
• Gentoo's build process doesn't include sensible FEATURES flags by default. In particular, collision-protect, maketest, sandbox, userpriv, and usersandbox really need to be on. I don't want to be building as root. I sure as hell want software to run its own tests to make sure it works (especially if I were trying crazy optimization flags, which I wasn't). And collision-protect, to make sure that packages weren't overwriting other packages' files, seems like a bright idea as well -- except that it doesn't work. I have to turn it off every other week to 'emerge world' for updates. It needs to work, and it needs to be on by default.

Re:Gentoo and Debian the only serious contenders

[Gherald]

- "Rolling upgrades" is how Gentoo handles "this is a security problem". This suits my needs.

If it doesn't suit yours, don't use Gentoo, because I highly doubt this is going to change anytime soon. There is no sense competing directly with Debian stable. Gentoo does not security patch old versions, it's as simple as that.

- The documentation should be in make.conf.example, but none of that stuff should be on by default. Enable it if you need it.

Collision-protect is not a crucial feature, but I agree t

Re:Gentoo and Debian the only serious contenders

[lysander]

Collision-protect is not a crucial feature, but I agree that it would be nice if it worked, and it probably will work soon.

I think it's pretty important. If, without collision-protect, I emerge package A and then unmerge package B, how do I know it didn't take some of A's files with it? Didn't I just break A and not even know it? How would I even begin to figure it out or fix it other than by emerging A again? (An example. [gentoo.org])

It's unclear what the resolution is as a maintainer of a machine. Should I

Re:Gentoo and Debian the only serious contenders

[mwhahaha]

While I concur that Gentoo and Debian are both great distros (i've managed to get a few gentoo boxes in at work), the problem comes from the lack of enterprise support for things such as Oracle and EMC. Oracle only runs on RedHat and maybe SuSE, and EMC software is only supported on RedHat and SuSE. While I have managed to get a gentoo box connected to an EMC, it doesn't have their PowerPath software for failover, etc. That and it took me a week to get the stuff working properly. If Oracle and EMC supported gentoo, i'd set our redhat licenses ablaze. Unfortunately the only thing gentoo/debian can do is web/smtp/dns which is fine if you run mysql/postgres as your choice of database, but these days in an enterprise environment you are stuck with at least one RedHat/SuSE box.

Debian

[Skuggamara]

As a system administrator and IS manager in a mostly windows environment, I have found Debian to be the most reliable and easy to maintain. The APT system makes security and package upgrades (and downgrades) considerably easier than any RPM system ever was.

While APT is available on Fedora, I have always found Debian to be well-thought out and reliable, even for a Windows guy like me.

Re:Debian

[808140]

You do realize that there are three distinct flavours of Debian -- well, four, actually -- with varying policies on updates?

Debian stable is enterprise grade. Bugs and security fixes are backported, very slow upgrade cycle (typically 2 to 3 years), extensive testing. It is, in my experience, the only truly stable (in the tradition of Solaris and BSD) Linux distribution. It's great in an enterprise environment because you don't need to upgrade it frequently, and the Debian security team provides security patches that don't screw your system up -- you can configure apt to download and install security updates immediately in the background. Debian stable is the server you put in the corner and forget about. It'll run forever.

Then, there's Debian testing, which will eventually become the next stable. For most people who don't need the very latest software (especially GUI environments) but who do want more frequent updates, testing is ideal. It's not much less stable than Debian stable, much more up to date, but not so bleeding edge that it breaks constantly (like Gentoo).

Debian unstable, despite its name, is actually quite stable -- I rarely have any problems with it. It's good for a desktop machine when you want the latest and the greatest, and are willing to spend some time updating the machine (because you'll need to do it frequently).

Those are the big three that people run. There is a fourth: Debian experimental. This contains packages that haven't made it into unstable yet, usually because they have bugs or other problems. I don't know anyone (other than clueless noobs) that would try to run experimental -- what's much more typical is to run unstable and pick occasional experimental packages out by hand.

People that talk about how far behind Debian is usually only use stable, which is the default install -- but upgrading to testing or unstable is trivial (ie, one command). Understand that for enterprise servers, new is not the same as good. Take a look at Solaris and see how old a lot of the included software is -- that's because you're supposed to configure Solaris (and most servers) to do what you want and forget about them. Debian follows this model. Stable is amazingly stable.

The only real issue (as some other posters pointed out) is that many commercial vendors only support stuff like RHEL and SuSE, which ties your hands sometimes. But in other situations, Debian Stable beats the pants off of both of those offerings in terms of stability -- they never fail (well, almost -- x86 hardware is flaky, after all, but that's not Debian's fault).

Best for the Enterprise?

[FortranDragon]

Why, Nipples, the Vulcan distro. It's logically intuitive.

;-)

RHEL or RHEL-clones

[brsmith4]

At my shop, we have been using CentOS 3 for quite some time now, and are extremely satisfied with it. Now, if you work for a big company that gets off on spending lots of money to make sure they got something tangible, then go for Red Hat Enterprise linux. People like to run their mouths about how disorganized RedHat is etc. Its untrue, at least presently speaking. Yum is an admin's dream come true when it comes to updates. Now, as CentOS 3 is just a recompile of the RedHat Enterprise sources, CentOS has been completely compatible with all that good stuff(TM) that is certified to run on RHEL 3, like oracle, not to mention completely free (as in beer/speech). I would wait until February, when RedHat Enterprise 4 comes out as it will include the 2.6 kernel series and much more up to date software. CentOS will likely build those sources and create CentOS 4 near or around that same time.

CentOS Page [caosity.org]

Mandrake

[Cyhawkalewagee]

I work for a fortune 500 company as a Tech. (Only tech for california now, we've been completely outsourced, the only reason they keep me around is because im not afraid of spending my weekend running adaware ;) Anywho, our marketing support department uses several high end production printers nearly 24/7, so stability is key. Last year the printers were hooked up to each members Windows Machine. (No, I didn't set this up, and technicly im not supposed to change it) But recently with increesed adware on the marketing support's computers (i should say one of them, shes an idoit.. anyways) and printers going 'down' due to this single person, the office manager came to me and asked what he could do to stop this from happening. (It has happened almost 10 times this year alone). So i suggested Installing a linux box to handle all the printers. Needless to say, he was extremely skeptical. (Having computer-phobia) So i took another non-priority department, and set them up the way i wanted to see marketing support setup. A few days later, he wanted to see how it worked, so i showed him. At the time, i only had my mandrake cds on me, so i used it. He was extremely impressed about how 'cool' it looked and felt. It wasnt in his words.. 'blocky' (i assume he meant text based) I showed him around the system in general (not a thing about printing though heh) and he fell in love with it after i explained how there isnt any 'adware/spyware' in Linux {At least i dont think there is.. linus help us if the day comes} and how linux itself very rarely crashes. Today i just finished installing Mandrake 10 on his main computer, tomarrow i get to begin converting marketing support. Anyways, Mandrake has always been my personal favorite for computer-newbies/Phobic people, mostly because the install, general 'mandrakness' feel of the system isnt much like tradtional linux . IMHO, its much more graphical in nature, and other more 'common-office-type' people can easily get accustomed to the enviroment. Since your a system admin, also take into account that training new people to work on the new systems may/might/will be easier than on another distro. You also never know if your boss wants to poke around someday, its always nice to let them have their fun. My suggestion for linux: Mandrake My Suggestion in general: FreeBSD FreeBSD however is a whole differnt story =)

Thy *BSD

[ahodgkinson]

Seriously, for a free (as in speach) distribution with the minimum of feature overload and ease of administration, *BSD is a very good choice.

If ease of administration, stability and security is more important that than latest versions of the latest applications and the ability to use the latest bleeding edge hardware, then the *BSD distributions (e.g. FreeBSD, OpenBSD and NetBSD) may be the answer. Granted, a fairly good understanding of UNIX will be required, but if you're fairly proficient at adminsitering one or more Linux distributions, then *BSD will be very easy to learn. Even better, the documentation is generally better written, more complete and more up to date than any Linux distribution that I've seen.

This answer may not be what you expect, but then again the question, as posted, deserves a thinking outside the box type of answer. You stated that you want the best of all worlds, and then mention file/printer server and database boxes. It sounds like you're more interested in servers than clients. *BSD is ideal in this regard.

I have a couple other questions to add...

[Lendrick]

Should I use vi or Emacs?

Which is better... Gnome or KDE?

Should I get a PC or a Macintosh?

Should I have voted for Bush or Kerry?

Who's cooler: pirate or ninja?

Re:I have a couple other questions to add...

[starvo]

Ninja.
Sheesh, you shouldn't even have to ask such a question. Ninjas are cooler, for at least the next 18 years.

Distribution Zealots

[Pitr]

If there's one thing I hate more than distribution zealots... it's people who don't use Slackware! ;P

(Yes, that's a joke! ...well sorta.)

Not Gentoo

[Drakino]

I hate to say this, but after running Gentoo on my home server for a year, it is not enterprise worthy.

Main reason?

Sure, on the surface, Gentoo seems easy to update. Problem is, updates break things. Time and again, I have watched emerge upgrade things, possibly give me important info somewhere in the millions of lines of code it scrolls pointlessly, then I reboot to a service not acting right. This last emerge cycle left me with:

Samba in a broken state. Non protected shares worked, anything else gave access denied. Why? Someone decided to move the default location of smbpasswd and didn't notify me in a way to catch it since I wasn't watching emerge line by line.

Apache was broken. It would start one process and hang. Examining the error log showed a problem in PHP. For some reason, it missed a package that has to be recompiled every time PHP is upgraded.

Postfix has been broken in the past by similar, as well as my imap server. Filing a bug report on one of the changes was simply met with "so, deal with it" basicially.

Gentoo has a lot of hype. Actually using it across 10 servers scares me though. It turns out to be worse then any other distro in the amount of work needed to keep it up to date, since you get to spend time hunting down problems. At lease SuSE was nice enough to generate messages to root about important changes I may need to check on manually.

Re:Not Gentoo

[Jestrzcap]

If you are running updates in the background and want to catch important information just grep the output to a file.

Something like "emerge -u world | grep '*' >> important_update_info.txt"

The imporant messenges are all prefixed with * so you can easily catch them. Make a shell script to do it for you. Mail it to youself if thats what you need.

As for just blindly updating, thats not something you should be doing on a production server. Test server first, then roll changes to production.

Agree & love Gentoo

[dougnaka]

I love Gentoo, am running it on my home and work desktops. But this has been a problem historically. What parent talks about as problems are real problems with Gentoo, but are not the only reasons not to run it blindly in production. Another problem is having a C compiler be required. If your box gets compromised you've given a potential cracker all the tools he needs to do even more damage.

Now, it's very likely that the above poster upgraded his config files blindly and this is what messed up his installation, FYI config files in Gentoo aren't automatically overwritten, you're supposed to "merge" / manage them, and the process isn't very simple.

So, what to run in Production? Ideally you roll your own to production, Gentoo makes a great base system, trim it down to minimal files you need to do what your server needs, and then lock down all permissions. Ideally your production server will be as tight as it can be and still do its job. So keep a "master/build" server that has all your development files on it, and then a "production" server that only has what's needed to run on it. Make images of your production, and update by updating the master server, then the test production servers then the production servers. If you're running yum/emerge/urpmi/etc on a live production server you're opening yourself up for many risks.

Oh, it's hard to go wrong putting FreeBSD into production also, too bad it's

SLES9 / SUSE9.2 combo

[siezer]

Im going to have to run with SUSE here.

We mainly use redhat/fedora here, and I do have to say that all of the things that I've "fought" with redhat to get working properly "just work" right out of the box with SUSE.

Scenario:

I wanted to unify all logins across linux/windows machines on my companies user network.

We were running an NT4 domain controller and using local passwd authentication for all linux servers/workstations.

The natural solution to this was to set up an ldap server, have all the linux machines authenticate off it, and then replace the NT4 domain that would authenticate off the same ldap database. While we're at it, we thought we should enable fine grained access control lists for local filesystems, the samba interface, oh, and they should work over NFS as well. (acl.bestbits.at)

After about 2 months with redhat battling compilation issues, config issues, library issues, and other issues, rpm issues, and a bottle of aprin. I finally managed to get an openldap server up and running, with samba3 authenticating against it in a test environment.

Another month later, I got the ACLs working.

I about kicked myself in the head when, upon evaluating SLES9, I found that during installation it acually gave me an option to use ldap as the main authentication mechanism. Also, it has a built in, YAST controlled CA magement system, replacing all the scripts that I had written to handle ssl certificates.

I recreated my entire test environent in under an hour using SLES9.

On the client end, Suse 9.2 "just works" in every imaginable way. The only things I had to install myself for workstations were enigmail and slocate.

To this day, I still have a few redhat machines that blow up when trying to use ldap/ssl, but everything suse has worked perfectly the first time.

Naturally, it comes with a bunch of databases, a kickass update mechanism (yast), an automated setup tool (autoyast), and now has very nice support from the nice folks over at novell.

On the flip side, I would probably still use redhat for "mission critical" things, as redhats QA proccess is insane. You wont get the nice new extras, but thats because the bleeding edge tends to be unstable.

Also, another thing that needs to be thought about is "googleability." Googleability is a measure of how quickly you can find your problem, then an answer to it, using google. Redhat has much higher googleability that Suse, or any other linux distro for that matter (except perhaps debian), but to be fair, Suse (from my brief experience) tends to have less problems.

In conclusion: Suse for your internal network/workstations/etc. Redhat for your webservers and other things that should have obscene uptimes.

-s

RHEL no question

[ComputerSlicer23]

I've built up my "RedHat-fu", to the point, that it's the one distro I know how to to completely configure a machine from start to finish to be setup exactly the way I want via network boot. It might be possible with Suse, but I've never run that.

I purchase RedHat licenses for everything that is in the DMZ, or runs software that requires RedHat Enterprise Linux for support (think Oracle Databases).

Then I use Whitebox Linux [whiteboxlinux.org] for everything else. It's pretty much exactly the same as RedHat (you can pick another RHEL rebuild if you want, CentOS and Whitebox Linux are my two favorites). Whitebox can have problems from time to time, because it's a one man show. CentOS looks nice, but it sounds like the mailing lists are used less, and the web boards more for discussion and help (I've never participated, but that's the a complaint I've seen on WhiteBox lists about CentOS). I like e-mail lists for help/support. Call me silly. While web boards are nice for random discussions, I'd much rather review e-mail for technical support (both on the giving and receiving end).

I use that for the desktop. Other then, it's a bit RAM hungry, it's fine for a desktop for most people (the lack of a good MP3 player might bother most, but I play oggs, so I'm good with it). You need more then 128MB of RAM to run OpenOffice on it at a reasonable speed. (I was running a PIII-500 w/ 384MB of RAM and it was acceptable, with a new P4 w/ 128MB of RAM it was unbearably slow running Mozilla and OpenOffice at the same time. I put a 1GB of RAM in and now it's wonderful).

In the end, it means I can run almost exactly the same OS at home that I do at work. It's industrial strength, and all of the expertise I build up using it, is going towards one of the two distro's that all major software vendors support. I don't know of any Suse "rebuilds", otherwise I might recommend those.

Kirby

it's mostly the same though

[kuzb]

I mean, linux is linux is linux. Usually the only things that change are:

1) the package system
2) the installer

the one you know

[kipple]

There's no easy answer to such question. In fact, I think there's none. The best Linux choice for a professional admin is the one he knows better. A serious admin knows how to harden any linux distro (if security is a concern) and how to quickly deploy solutions if ease of use is the main choice for linux. If he is truly a professional, he knows how to learn quickly any distro's tool.
If he relies too much on the tools the distro has I'd not call him a true Linux Admin.

Next week on Ask Slashdot

[demi]

With so many text editors to choose from, I'd like to know which offers the combination of high-powered text editing features, syntax highlighting and extensibility required of today's demanding editor, while keeping the suits happy. Please include extensive discussions of how much vi beeps and how long it takes Emacs to load.

With so many software licenses available, I'd like to know which offers the high-powered legal mumbo-jumbo and strong ambiguities that are the hallmark of the professionally produced amateur computing project. Please phrase your BSD advocacy in the form of an insult to RMS, and include "Response to a question aksed by demi" in any replies and advertising materials.

Nintendo DS vs PSP, anyone? Anyone?

make upper management feel warm and fuzzy? RedHat.

[walterbyrd]

I use debian myself. But the distro that makes management happy is RedHat.

RedHat is security certified, and oracle certified. Redhat has something like 75% of the enterprise market for linux. Redhat has a real company behind it. To many in the business world, redhat *is* linux.

SuSE on Big Iron

[Dammital]

For What It's Worth, this very topic came up recently on the linux-390 list, and an informal poll was taken. SuSE outnumbered the competition [marist.edu] by a wide margin.

Standardize!

[mcrbids]

As someone who admins along with other duties, I'd say that anything you can do to make everything consistent is probably worth doing.

If possible, use the same distro everywhere. RedHat is probably the best if you need/want "official" support. A mix of RHEL and WhiteBox Linux would qualify in my book as "consistent" since they are basically the same thing.

Debian is probably the best non-commercial distro.

Gentoo is a newcomer. Some swear by it, others are put off by the 3-days of compile time and the requirement to "get down and dirty" with your Linux install.

Suse in Europe is probably about like RedHat in the US. Now with Novell in on the picture, we'll see how things fare in the US.

As a RedHat user for years (since 5.1) I'm not eager to switch unless Novell makes a GOOD case. I came real close to jumping ship when RedHat changed their business plans - whitebox (and CentOS) have stopped me from leaving RedHat altogether.

So, pick your poison, and then get real familiar with your distro of choice. And, do everything possible to unify your technology base. Keep them all the !@#@ same because even within a distro, you run into issues. Like RH 6.2 supported source routing by default, making a mockery of carefully crafted firewall rules. Like RedHat 6.x uses ipchains, RedHat 7.x emulates ipchains with iptables (with a few differences) and RedHat 9 and above uses iptables.

These little differences can eat up time and make administration a pain. You should focus on the effect of administration, not the means, and unifying your install base means that when an issue is identified anywhere, you can quickly propogate your fix everywhere.

With this methodology, I've boiled patching and reviewing some 20+ systems down to a day or two every month! As soon as RHEL (Whitebox) 4.x comes out, I'm doing a major upgrade cycle, upgrading everything I can.

Slackware

[Exter-C]

Slackware / Debian or Gentoo are the three primary choice. I wouldnt go with gentoo principally because of the huge amount of time it takes to setup and patch. I am currently running a Linux network of around 111 Slackware servers with a local ftp and swaret upgrading all the packages. it works without any problems and I can build the packages that are custom across the board and put them on the ftp and they are automatically patched across the network. This is much more difficult to maintain with gentoo and possibly debian (i have not tried this with the deb).

To make PHBs warm and fuzzy...

[Kjella]

...with support options, go for Red Hat or Suse.

If you want to be warm and fuzzy, go for debian.

Debian 3.1 should be out in this quarter (an estimate based on release-critical bugs in testing), and will be supported until 2010 or so...

Re:First troll post!

[delire]

i'm sure compiling X.org for 4 days would impress the manager..

Re:Debian of course

[gcain]

You mean there are *other* distros?
I thought that was just an myth...

Re:Debian of course

[jgaynor]

I was about to say the same thing - although AFAIK we're missing one of the points hes looking for:

stability - Check
security - Check
rapid updates - Check
ease of administration - Check
high-level support options - No check

I don't consider google and usenet high level support options. Im sure someone knows of a commercial outfit that will do pay-for-play deb support - so please, chime in . . .

Otherwise go debian!

Re:Debian of course

[Anonymous Coward]

http://www.debian.org/consultants/ [debian.org]

Re:Debian of course

[direwolf puppy]

It's my understanding that you can get Debian support through HP. I know you could get per-incident before, and according to this [hp.com], it looks like they support Debian as well as the "more commercial-friendly" distros.

Re:Debian of course

[kinema]

Actually if you are looking for a good support option for Debian (or any other distro for that mater) check out Progeny [progeny.com]

Re:White Box, a clone of RHE3

[easter1916]

Running with Linux for over 7 years!

You must be fucking knackered man. At least put down the CDs, at best just stand still for a while.

Re:I have to go with Fedora Core 3

[pivo]

I like Fedora a lot (modulo their strong GNOME leanings) however I don't like it for servers. Fedora is released often so you have very current versions of everything, I like this feature on my workstation. But it's not good for servers, Fedora distributions are obsolete if they're >= 2 releases old. That means that, in order to ensure you're going to get security updates you need to upgrade your distribution about once a year. That's a pain for servers, especially ones that are working just fine.

I prefer Debian for servers, even though I'd never consider using it for a desktop distribution.

In the end though, it just depends on what you want to do with Linux, I guess you'd have to say, "use the best distro for the job." Even though that might not sound very satisfactory to someone getting started with Linux.

Re:Gentoo of course

[steveg]

I like Gentoo. All my home machines and one of my work machines runs on Gentoo. Nor would I dismiss out of hand the idea of running Gentoo on a server.

However...

As an administrator, I'm not particularly intrested in a distribution that will "teach me the inner workings of Linux". Stability and predictability are lots more important for production machines.

The new servers I'm putting on line now are all running Debian, and I'll be switching some old RH9 servers to Debian as I get the time to do that.

Someone earlier emphasized package management as a prime requirement for easy administration. Debian does that very well. Gentoo is also pretty good, except when things break, which does happen. I see Debian as more stable, Gentoo as more configurable. For a desktop, I'd choose Gentoo, but so far I'm leaning to Debian in the server room.

My biggest objection to most of the commercial distributions is that they are far too "versioned". If old versions had security updates forever, that'd be fine, but having to do a disruptive upgrade every few years on running servers just because there are no more security updates on the running version is quite inconvenient. This is one place where Gentoo really shines, being essentially "versionless". Debian makes version shifting relatively simple, so I'm comfortable with the relatively infrequent version bumps I'm likely to see.