FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 01-27-2009, 07:38 PM
Tom Brown
 
Default gentoo mail server

Hey guys,

I've been using gentoo on my desktop for several months now. I works
great. It cut five minutes off my build time when I build our product
tree. It went from 20 to 15 minutes.

I setup our email server using Debian. Its been solid as a rock and very
low maintenance. However, it provides an antiquated environment.

I'm looking at using gentoo for the email so I'll have an up-to-date
system. Peformance is fine on the Debian system, but hey, faster is
always better.

I was hoping you guys could give me warm fuzzies about stability and
maintenance with gentoo when it comes to a production server.

What about major upgrades? If I keep the system updated regularly, is a
major upgrade necessary?

Thanks!
Tom
 
Old 01-27-2009, 07:56 PM
Nikos Chantziaras
 
Default gentoo mail server

Tom Brown wrote:

What about major upgrades? If I keep the system updated regularly, is a
major upgrade necessary?


Gentoo doesn't have major upgrades so you should be fine. But as you
can imagine, you need to give a Gentoo system more love than a Debian
one (which is pretty much "set it and forget it") due to it's "rolling
release" nature. But since you have Gentoo on your desktop, I'm sure
you know your ways about updating and carefully reading emerge logs
 
Old 01-27-2009, 08:03 PM
Volker Armin Hemmann
 
Default gentoo mail server

On Dienstag 27 Januar 2009, Tom Brown wrote:
> Hey guys,
>
> I've been using gentoo on my desktop for several months now. I works
> great. It cut five minutes off my build time when I build our product
> tree. It went from 20 to 15 minutes.
>
> I setup our email server using Debian. Its been solid as a rock and very
> low maintenance. However, it provides an antiquated environment.
>
> I'm looking at using gentoo for the email so I'll have an up-to-date
> system. Peformance is fine on the Debian system, but hey, faster is
> always better.
>
> I was hoping you guys could give me warm fuzzies about stability and
> maintenance with gentoo when it comes to a production server.
>
> What about major upgrades? If I keep the system updated regularly, is a
> major upgrade necessary?
>
> Thanks!
> Tom

a) always build with buildpkg - for backups
b) look into demerge
c) scan the logs with elogv
d) think twice before updating

I have gentoo on a small dns/dhcp/web server here for our 'dormitory' and it
works well.
 
Old 01-27-2009, 08:05 PM
Alan McKinnon
 
Default gentoo mail server

On Tuesday 27 January 2009 22:38:21 Tom Brown wrote:
> Hey guys,
>
> I've been using gentoo on my desktop for several months now. I works
> great. It cut five minutes off my build time when I build our product
> tree. It went from 20 to 15 minutes.
>
> I setup our email server using Debian. Its been solid as a rock and very
> low maintenance. However, it provides an antiquated environment.
>
> I'm looking at using gentoo for the email so I'll have an up-to-date
> system. Peformance is fine on the Debian system, but hey, faster is
> always better.
>
> I was hoping you guys could give me warm fuzzies about stability and
> maintenance with gentoo when it comes to a production server.

A well administered gentoo box is as stable as a well administered debian box.
Or a red hat one. Or a FreeBSD one. And maybe even a Solaris one.

By "well administered" I mean "decisions about it made by a sane admin", and
there are two roles to this:

- building the software. Sane decisions have to be made about what features to
include, what compiler settings, what patches etc.
- the on-site admin who decides what to deploy and how to run it.

The difference between gentoo (and FreeBSD to a lesser extent) on the one hand
and binary distros on the other is that with gentoo YOU fill the first role.
In binary distros it is someone else.

So, if you are confident with this role, go for it and gentoo is for you.
If you are not confident with this role, do not use gentoo. Use debian or red
hat or centos and you get the warm fuzzy feeling of believing you have
someone else to blame for problems :-)

There is middle ground of course, but by and large people either can and do
take this role fully, or can't and don't.

With that out of the way, debian and gentoo mostly use the same upstream
sources anyway, so there's no reason to assume things will be majorly
different in the stability department. You can prove me wrong any time by
installing the latest cvs versions of everything you can get your hands on,
but that is crazy for a production machine.

> What about major upgrades? If I keep the system updated regularly, is a
> major upgrade necessary?

mu

google it :-)

"upgrade" does not make sense in a gentoo context - it's like asking if whales
are troubled by pimples on their nose. Gentoo is not versioned and does not
have releases. What it has is a vast collection of stuff you can build. Most
of it is recent but you get to pick the versions of packages you want, and
you do it incrementally. Most folks do an update something between weekly and
monthly.

A sure recipe for disaster is to let updates slide and try do a whole whack of
them in on go. Again, it's not the same thing as updating a binary distro
with a release. It's more like trying to change large amounts of the OS on
the fly - it tends to be problematic.

Rule of thumb: update often, know what you are doing, keep an eye on the
machines, and forget you ever heard of a thing called an "update" when
working on a gentoo box


hth

--
alan dot mckinnon at gmail dot com
 
Old 01-27-2009, 08:23 PM
Nick Cunningham
 
Default gentoo mail server

2009/1/27 Tom Brown <brown@esteem.com>

Hey guys,



I've been using gentoo on my desktop for several months now. I works

great. It cut five minutes off my build time when I build our product

tree. It went from 20 to 15 minutes.



I setup our email server using Debian. Its been solid as a rock and very

low maintenance. However, it provides an antiquated environment.



I'm looking at using gentoo for the email so I'll have an up-to-date

system. Peformance is fine on the Debian system, but hey, faster is

always better.



I was hoping you guys could give me warm fuzzies about stability and

maintenance with gentoo when it comes to a production server.



What about major upgrades? If I keep the system updated regularly, is a

major upgrade necessary?



Thanks!

Tom








If your planning on running a stable server then managing a gentoo server is probably a bit more time intensive, but will pay of in terms of having it configured how *you* want and with the services *you* want running, not what someone else thinks you should have.


As a rule of thumb dont run ~ARCH unless you absolutely need a certain package (and even then, stick to keyword specific versions rather than blindly keywording everything). Dont feel that you need to sync and update every day, but *do* use tools like glsa-check (i think thats the right one but im not in my gentoo isntall to check atm) to ensure you update programs where security bugs are known.


Also its worth keeping an eye on things like the forums, and planet as often when updates to packages are likely to break things, or they need some manual intervention when updating, you see some signs of this in advance (although if you see a major update in your emerge list you *should* be stopping and going off to read up on it before blindly emerging).


Of course, all these things wont stop you causing breakages, but if you work cautiously and have some idea of what your doing then gentoo does work very well as a server.

- Nick
 
Old 01-28-2009, 01:01 AM
kashani
 
Default gentoo mail server

Tom Brown wrote:

Hey guys,

I've been using gentoo on my desktop for several months now. I works
great. It cut five minutes off my build time when I build our product
tree. It went from 20 to 15 minutes.

I setup our email server using Debian. Its been solid as a rock and very
low maintenance. However, it provides an antiquated environment.

I'm looking at using gentoo for the email so I'll have an up-to-date
system. Peformance is fine on the Debian system, but hey, faster is
always better.

I was hoping you guys could give me warm fuzzies about stability and
maintenance with gentoo when it comes to a production server.

What about major upgrades? If I keep the system updated regularly, is a
major upgrade necessary?


I've been running a Gentoo mail server for either work or personal use
and usually both since 2001. No real problems, but you do have to watch
some updates especially sasl and courier.


My current system is
Postfix-2.5 At minimum I'd use Postfix-2.2 which has the better syntax
for your virtual statements.

Postgrey for greylisting, had some issues with sqlgrey.
PostfixAdmin, because using phpmyadmin to manage your accounts and
domains is futile. I'm still on 2.1 and need to check out the newer
version. Requires PHP and a webserver.
courier-imap and cyrus-sasl. Thinking about moving to Dovecot since you
can use dovecot-sasl with Postfix under Gentoo.

Mysql5

It's fully virtual, supports smtp and imap over ssl, sasl, skipped TLS,
and easy to manage. I do not recommend the Gentoo Virtual How-to, it's
ancient and silly.


I used to have a how-to on gentoo-wiki which I need to recreate. Maybe
this weekend.


In regards to stability... don't update right away. When Postfix 2.6
comes out, give it a month. Or play with it in a virtual server. Same
with Mysql 5.1. Or whatever. I've run three separate companies on Gentoo
and never had much of an issue though I always had a test/stage/qa
environment of some sort. Also keep an eye on the forums and this mail
list. That'll usually give you a heads up when an update isn't quite right.


kashani
 
Old 01-29-2009, 02:32 AM
Tom Brown
 
Default gentoo mail server

Freakin awesome guys!

Thank you very much for your replies. This is what I got out of it:

1) Gentoo evolves. There are no major upgrades. This is a huge "go with
gentoo" point. I've never seen an operating system that didn't have
issues after a major upgrade. This means an updated system with gentoo,
all the time. No 'reinstall from scratch' every two years. Oh yeah, I've
got software that won't work after a major upgrade.

2) Gentoo requires attention. These are production servers I'm talking
about. What sysadmin doesn't check in their production servers on
regular basis? Yeah, I check in the the debian servers all the time.
That's on top of the automated emails I get reporting on the health of
the system. Ok, I don't have to do anything to them. So, I'll have to be
carefully before doing an update. I don't see that as too much to ask if
I don't have to reinstall from scratch!

Thanks guys!
Tom
 
Old 01-29-2009, 03:26 PM
James
 
Default gentoo mail server

kashani <kashani-list <at> badapple.net> writes:


> I've been running a Gentoo mail server for either work or personal use
> and usually both since 2001. No real problems, but you do have to watch
> some updates especially sasl and courier.

OK.

> My current system is
> Postfix-2.5 At minimum I'd use Postfix-2.2 which has the better syntax
> for your virtual statements.
> Postgrey for greylisting, had some issues with sqlgrey.
> PostfixAdmin, because using phpmyadmin to manage your accounts and
> domains is futile. I'm still on 2.1 and need to check out the newer
> version. Requires PHP and a webserver.
> courier-imap and cyrus-sasl. Thinking about moving to Dovecot since you
> can use dovecot-sasl with Postfix under Gentoo.
> Mysql5

> It's fully virtual, supports smtp and imap over ssl, sasl, skipped TLS,
> and easy to manage. I do not recommend the Gentoo Virtual How-to, it's
> ancient and silly.

Is this the page your refer to?
http://www.gentoo.org/doc/en/virt-mail-howto.xml

> I used to have a how-to on gentoo-wiki which I need to recreate. Maybe
> this weekend.

Very cool.

> In regards to stability... don't update right away. When Postfix 2.6
> comes out, give it a month. Or play with it in a virtual server. Same
> with Mysql 5.1. Or whatever. I've run three separate companies on Gentoo
> and never had much of an issue though I always had a test/stage/qa
> environment of some sort. Also keep an eye on the forums and this mail
> list. That'll usually give you a heads up when an update isn't quite right.


Well all of this is great news. I've pretty much decided to build
a postgtres mail server, mostly like what you have outlined.. I'm likely
to set up a second, duplicate machine for testing.


Drop a line to the list, when you have your wiki page up and I'll follow
it and make some notes on the process of settting up a postfix mail server
on gentoo.Maybe you could fix up this wiki?(or build another?):
http://en.gentoo-wiki.com/wiki/Postfix

Do you use a regular gentoo kernel, hardened setup, or what packages to
keep the mail server tightly secure?


excellent notes!

James
 
Old 01-30-2009, 05:35 PM
kashani
 
Default gentoo mail server

James wrote:
It's fully virtual, supports smtp and imap over ssl, sasl, skipped TLS,
and easy to manage. I do not recommend the Gentoo Virtual How-to, it's
ancient and silly.


Is this the page your refer to?
http://www.gentoo.org/doc/en/virt-mail-howto.xml


Yep and the things I don't like are:

1. password stored in clear text
2. complicated use of pam_mysql rather than using sasl's DBD layer directly
3. No admin interface
4. Have to edit /etc/postfix/main.cf to add domains rather than rely on
the database lookup.

5. Lack of useful troubleshooting section

I used to have a how-to on gentoo-wiki which I need to recreate. Maybe
this weekend.


Very cool.

In regards to stability... don't update right away. When Postfix 2.6
comes out, give it a month. Or play with it in a virtual server. Same
with Mysql 5.1. Or whatever. I've run three separate companies on Gentoo
and never had much of an issue though I always had a test/stage/qa
environment of some sort. Also keep an eye on the forums and this mail
list. That'll usually give you a heads up when an update isn't quite right.



Well all of this is great news. I've pretty much decided to build
a postgtres mail server, mostly like what you have outlined.. I'm likely
to set up a second, duplicate machine for testing.


I've never done it with Postgres, but I know PostfixAdmin supports it so
it shouldn't be too hard. I think Steveb had it working at somepoint.




Do you use a regular gentoo kernel, hardened setup, or what packages to
keep the mail server tightly secure?


I generally found that keeping Webapps and users off you mail server was
good enough security. Also when building most of this stuff years ago
the hardened kernels were a bit painful. Probably much easier now.


kashani
 

Thread Tools




All times are GMT. The time now is 07:48 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org