Linked by Eugenia Loli on Wed 3rd May 2006 22:19 UTC
Oracle and SUN Xandros Corporation has announced the availability of Xandros Server, the company's inaugural release of a high-end server distribution based on Debian GNU/Linux: "Xandros becomes the first Linux platform to provide a 'Debian Enterprise' end-to-end desktop and server platform."
Thread beginning with comment 120823
To view parent comment, click here.
To read all comments associated with this story, please click here.
2fargone
Member since:
2006-02-20

I don't know if you're coming from the windows server mindset, but...

"rich graphical configuration tools"

is not required on a server. In fact, adding a gui means more software in the stack and which means more points to attack the security of the server and more threats to the stability of the system. I know the attractiveness of gui tools, but really, if you're doing anything with this server that puts it out on the web or into production, you really should think about climbing the learning curve and use nothing but the cli or webbased tools such as webmin. You'll get much more bang for the buck, so to speak.

Reply Parent Score: 4

dsmogor Member since:
2005-09-01

But you agree that polished offertings targeting windows minset owners (given W market share they are the majority) doesn't hurt, do you?

Reply Parent Score: 1

segedunum Member since:
2005-07-06

is not required on a server. In fact, adding a gui means more software in the stack

Yes, they certainly are in the vast majority of cases and for Xandros' target market. I'm getting sick of this Linux "graphical tools aren't necessary" thing people come up with. They are necessary otherwise the thing is going nowhere.

Reply Parent Score: 3

2fargone Member since:
2006-02-20

The graphical tools are not necessary. Maybe desired by some, but not _NECESSARY_ to run a server. If you need them, then I hope what ever is needed comes sooner than later.

But as I have already said, if you are going to use this server in production or put it on the web, I HIGHLY recommend you don't add more software than you need so it will minimize the problems too much software can cause.

Reply Parent Score: 1

twenex Member since:
2006-04-21

Even if you MUST run GUI tools to configure a server, if you have trouble typing "startx" to start up a local X server, I wouldn't trust you to type me a letter. And people who do that for a living are secretaries, not sysadmins.

Reply Parent Score: 1

dagw Member since:
2005-07-06

In what way is webmin in any way better than basically the same thing except using GTK or qt as its GUI rather than a web browser? Having webmin running opens up at least as many of the points of attack you are worrying about.

As someone who admins both Unix and Windows systems I have to say that while I love the control and flexibility of the cli and text files, there are some things that are so much quicker and easier to handle with the windows tools. Right tool for the job and all that you know.

Reply Parent Score: 3

2fargone Member since:
2006-02-20

I don't know if you know this about webmin, but the point of webmin is you log in remotely from another computer, whose gui will display the browser you are using to log into webmin which is installed on the server. The server doesn't need a gui to run webmin because you accessing webmin from another computer to see it.

Webmin is a great tool to reduce the need for a graphical stack of software but still give a graphical frontend at the cost of logging in from another computer.

Reply Parent Score: 1

Ronald Vos Member since:
2005-07-06

In fact, adding a gui means more software in the stack and which means more points to attack the security of the server and more threats to the stability of the system.

That sounds bollocks to me (please forgive my language). I don't see how graphical widgets add vectors of attack in any way. ESPECIALLY locally run ones.

Reply Parent Score: 1

SEJeff Member since:
2005-11-05

That sounds bollocks to me (please forgive my language). I don't see how graphical widgets add vectors of attack in any way. ESPECIALLY locally run ones.

http://www.net-security.org/secworld.php?id=3994" http://www.net...

Local users are more dangerous than remote users because they have much more access. In the case of this exploit, any user with access can get root thanks to X (your beloved gui). There is a reason seasoned administrators say, "NO!" to X and anything gui on servers. I happen to be one of those Systems Administrators.

Reply Parent Score: 4

StephenBeDoper Member since:
2005-07-06

if you're doing anything with this server that puts it out on the web or into production, you really should think about climbing the learning curve and use nothing but the cli or webbased tools such as webmin.

It looks like you're suggesting that only people who are new to server administration would use a graphical admin tool. I think it's more a matter of the right tool for the right task - I prefer GUI tools for simple one-off tasks, and CLI tools when I need to automate that task or repeat it often.

Reply Parent Score: 2

2fargone Member since:
2006-02-20

I see where you're coming from, but what I was talking about is there are two times when running servers (but can be applied to most other situations as well), when it's pretty much necessary to consider not using anything graphical on the server at all. Specifically, it's servers that make money and servers that are connected to the net. And I suggest this for all business from SOHO to SMB to Megacorps, and homeusers who put servers on the net. There's no reason to add more software than is necessary when the requirements for those machines is as close to 100% uptime, reliability, and security as possible.

Like where I work, we have databases whose value are in the millions of dollars and are connected to the net. Those servers are absolutely stripped down to minimize any outages caused by software instability or security breaches. I mean there is no x-server, no gui's, they don't even have monitors.

Maybe for a home file server, yes, gui's are ok then. But if you are using it to make money with, any downtime is money lost and that's unacceptable when it's not necessary.

Reply Parent Score: 1