On Thu, October 22, 2015 10:40 am, Jim Perrin wrote:> > > On 10/22/2015 10:31 AM, Andrew Holway wrote: >> Hi, >> >> So, it seems that the current version of PHP in Centos 7 is PHP 5.4.16 >> however this version of PHP stopped getting security support from the >> PHP >> people one month ago [1]. >> >> Now, our developers want to use the new and shiny PHP because they want >> to >> use the latest version of Zend. They are proposing using this package >> [2] >> but I never heard of this repo.For me it sound like an example of the difference between "bleeding edge" and "enterprise" systems. The first is what developers most often like, the second is what humble sysadmins prefer as they have to keep something developed long ago running for as long as possible - and without crashed, daemons dying etc (== "bleeding" which always accompanies "bleeding edge" anything). Sorry for venting my own usual pain here... Valeri>> >> Other than building the packages ourselves is there a more acceptable >> way >> to run a later version of PHP? >> >> Thoughts? Experiences? Ramblings? > > I'm personally not a fan of the webtatic repository. This is mostly due > to the number of users on irc who seem to have problems with it. I would > recommend either the upcoming software collections packages or the IUS > repository packages. https://iuscommunity.org/pages/About.html > > IUS has been a very good/reliable way to get more recent versions of > things, and the folks responsible for it are active both on irc and in > the mailing lists. > > > -- > Jim Perrin > The CentOS Project | http://www.centos.org > twitter: @BitIntegrity | GPG Key: FA09AD77 > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev wrote:> On Thu, October 22, 2015 10:40 am, Jim Perrin wrote: >> On 10/22/2015 10:31 AM, Andrew Holway wrote: >>> >>> So, it seems that the current version of PHP in Centos 7 is PHP 5.4.16 >>> however this version of PHP stopped getting security support from the >>> PHP people one month ago [1]. >>> >>> Now, our developers want to use the new and shiny PHP because they want >>> to use the latest version of Zend. They are proposing using this >>> package [2] but I never heard of this repo. > > For me it sound like an example of the difference between "bleeding edge" > and "enterprise" systems. The first is what developers most often like, > the second is what humble sysadmins prefer as they have to keep something > developed long ago running for as long as possible - and without crashed, > daemons dying etc (== "bleeding" which always accompanies "bleeding edge" > anything). Sorry for venting my own usual pain here... >Add another of that opinion. All the years that I did development, I never needed bleeding edge, and I've done a lot. On the other hand, if the spec said the current version would support something, it *better*, because, sooner or later, I'd find a need to use whatever. Bleeding edge never supports that NEWSHINY without breaking.... Like the team lead, now years gone, who built a project here in ruby on rails... and was constantly *terrified* when I wanted/needed to update the servers that was on, and stayed on "enterprise version whatever", without current updates.... Things like that are what I refer to as fragile.... mark
El 22/10/2015 a las 12:48 p.m., Valeri Galtsev escribi?:> > On Thu, October 22, 2015 10:40 am, Jim Perrin wrote: >> >> >> On 10/22/2015 10:31 AM, Andrew Holway wrote: >>> Hi, >>> >>> So, it seems that the current version of PHP in Centos 7 is PHP 5.4.16 >>> however this version of PHP stopped getting security support from the >>> PHP >>> people one month ago [1]. >>> >>> Now, our developers want to use the new and shiny PHP because they want >>> to >>> use the latest version of Zend. They are proposing using this package >>> [2] >>> but I never heard of this repo. > > For me it sound like an example of the difference between "bleeding edge" > and "enterprise" systems. The first is what developers most often like, > the second is what humble sysadmins prefer as they have to keep something > developed long ago running for as long as possible - and without crashed, > daemons dying etc (== "bleeding" which always accompanies "bleeding edge" > anything). Sorry for venting my own usual pain here... > > ValeriPHP 5.4 is in EOL, it get no more security updates from PHP developers... its may be a security risk to use this in in long term. centos should change the php version more ofthen. I dont uderstand centos 6, its still using php 5.3, who got EOL a year ago... I had to switch to another repo to get this (to not get the headache by compile by hand). If you want to change to a log term support, you should use php 5.6, this is under active development now. centos packagers mantainers should listen the PHP developers in this topic, they are the ones who really knows PHP http://php.net/supported-versions.php> >>> >>> Other than building the packages ourselves is there a more acceptable >>> way >>> to run a later version of PHP? >>> >>> Thoughts? Experiences? Ramblings? >> >> I'm personally not a fan of the webtatic repository. This is mostly due >> to the number of users on irc who seem to have problems with it. I would >> recommend either the upcoming software collections packages or the IUS >> repository packages. https://iuscommunity.org/pages/About.html >> >> IUS has been a very good/reliable way to get more recent versions of >> things, and the folks responsible for it are active both on irc and in >> the mailing lists. >> >> >> -- >> Jim Perrin >> The CentOS Project | http://www.centos.org >> twitter: @BitIntegrity | GPG Key: FA09AD77 >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > > ++++++++++++++++++++++++++++++++++++++++ > Valeri Galtsev > Sr System Administrator > Department of Astronomy and Astrophysics > Kavli Institute for Cosmological Physics > University of Chicago > Phone: 773-702-4247 > ++++++++++++++++++++++++++++++++++++++++ > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
Juan, You need to be aware how RHEL distributes software. Please read https://access.redhat.com/security/updates/backporting It's irrelevant in this case that PHP 5.3 is EOL. It will continue to be supported by Red Hat with security patches. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message -----> From: "Juan Bernhard" <juan at inti.gob.ar> > To: centos at centos.org > Sent: Thursday, 22 October, 2015 17:20:02 > Subject: Re: [CentOS] PHP version not enough for developers> El 22/10/2015 a las 12:48 p.m., Valeri Galtsev escribi?: >> >> On Thu, October 22, 2015 10:40 am, Jim Perrin wrote: >>> >>> >>> On 10/22/2015 10:31 AM, Andrew Holway wrote: >>>> Hi, >>>> >>>> So, it seems that the current version of PHP in Centos 7 is PHP 5.4.16 >>>> however this version of PHP stopped getting security support from the >>>> PHP >>>> people one month ago [1]. >>>> >>>> Now, our developers want to use the new and shiny PHP because they want >>>> to >>>> use the latest version of Zend. They are proposing using this package >>>> [2] >>>> but I never heard of this repo. >> >> For me it sound like an example of the difference between "bleeding edge" >> and "enterprise" systems. The first is what developers most often like, >> the second is what humble sysadmins prefer as they have to keep something >> developed long ago running for as long as possible - and without crashed, >> daemons dying etc (== "bleeding" which always accompanies "bleeding edge" >> anything). Sorry for venting my own usual pain here... >> >> Valeri > > PHP 5.4 is in EOL, it get no more security updates from PHP > developers... its may be a security risk to use this in in long term. > centos should change the php version more ofthen. I dont uderstand > centos 6, its still using php 5.3, who got EOL a year ago... I had to > switch to another repo to get this (to not get the headache by compile > by hand). > If you want to change to a log term support, you should use php 5.6, > this is under active development now. > centos packagers mantainers should listen the PHP developers in this > topic, they are the ones who really knows PHP > http://php.net/supported-versions.php > >> >>>> >>>> Other than building the packages ourselves is there a more acceptable >>>> way >>>> to run a later version of PHP? >>>> >>>> Thoughts? Experiences? Ramblings? >>> >>> I'm personally not a fan of the webtatic repository. This is mostly due >>> to the number of users on irc who seem to have problems with it. I would >>> recommend either the upcoming software collections packages or the IUS >>> repository packages. https://iuscommunity.org/pages/About.html >>> >>> IUS has been a very good/reliable way to get more recent versions of >>> things, and the folks responsible for it are active both on irc and in >>> the mailing lists. >>> >>> >>> -- >>> Jim Perrin >>> The CentOS Project | http://www.centos.org >>> twitter: @BitIntegrity | GPG Key: FA09AD77 >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >> >> >> ++++++++++++++++++++++++++++++++++++++++ >> Valeri Galtsev >> Sr System Administrator >> Department of Astronomy and Astrophysics >> Kavli Institute for Cosmological Physics >> University of Chicago >> Phone: 773-702-4247 >> ++++++++++++++++++++++++++++++++++++++++ >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
On Thu, October 22, 2015 11:20 am, Juan Bernhard wrote:> > El 22/10/2015 a las 12:48 p.m., Valeri Galtsev escribi?: >> On Thu, October 22, 2015 10:40 am, Jim Perrin wrote: >>> On 10/22/2015 10:31 AM, Andrew Holway wrote: >>>> Hi, >>>> So, it seems that the current version of PHP in Centos 7 is PHP5.4.16>>>> however this version of PHP stopped getting security support from thePHP>>>> people one month ago [1]. >>>> Now, our developers want to use the new and shiny PHP because they want >>>> to >>>> use the latest version of Zend. They are proposing using this package[2]>>>> but I never heard of this repo. >> For me it sound like an example of the difference between "bleeding edge" >> and "enterprise" systems. The first is what developers most often like,the second is what humble sysadmins prefer as they have to keep something>> developed long ago running for as long as possible - and without crashed, >> daemons dying etc (== "bleeding" which always accompanies "bleeding edge" >> anything). Sorry for venting my own usual pain here... >> Valeri > > PHP 5.4 is in EOL, it get no more security updates from PHP > developers... its may be a security risk to use this in in long term.centos should change the php version more ofthen. I dont uderstand centos 6, its still using php 5.3, who got EOL a year ago... I had to switch to another repo to get this (to not get the headache by compile by hand).> If you want to change to a log term support, you should use php 5.6,this is under active development now.> centos packagers mantainers should listen the PHP developers in thistopic, they are the ones who really knows PHP> http://php.net/supported-versions.php >This yet once more exemplifies the point I was trying to make. If I build new system (with new components of end point software using, say PHP), then I would pick the latest stable version of PHP. Exactly as you are point out. And I prefer to roll new box out with all latest stable everything. From this point on, once I have the box in production, I often have no luxury (when time goes by) to upgrade some components other stuff needs to run with. Like PHP that will be latest stable 3 years down the road will be several minor versions up, and some of my end components may not run with it as some internals may have changed. At this point it is exactly what I am trying to stress: either I break things that I have no newer version that works with latest version of PHP, or I can stay with older version of PHP - if at all possible. This is basically the difference between, say, Debian (and clones) style of updates/upgrades (when update bring you new version of package) and RH Enterprise Linux which keeps older version (thus preserving all internals), and [doing tremendous job of] backporting security and bug fixes implemented in new version to older version. At least this is what we loved about RHEL - not quite sure to what extent it still is true recently. The best example of really troublesome compatibility would be python and modules for it. To my python developers and users I call python a "sneaky snake". Whoever worked with python and modules written for it knows what I talk about: you always beed to match versions of modules rather rigorously the version of python itself, or things will not work. There is, however excellent "Enterprise" piece of software written in python: mailman. I really never had any trouble of any kind with mailman. This is what I figure Mark meant when he said you can write software which will work with big range of different versions of whatever it depends on - he is (was?) developer, he knows what he is talking about. Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Thu, Oct 22, 2015 at 01:20:02PM -0300, Juan Bernhard wrote:> If you want to change to a log term support, you should use php 5.6, this is > under active development now. > centos packagers mantainers should listen the PHP developers in this topic, > they are the ones who really knows PHPBut you don't seem to understand CentOS. The packages in the main repo aren't maintained by 'centos package maintainers'. They are rebuilt from RHEL source packages. If you've got a complaint with the version, complain to Red Hat. As other have explained in this thread, you should expect considerably longer support from Red Hat (and thus CentOS) for any release of PHP than you'll get from upstream PHP. Sure, if you don't care about having a product continue working after a couple years, go ahead and build the upstream version of PHP and manually apply security updates yourself. Maybe you can pay the PHP developers to support it for you, since they really seem to know PHP. If you want to have a stable platform to deploy your web service, use an enterprise operating system like CentOS. -- Jonathan Billings <billings at negate.org>