MySQL 4?

[First Hosting]

Question - why does Plesk still have MySQL 3.x?

Why have they not upgraded to 4?

We are noticing several pieces of software that is going to 4+ - which will mean we have to avoid them - or ditch Plesk

Thanks.

 

[BoXie]

For as far as i know it is because the Linux distributions do not include it either.

There are some licensing issues on version 4.

 

[snikos]

I have SuSE 9.1 Plesk 7.5.1 distribution - it comes with MySQL 4.0.18!

I think there are a lot of DBs, that Plesk uses internally, and it's not so simple just to check all the scripts - so they don't include 4 in official supported, but you can try to install MySQL 4 manually - I think nothing crashes

Gruss,

 

[eilko]

the RedHat products still ship Mysql3 due to license problems. PSA uses the mysql provided with the OS. Don't know how this in on FreeBSD.

The beta branch of Fedora4 has MySQL4 so RHEL5 will probably have MySQL4 too, then PSA will probably officially support it

I am running RHEL3, PSA7.1.6 with MySQL 4.022 without any problem.

 

[alex042]

I think nothing crashes

Don't assume. We had various problems with our upgrade from 7.1. to 7.5, starting with mysql3 so it was upgraded to mysl4 to do the upgrade, but we encountered numerout issues with compatibility of mysql4 and plesk so ended up having to downgrade back to mysql3 to get everything to run properly.

 

[uhoh]

I think Cpanel has php4 support.
Not 100% sure on that. But if you're using a db to do business on Id kinda want to make sure thats up to date and secure.

Seems like a no brainer if your business is riding on the software.

 

[Whistler]

Versionnumbers has nothing to do with security...

You can't jugde security based solely on the versionnumber of MySQL, PHP, Apache etc. -- many distributions (including RedHat) backport securityfixes to older versions of the software.

And they been doing that for ages, so it's not always valid to use security as an argument for version upgrades!

 

[uhoh]

dont be so silly.

Read security advisories much?

most of the times version numbers are used for various reasons. I certainly wouldnt run version of any software that was known to be vulnerable to exploits.

Use your head for something besides a hat rack.

LOL

 

[alex042]

most of the times version numbers are used for various reasons. I certainly wouldnt run version of any software that was known to be vulnerable to exploits.

Here are a couple of links from rehat related to this:

http://rhn.redhat.com/errata/RHSA-2004-392.html
http://rhn.redhat.com/errata/RHSA-2004-687.html

The 1st mentions a security flaw in 4.3.8 and posts a patch for 4.3.2 to fix this flaw. The 2nd is another update to 4.3.2 to fix more security flaws which shows they're patching the 4.3.2 that comes with the server.

The philosophy behind the RHE series of servers is to maintain a stable environment with software they know works whereas if these were fedora servers instead, you might have the latest php, mysql, and other software whether its stable or not.

Once you update php or mysql on your own to the latest version, then you'll be maintaining security patches yourself making it more work than it has to be. This is usually only required if a new feature is needed for a particular script, but most will run on the older version of php or mysql.

 

[Whistler]

Originally posted by uhoh
dont be so silly.

Read security advisories much?

most of the times version numbers are used for various reasons. I certainly wouldnt run version of any software that was known to be vulnerable to exploits.

Use your head for something besides a hat rack.

LOL

Obviously you need to seriously learn something about stable OSing and backports...

Security advisories has nothing todo with backported security fixes. Of cause old non patched software has the security flaw if the advisory says so, but thats exactly what the backport is all about. Patch old - well known, well proved - software and keep your server environment stable.

Which usually is more important for a serious webhosting company than always running the latest version of everything... And even more important: to maintain backwards compability with customers currently running scripts and settings etc.

So actually - the LOL is on me - but I'm more sorry for your customers if you really believe what you've written above is the only truth...

 

[uhoh]

yes the LOL is on you. NOT EVERYONE runs redhat. Some people prefer a truer type UNIX enviroment that has been proven and tested and always shown to be / need less OS based patches than a linux kernel that seems to have a new exploit every 3 - 6 months. If it was cool to backpatch then why did plesk release a hotfix that included php4.10 instead of a patched php 4.9?

backporting or whatever might work ok for linux's but not everyone runs linux. Redhat ES is nice, but there's a lot more that can be done on a more true unix than linux. I started out on linux redhat halloween release many moons ago. I now run nothing but BSDi and FreeBSD because I've had "personally" better experiences with the BSD family. Its personal preference for me and many other "serious" webhosters. Maintaining updated/patched/current software should gather more respect than what it seems to have gotten from you. I feel sorry for your customers, especially if you give shell access to the machine. Have you done an ls -al on /tmp and /var/tmp lately ? any wierd hidden files? The majority of the "serious" webhosters dont use plesk, or any other publicly available control panel for obvious reasons. Unfortunately I am not gifted enough to code my own panel that is as pretty as plesk otherwise I would. There is nothing wrong with maintaining an updated version of software that plesk manages. So why doesnt this happen? Should be more updates / hotfixes. 7.1.6 on bsd is still saying 1.3.31 is current for apache. Why is that? Are you saying they backported that? If you are you are very sadly mistaken!

 

[Whistler]

Lets say it this way: Oblivious is a bliss

(no, I don't host anything on RedHat but uses FreeBSD and no, I have no strange, hidden or unwanted files in my /tmp; and by the way: backports have nothing to do with RedHat but has been used in the unix world for decades...)

EOD!

 

[atomicturtle]

Mysql 4 rpms are available on my site www.atomicrocketturtle.com for RH9, 3ES (and its clones), FC1-FC3.

Side note as someone who has been maintaining an open source archive for a few years I can attest to the fact that it is very often the case that you cannot offer the latest version of a package without at times causing massive strife amongst your users. Even minor changes in a package (aspell for example) can leave you with long term upgradability issues. Maintenance strategies that work on a single server basis don't really translate when you're trying to come up with solutions that work for everyone. Sometimes for legal reasons, you're also forced to backport if you're redistributing software, redhat for example has to remove DRM code from openssh, and SuSE paid mysql for a the rights to link php to mysql4 (did you know you cant do that?).

 

[fireproof]

Originally posted by atomicturtle
Mysql 4 rpms are available on my site www.atomicrocketturtle.com for RH9, 3ES (and its clones), FC1-FC3.

I just looked around your site/downloads area, and didn't see any MySQL rpm's for version 4 (there was one for php-mysql-4.x but that's a different beast, and a few for mysql-3.x). Could you provide a direct link, or directions to the download?

Thanks!

 

[atomicturtle]

Yep, save yourself some time and use yum!
http://www.atomicrocketturtle.com/m...ns&file=index&req=viewarticle&artid=18&page=1