You are not logged in.

#1 2017-02-11 12:49:03

zyghom
Member
From: Poland/currently Africa
Registered: 2006-05-11
Posts: 432
Website

Quite an old installation - reinstall or not?

Hi,

I have installed production server for a small company with few services on it:
- mysql (5.5)
- dovecot (2.1.10)
- samba (3.6.8)
- ssh (6.0)
- webmin (1.620)

All is there since February 2011.
2 disks in RAID1.
Everything was good but recently 1 disk got faulty and I had to replace it (however it was WD Red but still it failed).
For preventive reasons I replaced them both - both had over 50.000 hours.

Since 2011 the system was really touched - still using 3.6 kernel (apparently compiled in 2012, meaning something I touched then ;-)

I am wondering if it is time to reinstall from the scratch?
Why?
For some security reasons.
The system is not updated for 6 years yet exposed to internet.
Dovecot has access via squirrelmail, mysql, webmin and ssh are connected to internet as well.
Upgrade via pacman will not work - for some reasons pacman shows errors - something went wrong some times back so the system seams not upgradeable at all:

pacman: /lib/libc.so.6: version `GLIBC_2.17' not found (required by /lib/libcurl.so.4)

What would you suggest?

P.S.
I don't have physical access to the machine - I am 10000 km from it ;-)

Last edited by zyghom (2017-02-11 12:51:19)


Zygfryd Homonto

Offline

#2 2017-02-11 12:57:03

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: Quite an old installation - reinstall or not?

2011 is a long time to expect an update to work without issue.  Reinstall and question your security strategy and distro choice.


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#3 2017-02-11 13:02:34

Awebb
Member
Registered: 2010-05-06
Posts: 6,275

Re: Quite an old installation - reinstall or not?

zyghom wrote:

I am wondering if it is time to reinstall from the scratch?

Since any attempt to fix this will result in an unbootable system at one point or another, you might want to consider a fresh start, because a lot has changed since 2011.

As a rule of thumb, always go to https://www.archlinux.org/news/, pick the first news after your last update and go upwards. The second time you read "manual interaction required" (or something along the lines) is the moment you know you need to re-install.

Offline

#4 2017-02-11 13:20:13

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,452
Website

Re: Quite an old installation - reinstall or not?

graysky wrote:

Reinstall and question your security strategy and distro choice.

Agreed!

There have been several *very high risk* bugs and security vulnerabilities since 2011.  If you accepted any compensation for the service you provided of building that web server for them, they should get a refund.  Do not reinstall arch linux for them.  The best suggestion would be to encourage them to get someone else to help them.  The second best would be to help them install distro more suited to that use case.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#5 2017-02-11 13:29:57

zyghom
Member
From: Poland/currently Africa
Registered: 2006-05-11
Posts: 432
Website

Re: Quite an old installation - reinstall or not?

In fact there is someone who can do the "remote" job such as: "insert usb with installation of new Linux" - I used that help while HDD were changed - of course I could not have changed them remotely.
But I am surprised that you suggest that Arch is not suited for production server.
Yes, I was considering recently Debian but I am not convinced really.


Zygfryd Homonto

Offline

#6 2017-02-11 13:36:16

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,452
Website

Re: Quite an old installation - reinstall or not?

I didn't say arch is not suited for a production server.  I use it on a few myself.  I said it is not suitable for your use case: install it and forget it and leave a riduculously outdated, crippled, vulnerable, and web-facing system in someone else's hands.  That is a disservice to those you'd claim to be helping.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

Board footer

Powered by FluxBB