Is it better to install server applications from an official distribution, or should I download and install (and manage) my own version?

I've often seen system administrators download and install server applications, including "stock" applications such as Apache, under a dedicated /srv or /opt directory instead of installing them from the official repository, e.g. apt-get install xxx.

Is it really a bad idea to install and run a webserver, or an email server, or even less common services such as Zope from the distribution's official packages?


Not a bad idea at all. IMHO, the opposite is true: You need a good reason why the official packages are not sufficient.

Some problems:

  • With enterprise distributions (RHEL, SLES) you'll lose support.
  • You are responsible for tracking security fixes. Normally, this is done by the security teams of the distribution.
  • It takes time, sometimes a lot, to get it running.

Of course, when you need a specific feature of a new version or just a very specific configuration, doing your own thing is a valid approach, but it will have drawbacks.


Is it really a bad idea to install and run a webserver, or an email server, or even less common services such as Zope from the distribution's official packages?

Depends on what you are trying to achieve.

The major distributions are usually relatively quick in pushing out critical security patches and usually come with a tool for identifying them and notifying you - you don't get that when you install from a tarball.

OTOH they are slower about making non-critical updates available, don't want to complicate their support process with multiple versions of software, and (for commercial suppliers) do want you to buy a new version when it comes along. Sometimes the functionality isn't avaialble at all - e.g. php sqlite support in RHEL.

Compiling from scratch means (if you know what you are doing) you can build a binary which is optimized for your hardware. You do need to ensure that you don't end up with dependencies from the distributor supplied software on the software you maintian yourself - otherwise you'll be condemned to dependency hell!

So there are benefits in installing from the developer rather than distributor - but you need to plan time and processes for keeping the system secure. Certainly you should have a very good reason for doing so.

C.