What OS do you use on low spec vps

0xC7

lewellyn said: You can build packages for many-many distros.

I would love to hear anyone who do package maintainer here

lewellyn

@0xC7 said:

lewellyn said: You can build packages for many-many distros.

I would love to hear anyone who do package maintainer here

I've been a package maintainer for many distros over the years. The first was Stampede Linux, long long ago.

The Linux world is predominantly down to two package formats: .rpm (and the build files for that are used for far more than Linux: OS/2; Solaris/Illumos; AIX; those come immediately to mind) and .deb. I can say that packaging for Debian-style distros is a slow descent into madness.

0xC7

lewellyn said: I've been a package maintainer for many distros over the years.

Good to know. Even I don't know what packages you maintain, I would say thank you for making *nix secured and updated 👍

.. that packaging for Debian-style distros is a slow descent into madness.

since I just ordinary-a-bit-late-known-linux user, I see Debian strict rules for that; when trying to revive old hardware with old-debian-based distro (looking some updated packages that still need arch x32 on kernel 3.x/4.x libc 2.1x). I always have problems when compiling by myself (usually dependency libs), but bugging package-maintainer is more than UNPOLITE

lewellyn

@0xC7 said:

lewellyn said: I've been a package maintainer for many distros over the years.

Good to know. Even I don't know what packages you maintain, I would say thank you for making *nix secured and updated 👍

I don't actively maintain any packages for public Linux distros (my personal packaging interests currently lie with not-Linux), though I still have commit bits with a number OSes (not just Linux distros).

.. that packaging for Debian-style distros is a slow descent into madness.

since I just ordinary-a-bit-late-known-linux user, I see Debian strict rules for that; when trying to revive old hardware with old-debian-based distro (looking some updated packages that still need arch x32 on kernel 3.x/4.x libc 2.1x). I always have problems when compiling by myself (usually dependency libs), but bugging package-maintainer is more than UNPOLITE

1. Running on anything older than oldstable is really not a great idea if you don't like your stuff to be pwnt. Sure buster is "supported" as an LTS release, but it doesn't even have Debian's questionable security team involved, so it's not something I would trust on the public internet. Jessie and Stretch are ELTS but that just means "some company had a paying customer ask for a specific package update" and there is certainly no coherent security practice for ELTS.
2. Packaging for Debian is just hellish IMO. The Guide for Debian Maintainers is long, confusing, and only covers one type of package that you can build. Granted, it is the most common type, but that just means trying to build what should be a simpler package is actually harder.
3. Use supported distros. Seriously. I'm actually kind of sad how few low-end providers have the cajones to say "you know what? I don't need the money from people who are insisting on making my security life a pain." It harms all the neighbors if someone becomes an attack target.