But because like every layer is checksummed both in delivery AND when it’s installed, so you can easily validate a delivered file, and it’s all signed with signatures you can easily check, you can at least be assured that
what you installed is what that package delivered
which is what the authors wanted
and the package probably hasn’t been tampered with
even weeks after install
the chance of problems should be reduced.
Bonus1: with a proper repo config, you can check for updates so fast. It’s like the chocolatey windows repo but more formalized and usually vendor-maintained.
Bonus2: bad upgrade? Enterprise packages on Linux (long description; trust me) can be reverse-installed over what’s there so you can back-revise or downgrade with almost no pain. It’s a good oh-no fix. At every point you can still validate that what is there should be there, according to hard signatures at every stage.
Bonus3: grabbing os version 6.1 and upgrading to 6.5 OR just installing 6.5 fresh gives the same final content - files and services - when you’re done. (almost entirely) No cruft, since package installs (because of the locking below) just install over themselves in a way Linux people just accept and windows people may freak over.
Linux bonus: Linux locks file differently; again, long description, so trust me or look it up. You can upgrade many files and services without stopping them, and then bounce a service or a host, so your patch-and-bounce process is fast, it happens after the upgrades, and is like 2 min or with systemd 3min.
Ultimately
use packages for wayyyy easier, consistent, reliable, tested, quasi-roll-back-able updates that you can validate all the way down.
and still that SNMP connection to check content remotely. It’s so great.
So it’s basically like installing a program in windows but, idk how to phrase it, more through and less prone to errors during installation?
You’re really close, yeah .
But because like every layer is checksummed both in delivery AND when it’s installed, so you can easily validate a delivered file, and it’s all signed with signatures you can easily check, you can at least be assured that
the chance of problems should be reduced.
Bonus1: with a proper repo config, you can check for updates so fast. It’s like the chocolatey windows repo but more formalized and usually vendor-maintained.
Bonus2: bad upgrade? Enterprise packages on Linux (long description; trust me) can be reverse-installed over what’s there so you can back-revise or downgrade with almost no pain. It’s a good oh-no fix. At every point you can still validate that what is there should be there, according to hard signatures at every stage.
Bonus3: grabbing os version 6.1 and upgrading to 6.5 OR just installing 6.5 fresh gives the same final content - files and services - when you’re done. (almost entirely) No cruft, since package installs (because of the locking below) just install over themselves in a way Linux people just accept and windows people may freak over.
Linux bonus: Linux locks file differently; again, long description, so trust me or look it up. You can upgrade many files and services without stopping them, and then bounce a service or a host, so your patch-and-bounce process is fast, it happens after the upgrades, and is like 2 min or with systemd 3min.
Ultimately