User: Password:
Subscribe / Log in / New account


News and Editorials

Debian vs. FreeBSD as a Web Serving Platform, Part 1

February 23, 2005

This article was contributed by Ladislav Bodnar

When it comes to hosting a company or a personal web site, there are more choices than ever. Not only is there a plethora of web hosting providers all lining up for our business, we also have a choice of many excellent operating systems, most of which are free - in both senses of the word. In fact, after having spent some time investigating the possibilities, this author concluded that the majority of hosting companies in operation today seem to have standardized on offering Fedora Core, Debian GNU/Linux and FreeBSD as their preferred operating systems. This is hardly surprising; all three of them are not only free of cost, but also well-established and trusted as web serving platforms. For the purpose of this two-part article we will look and compare the features and security aspects of Debian GNU/Linux with those of FreeBSD, both of which the author had the pleasure to use and administer in recent years.

Despite some crucial differences with respect to their kernels and base system, the two operating systems, as considered from the point of view of included applications, are rather similar. Both Debian and FreeBSD provide the Apache web server, several scripting languages (PHP, Perl, Python, Ruby or any other tool one might employ for the purpose of developing interactive web pages), integration with MySQL and PostgreSQL databases, SSL features and anything else that we've come to expect from a system designed for web serving. All commonly used UNIX tools, such as man pages and shells, are also provided.

But under the surface, there are more profound differences, especially in the design and philosophy of the two operating systems. FreeBSD has a much faster release cycle - production-ready releases are made roughly every 6 months, whereas the Debian developers only make a new stable release "when ready", which can take years. In fact, the current stable release - Debian Woody is now 31 months old. This means that those administrators and web developers who would like to make use of new features in any of the applications they deploy will probably be better off with FreeBSD. As an example, during the time when this author administered a Debian server he found himself in need of upgrading PHP to take advantage of some newly introduced functions, as well as Postfix and SpamAssassin, the new versions of which offered much improved spam-fighting techniques. But with Debian's slow release cycle, the only way to upgrade the above mentioned packages (other than compiling them from source) was to get them from Although very good and highly up-to-date, is a third-party repository, not officially sanctioned by the Debian Project and not supported by the Debian Security Team.

This is in sharp contrast with FreeBSD where only the base system, often referred to as kernel and userland, is kept in a constant state (with the only exception being security updates), while the included applications, or ports in FreeBSD's language, are continuously updated. This being so, a system administrator can choose to keep upgrading all important ports to their current stable versions and take advantage of any new features in them. This is a very pleasant aspect of FreeBSD - instead of an endless wait one might endure before a new stable Debian release, the administrator running FreeBSD can upgrade all installed ports to their latest versions at any time, independently on the base system.

While most system administrators would deploy Debian as a binary distribution, i.e. they would install and use its pre-compiled binary packages, FreeBSD's ports are mostly meant to be compiled directly from source on the user's system. As always, the proponents of each approach could engage in endless debates about their respective merits; here we'll just say that both ways of doing things have their advantages and disadvantages. As an example, compiling Apache with a worker.c module (for a busy web server) under FreeBSD is as simple as modifying a parameter in a Makefile, then running "make install". On a Debian system, achieving the same would entail downloading the source code, looking through the source files to find the relevant place, modifying it, then creating a new Debian package with "apt-build" - not a particularly tedious task, but not as elegant as on FreeBSD. On the other hand, compiling ports directly from source code always brings in a risk of a port failing to compile, which can be frustrating.

The ability to upgrade the operating system painlessly to a newer version is one area where Debian enjoys a considerable advantage. Since its early days, Debian has always provided a simple and elegant upgrade path between two stable releases, which is probably a feature that has attracted Debian many supporters. Unfortunately, FreeBSD does not have the same policy. While upgrading FreeBSD to a new minor version (e.g. from 4.10 to 4.11) is relatively easy and mostly trouble-free, the same cannot be said of upgrading between major versions (e.g from 4.10 to 5.3). In fact, the FreeBSD project does not recommend upgrading from 4.x to 5.x at all; not only is this path untested, it would also mean loss of functionality due to incompatible file systems in the two major FreeBSD versions. This could be an important consideration for those users who do not have physical access to the server - while upgrading Debian to a newer version is as simple as executing a couple of commands, with FreeBSD, one would need direct assistance of somebody at the web hosting company.

There is one interesting feature of FreeBSD that does not exist in Debian (at least not in its default configuration) - a set of reports entitled "Daily Run" and a "Security Run", which are emailed to the system administrator on a daily basis. They represent a collection of routine tasks as performed by several cron jobs. The "Daily Run" output provides information about the state of the system, uptime, mail in the mail queue, state of the disk partitions and network interfaces. It also backs up and outputs changes (if any) in the /etc/passwd and /etc/group files. The "Security Run" is even more useful, with information about setuid files and devices, passwordless user accounts, SSH login failures, and refused connections. It even informs the administrator about current vulnerabilities in any of the installed ports (provided that a certain port is installed on the system, but we'll get to that in the second part of this article).

There is perhaps one other FreeBSD advantage worth mentioning - it boots much faster than Debian. True, this is not a terribly exciting characteristic of an operating system that is meant to be running 24 hours a day, but it is still good to know that if the system needs to be rebooted (perhaps after a security-related kernel upgrade), it won't be down for more than a minute on any reasonably recent hardware. Booting Debian takes at least twice as long.

In part 2 of the article, coming up next week, we will compare the ways security updates are handled by the two operating systems, and briefly consider some migration issues.

Comments (21 posted)

Distribution News

Turbolinux releases preview of 64-bit OS

Turbolinux, Inc. has announced the availability of a technical preview version of "Turbolinux 10 for AMD64/EM64T".

Comments (none posted)

Slackware for S/390

Slack/390, the Slackware port for s/390, has announced the release of Slack/390 10.0. The company Sine Nomine Associates has announced a commercial support package for Slack/390.

Comments (none posted)

Ubuntu Hoary Array CD 5

Ubuntu Linux has released the fifth in a series of milestone CD images on the path to a stable Hoary Hedgehog. Array CD 5 is available for download. Click below to see what's changed since Array CD 4.

Full Story (comments: none)

Debian GNU/Linux

The Debian Project will be at several conferences worldwide during late February and March. These include CONSOL 2005 in Mexico City, Mexico, FOSDEM in Brussels, Belgium, 5th Asia Open Source Software Symposium in Beijing, China, 7th Chemnitzer Linux-Tage in Chemnitz, Germany, CeBIT in Hannover, Germany, and IT/Linux Days in Lörrach, Germany.

Here's an update from the Debian Project Secretary on the Debian Project Leader Elections. The campaigning period begins February 28, 2005.

Here's a release update covering the debian-installer, upload targets, kernels, and infrastructure.

Matthew Garrett has posted a writeup demystifying the roles and responsibilities of the FTPmaster team. (Found on DebianPlanet)

Also found on DebianPlanet, Roberto C. Sanchez has written an Automatic Debian Package Repository HOWTO.

Comments (none posted)

Fedora Core 4 Test 1 slips

For those of you waiting for the first Fedora Core 4 test release: the expected date has been pushed back to March 14. The main reason for the delay is to fit better with the GCC schedule; the current hope is that it will be possible to include GCC 4 in Fedora Core 4. Click below for the details.

Full Story (comments: 30)

New Distributions


T2 is a flexible System Development Environment or Distribution Build Kit. T2 allows the creation of custom distributions with bleeding edge technology. Currently the Linux kernel is normally used, but there are plans to expand to Hurd, OpenDarwin and OpenBSD, and more. T2 started as a community driven fork from the ROCK Linux Project with the aim of creating a decentralized development and clean a framework for spin-off projects and customized distributions. T2 2.1.0-beta3 "serpentine" was released February 18, 2005.

Comments (none posted)

Xorcom Rapid

Xorcom Rapid is a Debian/Asterisk distribution program that features an auto-install for Debian Linux and pre-configured Asterisk. It quickly and effortlessly converts any PC to a functioning Asterisk PBX. Version 1.0 is currently available for download.

Comments (none posted)

Distribution Newsletters

Debian Weekly News

The Debian Weekly News for February 22, 2005 is out. This issue covers Debian Project Leader elections, the LSB has been submitted to the ISO/IEEE to achieve international standards recognition, an update on translations, Moria may be back, the roles and responsibilities of the FTPmaster Team, broken dependencies in unstable, and more.

Full Story (comments: none)

Gentoo Weekly Newsletter

Here's the Gentoo Weekly Newsletter for the week of February 21, 2005. This issue has an Après-Show report from Boston Linux World Expo, a last call for FOSDEM 2005, sponsorships for the Gentoo UK conference, Gentoo RSS feeds, a Gentooified Kuro-Box, and other topics.

Full Story (comments: none)

DistroWatch Weekly, Issue 88

The DistroWatch Weekly for February 21, 2005 is out. "Welcome to this year's 8th issue of DistroWatch Weekly! In it, we take a brief look at two popular distributions, new versions of which were released over the weekend: PCLinuxOS and VectorLinux. We also reveal our brand new distribution database, which, while far from complete, should make it easier to search for a desired distribution based on various criteria. And if you have much time on your hands, we introduce you to no fewer than 7 new Linux distributions that were added to the waiting list last week. Happy reading!"

Comments (none posted)

Minor distribution updates

Lineox Releases Lineox Enterprise Linux 4.0 RC1

Lineox has released the first release candidate of Lineox Enterprise Linux 4.0, built from the source packages for Red Hat Enterprise Linux 4.0. Click below for additional information.

Full Story (comments: none)


VectorLinux has announced the release of v5.0 SOHO, based on Slackware 10.1. "Some of the bundled applications are: KDE 3.3.2 and iceWM 1.2.13 as window managers. For a complete web experience you will find Firefox 1.0 with pre-configured Mplayer, Flash, and Java plugins, plus Gaim 1.1.2, gFtp, Kasablanca, and Sylpheed."

Comments (none posted)


Xwoaf (X Windows On A Floppy) has moved to a new web site, and now has new release. The X applications available in version 0.1.4a are: edx text editor, retawq text only web browser, txplor dual-pane tree/filelist filemanager, OXElmo email client, bcalc 4 function calculator and a popup calendar with day/date/time. Also includes jwm window manager and all modules for NICs, block devices and file systems.

Comments (none posted)

Package updates

Fedora Core updates

Fedora Core 3 updates: selinux-policy-targeted-1.17.30-2.80 (bug fixes), policycoreutils-1.18.1-2.9 (fix restorecon segfault on unlabeled file systems), gamin-0.0.24-1.FC3 (many annoying bugs have been fixed), pcmcia-cs-3.2.7-2.2 (fix double fclose in parse_cis()), openssh-3.9p1-8.0.1 (change default ssh client configuration so the trusted X11 forwarding is enabled).

Comments (none posted)

Mandrakelinux updates KDE

Mandrakelinux has new KDE packages that fix various bugs. Click below for details.

Full Story (comments: none)

Trustix Secure Linux updates

Trustix has bug fixes available for cyrus-imapd, kernel, kudzu, php, postfix, and squid. There are some additional packaging fixes for postfix.

Comments (none posted)

Newsletters and articles of interest

FreeBSD Tips and Tricks for 2005 (O'ReillyNet)

Dru Lavigne presents a few tips and tricks for FreeBSD on O'ReillyNet. "At least once a year, I like to comb through the files on my FreeBSD system to see if there are any new docs, scripts, or manpages that I've missed. I started my search in /usr/share/examples, and the first thing that caught my eye was a subdirectory called BSD_daemon:"

Comments (none posted)

SUSE Linux wins Common Criteria certification (

Government Computer News reports that Novell's SUSE Linux Enterprise Server 9 running on IBM eServers has been awarded Level 4 Common Criteria certification. "The certification should put Novell and IBM "on top of the list when it comes to projects the government wants to do," said Novell CEO Jack Messman at the LinuxWorld Conference and Expo, held this week in Boston."

Comments (none posted)

Distribution reviews

My workstation OS: Arch Linux (NewsForge)

Here's a brief look at Arch Linux, on NewsForge. "The philosophy of Arch is to let people have as much control over their system as possible. Nothing is on unless you turn it on. This means that a base install of Arch is very fast. On top of that the boot scripts are very simple, making them easy to edit. The philosophy is evident in Arch's hardware detection tool, hwd. The tool gives information that lets users set up their computers manually, but does not change the system configuration."

Comments (none posted)

Review: Red Hat Enterprise Linux 4 (Information Week)

Information Week has a quick review of Red Hat Enterprise Linux 4. "RHEL 4 uses the Ext3 file system and has added enhancements surrounding file access and synchronization. Also included in this release is LVM2 (Logical Volume Manager 2), which lets you manipulate files systems. I tested this feature using the CLI (command-line interface) and found it effective and easy to use. For example, I used lvreduce within LVM2 to decrease the size of LogVol01 from 1.94 GB to 1.84 GB with a single command. Next, I used lvextend to bring it back to its original size."

Comments (none posted)

Vidalinux 1.1 Review (Linux Times.Net)

Linux Times.Net reviews Vidalinux version 1.1. "Vidalinux is a Gentoo based desktop OS from our friends in Puerto Rico In this article, I will review Vidalinux 1.1 with a special comparison to Gentoo. Vidalinux isn't all that old: version 1.0 was released in August 2004. This original release was followed up by 1.1 late 2004 (Christmas Day actually). I spoke with Vidalinux developers and they were more than happy to provide me with a copy of the Premium Edition."

Comments (none posted)

Page editor: Rebecca Sobol
Next page: Development>>

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds