>> For debian/ubuntu just a simple cure:
>> cron-apt - automatic update of packages using apt-get
>
> Well, the point is: we don't want to have automatic updates.
> I'd rather like to be able to answer questions like "Which of my Linux-boxes
> actually does have that stupid privilege escalation bug?"
>
> We have to plan updates very carefully, as not to break customer-applications (we do managed hosting).
> In theory, a yum update shouldn't create a API/ABI breakage - but "In theory, this shouldn't have happened" is a bad excuse to give to the customer...
Completely agree with you on this. And I would like to add something
related, I do not think it's a good approach to update every single
piece of software on a production system, just because there is a new
version. For example I would not update a NTP client if I'm not using
it withing any of my applications.
--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net
>> cron-apt - automatic update of packages using apt-get
>
> Well, the point is: we don't want to have automatic updates.
> I'd rather like to be able to answer questions like "Which of my Linux-boxes
> actually does have that stupid privilege escalation bug?"
>
> We have to plan updates very carefully, as not to break customer-applications (we do managed hosting).
> In theory, a yum update shouldn't create a API/ABI breakage - but "In theory, this shouldn't have happened" is a bad excuse to give to the customer...
Completely agree with you on this. And I would like to add something
related, I do not think it's a good approach to update every single
piece of software on a production system, just because there is a new
version. For example I would not update a NTP client if I'm not using
it withing any of my applications.
--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net
[ reply ]