automatic nightly updates
John Pybus
john at pybus.org
Mon Apr 25 19:41:27 UTC 2005
Dan Schlitt wrote:
> I guess it is my paranoia from 15 years of system administration but I
> would never do unattended patching of any computer I really cared about.
What about those computers no-one "really cares" about? ;-)
I don't do unattended updates on any computer I'm responsible for, not
even on my test systems and desktops. But, I'd still support a default
policy of automatic daily updates. Any sensible admin would turn it off
and implement their own policy, and the rest (those who have presumably
not responded to clear documentation of the default) would deserve
untested updates of less assured reliability; many probably wouldn't mind.
I know many 'administrators' of personal boxes, and even a number of
groups of workstations and servers, where either no effort is made to
apply updates, or only very sporadic effort. This includes RH7, RH9,
FC1 and FC2 installs all now supported by FL (though I can't say how
many have actually been configured to use FL repositories and how many
are effectively abandoned). When others don't keep systems updated it
affects me both by a greater general threat on the network from
compromised boxes, and by lowering the reputation of the Linux systems I
use.
> It would be nice if yum had an option to just download the rpms. Then I
> could look at them and install them on my own schedule. But I haven't
> been able to detect such an option.
This is something that'd be rather useful. As it is when my scripts
warn me of impending updates I review them, run yum update and have to
wait while they're fetched from a mirror. A version of yum check-update
which pre-populated the RPM cache would be pretty handy.
John
More information about the fedora-legacy-list
mailing list