automatic nightly updates

Eric Rostetter rostetter at mail.utexas.edu
Mon Apr 25 22:59:13 UTC 2005 

Quoting Joe Harrington <jh at oobleck.astro.cornell.edu>:

> Ok, here's one.  My building has about 300 employees and one system
> manager.  We're a university; that's what we can afford.

This changes nothing.
 
> The main tasks our system manager worries about are making new user
> accounts on the department's shared machines, installing and
> configuring new machines as people buy them, installing and
> configuring the third-party software they need, fixing hardware
> that breaks, and maintaining our servers.

Well, hopefully he doesn't do auto updates on those servers and shared
machines.
 
> Needless to say, manually updating the 600 or so computers here is
> *low* on the system manager's list, but it's of course crucial that it
> happens, as are all the other things.

So you split them into groups:

* Servers, shared machines, etc. which get manual updates
* Desktops/workstations that are critical, which get manual updates (e.g.
  administrative staff, payroll, purchasing, grades, enrollment, etc)
* Other critical machines that need manual updates (the machine running
  the critical, long lasting experiment, etc).
* Desktops/workstations that are not critical, which get auto updates
  (e.g. test machines, faculty machines, non-critical staff machines, etc).

> So, automatic updates are the
> way we go.

Across the board?  If so, best of luck to you.  Or on non-critical 
machines?  If so, then fine, good plan!

> Yup, folks, we're a zoo.  And, the situation is the same in nearly
> every university department in the country, save for the mix of
> machines.

Not in any I've worked at, and I've worked at universities medium and
large (no small ones, sorry).

> There are many situations where you wouldn't want auto update, some of
> which have been outlined here by people whose responsibilities cover
> them.  In many of those situations, RH itself would tell the customer
> it should never be running Fedora, it should be running RHEL.

Doesn't matter.  Auto updates don't depend on FC or RHEL or Windows.
The same issue no matter what OS you run.

> If you don't believe that many people auto-update, do some statistics
> on your web servers for FC1.

We do think many people auto update.  We just want to try to education
people that doing so on production or business critical machines or
security/access critical machines is a bad idea.

> My point is simple: since auto update is very common and a good idea
> for many people, FLP should document the practice and gear its
> services to it.

It does.

> It means a little more care in putting the updates
> together, but not much, and certainly not more care than you are
> already taking.  Gearing toward auto updates will not hurt manual
> updaters at all.

It requires no change in putting together updates.  We already try to
test the best we can.  The more people we can get testing, the less
of an issue it will become.  But it doesn't/can't/won't change the
fundamental argument.

> Don't worry about making "formal recommendations" on whether to
> auto-update.  Clearly, it's a good choice for some, a poor choice for
> others.  Rather, write clear descriptions of the pros and cons.

I've tried to do that, basically.  Only positive feedback so far.

> Anyone running Fedora is self-supported and had better be able to read
> the pros and cons and decide what best fits their particular situation
> best.

This project, dispite its name, is about Red Hat Linux as much as Fedora.
Let's not forget that.

> --jh--

-- 
Eric Rostetter

More information about the fedora-legacy-list mailing list