Kernel update for RHEL 5
m.roth2006 at rcn.com
Tue Jan 27 01:10:56 UTC 2009
George Magklaras wrote:
> I am not sure I would agree with either of the solutions presented in
> the thread. I understand that your systems need extra security. However,
> there is security in terms of availability and security in terms of
> confidentiality. To rely on a system to be available, just by upgrading
> the kernel is not a good idea. glibc, module-init-tools, and other
> dependences might introduce problems to the system if you just upgrade
> the kernel, especially if you do development work (compilers, dev libs?)
> You need a proper way to handle the dependencies for these things.
I dunno. Over the years, I've upgraded my kernel a number of times. Yep, I did
also have to do binutils, and a few others, but I never had a problem compiling.
> If your employer wants the best solution about keeping RHEL systems
> up-to-date in a secure way, that should provide a proper RHN Satelite
> Server. It is essentially an advanced proxy server that stands between
> your system and the Internet and allows controlled upgrades. The
> procedure to obtain and setup this is given here:
> and at the bottom you should find various whitepaper links that give you
> an idea about what to expect when you implement this.
I'm literally learning about that today at work - the distributed, freeware
version is Spacewalk.
More information about the redhat-list