Siddhesh Poyarekar wrote: > On Wed, Aug 18, 2010 at 5:13 AM, Bill Davidsen <davidsen@xxxxxxx> wrote: >> It's getting so keeping systems up to date with current patches is >> incompatible with reasonable uptime goals. More and more upgrades >> require a reboot, and even reading the CVE data behind the update it's >> not always possible to tell if a fix is urgent. I'd like to encourage a >> bit more detail in the info with the upgrade, and a little more thought >> about what can be done to reduce reboots. >> >> More operations are specifying maximum outage figures, running 7x24, and >> running things which have long run times and bad checkpoint code. >> >> At least two companies are done with reminding people to shut off the >> desktop overnight, they are putting cloud software on desktops and using >> cloud tech to offload mainframes. Not just new tech such as SETI@home >> and folding use, but things like PVM. I was admin of a PVM group 21 >> years ago, but people are still using it. > > If you subscribe to the package-announce list, you will get detailed > emails about updates, like this one: > > http://lists.fedoraproject.org/pipermail/package-announce/2010-August/044962.html > I follow the RSS lists, but I'm very aware of this. But current policy is that if there is a fix marked as a security bug all net attached machines will get it if they run the software. > This can help you decide if a kernel update is important for you. If > it is not a kernel update then it will most likely not require a > reboot. Everything else can be made functional through a service > restart at most. > If only that were true. But PackageManager disagrees. Quite a few things are marked to require reboot, and I have noted that at least some of them cause strange behavior if a reboot is not done. >> To some extent RHEL suffers from this as well, though systems seem to >> have fewer and more stable things running. > > Same for RHEL too. You get information on pages like: > > https://rhn.redhat.com/errata/RHSA-2010-0046.html > > Customers also get emails with this information so that they can > decide if they want to do an update or not. > > To conclude, just because an update is available does not mean that > you need to apply it. You need to do your own research and decide if > an update is relevant for you. And on the point of comparison with > Windows, there is none because you cannot really compare the amount of > information given out on a Windows update as compared to updates for > any Linux distribution. > New functionality and bug fixes in stuff which "works for us" can be postponed, security bugs on exposed machines get fixed pronto, I can explain brief outages better than breaches. :-( -- Bill Davidsen <davidsen@xxxxxxx> "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
