[RndTbl] Linux patching best practices

Adam Thompson athompso at athompso.net
Fri Nov 26 20:43:41 CST 2010

For CentOS, I'm quite comfortable setting up automatic updates.  It's not "best practices" but I've spent a LOT less time fixing post-update problems than I would have spent testing each update, over the years.  (This applies to Red Hat in general since RH2.1.)

Ubuntu... Not quite so happy.  Their updates come fast and furious sometimes, and the patterns I see don't inspire confidence.  That said, I often have automatic updates turned on for Ubuntu desktops and have only had one major problem in ~5yrs.

I think the days of testing patches independently are gone because of manpower reasons, unless you're running in a high-availability environment.  Of course, all the HA system vendors I work with now address the problem by *never* patching or upgrading - one telecommunications vendor runs CentOS 4 (4.1 IIRC), with no plans to upgrade or apply *any* patches.  Their answer: the systems shouldn't be reachable from the Internet anyway.  *sighhhh*


-----Original Message-----
From: Kevin McGregor <kevin.a.mcgregor at gmail.com>
Sender: roundtable-bounces at muug.mb.ca
Date: Fri, 26 Nov 2010 20:01:05 
To: MUUG Roundtable<roundtable at muug.mb.ca>
Reply-To: Continuation of Round Table discussion <roundtable at muug.mb.ca>
Subject: [RndTbl] Linux patching best practices

Roundtable mailing list
Roundtable at muug.mb.ca

More information about the Roundtable mailing list