[Gllug] Wide eyed and Innocent new members.

[Adam Bower]

Stephen Harker wrote:
> 
> Right. Well, in that case, I would be very careful about upgrading a 
> "production" machine from $version to $version+1 using anything at all 
> without testing it all first on an identical machine or something. But 
> that is just common sense. If there wasn't a real need to upgrade the 
> server and the older version (eg potato) was still being supplied with 
> security patches and was working fine, I wouldn't even do the upgrade.
> But as for keeping on top of security updates, "apt-get update ; apt-get 
> dist-upgrade" run from /etc/cron.daily and a sensible "sources.list" 
> seems to do an excellent job of keeping a running machine tight. 

Erk! that is something I would not do, I would never schedule something 
like that to be run from cron. The security update packages can be 
pushed out quickly without the same peer review testing procedures that 
the main distro gets. Also some of the security problems may not be 
applicable (like local exploits on machines that nobody has access to) 
so I just subscribe to the Debian security mailing list and keep up with 
developments there.

Anyhow I always have tested the release throughly before upgrading, I 
usually run testing on my desktop for ages before a stable release comes 
around and also the place where I was working at the time employed at 
least 3 current Debian developers and a couple of older one so I did 
have onsite support (well someone to lart anyhow)

Adam



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug