[Gllug] Wide eyed and Innocent new members.
Adam Bower
adam.bower at framestore-cfc.com
Thu Oct 24 13:07:29 UTC 2002
Stephen Harker wrote:
>
> Right. Well, in that case, I would be very careful about upgrading a
> "production" machine from $version to $version+1 using anything at all
> without testing it all first on an identical machine or something. But
> that is just common sense. If there wasn't a real need to upgrade the
> server and the older version (eg potato) was still being supplied with
> security patches and was working fine, I wouldn't even do the upgrade.
> But as for keeping on top of security updates, "apt-get update ; apt-get
> dist-upgrade" run from /etc/cron.daily and a sensible "sources.list"
> seems to do an excellent job of keeping a running machine tight.
Erk! that is something I would not do, I would never schedule something
like that to be run from cron. The security update packages can be
pushed out quickly without the same peer review testing procedures that
the main distro gets. Also some of the security problems may not be
applicable (like local exploits on machines that nobody has access to)
so I just subscribe to the Debian security mailing list and keep up with
developments there.
Anyhow I always have tested the release throughly before upgrading, I
usually run testing on my desktop for ages before a stable release comes
around and also the place where I was working at the time employed at
least 3 current Debian developers and a couple of older one so I did
have onsite support (well someone to lart anyhow)
Adam
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list