On Mon, 2006-01-30 at 05:33 -0500, Jim Wildman wrote:
On Sun, 29 Jan 2006, Steve Bergman wrote:
Say I want to apply security patches automatically on a nightly basis. But when the push from 4.2 to 4.3 comes around, I want to defer that for when I can do it manually.
Is that possible? (Preferably with yum, but I would use up2date if that were necessary.)
It is if you maintain an internal repository (which if you have a lot of machines is a good idea anyway).
Exactly :)
You mirror the centos update tree into one repository and copy them into your internal 'production ready' tree when you are ready. This allows you to set your boxes for automatic updates, but manage the volume of updates applied. With a little thought on the repo setups, you could even have separate repos for different machines or types of machines (yum follows symlinks just fine).
If you want to control what updates get applied and do it automatically, create a local yum repo for your machines and only put stuff you have tested in there.
You can have a desktop and server repo, or any number of other things :) ----------------------------------------- Everyone else's comments concerning the point releases (or update sets) is true as well ... and the FAQ in Karanbir's post explains what that is about, as does this slide by IBM:
http://avi.alkalay.net/linux/docs/distributions/img16.html
(CentOS-4.3 is EL4 update 3 ... CentOS-3.6 is EL3 update 6)
If one has the upstream EL3 update 2 installed and then runs up2date ... RHN updates them to all the latest updates. This would be exactly the same thing that happens for CentOS when running yum.