At Wed, 6 Apr 2011 11:35:47 -0700 (PDT) CentOS mailing list centos@centos.org wrote:
Hello,
As I've learned recently, I do not have any auto updates configured on my system. I see some posts on the web encouraging the use of "yum-cron", but I'd like to know what people feel about the use of automatic updates.
That is, for a server (non-desktop) system, automatic updates could break things or have other unforeseen consequences, and that could happen at the worst of times, since the process runs regularly.
On the other hand, for small businesses without highly trained sysadmins or ones with enough time to baby their servers, missing critical updates to, say openssl or some other mission-critical package could spell disaster.
Is the only reasonable solution to schedule a "human cron" once a week to look at needed updates? Ouch.
I use the "human cron" option. It might make some sense to use "yum-cron", but the ideal way that would work best would be if the machines using "yum-cron" were tied to a local repo that contains only tested updates -- that is there would be developmental / test systems getting manually updated and then the updates would be tested. Once the updates have pased a QA process, they would be pushed to te internal / local repo, where they would be automagically picked up by "yum-cron". This covers both worlds: avoiding a automagical disaster AND automating updates across a pile of machines without a lot of manual labor.
For small shop, just doing manual updates is probably best. Generally, basic CentOS updates are unlikely to cause problems, unless there is odd (non-standard) q hardware and/or odd software involved, so for many people a (blind) yum-cron might actually work just fine. It just depends on how much of a disaster a machine brought down by a update that happens to break something.
Thanks in advance for your considered opinions. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos