Robert Moskowitz wrote:
On 02/25/2013 01:00 PM, Les Mikesell wrote:
On Mon, Feb 25, 2013 at 7:48 AM, Robert Moskowitz rgm@htt-consult.com wrote:
I have read a couple old threads here on updates for servers, and I am looking for some mechanics to getting the actual updates done. I don't want automatic updates; I want to control when and what gets updated.
Keep in mind that to _not_ install an update, you have to know more than the RH engineers about the code. I usually assume they had a good reason for going to the trouble of shipping it and that they would have to have a very, very good reason to ship anything that would break an existing API in an update. Of course it is always good policy to test the combination of things you run in production on a non-critical box first.
<snip>
I am on it, and I do look at the announcements. Still which rpm is used on which server? What is critical and what is not?
AH! *Now* I get it. There's a security plugin for yum that you can install (see http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/), and you can have that do *just* those.
mark