centos@911networks.com wrote:
I also have a server that I have not updated since the original CentOS 4. And not only that, I will not update it.
Why?
- It works.
But not as well as it could work!
- It's a database server.
It will continue to be a database server even after the update.
- There are no user logged unless it's me.
well, users dont need to be log'ed in locally in order to exploit vuln's and issues that your system might have. Or to benefit from updates and improvements being pushed down the pkg's
and if you also dont have any remote users - why not just turn it off in that case ? if noone is using it ?
- There is no connection to Internet, only internal users are allowed
and it has its own firewall.
read my reply to your point no.3 - applicable here too.
- Why take the chance that something will break?
becuase you could get better performance, ( there have been atleast a few kernel improvements in the last few months - that have a direct effect on performance ). You will also get a more 'supported' update cycle and better driver support etc etc etc ( lots and lots of things, pointless mentioning them here ).
This issue of 'risk' with updates is a very 'gentoo'ish / fedora'ish / ubuntu'ish state of mindset. Where, once things work - you leave them alone. On CentOS / RHEL the aim of having a long lifecycle and a supported platform, is to minimise this 'risk' effect, to a level where its practical in a production environment - to run the updates.
plus. if things are so critical for you - test it offline on a non production machine, then sync the updates into production!
- KB