----- Original Message ----- | I have read a couple old threads here on updates for servers, and I | am | looking for some mechanics to getting the actual updates done. I | don't | want automatic updates; I want to control when and what gets updated. | | First I have to determine that a particular server needs updates. I | suppose a daily script that would run "yum check-updates' and emails | me | the results could work, but then I would only want the email IF there | was something to update, at my limited use of this option does not | show | anything to trigger a notify on changes. Does anyone know of a | script | that would do this? | | Then there is the actual update. I learned long ago NOT to run yum | over | an SSH connection, as WHEN that connection breaks in the middle of an | update, you can have quite a problem to clean up. All I have done | todate is to start vncserver and connect via vnc to then run yum. I | can | even drop the vnc connection and come back later to check results. I | have considered running yum disconnected (? when you end a command | with | &) and log the results to a file that you check later. What are | practical approaches to this? I only have a few servers here to | manage.
This is where you need something like Katello or Spacewalk. These are management systems which look after managing your infrastructure in such a way that you can view what servers are out of compliance and what patches are waiting to be applied.
I'm currently evaluating Katello as a long term solution to our Red Hat GNU/Linux management. I'd hazard to guess that you'll probably want to do the same too.