I am using CentOS 5.0 on my desktop workstation. Are there any deeply compelling reasons to upgrade to version 5.1? I read through the release notes but didn't see any whiz-bang new features. Perhaps some of you can share your personal experience letting us know if you have noticed any differences, etc.
Sean Carolan wrote:
I am using CentOS 5.0 on my desktop workstation. Are there any deeply compelling reasons to upgrade to version 5.1? I read through the release notes but didn't see any whiz-bang new features. Perhaps some of you can share your personal experience letting us know if you have noticed any differences, etc.
Want to have security updates?
5.0 does not exist anymore. 5.0 was CentOS 5 Update 0. 5.1 is CentOS 5 Update 1. 5.0 will not get any security updates.
http://wiki.centos.org/FAQ/General#q15 is worth a read.
Ah yes, and the next "yum update" will take you to 5.1.
Cheers,
Ralph
Want to have security updates?
That depends. If the security update is for a local vulnerability on my own single-user workstation then I may think twice before installing it. In other words, if the security risk is minimal then it may not be worth the hassle of upgrading my kernel and having to recompile custom drivers and programs.
I spent a lot of time tweaking my system to get it set up the way I like, and I don't completely trust yum not to screw things up. For example, why not just disable the older kernel instead of deleting it:
--> Populating transaction set with selected packages. Please wait. ---> Package kernel.i686 0:2.6.18-8.1.8.el5 set to be erased
On Wed, 23 Jan 2008 11:48:20 -0600 Sean Carolan scarolan@gmail.com wrote:
For example, why not just disable the older kernel instead of deleting it:
You can set that as an option in yum.conf . However, you do run the chance of running out of space in /boot if you get too many kernels piled up there. The default is to keep the last 2 (or 3?) kernels and delete the older ones.
You can set that as an option in yum.conf . However, you do run the chance of running out of space in /boot if you get too many kernels piled up there. The default is to keep the last 2 (or 3?) kernels and delete the older ones.
I wonder why it is trying to delete a newer kernel than the one I'm using? I generally put an exclude=kernel* line in my yum.conf to keep this from happening.
On Wed, 23 Jan 2008 12:24:42 -0600 Sean Carolan scarolan@gmail.com wrote:
I wonder why it is trying to delete a newer kernel than the one I'm using?
It won't delete the kernel that you're currently running.
on 1/23/2008 9:05 AM Sean Carolan spake the following:
I am using CentOS 5.0 on my desktop workstation. Are there any deeply compelling reasons to upgrade to version 5.1? I read through the release notes but didn't see any whiz-bang new features. Perhaps some of you can share your personal experience letting us know if you have noticed any differences, etc.
5.0 and 5.1 are not different versions. 5.1 is just 5.0 with the latest security patches. Thinking that 5.0 and 5.1 are different is like thinking Windows XP wit service pack 2 is a different OS than Windows XP with service pack 1.
So, yes there are deeply compelling reasons to upgrade. If you want to have patches for several kernel buffer exploits, as well as many other security and functionality patches, you need to do one thing;
yum upgrade, and answer yes.
Or even easier; yum -y upgrade.
So, yes there are deeply compelling reasons to upgrade. If you want to have patches for several kernel buffer exploits, as well as many other security and functionality patches, you need to do one thing;
yum upgrade, and answer yes.
Or even easier; yum -y upgrade.
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the meantime a pack of ninjas breaks in and owns my box with a local buffer overrun exploit, well, you can't say I wasn't warned.
Quoting Sean Carolan scarolan@gmail.com:
So, yes there are deeply compelling reasons to upgrade. If you want to have patches for several kernel buffer exploits, as well as many other security and functionality patches, you need to do one thing;
yum upgrade, and answer yes.
Or even easier; yum -y upgrade.
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the meantime a pack of ninjas breaks in and owns my box with a local buffer overrun exploit, well, you can't say I wasn't warned.
It may not work for all things, but have you looked at dkms? http://linux.dell.com/projects.shtml#dkms
Dag/rpmforge has packages as well.
on 1/23/2008 10:43 AM Barry Brimer spake the following:
Quoting Sean Carolan scarolan@gmail.com:
So, yes there are deeply compelling reasons to upgrade. If you want to have patches for several kernel buffer exploits, as well as many other security and functionality patches, you need to do one thing;
yum upgrade, and answer yes.
Or even easier; yum -y upgrade.
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the meantime a pack of ninjas breaks in and owns my box with a local buffer overrun exploit, well, you can't say I wasn't warned.
It may not work for all things, but have you looked at dkms? http://linux.dell.com/projects.shtml#dkms
Dag/rpmforge has packages as well.
And 5.x has the newer weak-updates module options.
On Wed, Jan 23, 2008 at 12:29:52PM -0600, Sean Carolan alleged:
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the
If this is a problem, then you are doing it wrong.
Either use one of the existing solutions like dkms or weak-modules, or just put the necessary commands in a file and run it.
On Wednesday 23 January 2008 14:43:17 Garrick Staples wrote:
On Wed, Jan 23, 2008 at 12:29:52PM -0600, Sean Carolan alleged:
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the
If this is a problem, then you are doing it wrong.
Either use one of the existing solutions like dkms or weak-modules, or just put the necessary commands in a file and run it.
I'd find it odd that you would need to recompile your vpn client and wifi (not that I ever used or installed wifi.) nVidia -- yes, but that is soo smooth with dkms it's invisible these days.
VMWare does a simple rebuild to stay current and that's that. Without remembering the details and look it up each time I'm done inside 5 minutes.
Sean Carolan wrote:
So, yes there are deeply compelling reasons to upgrade. If you want to have patches for several kernel buffer exploits, as well as many other security and functionality patches, you need to do one thing;
yum upgrade, and answer yes.
Or even easier; yum -y upgrade.
When I have some time to re-compile VMWare server modules, my graphics driver, vpn client and wifi driver I may consider updating. If in the meantime a pack of ninjas breaks in and owns my box with a local buffer overrun exploit, well, you can't say I wasn't warned.
If you want to keep your existing kernel for a while, just change the grub default back after the update installs the new one. Then you can switch, reboot, and rebuild the necessary stuff whenever you have a chance.
If you want to keep your existing kernel for a while, just change the grub default back after the update installs the new one. Then you can switch, reboot, and rebuild the necessary stuff whenever you have a chance.
Thanks, this is probably what I will end up doing. I tend to err on the side of caution when applying updates, especially a single-user box that is not exposing any inbound ports or services to the Internet.
Sean Carolan wrote:
If you want to keep your existing kernel for a while, just change the grub default back after the update installs the new one. Then you can switch, reboot, and rebuild the necessary stuff whenever you have a chance.
Thanks, this is probably what I will end up doing. I tend to err on the side of caution when applying updates, especially a single-user box that is not exposing any inbound ports or services to the Internet.
Updates are almost never cause problems in CentOS since they have been through fairly extensive testing and don't introduce big changes (that is they stay on the side of caution already). Perhaps you are used to more aggressive update policies like you would see in fedora.
on 1/23/2008 12:19 PM Sean Carolan spake the following:
If you want to keep your existing kernel for a while, just change the grub default back after the update installs the new one. Then you can switch, reboot, and rebuild the necessary stuff whenever you have a chance.
Thanks, this is probably what I will end up doing. I tend to err on the side of caution when applying updates, especially a single-user box that is not exposing any inbound ports or services to the Internet.
It is only safe if the machine has NO outside contact, incoming or outgoing. IE ... net cable unplugged, modem unplugged. Maybe even floppy and cd-rom unplugged.
-
Barry Brimer -
Bobby -
Frank Cox -
Garrick Staples -
Les Mikesell -
Ralph Angenendt -
Scott Silva -
Sean Carolan