Lamar Owen wrote: > Packs. "If you want Security Update X for your system, you must update to > Service Pack Y" first type things; the RHEL setup can force the use of the > updates sooner than Microsoft would dare, and the CentOS echo forces it > within a week (unless I'm missing a way to tell yum "grab security updates, > but leave the Quarterly alone for now"). Not really. You can always install individual updates only. As for your second comment, you can disable base in CentOS.repo (or whatever it is called) and leave only updates enabled. Around time of switch between 4.n and 4.n+1 you would need to check erratas and manually apply security fixes that were released as part of 4.n+1 (and not as an update to any particular 4.n). However note that if an security fix requires a particular version of package from 4.n+1, you are hosed (however, you still don't need to install all updates from 4.n+1, you need only the required packages to satisfy dependencies). If you have many systems, you might choose to create your own "updates" repository and populate it only with security updates and their dependencies (so you don't run in previously described problem). Then make this repository public for the rest of the folks that would like that functionality. If you are current with updates in your repo, you'll become very popular guy ;-) If you are gringing on this "manual" step, remember that if you had real RHEL installed, you wouldn't really have this option at all. All Red Hat has is an big pool that contains all updates since RHEL 4 was initially released.