[CentOS] More questions about patch management

Mon Jan 30 10:33:14 UTC 2006
Jim Wildman <jim at rossberry.com>

On Sun, 29 Jan 2006, Steve Bergman wrote:

> Say I want to apply security patches automatically on a nightly basis.
> But when the push from 4.2 to 4.3 comes around, I want to defer that for
> when I can do it manually.
> 
> Is that possible? (Preferably with yum, but I would use up2date if that
> were necessary.)
> 

It is if you maintain an internal repository (which if you have a lot of
machines is a good idea anyway).  You mirror the centos update tree into
one repository and copy them into your internal 'production ready' tree
when you are ready.  This allows you to set your boxes for automatic
updates, but manage the volume of updates applied.  With a little
thought on the repo setups, you could even have separate repos for
different machines or types of machines (yum follows symlinks just
fine).


------------------------------------------------------------------------
Jim Wildman, CISSP, RHCE       jim at rossberry.com http://www.rossberry.com
"Society in every state is a blessing, but Government, even in its best
state, is a necessary evil; in its worst state, an intolerable one."
Thomas Paine