[CentOS] yum update

Fri Aug 14 03:49:53 UTC 2009
Johnny Hughes <johnny at centos.org>

Lanny Marcus wrote:
> On 8/13/09, madunix <madunix at gmail.com> wrote:
>> Can any one clarify this, is auto updating at all production servers
>> recommended or not?
>> need to know your opinion, how do you manage the update?
> 
> The NSA Guide to the Secure Configuration of RHEL 5 indicates this is
> OK, but not with updatesd which they believe is not mature enough for
> an enterprise environment and may introduce unnecessary overhead. They
> suggest a cron job that calls yum to do this.
> 

I build a bunch of these updates and test most of the ones I don't build
before we release them ... and I STILL don't auto update servers in
production.  I may be a bit cautious, but I can't imagine I would ever
set any production server, in any OS, to every update automatically.

If I was ever going to do it, CentOS would be the OS ... but with my job
on the line I'll just do the updates by hand and watch the output :D

We do auto update all our CentOS Infrastructure servers via cron and
they hardly ever have issues.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20090813/93a41a51/attachment-0004.sig>