Robert Moskowitz wrote: > > On 02/25/2013 01:00 PM, Les Mikesell wrote: >> On Mon, Feb 25, 2013 at 7:48 AM, Robert Moskowitz <rgm at htt-consult.com> >> wrote: >>> I have read a couple old threads here on updates for servers, and I am >>> looking for some mechanics to getting the actual updates done. I don't >>> want automatic updates; I want to control when and what gets updated. >> Keep in mind that to _not_ install an update, you have to know more >> than the RH engineers about the code. I usually assume they had a >> good reason for going to the trouble of shipping it and that they >> would have to have a very, very good reason to ship anything that >> would break an existing API in an update. Of course it is always good >> policy to test the combination of things you run in production on a >> non-critical box first. <snip> > I am on it, and I do look at the announcements. Still which rpm is used > on which server? What is critical and what is not? AH! *Now* I get it. There's a security plugin for yum that you can install (see <http://www.cyberciti.biz/faq/redhat-fedora-centos-linux-yum-installs-security-updates/>), and you can have that do *just* those. mark