[CentOS] using Red Hat site for documentation

Wed Jul 30 20:16:32 UTC 2014
Les Mikesell <lesmikesell at gmail.com>

On Wed, Jul 30, 2014 at 3:03 PM, Valeri Galtsev
<galtsev at kicp.uchicago.edu> wrote:
> Oh, boy. Now I have to rant on Linux and RedHat after being so happy with
> them for much longer than a decade. OK, the first thing I have to admit:
> I'm ignorant person. Please teach something...
>
> Now questions:
>
> 1. How often do you reboot your Linux servers? (every about 45 days there
> is either kernel or glibc update. I remember somewhere about RedHat 5 -
> RedHat 7 machines having uptime about 2 years)
>
> 2. All major Linux distributions either have switched to systemd or plan
> to do so in next release... I prefer system V init. I don't like something
> big handling everything when there is no reason to.
>
> And the list can go on...
>
> But there are changes I really like (to keep the balance...). Such as
> switching to XFS as to default fs! And BTW, I was extremely happy I went
> with RedHat/CentOS when my debian friend sysadmin was re-creating all keys
> and certificates (and rebuilding systems) after known random number
> generator flop debian had...
>
> So, please, teach me something: how do I build enterprise level server
> based CentOS 7 which I'll be able to run 1-2 years without reboot (I did
> apologize already for being ignorant person ;-)

You don't _have_ to install a new kernel/glibc the second it is
released, especially if the server isn't internet-exposed.   Usually
any memory leak or device driver bugs are discovered and fixed quickly
in the release cycle, so if current kernel has any of those problems
they should be fixed soon.   Then you just need to watch the update
notifications and decide if subsequent updates are something you need
badly enough to reboot.  Just be aware that something that is
described as a 'local root escalation' might be combined with
different application-level bugs in server programs to give the effect
of remote exploits (and there _will_ be people who know how to do
that) so you can't ignore everything.

-- 
   Les Mikesell
      lesmikesell at gmail.com