Greetings On 2014-04-11 11:43:45, Matt Alexander wrote: > To clarify for Debian on GCE, we'd like to have only *security* > updates enabled by default (the case when installing the > unattended-upgrades package), with information in motd and documented > elsewhere so that admins that don't want security updates can disable > them. As explained before none updates are automated in Debian except those switched on by sys admins them selfs. We should stick what is default in official Debian image. > There's no perfect solution here since there's always the potential > that a security patch could break something for users. However, I > believe there's a "greater good" argument to be made for keeping users > more secure by default at the expense of the rare failure. Why are you trying to suggest that sys admins are not capable of carrying for it on their own? Managing automated changes in Debian is not complicated but should be left for local admin. > Having > automatic security updates becomes even more important in the Cloud > scenario where users pay much less attention to the OS layer than a > typical sysadmin might that's running Debian servers at their company. I won't agree with it, but if they don't pay attention to servers they are responsible for, sorry but it's not our problem but theirs and they change their mind set. All systems need care cause 'cookies need love'. > For the case of "I don't want my MySQL service restarting without my > knowledge", it's easy for an admin to add MySQL to the > Unattended-Upgrade::Package-Blacklist section of > /etc/apt/apt.conf.d/50unattended-upgrades, for example. It's easy to setup automated upgrades for security too and from my experience opt-in is in many border cases much better solution then opt-out specially when you're not in the position to forecast what problems it may cause on highly customised systems. > It'd be great to see Debian lead the way among distros of changing the > default expectation to "I get security updates automatically and > therefore don't have to spend time worrying about tracking and > applying security patches for my apps". I don't see this as "trying > to think for our users", but more about making their OS easier to > manage and staying secure by default. As I wrote above I won't agree with this point of view for many reasons. For me it'll create more problems specially on systems loaded 24/7. I can agree that opt-out and opt-in are similarly easy to setup but consequences of those to approaches are very different on production systems and in my opinion it's better to be save (spend a bit more time to apply updates) then sorry when 12h running DB query for CEO report will fail because of it and the board meeting is in 4h. -- |_|0|_| | |_|_|0| "Heghlu'Meh QaQ jajVam" | |0|0|0| -------- kuLa --------- | gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3 3DF1 A4DF C732 4688 38BC F121 6869 30DD 58C3 38B3
Attachment:
signature.asc
Description: Digital signature