Re: (Security) upgrades with shared /usr?
On Mon, Feb 20, 2006 at 11:29:12AM -0500, Brenda J. Butler wrote:
> On the pro side for such a configuration, if you are using stable
> and limiting the packages installed to exactly what you need and no
> more, then you won't have to do this very often. Many of the updates
> will not affect you, being for packages you don't have.
This is true in a typical server environment. But I'm afraid it is
going to be more frequent when serving desktop systems..
> You could schedule a regular maintenance time for non-urgent
> upgrades, 1/2 hour each week or month.
There are still the urgent ones - I would really hate to take EVERYTHING
down peak hours because a mozilla or libpng bug needs to be fixed.
One might argue that the programs would still need to be restarted to
make it effective, but there is a huge difference between killing a
client's session and sending them an e-mail/xmotd that they need to re-login.
> And you keep the benefits of ro /usr partition.
I could still have RO most of the time, even with a cluster
Marcin Owsiany <firstname.lastname@example.org> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216