Re: (Security) upgrades with shared /usr?
- To: firstname.lastname@example.org
- Subject: Re: (Security) upgrades with shared /usr?
- From: Marcin Owsiany <email@example.com>
- Date: Mon, 20 Feb 2006 19:27:13 +0100
- Message-id: <20060220182713.GA24524@kufelek>
- Mail-followup-to: firstname.lastname@example.org
- In-reply-to: <20060220162912.GR32682@stuffed.animals>
- References: <20060220150251.GA13422@kufelek> <20060220162912.GR32682@stuffed.animals>
On Mon, Feb 20, 2006 at 11:29:12AM -0500, Brenda J. Butler wrote:
> On the pro side for such a configuration, if you are using stable
> and limiting the packages installed to exactly what you need and no
> more, then you won't have to do this very often. Many of the updates
> will not affect you, being for packages you don't have.
This is true in a typical server environment. But I'm afraid it is
going to be more frequent when serving desktop systems..
> You could schedule a regular maintenance time for non-urgent
> upgrades, 1/2 hour each week or month.
There are still the urgent ones - I would really hate to take EVERYTHING
down peak hours because a mozilla or libpng bug needs to be fixed.
One might argue that the programs would still need to be restarted to
make it effective, but there is a huge difference between killing a
client's session and sending them an e-mail/xmotd that they need to re-login.
> And you keep the benefits of ro /usr partition.
I could still have RO most of the time, even with a cluster
Marcin Owsiany <email@example.com> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216