Re: are unattended updates a good idea?
We use cron-apt for over a year now to patch around 120 Debian Servers with security fixes every night. In this time we never had a broken security update. But we mostly use them as Webservers or Appservers who run Java-Apps. So if u use highly specialized Software you need to consider for yourself. Maybe run it on test setup first. Charm is that critical patches like Bash were patched in less than 24 hours.
Hope that helps.
Greetings
MattiasAm 31.01.2015 10:45 schrieb Andrew Beverley <andy@andybev.com>:
>
> On Sat, 2015-01-31 at 09:58 +0100, Ml Ml wrote:
> > Do you think it is a good idea to do security updates automatically?
>
> I've always avoided this for the same reasons as you, but thinking back
> over the last 10 years, I don't think I've ever had an update break
> something, so maybe it's time to try...
>
> > Or are you maybe using something completly diffrent like puppet?
>
> I currently use Ansible, which I run weekly against all my servers,
> unless there is a critical update in which case I run it immediately.
> For a variety of reasons I'm about to move to Rexify, but the concept
> will be the same.
>
> > Whats your practical experience with lots of servers? (i am not
> > interested in theoretical advises :-P )
>
> I'd be interested to hear other people's ideas and experiences though.
>
> Andy
>
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 1422697558.21256.2.camel@andy-laptop">https://lists.debian.org/[🔎] 1422697558.21256.2.camel@andy-laptop
>
Reply to: