On Apr 7, 2010, at 12:27 PM, Ron Johnson wrote: > On 2010-04-07 13:52, Jozsi Vadkan wrote: >> how do you automate the updates in Lenny? [if you're using it as a >> "desktop os", and you don't want to give: apt-get update; apt-get >> upgrade -y every week..]? > > That's a foolish thing to do, since blind acceptance can lead to a broken system. Maybe so, but I've been using automatic upgrades for the last 2-3 years on many stable systems without a problem. The nice thing about staying within the stable distribution is that typically the only updates are security updates which are generally very small changes. When you get to the scale of managing tens or hundreds of debian systems it's easier to automatically upgrade and fix any problems in the off-chance they happen. If you wanted to be more careful, one solution is to setup your systems in such a way that a small group of computers get updated before the rest, as an early warning system. The major package changes happen between inter-distribution (eg etch -> lenny), which always need a human supervisor. This is acceptable on a larger scale because that only happens every 1.5 - 2 years. Also if you have other management software (eg cfengine, puppet) in place, it helps mitigate problems when upgrading debian packages or distributions - decreasing the cost of a package upgrade mishap across many systems.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature