On Thursday 01 November 2001 14:05, you wrote:
> I would be interrested to hear your experiences of patching different
> distributions and any problems you have got into using utilities that go
> away and try and update everything for you.
>
> How do you find 'apt-get', 'Update Agent' or whatever your distribution
> uses in terms of reliability. How well does it handle existing
> configuration files when upgrading packages. Has your machine ever been
> left in an unstable state?
I've run automatic updates with both Debian (stable) and SuSE. I actually
prefer the SuSE Online Update, as it can work from a mirror directory, and
also has patch descriptions with a manual mode, so you select when to install
the patches. It is simpler than downloading rpm's and then installing them.
The only problem I had was as a result of an openssl update, where a package
had been built with some missing library links, which caused failure in KDE
programs on startup.
Some on the list run Debian unstable, talking to them it is not entirely
unknown for 'bad' upgrades, occasionally affecting things like C library or
PPP making it hard to recover. They tend to keep an eye out on the mail
lists, and only do an update occasionally when things seem to be in a good
state.
As an online update, should only install patches and bug fixes, not programs
with new features and altered configurations, generally they are problem free.
> I choose to semi-automate the update's on RedHat boxes we run with scripts
> written in-house but it can mean modifying the scripts or manually
> installing a lot of packages due to the different configurations on each
> machine, and when there are a lot of machines with different configurations
> it's obviously very time-consuming.
rpm -F can be useful, I believe autorpm also allows you to install from a
pool of 'approved' rpms.
> I haven't used Debian for a few years although it was always my
> distribution of choice for a number of years on my home machine (before
> apt-get), however reliability is far more important at work and using a
> tool such as 'apt-get' to automate upgrading systems seems a bit risky to
> me.
Particularly as deb's didn't (don't?) have a package signing mechanism, which
means your security is only as good as the mirror you download from.
> Also, how good do you find your distribution is when it comes to security
> patches being released quickly?
SuSE's fairly good on it, they do test things, probably Debian is slightly
quicker with updates and availability of fixes. Both contribute fixes
upstream.
Rob
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Thu 22 Nov 2001 - 13:18:44 GMT