Up2date newbie; things to look out for
Ed Wilts
ewilts at ewilts.org
Tue Jun 28 00:32:11 UTC 2005
On Mon, Jun 27, 2005 at 04:16:47PM -0700, Jeff Boyce wrote:
> I am new to managing a RHEL3 server for a small office and have some
> questions regarding using up2date that I could not find in the RedHat
> Network Reference guide or elsewhere in my search on-line. My Dell PE2600
> is primarily used as a Samba file server and is running a stock
> installation of RHEL3 ( 2.4.21-4.ELsmp) and all of the associated packages
> from our original installation last year. RHN shows that our system should
> have 400+ errata and 300+ packages installed to be up to date. I would
> like to begin maintaining our system in an up2date fashion on a regular
> basis, but am concerned about potential down-time from something going
> wrong in the process of getting my system up to date from this point.
You actually are more likely to experience outages by not updating than
you are by applying updates. The regular updates don't provide for many
features updates - they're generally security and bug fixes.
> My
> office-mates would not be friendly if our server was down for a day. Can
> anyone give me some tips on things I should look out for; potential
> problems to be aware of, or preventative measures to ensure continued
> uptime during the up2date process? I am assuming that I will complete the
> entire update process in a series of steps over a week period, but is there
> a sequence that I should follow. Should I select certain packages to
> update first, or last? When should I update the kernel during the process?
> Any inside tips that come from hands-on experience is greatly appreciated.
Of course, you should always have good backups. That's a golden rule of
system management and you should always, always have backups that you
can get to.
That said, I don't think that I've been seriously burned by a Red Hat update
yet (lightly singed once I think by a named update). Generally, if you
wait a day or two from the time the updates are released, you should be
safe since a lot of other people will install them immediately.
It won't take you a week to install all the updates unless you have a
slow Internet connection - more than likely, you'll do all the updates
in a few hours and you can download all the updates in advance first and
then install them in a quiet period.
For kernel updates, you can do it at the same time and then reboot when
you're all done (probably not a bad idea for your first big batch) but
you can do them at a later time. For most of my production systems,
I'll apply the security updates fairly quickly, the patch updates a
little slower, and the kernel updates when I get around to scheduling a
reboot. For the kernel updates, you can check to see how critical they
are for your environment. If, for example, they fix local root exploits
and you have no local users (typical for Samba), you can wait a bit
longer than if you have a highly interactive environment of potentially
hostile users.
--
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program
More information about the redhat-list
mailing list