Can someone please SHOUT at Redhat for me?
Neil Marjoram
n.marjoram at adastral.ucl.ac.uk
Wed Sep 3 12:16:38 UTC 2008
I saw this first some months ago, it did leave an rpmsave, but this was
the standard file too. I keep an hourly backup of all my config files so
it's not to bad to fix. Really it's just annoying, for some years I have
been running unattended patching and now I have to do it properly in
case RH muck it up!! Thats what I do with other nonoperating systems!
Neil.
George Magklaras wrote:
> :-)
>
> It happens, but it should leave an .rpmsave file. Which is why we have a
> cronjob looking for these "constructive changes" about every hour, see
> an md5sum (aka tripwire) and if necessary replacing with the .rpmsave
> file (or other original file) restarting the service. For production
> systems, I would do that for sshd/ssh , samba , named, dhcpd and httpd.
> It could take you an hour to implement and save you hours of raised
> blood pressure.
>
> Alternatively, you apply the updates so that they happen at certain
> intervals/few systems, so you are there and know what to expect. This is
> also a valid approach if you have a spare old box and use xen or vmware
> to replicate the production system config. You apply the updates there
> first, see what breaks and know what to expect.
>
>
> GM
>
--
Neil Marjoram
Systems Manager
Adastral Park Campus
University College London
Ross Building
Adastral Park
Martlesham Heath
Ipswich - Suffolk
IP5 3RE
Tel: 01473 663711
Fax: 01473 635199
Reclaim Your Inbox!
http://www.mozilla.org/products/thunderbird
More information about the redhat-list
mailing list