For CentOS, I'm quite comfortable setting up automatic updates. It's not "best practices" but I've spent a LOT less time fixing post-update problems than I would have spent testing each update, over the years. (This applies to Red Hat in general since RH2.1.)
Ubuntu... Not quite so happy. Their updates come fast and furious sometimes, and the patterns I see don't inspire confidence. That said, I often have automatic updates turned on for Ubuntu desktops and have only had one major problem in ~5yrs.
I think the days of testing patches independently are gone because of manpower reasons, unless you're running in a high-availability environment. Of course, all the HA system vendors I work with now address the problem by *never* patching or upgrading - one telecommunications vendor runs CentOS 4 (4.1 IIRC), with no plans to upgrade or apply *any* patches. Their answer: the systems shouldn't be reachable from the Internet anyway. *sighhhh*
-Adam
-----Original Message----- From: Kevin McGregor kevin.a.mcgregor@gmail.com Sender: roundtable-bounces@muug.mb.ca Date: Fri, 26 Nov 2010 20:01:05 To: MUUG Roundtableroundtable@muug.mb.ca Reply-To: Continuation of Round Table discussion roundtable@muug.mb.ca Subject: [RndTbl] Linux patching best practices
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable