On 2005-04-23 14:49:59 -0400, Jim Popovitch wrote: > On Sat, 2005-04-23 at 13:16 +0200, Peter J. Holzer wrote: > > I don't think we are talking about malicious updates here, just the risk > > associated with any change. No matter how careful the vendor tests the > > patches, they may still break something at the customers site. Also, > > some updates require a daemon to be restarted. So if you have to > > guarantee a certain service level, you don't want updates to happen at > > random times on your production servers. You want to test them on your > > test machines first, and when you are conviced they don't break anything > > you deploy them on the production servers at a time that is convenient > > to you. > > I think you are speaking of one extreme, but there are also others. > There are many customers of RedHat who buy hardware from the RH HW > compatibility list specifically because they know RH tests on that > hardware. This alleviates the customer from having to re-test and gets > the fixes into production faster. Who is going to test better RH or the > Customer's IT guy? <--- that's not a direct question, that's something > to ponder. There is no doubt that RH is testing a lot more thoroughly than almost any IT department can. But they can never test the exact HW/SW combination that will be running on the customer's machines, so local tests may still find problems that RH can't find. Also, if you test yourselves, RH doesn't stop testing. You don't have to decide whether you or RH are doing the tests. You decide whether you are testing in addition to RH. I admit that I can't remember if I ever caught a problem with a RH update during testing. I did catch problems with HP patches during testing, though. The main reason I don't use automatic updates is that I need to control when they happen. I can't have a samba or database server restart while somebody is running a batch job which takes several days. Unless its really urgent any update which may interrupt normal operation (if only for a few seconds) must be delayed until the next maintenance window. And its me who gets to decide whether is really urgent (and who has to explain that to my boss and our customers). hp -- _ | Peter J. Holzer \Beta means "we're down to fixing misspelled comments in |_|_) | Sysadmin WSR \the source, and you might run into a memory leak if | | | hjp@xxxxxxxxx \you enable embedded haskell as a loadable module and __/ | http://www.hjp.at/ \write your plugins upside-down in lisp". --ae@xxxxxx
Attachment:
pgpzzwhGhUVzy.pgp
Description: PGP signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
