Re: where? security updates for FC4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 03 January 2007 17:55, Florin Andrei wrote:
> Now that the Legacy project is shutting down, the biggest problem
> becomes the security updates. I have an FC4 server that I plan to keep
> running until CentOS 5 comes out, but I also have to apply security
> patches to this machine meanwhile.
>
> What would be the best source of security updates for FC4 short-term?
>
> SRPMs from FC5 or FC6, recompiled? But then there might be some
> dependency issues that might get ugly.
>
> SRPMs from RHEL or CentOS? Which version would be closest to FC4? Again,
> I expect some dependency issues here.
>
> Of course, one can always download the upstream tarballs and generate
> packages, but somehow I suspect this to be the most difficult method.
>
> Any other suggestions?

I had to face a similar situation. 

We had a critical RHL 7.3 server running 24x7. Thanks to Fedora Legacy 
project , we've managed to keep it running until recently. With the notice of 
FL dropping support to all RHL versions by the end of 2006, we had no choice 
but migrate to newer platform.

Thus, be built a new server with CentOS 4.4 and moved all applications running 
on RHL 7.3 to CentOS 4.4. We found several gotchas:

* newer versions changed location of configuration files/data files, etc

* some apps in RHL 7.3 were installed from tar.gz, and heavily customized -> 
we had to deconstruct (reverse engineering?) those apps and migrate 
to "standard" (read, "rpm-provided") paths, filenames and such

* some apps on RHL 7.3 were no longer on CentOS 4.4, so we had to choose 
different app to do same thing --> research, test, research, test.

* we were lucky that there were no proprietary application running on RHL 7.3. 

* we tried different configs and tested ways of doing things with virtual 
machines on VMware Server (free download).

We[*] documented all differences, kept log of what I was doing and established 
a plan to test the new server.  That plan was a life-saver, when we switched 
off old server, as plan had a "stop and rollback" procedures for every step, 
as well as what tests to run .

[*] by that I mean "yours truly" *grin*

Also, now we keep a "mirror QA server" were we apply first updates and check 
if something breaks.

Make sure you have plenty of time to do things. Or else, keep plenty of coffee 
around.

And plan, test, plan, test, plan and test.

Regards,
Josep
- -- 
Josep L. Guallar-Esteve - IT Department - Eastern Radiologists, Inc.
Systems and PACS Administration  http://www.easternrad.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFnRSFSGQa4/zQ9e8RAu10AJ97JXC6cepg8li6SNoL3MPdmZLd7QCcDgSR
QW8tU5HOiZNZQa0evKNJRDA=
=bBFN
-----END PGP SIGNATURE-----

--
fedora-legacy-list mailing list
fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux