On Sun, 2006-03-26 at 13:51 +0700, Fajar Priyanto wrote: > Hi all, > Regarding packages updates using yum, all this time I only upgrade packages > that I think is important, but also at the same time is having little risk of > breaking my installation. Such as httpd, ssh, etc. > > But there are many packages that waits to be updated such as lvm, mdadm, etc. > I'm worried that it will break my installation (web and mail server). Like > the saying "if it ain't broken, don't fix it". > > Is there any pitfall that I should avoid of when upgrading packages using yum? > Or is it completely save to let yum update the machine automatically? > Thank you very much, ---- One of the reasons that you choose one distribution over another would have to be the quality of package maintenance and the timeliness of updated packages both for functional fixes and security issues. In one respect, CentOS 'base' has it easy, in that the source of the updates is provided for them - they only have to rebuild it (not intending to diminish the lengths that they go to to rebuild some of the packages). The intention of the upstream provider and by extension, CentOS is to provide updates that don't break production systems. Of course, there are no guarantees. If you want guarantees...I suppose you buy RHEL. With specificity to your above worries...you should be greatly concerned because the updates to the very things you mentioned...httpd, ssh (probably some of the etc.) are 'security' updates and by failing to update them, you are risking far more to your installation by not updating them. The truth is...there are packages that are broke and do need fixing but you are choosing to ignore that fact. While I might suggest flippantly to live on the edge and just do 'yum update' - the fact is, just about everyone on this list does that frequently and some have it do that automatically/unattended. That is the intended use (to frequently run 'yum update') Craig