Hello all, We run several mission critical RHEL 4 AS servers and we are currently having a bit of an internal debate regarding the installation of official RedHat updates. Several of my colleagues think that installing the RedHat updates is too dangerous because it could potentially break another package and/or another piece of our or a third party's software. These are my arguing points as to why we should apply the updates. Please correct me if I have misunderstood any of the points I make, and feel free to add more to the list (the more the better): - . All RHEL updates are exhaustively tested by RedHat to make sure they will not break other official components of the OS. . RHEL updates are only ever bugfix / security updates. An API/ABI will never be changed as part of an update. If one of our programs was compiled against a library which later got updated, the program would not be negatively affected by the update. . RHEL updates are tested against most of the large certified applications (such as Oracle etc.) before release. . RedHat don't release updates just for the fun of it, they release them to fix new security holes to prevent our systems been broken into, and to fix known critical bugs to keep our systems stable and our data intact. On a slightly different note, does anyone know of a certification framework we could develop our applications to, to provide the best possible compatibility with the underlying RHEL OS? What do most other organisations in our position do? I'd be especially interested to hear from other companies using RHEL 4 AS who must provide 24/7 availability, and what RedHat's official line on the matter is. Regards, Adam -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
