I saw this first some months ago, it did leave an rpmsave, but this was
the standard file too. I keep an hourly backup of all my config files so
it's not to bad to fix. Really it's just annoying, for some years I have
been running unattended patching and now I have to do it properly in
case RH muck it up!! Thats what I do with other nonoperating systems!
Neil.
George Magklaras wrote:
:-)
It happens, but it should leave an .rpmsave file. Which is why we have a
cronjob looking for these "constructive changes" about every hour, see
an md5sum (aka tripwire) and if necessary replacing with the .rpmsave
file (or other original file) restarting the service. For production
systems, I would do that for sshd/ssh , samba , named, dhcpd and httpd.
It could take you an hour to implement and save you hours of raised
blood pressure.
Alternatively, you apply the updates so that they happen at certain
intervals/few systems, so you are there and know what to expect. This is
also a valid approach if you have a spare old box and use xen or vmware
to replicate the production system config. You apply the updates there
first, see what breaks and know what to expect.
GM
--
Neil Marjoram
Systems Manager
Adastral Park Campus
University College London
Ross Building
Adastral Park
Martlesham Heath
Ipswich - Suffolk
IP5 3RE
Tel: 01473 663711
Fax: 01473 635199
Reclaim Your Inbox!
http://www.mozilla.org/products/thunderbird
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
