I am not sure I would agree with either of the solutions presented in
the thread. I understand that your systems need extra security. However,
there is security in terms of availability and security in terms of
confidentiality. To rely on a system to be available, just by upgrading
the kernel is not a good idea. glibc, module-init-tools, and other
dependences might introduce problems to the system if you just upgrade
the kernel, especially if you do development work (compilers, dev libs?)
You need a proper way to handle the dependencies for these things.
If your employer wants the best solution about keeping RHEL systems
up-to-date in a secure way, that should provide a proper RHN Satelite
Server. It is essentially an advanced proxy server that stands between
your system and the Internet and allows controlled upgrades. The
procedure to obtain and setup this is given here:
https://www.redhat.com/rhn/
and at the bottom you should find various whitepaper links that give you
an idea about what to expect when you implement this.
--
--
George Magklaras BSc Hons MPhil
RHCE:805008309135525
Senior Computer Systems Engineer/UNIX-Linux Systems Administrator
EMBnet Technical Management Board
The Biotechnology Centre of Oslo,
University of Oslo
http://folk.uio.no/georgios
Bledsoe, Howard W CIV CNRNW, N632WI wrote:
All:
How can I update the kernel for my RHEL 5 systems? I am not
permitted to connect them to the Internet, but may download files and
burn them to CD. Since I will not be doing development work, should I
download all 14 or 15 files?
Is this procedure documented somewhere? Can anyone recommend a
book?
R, Howard
------------------------------------------------------------------------
------------------
IT Functionary, Navy Region Northwest
360-257-5673, DSN 820-5673, Fax 257-5315
howard.bledsoe@navy(.smil).mil, howard.bledsoe@xxxxxxxxxxxx
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
