On 2003-12-02 22:48:04 +0000 James Green <jg@jmkg.net> wrote:
Incidently, what are people's policies in terms of rolling out software upgrades on servers?
Generally, I test them nearby and then roll them out to remote sites fairly quickly if they don't break. Most of the debian machines track stable, so it's very rare that there's a problem. Kernels are a different matter. I upgrade them as soon as possible, but when I know there's some expert near enough for physical access in reasonable time. I think changing network settings is the only other thing I treat differently. After Paul Russell's suggestion, I generally start a process that will restore the previous settings, timed for after the changes should be completed. If it works and I still have access, then it's cancelled again. Sometimes that's even a reboot. You really don't want a trip to a machine just because you downed/blocked the network interfaces. This seems to be an underdocumented topic. I guess it's difficult to give good advice on this. You can find the security upgrade policies of some ISPs online and what you pick as a policy depends on your situation and priorities. -- MJR/slef My Opinion Only and possibly not of any group I know. Please http://remember.to/edit_messages on lists to be sure I read http://mjr.towers.org.uk/ gopher://g.towers.org.uk/ slef@jabber.at Creative copyleft computing services via http://www.ttllp.co.uk/