|From:||Chow Loong J.|
|Sent on:||Thursday, October 27, 2011 10:57 AM|
On 27/10/[masked]:57, Wong Boon Hong wrote: > So you guys always update your Linux server whenever a new patch is released > immediately and never encounter any problem? It's not that there aren't any problems. It's that when there are problems, it's usually quite possible to fix/workaround, especially if you know the tools you are using well enough. And even then problems are relatively few and far in-between. > Even Microsoft patches have been known to break down something in the past. > Thus, I will let others test the new patches first for a few weeks or even > months before I apply them just to ensure that any problem with these patches > would have been fixed by then. Applying a few patches at once will also help to > cut down on the number of downtime, especially when most patches insist on > rebooting your OS. On Linux, there aren't many patches that would require rebooting your OS. In fact, some of them that require rebooting can actually be handled by just restarting affected services, and many of these services, such as Apache, can be restarted with little to no downtime. On Ubuntu, these packages are usually listed in /var/run/reboot-required.pkgs. Of course, a kernel update would require a reboot, and that's particularly dangerous because if it was not tested properly, it could render your server unbootable. I know for a fact that Ubuntu and Debian have a "proposed" component of the archive where packages are staged, tested and verified to be working properly and regression-free before being copied to the "updates" section. I'd expect that other distributions have a similar QA process. > [...] -- Kind regards, Loong Jin
This email message originally included an attachment.