[Yum] Re: mirror maintenance
gravesricharde at yahoo.com
Tue Sep 7 22:39:43 UTC 2004
The chance that there will be a show-stopping glitch
in a security patch is extrememly small. But this is
still too big a risk for live servers in some
I did not think that a new box being completely up to
date was a huge problem. As I understand it, the
concern is that a glitch in an update will bring down
a live server. You are not taking this risk with a
new install. After all, it is a new install, and if a
glitch stops it from running, you can troubleshoot the
problem before you go live.
I have never maintained a mirror.
> What I'm proposing solves the same problem, but
doesn't introduce these NEW problems. Maintain a
mirror that only folds in new packages after they've
been available for N days.
How do you implement folding in new packages after N
days? Do you manually track every new package that
comes out? It seems to me the YUM option that I am
proposing would help you maintain your mirror with a
lot less manual, tedious stuff.
You also wrote:
> You're talking like yours is the only possible
I disagree with you on that.
For the sake of analysis, let's agree that maintaining
your own mirror is the ultimate solution. However, it
requires more hardware, and a lot more time and
effort, than the solution to the security patch
problem that I have proposed. The reality out there
is that some administrators deal with the security
patch problem by never applying them. (Try telling
them they must maintain their own mirror!) I believe
the solution that I have proposed would be a best
compromise for many administrators.
More information about the Yum