Greetings Wise People!
I'm way behind as have only been 10% LCG support last 2 years so apologies
if this is elementary.
Bristol has 2 perfsonar hosts. Both are whatever standard install is
provided by the perfsonar folks apparently CentOS 6.5.
(I did not install it, Dr Kreczko did I presume following whatever
instructions the perfsonar folks provide)
We find that yum-cron is installed, creating /etc/cron.daily/0yum.cron,
but it is not chkconfig'd on.
It looks like lots of repos are left enabled (which might cause problem
with clashing versions I suppose)
Is this correct for perfsonar? So they don't auto-install security updates
overnight. One has 44 updates pending from several months back...
Is there some danger for perfsonar in allowing automatic nightly security
updates?
IIRC yum-cron is a fairly different animal than yum-autoupdate which
is what all our SL hosts use. yum-cron exists for SL but we found it does
not allow (or not without nitpicky config) excludes like kernel (I think).
So we use yum-autoupdate on SL & they get all but kernel nightly sl-security
updates.
So can people who have perfsonar boxen tell me
. is yum-cron installed or yum-autoupdate
. is it correct to have yum-cron chkconfig'd on or off ?
We do want stable perfsonar, maybe auto updates will make it unstable, but
shouldn't security updates be applied since they have ports open to the
outside world??
Winnie Lacesso / 55% HPC Storage Admin, 20% Particle Physics, 25% SysOps
HH Wills Physics Laboratory, Tyndall Avenue, Bristol, BS8 1TL, UK
University of Bristol
|