On 08/16/2016 07:29 AM, hw wrote: > Neil Bothwick schrieb: >> On Sat, 13 Aug 2016 16:26:21 +0200, hw wrote: >> >>>> If you see this now, your production server hasn't been updated for a >>>> long time... >>> >>> About 1.5 years --- not really a long time. >> >> You're kidding, right? You're running a production server without the >> last 18 months' worth of security updates? > > What can you do when you don´t have the time to do the updates, especially > when you know that they will give you trouble and can take all day or even > longer. > >
I run a half a dozen gentoo servers to do some tasks in our environment. I typically *make time* to update at least four times a year. I generally do not have any problems or blockers to deal with. Each of those instances are specific and don't have any unnecessary cruft to deal with (i.e. no GUI or anything. Base environment + tool needed.) Ironically I am updating as we speak and while it does take some unattended time to finish (I don't have to sit there and watch it) starting and confirming the update list took all of about a minute. After it's done I habitually run perl-cleaner, python-updater, then --depclean it and revdep-rebuild them. There may be a kernel update but I do not do major kernel updates unless there is a need, but incremental updates I apply. When I go update each one it probably takes 20 minutes to do them all, and I do it at the same time I wind up applying Windows server patches. I did drag a really old gentoo installation at work after 2.5 years of updates not applying. Yes, it took a day, and would have been faster to reinstall from scratch. I chalked it up to my own damn fault and since then update four times a year and haven't had any major issues since. Dan
