Le 27/09/12 02:49, Ryan Lane a écrit : > I've just pushed in this change: > > https://gerrit.wikimedia.org/r/#/c/25465/ > > What this means is that Labs instances will automatically apply > security patches in an unattended manner. This means that occasionally > services may restart on your instances when patches are installed. > This change is very much needed, as there's no simple way for us to > manage security patches on instances, and no one bothers to apply them > otherwise.
I know most packages upgrade will be fine but I am a bit worried about applying security patches to mysql, libc6 and kernel. MySQL is probably going to restart properly though. AFAIK, upgrading the libc6 might need to restart a various number of daemons, I usually do a full restart of the server when it happens. When upgrading kernel, I noticed dpkg prompt about a local configuration change to grub.lst. Keeping local configuration is fine, but choosing the package provided list render the instance unbootable. Also the previous kernel are sticking in which can fill the hard drive quickly on the smallest (10GB) instances. A pam related package has a similar issue since it attempts to overwrite the configuration to connect to LDAP. I am probably a bit paranoid though. -- Antoine "hashar" Musso _______________________________________________ Labs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/labs-l
