On Tue, 2002-09-17 at 20:59, Ronnie T Livingston wrote: > How would running these automatic updating tools affect your server if you > installed apache, mod_ssl, open_ssl by hand and didn't use the default > version that came with your distribution?? > > -Ronnie >
If you installed 3rd party software into /opt or /usr/local, then it is completely separate from RPM packages. If you installed into somewhere within /usr, I don't know. In general there are tremendous time management benefits in sticking to packages. When these security alerts are released, protecting yourself is a trivial amount of effort. Alternatively you can keep around the source trees that you used to install your 3rd party software, so applying patches and re-installing is fairly quick. Sometimes packages of a certain piece of software, or a patched version of existing sofware don't exist. What I do instead of keeping source trees is grab the .src.rpm package, apply patches there and compile custom packages. This allows me to very easily keep track of exactly what files are installed, what versions, and even a changelog all stored within the RPM database. This makes completely uninstalling stuff easy too, no leftover crap from multiple versions of stuff you may have installed in the past like in Windows. (This happens slowly over time in manually installed stuff on Unix too.) I would highly recommend using a test box, and see if you can get your Jakarta stuff working with Red Hat's official Apache and OpenSSL packages. It shouldn't take too long since all the Jakarta stuff seems to be available in RPM packages too. It may take some figuring, but it is certainly possible.
