yum-cron in the cloud images?
Garrett Holmstrom
gholms at fedoraproject.org
Tue Dec 18 20:54:56 UTC 2012
On 2012-12-18 9:54, Matthew Miller wrote:
> On Tue, Dec 18, 2012 at 09:26:25AM -0500, Andy Grimm wrote:
>>> Since a Fedora image should still be Fedora, I can certainly live with
>>> automatic updates if the rest of the community disagrees with me, but when
>>> we target a new platform like the cloud I believe we ought to encourage
>>> habits that are appropriate for it rather than encouraging old workflows
>>> that can make managing stuff in the cloud more difficult.
>> +1
>
> I think you guys are right for general package updates and bug fixes. But I
> don't think cloud is anything particularly new in giving the luxury to avoid
> patching vulnerabilities.
>
> I'm not going to change anything now, but I think we need to think about how
> to do this. Amazon Linux automatically applies critical security fixes, and
> notifies on login of important ones. I'm not so keen on the "on login"
> approach, because I think _that's_ the "old workflow".
It's harder to sell that idea for Fedora than it is for operating
systems with less churn, because security updates quickly end up getting
conflated with enhancements and other changes. That doesn't negate your
point, though. Does anyone have any useful thoughts/experiences with that?
--
Garrett Holmstrom
More information about the cloud
mailing list