Randall R Schulz wrote:
They list all the changes applied in every patch released via YOU. If you don't trust the YOU updates, then why do you trust any package built by SuSE / Novell?
For the same reason that I in my +15 years in the IBM world also trusted the IBM shipped software, but not the patches. Release-quality software is usually put through rigorous testing - patches are often too, but far from as a matter of course.
I'd say your paranoia is best directed elsewhere.
Randall, I (obviously) disagree about this being paranoia. As a sysadmin you should be fully aware of what is running on your systems. Applying patches and fixes more or less in the blind is not the way to go about that. Whether or not you trust the supplier.
many of us run systems that are not what is usually considered "production."
I totally appreciate that, but I don't think it can be taken as the rule. (Why stick to only SuSEs patches if you're not in some form of controlled environment?)
My policy, which has not caused me any problems, is to apply all YOU patches. For the most part, I'm greedy about new software, new capabilities and enjoying the nice steady stream of improvements that issue forth from the Open Source community. Take KDE, for example: Over the past year it has progressed immensely, and I for one would not want to forgo all those improvements.
On my personal workstation I apply exactly what you've just described, but for most other systems, customers depend on them being up and running, so the risk involved in applying an _unnecessary_ (kernel or not) patch is not warranted. There's room for everyone of course, but I have a number of production systems to run 7x24. Downtime is scheduled about one month in advance, preferably around Christmas :-) My general system uptimes are +300 days with a couple of exceptions in both ends. Anyway, I was merely trying to suggest a careful change policy, I didn't intend to dictate to anyone how to run their system(s). /Per Jessen, Zürich -- http://www.spamchek.com/freetrial - managed anti-spam and anti-virus solution. Sign up for your free 30-day trial now!