Uptime vs. Kernel updates (was Re: [TriLUG] Prosperous New Year)
David A. Cafaro
dac at trilug.org
Tue Jan 3 18:54:46 EST 2006
Simply put, none of my clients have terminal/shell access to the
machine. I allow ftp/www/imap/pop/smtp access to the server and that's
it. So I focus my attention on keeping those updated and current as
well as keeping my eye open for out of date software (such as php
forums/perl/cgi stuff) and help them keep them current. These don't
require a reboot to keep secure.
Most kernel security issues are accessible only via shell access or an
errant program. I don't allow shell access and try to protect against
errant programs.
A reboot risks having to travel to another state (Ok only about 1 hour
drive) to fix a failed reboot.
Time since I last was in the physical presence of my server:
$ uptime
18:53:33 up 472 days, 53 min, 1 user, load average: 0.02, 0.05, 0.02
Time when I was last in the same state as my server: ~4 Months.
Cheers,
David
On Tue, 2006-01-03 at 15:42 -0500, Rick DeNatale wrote:
> I'm impressed.
>
> I'm also a bit curious. As good as a long uptime is, what do you guys
> do about security updates to the kernel? Sure you can get them via
> apt-get, yum, whatever, but doesn't it require a re-boot to actually
> start USING a new kernel?
>
> --
> Rick DeNatale
>
> Visit the Project Mercury Wiki Site
> http://www.mercuryspacecraft.com/
More information about the TriLUG
mailing list