CentOS - Sep 2006 - How to get 4.3 updates without 4.4 upgrade

Well, I want to stay on an even keel, here with 4.3 for a week or two.

I would like to update needed programs.

Would also like to get a newer gnome!

What are others doing here.  Too much traffic, too much to read....

On Mon, 4 Sep 2006, Robert Moskowitz wrote:
> Well, I want to stay on an even keel, here with 4.3 for a week or two.
>
> I would like to update needed programs.
>
> Would also like to get a newer gnome!
>
> What are others doing here.  Too much traffic, too much to read....
Errmm 4.3 updates give 4.4 ???

If you mean that you want to only update specific packages then you can do 
that manually with yum.

Or if you want to update everything but stay on 4.3 then you could exclude 
centos-release in yum config ... but it is probably not to be recommended

Regards
Lance

Robert Moskowitz wrote:
> Well, I want to stay on an even keel, here with 4.3 for a week or two.
> 
> I would like to update needed programs.
yum update program - or what do you mean?

This will also pull in updates to needed dependencies.
> Would also like to get a newer gnome!
Not in CentOS 4.x - Gnome will stay at the version it's at at the
moment (at least I could sneak another at in there!).
> What are others doing here.  Too much traffic, too much to read....
Read faster? =:)

Cheers,

Ralph
-- 
Ralph Angenendt......ra at br-online.de | .."Text processing has made it
possible
Bayerischer Rundfunk...80300 M?nchen | ....to right-justify any idea, even one
Programmbereich.Bayern 3, Jugend und | .which cannot be justified on any other
Multimedia.........Tl:089.5900.16023 | ..........grounds." -- J. Finnegan,
USC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:
<http://lists.centos.org/pipermail/centos/attachments/20060904/43061920/attachment-0002.sig>

On Mon, 2006-09-04 at 09:42 -0400, Robert Moskowitz
wrote:
> Well, I want to stay on an even keel, here with 4.3 for a week or two.
> 
> I would like to update needed programs.
> 
> Would also like to get a newer gnome!
> 
> What are others doing here.  Too much traffic, too much to read....
Keep in mind that 4.4 is just a marker point. It is 4.3 with some
upgrades. You can pick and choose (with dependencies being satisfied)
what you want to add. And you can put excludes= in the repo definitions
to help avoid an unexpected update later on. And for your
"non-standard"
repos, "includepkgs=" can/should be used (in certain cases).

I wish I had a stable enough platform to offer more than that. I will
tell you that I might back out the Xorg update (very bad off-screen-to-
on-screen virtual desktop scrolling... er "stuttering" as compared to
prev version. No one responded when I asked if others saw it, so I may
be unique), although I'll be darned if I can figure why.
> <snip sig stuff>
HTH
--
Bill

Lance Davis wrote:
> On Mon, 4 Sep 2006, Robert Moskowitz wrote:
>
>> Well, I want to stay on an even keel, here with 4.3 for a week or two.
>>
>> I would like to update needed programs.
>>
>> Would also like to get a newer gnome!
>>
>> What are others doing here. Too much traffic, too much to read....
>
> Errmm 4.3 updates give 4.4 ???
Hey, I am seeing 195 updates available. That does NOT sound like a a few 
patches. More like a total replacement.
>
> If you mean that you want to only update specific packages then you 
> can do that manually with yum.
>
> Or if you want to update everything but stay on 4.3 then you could 
> exclude centos-release in yum config ... but it is probably not to be 
> recommended
>
> Regards
> Lance
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Steve Huff wrote:
>
> On Sep 4, 2006, at 10:43 AM, Robert Moskowitz wrote:
>
>>> Errmm 4.3 updates give 4.4 ???
>> Hey, I am seeing 195 updates available. That does NOT sound like a a 
>> few patches. More like a total replacement.
>
> this is how RH releases patches (and thus how CentOS releases patches):
>
> 1) a new point release comes out (e.g. 4.3)
> 2) as time passes, updated packages are created and classified into 
> three categories:
>   a) security or critical fixes
>   b) noncritical fixes
>   c) feature enhancements
> 3) security and critical fixes are pushed out to the update channels 
> as soon as they are available
> 4) noncritical fixes and feature enhancements are not pushed out until 
> it's time for a new point release (e.g. 4.4)
>
> what it sounds like you want is to stay at 4.3 but still receive... 
> something?  security updates?  updates that are magically guaranteed 
> not to break anything?
Some way to change piecemeal to increase the likelyhood of a working 
system.  If this system gets hosed for partial updates, I am
hosed....
> i'm not sure there's a good way to accomplish that.  i'd
recommend not
> running `yum update` until other early adopters have figured out all 
> the various pitfalls and have documented workarounds. 
But then you have to know what to update...

Robert Moskowitz wrote:
> Well, I want to stay on an even keel, here with 4.3 for a week or two.
>
> I would like to update needed programs.
>
> Would also like to get a newer gnome!
>
> What are others doing here.  Too much traffic, too much to read....
The only real solution is to have a test box and/or network and test 
your patches on that.  Without having tested the patches, whether 
they're security patches or new features, you risk breaking your app.  
You should consider setting up a test box, testing your app. with 4.4, 
then retest after critical updates are released.  Once you've verified 
the critical update doesn't break your app in two, apply it to the 
production box.  When a update release comes out for CentOS, test 
against that also (you'll probably want to do more extended testing 
since a lot changes in update releases).

This is also what "rpm -q --changelog" and Update release notes are 
meant for, so that you can get an idea of what's changes, why and how it 
might affect your app.

Remember that since you're using CentOS you've no one to yell at when a 
patch breaks your app.  If reliability is that important and things 
*can't get hosed* as you said, you should really be using RHEL.

As a final note, I've yet to have a RPM update break one of my servers 
except where I did something wrong myself and rpm "fixed" it for me.

Jay
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jlee.vcf
Type: text/x-vcard
Size: 255 bytes
Desc: not available
URL:
<http://lists.centos.org/pipermail/centos/attachments/20060904/e88df739/attachment-0002.vcf>

On Mon, 2006-09-04 at 14:10 -0400, Jay Lee wrote:
> Robert Moskowitz wrote:
> > <snip>
> This is also what "rpm -q --changelog" and Update release notes
are
> meant for, so that you can get an idea of what's changes, why and how
it
> might affect your app.
Yum-utils has a new(for me anyway) changelog feature so you can do this
check *before* installing... I think. I was setting up and reading up on
that stuff when the last OOPS shot me down.
> <snip>

Robert Moskowitz wrote:
> Jay Lee wrote:
>> Robert Moskowitz wrote:
>>> Well, I want to stay on an even keel, here with 4.3 for a week or
two.
>>>
>>> I would like to update needed programs.
>>>
>>> Would also like to get a newer gnome!
>>>
>>> What are others doing here.  Too much traffic, too much to read....
>>
>> The only real solution is to have a test box and/or network and test 
>> your patches on that.  Without having tested the patches, whether 
>> they're security patches or new features, you risk breaking your 
>> app.  You should consider setting up a test box, testing your app. 
>> with 4.4, then retest after critical updates are released.  Once 
>> you've verified the critical update doesn't break your app in
two,
>> apply it to the production box.  When a update release comes out for 
>> CentOS, test against that also (you'll probably want to do more 
>> extended testing since a lot changes in update releases).
>>
>> This is also what "rpm -q --changelog" and Update release
notes are
>> meant for, so that you can get an idea of what's changes, why and
how
>> it might affect your app.
> I think you left out something on your rpm command.  It does not work 
> for me, even as root.
>
> rpmq: no arguments given for query
rpm -q --changelog <packagename> will return the full changelog of the 
given package e.g.

#rpm -q --changelog kernel

* Thu Aug 17 2006 Jason Baron <jbaron at redhat.com> [2.6.9-42.0.2]

-sctp: Fix data overflow in iovec computation (Neil Horman) [202122]

* Fri Aug 04 2006 Jason Baron <jbaron at redhat.com> [2.6.9-42.0.1]

-fix O_DIRECT writes to memory holes can leak a page reference (Jeff 
Moyer) [191
736] {CVE-2004-2660}
-fix sctp chunk length overflow (Neil Horman) [192636] {CVE-2006-1858}
-fix possible DoS in write routine of ftdi_sio driver (Pete Zaitcev) 
[197610] {C
VE-2006-2936}
-fix typo in drivers/cdrom/cdrom.c (Chip Coldwell) [197670] {CVE-2006-2935}
-Fix reboot on IBM Pizzaro machines (Bastien Nocera) [200111]
-don't shut down on bogus filehandles from nfs clients (Eric Sandeen) 
[199172] {
CVE-2006-3468}
-fix for prevention of setuid/gid on /proc/<pid> files (Ernie Petrides) 
[198973]
 {CVE-2006-3626}
-fix SNMP NAT netfilter memory corruption (Thomas Graf) [192632] 
{CVE-2006-2444}
-fix for non-hugemem x86 DoS w/bogus %ds/%es values (Ernie Petrides) 
[196280] {C
VE-2006-2932]
...
...

Now I can see what's changed in the 42.0.2 kernel.  Were I running a 
important router/firewall, NFS server or IBM Pizzaro box I'd probably 
want to take note of this update and test things out there...  Note that 
changelogs aren't always complete documentation of changes, they're an 
overview.

Jay



-------------- next part --------------
A non-text attachment was scrubbed...
Name: jlee.vcf
Type: text/x-vcard
Size: 255 bytes
Desc: not available
URL:
<http://lists.centos.org/pipermail/centos/attachments/20060904/bd2b2862/attachment-0002.vcf>