<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Luke -<div><br></div><div>Thanks for raising this issue. For the past few weeks dogi has been working on putting together a complete table of servers, systems, and services we're supporting. They're growing like weeds, and it is getting harder and harder to maintain base operating systems because we don't really have a good handle on what's running where, why it's important, and what we need to do to keep it running. This has made it almost impossible to keep current with updates - we don't know what an update would potentially affect, and therefore we don't know how to either properly prepare for or test an update.</div><div><br></div><div>I have been trying to go through his draft list and fill in the blanks; when I do that I could use assistance in filling in the remaining gaps. We desperately need to reduce the number of systems we're supporting so we can actually support the ones we need well. I'm hoping to get that list reviewed this week and will circulate it here as soon as I can.</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>- Ed</div><div><br></div><div><br><div><div>On May 19, 2009, at 5:34 PM, Luke Faraone wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">Hi all,<div><br></div><div>Every once in a while an update like <a href="http://www.debian.org/security/2009/dsa-1800">http://www.debian.org/security/2009/dsa-1800</a> comes out for the Linux kernel. These are important updates which, if not applied, can greatly reduce our security. Unlike other services, the kernel cannot be "warm-reloaded" at this time, and so any new kernel version requires a system reboot.</div> <div><br></div><div>We need to develop a policy for handling these reboots and applying updates to reduce the possibility of an exploit. <br clear="all"><br>-- <br>Luke Faraone<br><a href="http://luke.faraone.cc">http://luke.faraone.cc</a><br> </div> _______________________________________________<br>Olpc-sysadmin mailing list<br><a href="mailto:Olpc-sysadmin@lists.laptop.org">Olpc-sysadmin@lists.laptop.org</a><br>http://lists.laptop.org/listinfo/olpc-sysadmin<br></blockquote></div><br></div></body></html>