[rsbac] updating applications
Andrea Pasquinucci
cesare at ucci.it
Mon Nov 29 10:40:38 CET 2004
I would like to ask the list which startegy is most adopted for updating
applications, i.e. all software except for RSBAC, like apache etc. I
like to keep my software up to date as much as possible, and I check
daily for updates. Currently I try to follow the following approach
1. check for updates (possibily daily)
2. if there are updates continue, otherwise stop
3. switch down internet interface
4. switch to softmode (could require reboot)
5. shutdown, update, restart software
6. reinstall all/most/relevant rsbac rules
7. switch to secure mode (could require reboot)
8. up internet interface
Any comment, smarter way ... ? I see as an alternative to switching to
softmode, to remove the read-only flag from the files to be updated and
then re-apply the read-only flag after the update (in some cases this
could be a lot of work, depending on the setup obvioulsy).
Andrea
More information about the rsbac
mailing list