please forgive this rather straightforward question.
First off, I'm not a sysadmin, and my experience with Linux is somewhat limited.
About 3-4 months ago, I set up a CentOS server in work, for a variety of reasons. We are using it as a development server for web sites (which our clients have access to), subversion server, and we're hosting a wiki on there for internal communication too, so it has become quite an important tool for us. (Probably more important than we thought it would be when I set it up!)
It has come to my attention that Yum wants to update about 250 packages to the latest versions in the repo.
Since the server is working fine for us, should I take the risk of updating these packages? Do the security risks outweigh the risk of the server breaking when I update everything?
I should point out that while I have backups of everything, it would take time to set everything up the way it is just now, and I don't have very much free time at work at the moment!
If the advice is to update, are there any best practices that could be passed on to make the process as safe as possible?
Thanks in advance for any advice.
UPDATE – Thanks for your responses everyone. If I had enough rep to upvote everyone, I would. 😉 I've decided to ghost the hard drive and update. Unfortunately, getting hold of a full or part time sysadmin isn't an option at the moment, so I'll just have to deal with the issue as well as I can!
Best Answer
Quick and dirty (ie. Battlefield Administrator) solution:
Take your system offline (I hope you can) and do a NortonGhost backup (or something similar) to a 2nd hard drive.
Boot up the 2nd hard drive (to make sure your backup actually works) and do the yum update on THAT drive.
If it all works... congratulations!
If it screws something up... go ahead and put in your ORIGINAL drive and come up with a "Plan B".
UPDATE:
Just thought I'd mention that the real issue here is "Do I update my waaaay out of date system and risk messing it up?" or "Do I leave my perfectly good working system unpatched and risk having it hacked/compromised?"
The answer is... once you get your system patched via the steps above... try and stay on top of it by backing it up frequently AND patching it frequently.
Then you'll have the best of both worlds. ;-)