Reasonable expectations of sysadmins (was Re: FreeBSD Security Advisory FreeBSD-SA-11:05.unix)

Chris Rees wrote:
Generally users are expected to pay attention to what is updated-- I
know this isn't always the easiest task, but blindly following
instructions is not something that is generally advocated in FreeBSD.

Generally, yes. For a security advisory, though, I don't think it's
unreasonable for the reader to expect that the solutions and workarounds are
exactly as described, with nothing left out or assumed that every system
administrator will know. Likewise, the advisory issuer surely expects that the
instructions they provide *will* be very strictly followed.

Based on my own experience, I did happen to realize that a reboot would
probably be needed, but since one procedure in the advisory said to reboot and
the other didn't, it led me to wonder if maybe there was some magic in
freebsd-update that obviated the need for a reboot. Apparently there's not; it
was just an oversight in the instructions.

Also, sometimes things go haywire after a reboot, especially after extended
uptime and updates to the kernel or core libraries, so I'm in the habit of
only shutting down when necessary. So if I don't see "and then reboot" in an
update procedure - and most of the time, security updates don't require it -
then I don't do it.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Reasonable expectations of sysadmins (was Re: FreeBSD Security Advisory FreeBSD-SA-11:05
    ... instructions is not something that is generally advocated in FreeBSD. ... the advisory issuer surely expects that the ... I did happen to realize that a reboot would ... update procedure - and most of the time, security updates don't require it - ...
    (FreeBSD-Security)
  • Re: Cannot access Automatic Update options in Control Panel
    ... Suggestion: save off the instructions. ... But, I DISABLED the Automatic Updates and BITS as you said, and reboot. ...
    (microsoft.public.windowsupdate)
  • Uptimes - any guidance? [moving OT]
    ... to reboot until you have to do maintenance on kernel / hardware - even ... better if you have hot-pluggable hardware (hd's, ac-adapters, there are even ... Open BSD and Debian are similar in terms of stability. ... Yeah, FreeBSD has always interested me, but I have yet to try it. ...
    (Debian-User)
  • Re: Uptimes - any guidance? [moving OT]
    ... I'm running Squeeze on a desktop and so far have an uptime of some 11d. ... uptimes of 90+ days on that without a problem. ... Maybe once I've finished my current project and have some time on my hands, I may well look to dual boot FreeBSD and Debian, just to see if there's any difference. ... I rarely reboot ever. ...
    (Debian-User)
  • Re: Instant reboot with FreeBSD 6.3 and > 2GB RAM
    ... I will test it also on FreeBSD 7.0, but i assume that it will fix it there too. ... Many users using FreeNAS reporting this reboot problem on their machines with RAM> 2GB. ... detailed but from your description it looks like loader is causing that. ... The report is about 6.2-R but at least I've checked loader code and 7.x ...
    (freebsd-questions)