CentOS packages safe to update/upgrade?

[Chris Valean]

Hey guys,
Here's a quick one for you:
On a Plesk 9.5.4 on Linux - CentOS 5.x 64-bit, is there a *safe* list of OS packages that it's safe to update and/or upgrade via yum?
Or is that going to mess with the Plesk functionality etc? Or do you prefer to manually update/upgrade certain packages to the latest versions - like openssh / openssl for eg?

Thanks!

 

[breun]

You're safest if you install all updates.

 

[philb@]

Anything Plesk installs that can't change without breaking something has a different RPM name than the generic one. It won't trigger an update to the generic one.

So in general, it's best to update as often as possible. Of course, any update can break things so that is how you earn your wings. Fixing what broke. The alternative is to not update and have someone break in because you didn't patch a vulnerability.

Personally, I stay updated every few months. I do it at night so if it breaks I have some time to recover. I have a test routine that I go through after an update to test the obvious stuff. I back up important stuff first.

CentOS packages are RedHat packages in sheeps clothing. As such, they've been pretty well tested before they were released. Good for us. I can't recall the last time a CentOS patch tipped over a machine.

 

[breun]

I recommend subscribing to the announce mailinglist for the OS versions (and any other third party software) you're using, so you'll know when critical or relevant updates are released.

For CentOS go here: http://lists.centos.org/mailman/listinfo/centos-announce