Xen project Mailing List

Re: [Xen-users] Yum repo for XCP (ex: XCP acpi shutdown)

To: "Fajar A. Nugraha" <list@xxxxxxxxx>

From: Grant McWilliams <grantmasterflash@xxxxxxxxx>

Date: Wed, 26 Oct 2011 09:57:14 -0700

Cc: Xen User-List <xen-users@xxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 26 Oct 2011 10:00:40 -0700

List-id: Xen user discussion <xen-users.lists.xensource.com>

On Tue, Oct 25, 2011 at 10:38 PM, Fajar A. Nugraha <list@xxxxxxxxx> wrote:

On Wed, Oct 26, 2011 at 12:33 PM, Grant McWilliams
<grantmasterflash@xxxxxxxxx> wrote:
> On Tue, Oct 25, 2011 at 7:45 AM, George Shuklin <george.shuklin@xxxxxxxxx>
> wrote:
>>
>> NEVER upgrade XCP by CentOS packages.

> Why aren't those packages masked in the repo configs like the kernel is?

Probably because the repos are disabled in the first place.

They're disabled because Citrix doesn't want to support XCP. They provide updates to Xenserver.Â

>
> Having a server OS with no upgrade path is a very bad idea. Zero day
> exploit? How about zero month or zero year exploit? I'd like to hope that
> this gets changed at some point.

How would you "upgrade" (for example) XenServer? Or a vmware vsphere
node? IMHO the same methods and policy should also apply to xcp.

The exact same way you'd upgrade ANY other server on the planet. And yes those same methods should be applied to XCP.Â You can currently upgrade but you have to pull all your nodes down, put in a CD (my nodes don't even have optical disks, why would they?) and upgrade via a CD. That means the only time you get any security updates is once every 6 months or a year and only when you can physically access the nodes.
Â

--
Fajar

Grant McWilliams
http://grantmcwilliams.com/

Some people, when confronted with a problem, think "I know, I'll use Windows."
Now they have two problems.

Â

_______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users