Quoting "Christopher X. Candreva" <[EMAIL PROTECTED]>: >> Not true. I have a package manager installed on all my machines. But they >> do NOT do automatic updates... The above is only true of those who have >> a package manager installed and configured to do automatic upgrades. > > But you are on this mailing list, which means you know about the upgrade > before you type yum update clamav (or the local equivalant).
Not relevant. The point is, I don't have yum run as a cron job or a service. And I don't type "yum -y update" on my servers. I look at what updates are available, decide if they are safe or not, investigate those I'm not sure about, and only install the ones when I know that it is safe to do so. If there is a major upgrade or question, I test it on another system first. The mailing list is not a factor. I can check which updates are available, and check out them out, before I install them, without any help from the mailing list. > Now take the user for whom the only notice of an update is when they issue > yum update And they should say, "Hmm. clamav update, I need to at least make sure I check the configuration files (.rpmnew or .rpmsave versions, etc) before I restart this in production. If I'm not sure, maybe I should go to clamav.net and see what they say there..." What they should NOT say is: "Hmm... clamav, what's that? Oh well, I don't know what it is, but I'll go ahead and update it anyway..." > and it lists clam* among the packages to update. He'll know about the > change AFTER it's installed. And if clamav is part of an OS release, then the OS packages should have made sure this is taken care of. If it isn't part of the OS release, then the user doing the update should know what they are doing, and act appropriately. Again, this assumes you are doing this on a production server. If this is your personal machine, and your services are not critical, then you can go ahead and do the upgrade, see what breaks, and fix it. But if this is a production server, do your due dillagence! > As a big fan of the Unix "programs should do a small job" philosphy, I think > a good overall solution would be a configuration file update utility for > package managers. Yes, but this is the job of the package manager, not clamav. > Maybe something along the lines of automake that can take > old versions of a config file, along with some rules, and use it to build a > current version. DEC (Digital Equipment Corporation) did this for years back in the 70's and 80's, so it is certainly doable... Why not write your favorite package manager and suggest it? -- Eric Rostetter The Department of Physics The University of Texas at Austin Go Longhorns! _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
