On 25.12.2016 08:18, Samuel Thibault wrote: > Yes, but that's a data point to have in mind: blindly upgrading software > is not always without consequences.
Do we actually communicate a proper way of running services on a Debian machine, with services coming from Debian packages? If so, what is it? It seems to me that what could be sensible is pinning locally installed packages in a way that they are not upgraded by default and instead would then be upgraded by hand in a maintenance window. Otherwise you risk outages by synchronization between machines or because database servers should not simply be restarted while clients are actively using them. I can see how it's slightly less dangerous with stateless services like DNS, where people might just not bother. Kind regards Philipp Kern
