Forum: Cfengine Help Subject: Re: Does anyone do "yum update" with cfengine3 ? Author: debheller Link to topic: https://cfengine.com/forum/read.php?3,22349,22359#msg-22359
Ah, so you no longer do that with Cf3, eh? We're doing something like what you have as an example in Cf3 - i.e., there are basic packages that we want to exist on all hosts. The part I've not yet sussed out is the updates. We're in a very exposed environment, and it is very important to ensure that when a security update comes out, it must be implemented as soon as possible. But, if it's in a glib or kernel that is currently "excluded," then it wouldn't be updated automatically, and that host would be vulnerable until a human actually looked at the updates during the scheduled maintenance cycle. Still in the thinking stages... obviously! :-) deb _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
