Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
how often should i upgrade Gentoo
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
farmer.ro
Apprentice
Apprentice


Joined: 20 Aug 2016
Posts: 179

PostPosted: Wed Sep 28, 2016 3:24 pm    Post subject: how often should i upgrade Gentoo Reply with quote

Hello!

i run Gentoo ~amd64 with XFCE, and every morning i update the system with emerge.

but to be honest i am sometimes a bit tired from updating daily, and i would like to know:

off course i would like to stay up to date as much as possible to enhance the security, but updating everyday seems a bit too much for me.

How often should i upgrade the software on a Gentoo ~amd64 system? should i do it daily? weekly? once every two weeks?
Back to top
View user's profile Send private message
fedeliallalinea
Bodhisattva
Bodhisattva


Joined: 08 Mar 2003
Posts: 21352
Location: here

PostPosted: Wed Sep 28, 2016 3:49 pm    Post subject: Re: how often should i upgrade Gentoo Reply with quote

farmer.ro wrote:
How often should i upgrade the software on a Gentoo ~amd64 system? should i do it daily? weekly? once every two weeks?

There isn't a rule. I personally read atom feed for updated packages and then I decide if a update is needed
_________________
Questions are guaranteed in life; Answers aren't.
Back to top
View user's profile Send private message
axl
Guru
Guru


Joined: 11 Oct 2002
Posts: 510
Location: Romania

PostPosted: Wed Sep 28, 2016 4:01 pm    Post subject: Reply with quote

I use a daily cron script. emerge --sync; emerge -NuvD --with-bdeps=y @world and read the mails in the morning. If something went wrong I go and fix it. If not... then everything is ok.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42592
Location: 56N 3W

PostPosted: Wed Sep 28, 2016 4:16 pm    Post subject: Reply with quote

farmer.ro,

I run my own rsync server. That updates daily at 3:00AM my time.

Unless there is anything urgent, or something new that I want to play with, I update my systems monthly.
I run all ~arch, on x86, arm, arm64 and amd64 and don't seem to get any nasty surprises.

I have let the x86 and arm systems go for a year or more. That's a very bad thing.
It will give you an advanced course in using portage.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
ct85711
Veteran
Veteran


Joined: 27 Sep 2005
Posts: 1692

PostPosted: Wed Sep 28, 2016 4:44 pm    Post subject: Reply with quote

The main thing to remember, is that the longer you wait in between updates, the more packages that may need to be updated. As that list grows, higher potential of issues too. I used to do daily, but I find I get the usual checksum mismatches regularly enough (usually fixed withing a day) that it becomes more of a pest. For me, I update my systems weekly to biweekly.

Like Neddy said, waiting up to a year or more on updating any Gentoo machine (stable or not) is an guaranteed mess, with the usual recommendation of reinstalling the system for simplest/quickest resolution. Of course it is possible to update the machine, but it will be a difficult learning process (you will learn portage really well by the time you finish, from just trying to work the issues out).
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5593

PostPosted: Wed Sep 28, 2016 5:10 pm    Post subject: Reply with quote

Sync daily (because that's how often webrsync updates), read eix-diff/glsa-check output, update as necessary.
Back to top
View user's profile Send private message
farmer.ro
Apprentice
Apprentice


Joined: 20 Aug 2016
Posts: 179

PostPosted: Wed Sep 28, 2016 5:28 pm    Post subject: Reply with quote

so no need to update daily; if i update once a week, i will be fine?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42592
Location: 56N 3W

PostPosted: Wed Sep 28, 2016 6:13 pm    Post subject: Reply with quote

farmer.ro,

That will save from the portage learning experience, yes.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5593

PostPosted: Wed Sep 28, 2016 8:02 pm    Post subject: Reply with quote

If you can't decide when to update, do an emerge -DNputv @world. If it's longer than your screen, it's probably a good time to do it.
Back to top
View user's profile Send private message
farmer.ro
Apprentice
Apprentice


Joined: 20 Aug 2016
Posts: 179

PostPosted: Fri Sep 30, 2016 3:49 am    Post subject: Reply with quote

the reason i ask how often i should update, is because i run aide checks, and when portage upgrades packages on the system it seems to alter the aide.conf in a way that it becomes too much to inspect.

so when portage upgrades, i say, ok now aide changed, so thats fine, after run a new aide, and then it lasts untill the next portage upgrade.

so if i upgrade portage daily then there is alot of work and inspecting to do, if upgrade once a week, the aide checks are more acceptable.

i will try to upgrade only once a week, lets say every monday of the week, but i wonder if it will leave me more vulnerable to possible software exploits, due to not patching the software in time, but hey its a week, would i really matter that much?
Back to top
View user's profile Send private message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3648
Location: Hamburg

PostPosted: Fri Sep 30, 2016 8:24 am    Post subject: Reply with quote

Ant P. wrote:
If you can't decide when to update, do an emerge -DNputv @world. If it's longer than your screen, it's probably a good time to do it.
+1
Back to top
View user's profile Send private message
fturco
Guru
Guru


Joined: 08 Dec 2010
Posts: 574
Location: Italy

PostPosted: Fri Sep 30, 2016 9:36 am    Post subject: Reply with quote

I'm currently updating my Gentoo system daily, but I'm pondering to switch to weekly updates instead.
Back to top
View user's profile Send private message
Logicien
Veteran
Veteran


Joined: 16 Sep 2005
Posts: 1361
Location: Montréal

PostPosted: Fri Sep 30, 2016 1:05 pm    Post subject: Reply with quote

I think you must not sync Portage more than one time a day otherwise you can be put in a blacklist who will disallow you to sync. I read something like this when I do emerge --sync.
_________________
Paul
Back to top
View user's profile Send private message
russK
l33t
l33t


Joined: 27 Jun 2006
Posts: 618

PostPosted: Sat Oct 01, 2016 4:22 am    Post subject: Reply with quote

toralf wrote:
Ant P. wrote:
If you can't decide when to update, do an emerge -DNputv @world. If it's longer than your screen, it's probably a good time to do it.
+1


+1

I like this because it suggests there need not be a rigid time table per se, it depends on how busy the devs have been.

Although if I'm checking with emerge --ask, I usually just say yes. And sure, I usually take a shower every day whether I need it or not. :lol:
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1717

PostPosted: Sun Oct 02, 2016 8:24 pm    Post subject: Reply with quote

Quote:
I like this because it suggests there need not be a rigid time table per se, it depends on how busy the devs have been.
It's true, the timetable is not very rigid. I only had like a handful packages updated over last few months, and now it feels like the devs wanted to rebuild half of my @world :lol:
Anyway, the more often you update the easier it is. There is nothing wrong with weekly schedule. However, if you wait longer than a month, you will encounter some problems. You may be lucky once or twice, but don't get used to it working smoothly.
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7051
Location: almost Mile High in the USA

PostPosted: Wed Oct 05, 2016 7:06 pm    Post subject: Reply with quote

I think if you really want to minimize portage updates you should:

emaint -a sync # or emerge --sync # every week at minimum

glsa-check -l affected # this will give you a list of packages that have GentooLinuxSecurityAdvisories outstanding

eselect news list # see if there are any alerts that the Devs put out that may cause an update pain. If you see any packages there that you use, it would be wise to update it, its dependencies, and config files related to it as soon as you can - else it may become a mess later.

Doing this minimum is going to get you into trouble later, but at least it keeps you secure.

Also not running ~amd64 ~x86, etc., helps with the churn. Minimizing your per package USE flags or trying to just use the defaults may help.

It's a cost of running latest and having per-package/group of packages customization.

I try to do my updates at least weekly for my outward facing servers (mainly checking for service daemon updates like sshd, httpd, sendmail, etc.). The internal machines that are firewalled I treat less rigorously...



On a side note, anyone know anyone who has been blacklisted? I kind of fear getting blacklisted on "sites" that I didn't set up a portage rsync mirror - I do wonder if there are like 4 machines behind a NAT are rsyncing once a week but all four rsync on the same day. This will look like one machine rsyncing four times that day and thus isn't playing nicely...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1717

PostPosted: Wed Oct 05, 2016 7:25 pm    Post subject: Reply with quote

Quote:
if there are like 4 machines behind a NAT are rsyncing once a week but all four rsync on the same day.
Why not simply put the whole /usr/portage on an NFS share accessible to all those machines?
Sync once, download sources once. Bonus: build once and then install binary packages on the other machines, as long as they are similar. Emerge will build binpkg if you request it and use binpkg if you allow it (and flags do match)
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7051
Location: almost Mile High in the USA

PostPosted: Wed Oct 05, 2016 10:09 pm    Post subject: Reply with quote

Main reason: because I can't control the power of each of the machines, there is not one of the machines that I can depend on being on at any time...

Plus the USE flags are different.

My home set of machines I do have a true 'server' and that has a full rsync mirror for portage. While NFS is an option, sometimes I disconnect the cable and I'd rather sync to my server than wait for NFS timeout when something screws up.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum