From owner-freebsd-security@FreeBSD.ORG  Tue Oct 11 23:05:18 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 517E1106566C
	for <freebsd-security@FreeBSD.org>;
	Tue, 11 Oct 2011 23:05:18 +0000 (UTC) (envelope-from gad@FreeBSD.org)
Received: from smtp8.server.rpi.edu (smtp8.server.rpi.edu [128.113.2.228])
	by mx1.freebsd.org (Postfix) with ESMTP id F2FF38FC16
	for <freebsd-security@FreeBSD.org>;
	Tue, 11 Oct 2011 23:05:16 +0000 (UTC)
Received: from gilead.netel.rpi.edu (gilead.netel.rpi.edu [128.113.124.121])
	by smtp8.server.rpi.edu (8.13.1/8.13.1) with ESMTP id p9BLovVV025553;
	Tue, 11 Oct 2011 17:50:58 -0400
Message-ID: <4E94BA41.2020907@FreeBSD.org>
Date: Tue, 11 Oct 2011 17:50:57 -0400
From: Garance A Drosehn <gad@FreeBSD.org>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
	rv:1.9.1.9) Gecko/20100722 Eudora/3.0.4
MIME-Version: 1.0
To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no>
References: <201110020411.p924BPqn037383@chilled.skew.org>
	<86d3e4j777.fsf@ds4.des.no>
In-Reply-To: <86d3e4j777.fsf@ds4.des.no>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Bayes-Prob: 0.0001 (Score 0)
X-RPI-SA-Score: 1.50 (*) [Hold at 12.00] COMBINED_FROM,RATWARE_GECKO_BUILD
X-CanItPRO-Stream: outgoing
X-Canit-Stats-ID: Bayes signature not available
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.113.2.228
Cc: Mike Brown <mike@skew.org>, freebsd-security@FreeBSD.org
Subject: Re: Reasonable expectations of sysadmins
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2011 23:05:18 -0000

On 10/11/11 3:52 AM, Dag-Erling Smørgrav wrote:
> Mike Brown<mike@skew.org>  writes:
>    
>> Also, sometimes things go haywire after a reboot, especially after extended
>> uptime and updates to the kernel or core libraries, so I'm in the habit of
>> only shutting down when necessary. So if I don't see "and then reboot" in an
>> update procedure - and most of the time, security updates don't require it -
>> then I don't do it.
>>      
> Actually, this is an argument in favor of rebooting regularly, or at
> least after every major change, so you know the server will boot
> unassisted if something happens (power outage, cleaning staff tripped
> over the mains cable, etc.)  I once spent an entire evening coaxing a
> mission-critical database server back up after a simple disk replacement
> because a predecessor had performed an in-place system upgrade without
> verifying that the new configuration would boot cleanly.
>
> DES
>    
FWIW: If I have a production server which has been up and running for
more than six months, I often reboot the machine *before* making some
significant change, just to make sure the machine is still in working
order before I make that change.  I then make the change, and reboot
again.  There are times where I have discovered problems in that first
reboot.

(also note that in my case, most production servers which have been up
for more than six months have probably been up for more than a year)

-- 
Garance Alistair Drosehn            =   gad@gilead.netel.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu