Re: Keeping Solaris up-to-date

[corey () PHIX COM (Corey Lindsly)]

> Is it really a good idea to run a script as root via cron from an
> NFS-mounted directory?  What if someone breaks root on one machine,
> does a quick 'su' and replaces your NFS-mounted script?  Seems
> they would own all 50 machines by morning.

not only that, but some Solaris patches have been known
to break systems and render them strange or unbootable
(shocking, i know). the sensible approach, instead of
automatically and blindly installing patches, might be
to test each patch on one machine before applying it
to the other 49 machines, lest you end up with 50
broken machines in the morning.

perhaps some sysadmin functions are best left semi-automated.

---corey