Difference: ImagerTechnicalInformation (52 vs. 53)

Revision 532013-03-01 - GlenLee

Line: 1 to 1

META TOPICPARENT	name="WebHome"

Imager Technical Information

Line: 230 to 230

Update Policy and Conference Freezes

Changed:

<
<

modified: Nov 15, 2007

Update policy applies to Imager computers on subnet 54.
The calendar on the Conference Freeze Dates page will list the freeze periods and the machines to be frozen during each period. If you would like your machine to be frozen for an upcoming conference please add your machine name, the conference, and the conference deadline to the calendar. Imager tech members will look at this page monthly to decide upon freeze periods. The page will also list conferences for which machines do not need to be frozen, and these conferences will be indicated as "no freeze". Tech staff will check the calendar for freeze periods and will not update the listed machines until the freeze period is over. No updates (including security updates) will occur on listed machines during their freeze periods.
In order to synchronize the machines and leave them in a known state, a last update and reboot is performed just before the freeze period starts. Glen will send a notification email with the machine names on the freeze list and the date and time that those machines will be updated then rebooted.
Vulnerability patching: During the freeze period, if there is a vulnerability that requires an upgrade, there are 3 options:
- patch the machine and see if it works
- take the machine off the network (no internet or cs access)
- move the machine to subnet 54 which is the subnet for user administered boxes
There will be a 48 hour notification on updates during non-frozen times.
Look at the file /var/log/yum.log to see a list of recent updates to Linux machines.

>
>

modified: Feb 28, 2013

Update policy applies to Imager Linux and Windows computers (including computers in subnet 54).
The calendar on the Conference Freeze Dates page will list the freeze periods and the machines to be frozen during each period. If you would like your machine to be frozen for an upcoming conference please add your machine name, the machine's operating system, contact name, supervisor, the conference, and the conference deadline to the calendar. Imager Tech members will look at this page monthly to decide upon freeze periods. Once the freeze period has been determined, Imager Tech will notified Tech Staff. The page will also list conferences for which machines do not need to be frozen, and these conferences will be indicated as "no freeze". Tech staff will check the calendar for freeze periods and will not update the listed machines until the freeze period is over. No unnecessary updates (including security updates) will occur on listed machines during their freeze periods. At the end of the freeze period, the machines on the list will be patched and rebooted again. Then the machine returns to the normal patching/updating schedule as per CS System Maintenace Policy (see link below).
In order to synchronize the machines and leave them in a known state before becoming frozen, a last update and reboot is performed just before the freeze period starts. Tech Staff will send a notification email with the machine names on the freeze list and the date and time that those machines will be updated then rebooted.
Vulnerability patching: During the freeze period, if there is a vulnerability that requires an upgrade/update, there are 2 options:
- Tech Staff will contact the users of the machines and coordinate the patching process. The severity of the patches will determine the period of time from first contact and the actual patching.
- block non-CS access to host.

System Maintenance Policy

View topic | History: r54 < r53 < r52 < r51 | More topic actions...