From: Saxon, Lamar (Lamar.Saxon@AMERICREDIT.COM)
Date: Wed Sep 18 2002 - 23:10:07 EDT
Remember what I said. What if there is an exploitable buffer overrun and
someone gets root access to your system. I find the ML to be the lesser of
the 2 evils. What do you do when a bad ML like 4.3.3 ML9 comes out ? Do
you skip it and wait for 10 or do you have to wait for 11 since you are one
behind ?
We have not seen any major issues caused by ML and usually because a
maintenance level is grouping of PTFs that have been released, not a brand
new release of PTFs.
If a ML breaks something, then you should have applied instead of committed
or have your mksysb handy. All part of the game. I have applied specified
PTFs and have them broke things, everything is only as good as your testing.
Staying behind is NOT an option in for our servers. We stay current on
system firmware, SSA firmware, and etc. We follow the testing as best we
can and install on our other HA nodes first if we do not have a like machine
in test.
Difference of opinions and shops. We research the maintenance releases to
see what has changed and update accordingly. I will agree there have been
bad MLs; but they have been few. We do not have the time to manage all of
machines on a per PTF basis.
Lamar
-----Original Message-----
From: justin.bleistein@SUNGARD.COM [mailto:justin.bleistein@SUNGARD.COM]
Sent: Wednesday, September 18, 2002 9:38 PM
To: aix-l@Princeton.EDU
Subject: Re: AIX 5.1L upgrade
I agree with your test first then production setup we do the same in
our shop. However let's say everytime you add an hdisk to a volume group it
names it: "hdiskb" instead of "hdisk2" now let's say ml02 fixes that then
yes then by all means apply it. But let's say your system isn't affected by
this weird naming convention scheme then WHY???? would u upgrade it. Now
let's say that ML02 does fix that problem but makes it so your vpaths on ur
shark point to the wrong hdisks in it's ssa drawers. Now you created
another problem and it's time for ML03 to correct that. It's been proven
that all ML's break things, ML's are nothing more then fixes from prior
maintenance levels. Now I'm not against ML's at all. I just have bad
experiences with IBM and TIVOLI fixes they shouldn't be called "fixes" they
should be called "breaks". Lamar I really like the idea of test then
production. I would only stay latest with microcode levels though rather
then ML's. thanks!.
--Justin
"Saxon, Lamar"
<Lamar.Saxon@AMERI To:
aix-l@Princeton.EDU
CREDIT.COM> cc:
Sent by: IBM AIX Subject: Re: AIX 5.1L
upgrade
Discussion List
<aix-l@Princeton.E
DU>
09/18/2002 10:28
PM
Please respond to
IBM AIX Discussion
List
We cook it on test servers and deploy rapidly. The idea of staying behind
on maintenance is not a good idea especially in a security conscious shop.
All of our servers are 4.3.3 ML10+ or 5.1 ML02. We have a test/qa setup
and
upgrade those servers first and let it cook for a month or so. Once we are
satisfied with the results the production rollout begins.
Maybe for Windows I would stay behind; but there are some critical fixes in
the maintenance packs and we diligently stay on top of maintenance releases
and what they fix. Staying behind even one level can cause you grief with
support and the old adage of "ain't broke" doesn't work anymore since the
evolution of malicious computing. You may not know it was broke until it
is
too late...
BTW, ML02 has been out for a couple of months...
My $.02...
Lamar
-----Original Message-----
From: justin.bleistein@SUNGARD.COM [mailto:justin.bleistein@SUNGARD.COM]
Sent: Wednesday, September 18, 2002 9:07 PM
To: aix-l@Princeton.EDU
Subject: Re: AIX 5.1L upgrade
Please remember the rule of thumb in most shops it's the latest maintenance
level minus - 1. You never want to be the industries ginney-pig (I don't
think I spelt that correctly). AIX 5L ML1 was released mainly to support
the P690 platform to enable hypervisor support for the AIX kernel to see
LPARS. AIX ML2 may be for some fixes but as the saying goes: "If it's not
broke don't fix it". ML 1 has been out since like the first of the year 2
is still new I'd wait for 2. Thanks!
--Justin Richard Bleistein
"Saxon, Lamar"
<Lamar.Saxon@AMERI To:
aix-l@Princeton.EDU
CREDIT.COM> cc:
Sent by: IBM AIX Subject: Re: AIX 5.1L
upgrade
Discussion List
<aix-l@Princeton.E
DU>
09/18/2002 02:14
PM
Please respond to
IBM AIX Discussion
List
You may know, ML02 has been released for 5.1 also. I only see discussion
on
installing 5.1 ML01, I would suggest ML02 at this point.
Lamar
-----Original Message-----
From: Tom Syroid [mailto:tom@SYROIDMANOR.COM]
Sent: Wednesday, September 18, 2002 1:01 PM
To: aix-l@Princeton.EDU
Subject: Re: AIX 5.1L upgrade
I concurr with Justin. I've had 5.1L running on an RS/6K-F50 for over a
year now. The only thing I add after the initial install was ML01 --
nothing since. Everything's still running like a top.
/tom
--On Wednesday, September 18, 2002 13:16:44 -0400
justin.bleistein@SUNGARD.COM wrote:
> apply maintenance level 1 after you install it this maintenance level is
> out already for 5.1L. That's all I know. The MIGRATION of 4.3. to 5.1 is
> perfect though I did it many of times it restores all of your settings.
>
> --Justin
> Folks,
>
> I will soon be upgrading our RS6000 from 4.3.3 to 5.1L.
>
> Does anyone have a list of APARs or fixes that I will need
> to apply after the upgrade?
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:12 EDT