On Sat, 15 Nov 2003 20:56:51 EST, Vladimir Parkhaev said: > The fact is, upgrading sshd (not XYZ!) does not require reboot
Normally, yes. > and does > not affect any other processes that server runs. Again, normally yes. But if you believe it's *impossible* for a run-away process to not affect other processes, I suggest you go read up on fork bombs, the numerous ways that various OOM-killers in the Linux kernel have proven deficient, and a lot of other related issues. > If you don't believe > me, just... try it :) I've *been* trying it since it was ssh.com's version 1.2.<verysmallN> or so. Has worked reasonably every time, except for the one time I built it on an IRIX 6.5.N and installed it on 6.5.M, where M<N. It promptly ran afoul of an API change, went runaway, and earned me a trip to the data center to unsnarl things at the console. (I also hit a similar problem when the sshd was linked on an AIX system with the 4.3.3.75 version of libc, but tried to run on a pre-.75 version, but *that* one promptly died a quick and horrible death without impacting anything else). <estimates number of SSH versions times number of machines, and gets at least 4 digits> So we've got some 99.98% reliability in installing sshd without disruption. But 99.98 isn't 100 unless you work at Intel. Any my point is that anybody who's running a production system who is installing *ANYTHING* with the attitude "this can't *possibly* fail" is looking for a VERY rude awakening when it *does* fail. So tell me - do you trust the installs enough to just do it and logout without bothering trying to ssh in to make sure it works first? ;)
pgp00000.pgp
Description: PGP signature