[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Bad quality of updates from SuSE ftp server

First of all,

it is bad practice (tm) to directly update an important production server. Even with a trusted method of updates.
One of the good practices include :
- mirroring internally an external available source
- testing updates on a set of servers / a server that mirror the behavior of the real target of updates - never let an external program directly update the kernel, rather do it by hand using rpm -i and not rpm -F, and then add the new kernel in Grub/Lilo if rpm -i dose not do it automatically (Redhat seemed to do that)
You can undo that by :
Booting in rescue mode, mounting the partitions of the system under a created directory in the RAM disk, copy the k_athlon...rpm from the first install CD in that directory, chroot <directory> bash, rpm -i k_athlon....rpm, vi /etc/lilo.conf or vi /boot/grub/menu.lst,/sbin/lilo (only if using lilo), exit
Then, umount the partitions mounted under the directory, reboot.
These are basic rescue methods one should be aware of , in case ugly things happen to kernel, or to some interesting files of the system (/etc/fstab is my favorite) Sorry for the not quite detailed description of the rescue steps, if these steps are really requested by the list I will then send a near-to-reality-step-by-step scenario.

Best regards,

Sandu Mihai
GTS Telecom Network Engineer
RHCE #807202946505274

Savvas Ladopoulos wrote:

Just read "Bad quality of updates from SuSE ftp server" and now I
understand what went wrong to my suse 9.0 update via YOU. Thank you all.

However, I need some quidance on what to do next. I am left with "kernel
panic: VFS can not mount root fs on 08:02".
I managed with rescue to mount boot but I am not sure if I can undo the
2.4.21-243-athlon image to the previous version of 2.4.21-99-athlon?

please any advise is much appreciated.


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here