28

We are a small shop, with no real sysadmin. So developers (Java EE) also try to maintain Ubuntu server 12.04.

When I login a terminal and I see messages like:

6 packages can be updated.
6 updates are security updates.

Should all security updates always be installed? Can some be ignored? Should these be acted upon immediately? Or one could wait for 2:00 a.m. on the coming Sunday? Is there a way to know a "critical" update?

Is there a good sysadmin for dummies resource I should be reading?

Saeed Zarinfam
  • 17,392
kmansoor
  • 537
  • I agree with what others have said below. I just want to add that when you see 6 packages that can be updated, and are security updates, 99 times out of 100, it will be an updated kernel. This means you need to update with sudo apt-get dist-upgrade. – reverendj1 Sep 26 '12 at 14:15
  • 'Yes', and pretty much always. – James K Sep 26 '12 at 16:19
  • Possible duplicate of http://askubuntu.com/questions/27418/what-is-a-security-update –  Sep 26 '12 at 16:38
  • @reverendj1: 99% of the time? Where do you get that statistic? In my experience, security updates come more than once a week, whereas kernel updates come rarely. – Paddy Landau Mar 26 '13 at 10:29
  • 2
    @paddy landau - Yes. I am the admin for between 30 and 40 Ubuntu servers at work. EVERY time I've seen exactly 6 security updates it has been because of a kernel update. – reverendj1 Mar 27 '13 at 12:37

2 Answers2

29

Generally security updates are about fixing serious BUGS in the current Ubuntu OS regarding Network, Security and all. If you are maintaining a web server or any web related things, then you must have them to be safe.

For example see here some issues: Ubuntu security notices | Ubuntu

blade19899
  • 26,704
Raja G
  • 102,391
  • 106
  • 255
  • 328
17

If you're going to hold back any updates, I wouldn't hold back security updates.

There's a reason the server install has an install-time option of "automatically download and install only security related updates"

RobotHumans
  • 29,530