Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
- Subject: Re: [Fed-Talk] Security Update Broke my ftp service (Very important)
- From: "Michael Pike" <email@hidden>
- Date: Thu, 26 Apr 2007 11:35:02 -0600
What would be great (hint hint Apple), is the ability to run OS X in a
virtual machine environment. Case in point, instead of having to
maintain two systems or two different builds, we could test in a VM
and debug from there instead of having to maintain two separate OS X
builds.
But the main advantage (for me anyway) would be the ability to roll
back to a stock image. With OS X using Parallels, I can screw up
Windows as many times as I want and roll back to a stock config in
about 1 minute by restoring the original VM image... With OS X you
cannot do that. I have to literally rebuild an OS X build from
scratch everytime which is very time consuming. We have a machine
that we use just to blow away and rebuild OS X.... I am really hoping
that Parallels or someone comes up with a VM for the OS X OS. I know
it's technically easy, but what I've heard is Apple will not permit
the underlying "whatever" to be virtualized (equivilant to PC bios)..
dont know if it;s true, but if it is - Apple, please reconsider. I do
realize the risk as well though... if Apple allows virtualization of
OS X, it wont be long before someone is running an OS X image on a
dell via parallels.
mike
On 4/26/07, Michael <email@hidden> wrote:
Given the discussion running about the OS X and OS X Server updates,
I haven't seen any mention of running Tripwire before and after
installing updates (it's a common Unix security utility, there are
more OS X friendly programs but I have found them harder to use). At
the very least you would know what files had been changed. Whether
or not this would have helped this time is a different issue.
For critical systems my understanding was that you maintain an
identical test system and test patches on it first before deploying
to the operational systems regardless of the OS.
I maintain a mix of SGI IRIX, SGI Altix, Debian Linux, and OS X
machines. Updates/patches on all have in the past caused me serious
headaches (even when the company tech did the updates), I know it is
difficult to maintain a set of identical machines and to roll out an
update on the least critical machine first, but really it is the only
way since sooner or later something will go wrong.
Everyone maintaining machines should develop a script that can
configure their machines in a repeatable and automated fashion for
their environment, I only managed to complete such a script for SGI
IRIX and the end result consists of almost 300 files installed by the
one script to configure all those machines to be the same after
updating to a specific version of the vendor's OS. To manually
install and build the extra libraries on each machine and then
maintain all machines to remain identical would be an extremely error-
prone and time consuming task. With that script I would test
modifications to the script and it's files on my test machine and
then run the script on all the other machines and test some more.
On the other hand I only have one OS X Server so I rarely make any
changes to it.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--
Michael Pike
iChat/AIM: email@hidden
Jabber / GoogleTalk: email@hidden
Windows Live Messenger: email@hidden
Yahoo Messenger: email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden