| From: | Herouth Maoz <herouth(at)unicell(dot)co(dot)il> |
|---|---|
| To: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
| Cc: | Greg Smith <greg(at)2ndquadrant(dot)com>, Craig Ringer <craig(at)postnewspapers(dot)com(dot)au>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: stopping processes, preventing connections |
| Date: | 2010-03-20 21:57:53 |
| Message-ID: | 4BA544E1.6020207@unicell.co.il |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
????? Scott Marlowe:
> On Sat, Mar 20, 2010 at 11:44 AM, Herouth Maoz <herouth(at)unicell(dot)co(dot)il> wrote:
>
>> The server version is 8.3.1. Migration to a higher version might be
>> difficult as far as policies go, if there isn't a supported debian package
>> for it, but if you can point out a version where this has been fixed I might
>> be able to persuade my boss and sysadmin.
>>
>
> Most of the time it is more dangerous to NOT update PostgreSQL to the
> latest minor point version than to stay on an older minor point
> version. The occasions when a minor point upgrade come out that is
> dangerous are rare, and the next minor point version to fix it shows
> up the next day while the broken one is pulled. I think that's
> happened 1 or 2 times during the time I've been using postgresql. So,
> if it's 48 hours old and no alarm bells have gone off that it's being
> pulled and replaced, a pg update is the right thing to do. Backup
> beforehand, etc.
>
> The danger of a change making your application stop are very low,
> while the danger of leaving some unpatched bit of nastiness in the
> backend is much greater a possible problem. I.e. data loss /
> corruption, things like that. And something as mature as 8.3 is now
> shouldn't be running in production missing two years of patches.
> Start with the release notes for 8.3.2 and move forward and see if
> anything there looks like a problem for your app. Behaviour changing
> changes rarely get into production releases, they get saved for the
> next major version. If they do they are well noted in the release
> notes.
>
The problem is not so much danger in upgrading, but the fact that doing
so without using the system's usual security/bugfix update path means
non-standard work for the sysadmin, meaning he has to upgrade every
package on the system using a different upgrade method, being notified
about it from a different source, and needing to check each one in
different conditions, which makes his work impossible. So the policy so
far has been "Use the packages available through debian". So I'll need
to check if there is an upgrade available through that path - and the
question is whether it's worthwhile (i.e. whether the bug in question
has indeed been fixed).
Herouth
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Marlowe | 2010-03-20 23:12:35 | Re: stopping processes, preventing connections |
| Previous Message | Adam Seering | 2010-03-20 21:50:47 | Restrict allowed database names? |