[Ti] Advice Re: Security Update/!st Time App Launch Issue
Chris Olson
chris.olson at astcomm.net
Sun Sep 26 09:21:54 PDT 2004
On Sep 26, 2004, at 10:06 AM, b wrote:
> To answer the Why do this?, question: very simple: i didn't feel like
> waiting ten minutes after a reboot to have Acrobat Pro, Zend,
> VirtualPC, Photoshop, and 15 other apps... relaunch. put another way,
> the subsystems can reboot, while one's work is preserved in an 'open'
> state. Completely time-saving, not having to see my third-party login
> items relaunching, also...
Exactly. I babysit 6 dual G4's - all of them MySQL database servers.
When these updates come along I look over the documentation and if the
update doesn't affect the particular installation or configuration, I
don't even do it. And if I decide to do it, I always test the update
on my PowerBook first.
IMHO, the old adage "if it ain't broke don't fix it" applies to any
computer that you absolutely need to keep running, short of a hardware
failure. If the machine is doing the job you need it to do, and a
security vulnerability doesn't apply because you have the affected
component disabled anyway, wait for a more opportune time to patch it
when taking the machine offline is going to be less critical. On
internet connected workstations and laptops, rebooting is usually just
a minor inconvenience. But IMHO there's still no reason to reboot
unless you need to load new kernel extensions (one area where OS X
needs a little improvement). For the "average" user, I think Apple
took the best route - reboot it. That way you know all processes are
restarted in the proper order. But at the same time it's nice that
they give us the tools to keep the equipment up and online in
installations that require it.
Where OS X really shines is that it uses a modified version of the
traditional BSD init system (along with other cool technologies like
NetInfo in place of Unix flat files). SystemStarter is one handy tool,
eliminating the need to drop into single user mode on traditional BSD
systems, then bring the system back online via BSD init to multi-user
mode. Or like Jason noted, sending an identified process a -HUP signal
is also perfectly acceptable rather than using the automated
SystemStarter tool. Some processes, such as apache, also have their
own control routines (man apachectl). And you can use the GUI to
restart some subsystems like Samba, Apache, OpenSSH, or tnftpd in the
Sharing pane of the System Preferences.
--
Chris
More information about the Titanium
mailing list