On Tue, 21 Nov 2006, Larry Garfield wrote:
For the sysadmins in the crowd, there's nothing wrong with putting "apt-get update" in your crontab. "apt-get upgrade" should only be run by the sysadmin as root, by hand, and therefore when you know you're doing something dangerous. :-)
The hard parts (downloading and unpacking) are all automated, but only when the admin is on the command line (and therefore running as the owner of the files anyway), and therefore (hopefully) knows exactly what he's doing. Yes, this excludes people who are on a host that doesn't give them a shell. Given the file permissions involved, I don't really know of a way around that.
*sits back to have the security holes pointed out in the above.* :-)
How many shared hosts have a command line feature for their users? This discussion is around easing the update pain for inexperienced users. They are surely not running their site on their own servers. The problem with the above, even if you only consider "apt-get update" automatically done is that incompatibilities can happen. Previous releases of Drupal have seen database updates needed between minor versions, and even big chunks of code replaced / modified. Like the XML-RPC layer completely replaced and released as a minor update. Or the form key requirement added and released as a minor update. There is a strong possibility that at the time when that update happens, your contrib modules are not yet up to date (especially those you might have added yourself, or downloaded and set up from a third party vendor - not drupal.org). Now think that you have a modified theme, not some stock theme from drupal.org. That cannot be updated, although you might need to add the form key stuff into the code. No automatic update will do this for you. The problem is that customized software like Drupal is extremely hard to update automatically (and most of the time it will fail due to being uncertain that some of your components which are not possible to update might not be compatible with stuff which is possible to update). And this is only about updating minor releases... As far as I see, noone saves you from testing the updates / upgrades yourself, and ensuring that everything works. There is a place for humans here. Gabor