up2date has rollback capability and is already installed on all RHEL [RedHat Enterprise Linux] servers All that would be required to centrally manage a RHEL environment would be to push out an updated config file for up2date and point it to a central repository.Both yum and up2date are just front-ends for rpm management and operate with all the same mechanisms.

…There may be some yum client options available that up2date does not have, but I have not been able to find any examples.Other matters:Repository can be managed with such tools as:- Current: http://current.tigris.org/ This can manage yum, up2date, and apt archives and allows granular control and automation.- Repository setup examples for a variety of methods:http://www.xades.com/proj/fedora_repos.htmlhttp://dag.wieers.com/home-made/apt/FAQ.phpI believe that the best option at this point would be to: – make a repository for all supported platformso make groups for different linux server profiles§ oracle§ webservers§ othero automate updates to linux§ establish rpm testing/certification environment§ have all clients check for updates in a DHL tested repository for regular updates· cron “up2date –u” on a weekly/daily/monthly/quarterly basis§ update repositories with tested updates for each server group.- Configure stock RHEL installations to update from internal sourceso make an rpm of a custom up2date config for RHEL 3 and 4- Document process for rpm rollback for operations in case of update QA failure- Get buy-in from operations and enterprise security management on the update and QA process to be performed in regularly scheduled maintenance windows.