Something must be done! (Security)

der.hans PLUGd@LuftHans.com
Sun, 5 Mar 2000 21:50:12 -0700 (MST) 

On Fri, 3 Mar 2000 jiva@devware.com wrote:

> Yeah, but doesn't that also get non security related updates as well?

If you tell it to, but not if you don't tell it too...

make "deb http://security.debian.org stable updates" the only active line
in your /etc/apt/sources.list, then run one of the following from cron:

apt-get upgrade >/dev/null 2>&1 && apt-get -y upgrade

apt-get upgrade >/dev/null 2>&1 && apt-get -dy upgrade

apt-get upgrade >/dev/null 2>&1 && apt-get -s upgrade

Don't quote me on these as the first time I'll be using them is tonight if
I get my new firewall that I was working on anyway done.

The first of the lines should auto-update, the second should download the
packages, but not update and the 3rd should just pipe out a bunch of stuff
if an update were needed. Since the output is in cron it gets mailed to
whomever ran it. I'd think the 3rd option doesn't have to be run as root
(though the update part would) if that makes you happier.

This way you get mail saying "hey, there are security updates for your
firewall, check 'em out" ;-).

> That's the thing, if it's already working fine, personally, I hate to
> upgrade services unless there's a good reason.

I used to be like that, but now that I have debian and speed choice it's
kinda cool to watch it just slurp down 50MBs of stuff and toss it on
:). I'll be a little sad to see potato go stable...

BTW, I've been running Debian for about 6 months now and the auto-update
functionality really kicks ass. I won't use a system without it now
:). The auto-update can be coming from whereever I choose, including the
latest CD in my internal nfs/ftp/http server.

SuSE has something similar, but in 6.0 (the latest I have running
anywhere) it's only ftp and it's broken :(.

I get official debian packages, so they're somewhat trustworthy. Who knows
what you're gonna get if you use rpmfind. It's a nice service, but if I
understand it correctly any yahoo can start submitting stuff...

ciao,

der.hans
-- 
# +++++++++++=================================+++++++++++ #
#  der.hans@LuftHans.com                  www.excelco.com #
#            http://home.pages.de/~lufthans/              #
#   I'm not anti-social, I'm pro-individual. - der.hans   #
# ===========+++++++++++++++++++++++++++++++++=========== #