servers vs. workstations, was Re: just in case you missed it

[Jeffrey Pyne]

On Wednesday 09 May 2001 10:28 am, der.hans wrote:

> Security updates should be *free*, as in beer! I don't care who the 
> vendor is. Will sun ever go there? I doubt it :(.

Not to pick hairs or split nits, but they are free (well, you do have to
Agree to their license terms, so it does cost a couple minutes of your time
to read thru the agreement).  Check out:

http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-license&nav=pub
-patches

Sun seems better to me (less bad, maybe?) than other companies as far as
stuff like this goes.  

> The real issue here is that we need to help those who are adminning
machines
> to make sure they've got security updates installed. Real easy to do with
> debian. I've got a cron and a couple of lines of shell script that handles
> most of it automagically. Gets *only* security updates.

Hmmm, an enterprising Solaris admin could emulate this by whipping up a Perl
script to go out to sunsolve.sun.com, grab the patch report for a given
version of Solaris, parse it for the patchIDs of all of the Security-related
patches, figure out which ones the system needs (don't need to update bind
if it ain't running), cross-reference the patchIDs with the showrev -p
output to see which patches are not installed or are down-rev, download the
required patches and then send the Admin an email that says "Hey, slacker,
there are patches to install.  Get to work!".  Wonder if someone has already
done this.  Off to the Sun Managers archives....

~Jeff