[clue-tech] up2date question

Jeff Cann jccann at gmail.com
Sun Feb 12 16:22:13 MST 2006 

On Sunday 12 February 2006 1:35 pm, David L. Willson wrote:
> I don't make a distinction between feature upgrades and security upgrades

Hey David,

It does not appear that up2date [or insert favorite RPM tool] distinguish 
between feature upgrades and security upgrades.  From the link below *, the 
Fedora News site maintains a list of updates, here's a couple of lines:

Type      Advisory                      Synopsis   
Bug Fix  FEDORA-2006-1195  Fedora Core 4 Update: cpuspeed-1.2.1-1.24_FC4 
Security FEDORA-2006-107    Fedora Core 4 Update: gnutls-1.0.25-2.FC4  

I want the use case that allows me to *automatically* install *only* security 
updates [ignoring for the moment Collins's point that security updates often 
include new features which may include further [unknown] security issues].

So it seems odd to me that sys admins have to either:

(1)  get everything [as you showed with your code snippet] - this meets my 
first requirement of getting updates automatically but doesn't allow me to 
simply restrict the update list to those marked 'security'.

(2) manually [i.e., one-by-one] read the update list* and then manually run 
up2date to get that list of 'security patches'.  I don't want to manually do 
anything [because I'm lazy ;) ].  

Previously before this discussion, I expected up2date to be able to do an 
automatic 'security' only update - something like:  
   $ up2date --security-advisories-only --don't-get-everything

I guess I could write a simple script that parses the update list* and give me 
a list of input files for an up2date script.  I assumed that this was the job 
for up2date.

In the midst of writing this email - I found 'sarah' on Dag Wieers site 
[thanks Collins]:

"Sarah is a tool to track Red Hat Security Advisories (RHSA) and verify 
systems for compliance. It allows you to keep track of security updates and 
plan maintenance windows.

Features
 Crawls Red Hat's RHSA information and stores it on disk 
 Compares rpm -qa output with on disk RHSA database 
 Generates a list of applicable updates and required packages"

This is the same concept except for the supported versions of Red Hat and does 
not appear [based on README] to support FC.  I'll ask my question on a FC 
list and see what they have to say about it.

P.S. [To answer Collins] I'm using FC because I don't wish to pay for support 
from Red Hat and I don't consider it *that* experiemental.

Perhaps I would choose to pay for support if Red Hat AS/ES had a way to do 
what I want.  Given that Dag Wieers is writing sarah, I guess Red Hat does 
not provide this feature.

Thanks for the ideas, though.
Jeff

*http://fedoranews.org/mediawiki/index.php/Fedora_Core_4_Updates
-- 
"The summit of happiness is reached 
when a person is ready to be what he is."
  - Erasmus
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech

More information about the clue-tech mailing list