Re: RFC: automagically update foo.deb, triggered by DSA
esoR ocsirF wrote:
I just had a nice thought for servers that are set up by more clueful
people that are to turned over to less clueful people ( My situation, at
least in the latter part ;).
It would be nice to have a .deb that when installed would automatically
subscribe to debian-security-announce and if the received DSA pertained
to a currently installed package it would automagically upgrade that
package from security.debian.org.
Since every DSA is signed the security hazards would seem to be minimal.
If this has already been done (would some one let me know how/where?) in
some form or another, I apologize forthe intrusion.
I think that this idea should tie in nicely with the previous thread on
hardening a system.
I'm currently doing something similar with a script in cron.daily/, it does
a apt-get update ; apt-get upgrade ; dpkg --configure -a
it works well, but one time I got not restart of sshd, (dpkg --configure -a
was not in the script).
It is a good idea, but make another package that assures that (configured?)
services are running after an auto-upgrade.
* Si no puedes hacerlo bien, hazlo bonito (Bill Gates)