Re: RFC: automagically update foo.deb, triggered by DSA

[Manuel Clos <llanero@jazzfree.com>]

esoR ocsirF wrote:

> Greetings,
>
> I just had a nice thought for servers that are set up by more clueful
> people that are to turned over to less clueful people ( My situation, at
> least in the latter part ;).
>
> It would be nice to have a .deb that when installed would automatically
> subscribe to debian-security-announce and if the received DSA pertained
> to a currently installed package it would automagically upgrade that 
> package from security.debian.org.
>
> Since every DSA is signed the security hazards would seem to be minimal.
> If this has already been done (would some one let me know how/where?) in 
> some form or another, I apologize forthe intrusion.
>
> I think that this idea should tie in nicely with the previous thread on
> hardening a system.
>
> Tata

I'm currently doing something similar with a script in cron.daily/, it does
a apt-get update ; apt-get upgrade ; dpkg --configure -a
it works well, but one time I got not restart of sshd, (dpkg --configure -a
was not in the script).

It is a good idea, but make another package that assures that (configured?)
services are running after an auto-upgrade.

Thanks.

--
Manuel Clos
llanero@jazzfree.com

* Si no puedes hacerlo bien, hazlo bonito (Bill Gates)