Re: Detect security update on Squeeze LTS

To: Mike Forbes <mikef@nzrs.net.nz>
Cc: debian-lts@lists.debian.org
Subject: Re: Detect security update on Squeeze LTS
From: Olivier Bonvalet <ob@daevel.fr>
Date: Mon, 23 Mar 2015 09:39:06 +0100
Message-id: <[🔎] 1427099946.16770.9.camel@daevel.fr>
In-reply-to: <[🔎] 550F612C.8040402@nzrs.net.nz>
References: <[🔎] 1427069063.1563.8.camel@daevel.fr> <[🔎] 550F612C.8040402@nzrs.net.nz>

Ok thanks.

I'll look to update Zabbix conf to directly use «apt-get».


Le lundi 23 mars 2015 à 13:41 +1300, Mike Forbes a écrit :
> We use:
> 
> apt-get -s upgrade | grep ^Inst | grep -ie security -ie squeeze-lts
> 
> as the squeeze repo we're pulling lts updates from is named "squeeze-lts"
> 
> As a bash script, ready for a nagios check:
> 
> 
> #!/bin/bash
> NUMBER_OF_UPDATES=`apt-get -s upgrade | grep ^Inst | grep -ie security
> -ie squeeze-lts | wc -l`
> if [[ $NUMBER_OF_UPDATES -ge 5 ]]
> then
> echo "CRITICAL: $NUMBER_OF_UPDATES security updates outstanding" && exit 2;
> else
> echo "OK: $NUMBER_OF_UPDATES security updates outstanding" && exit 0;
> fi
> 
> On 23/03/15 1:04 pm, Olivier Bonvalet wrote:
> > Hi,
> > 
> > I use «update-notifier-common» to detect pending security updates from
> > my centralized monitoring, but it's not working for Squeeze LTS since
> > updates are not identified as security ones.
> > 
> > For example :
> > 
> >         ~$ /usr/lib/update-notifier/apt-check
> >         11;0
> >         
> > Where the first column (here «11») stand for not security updates (like
> > tzdata or clamav database for example), and the second column (here «0»)
> > stand for security updates.
> > 
> > And an «aptitude -V dist-upgrade» say :
> > 
> >         Les paquets suivants seront mis à jour :      
> >           e2fslibs [1.41.12-4stable1 -> 1.41.12-4+deb6u2]  
> >           e2fsprogs [1.41.12-4stable1 -> 1.41.12-4+deb6u2]  
> >           gnupg [1.4.10-4+squeeze6 -> 1.4.10-4+squeeze7]  
> >           gpgv [1.4.10-4+squeeze6 -> 1.4.10-4+squeeze7]  libc-bin [2.11.3-4+deb6u4 -> 2.11.3-4+deb6u5]  
> >           libc6 [2.11.3-4+deb6u4 -> 2.11.3-4+deb6u5]  libc6-i386 [2.11.3-4+deb6u4 -> 2.11.3-4+deb6u5]  
> >           libssl0.9.8 [0.9.8o-4squeeze19 -> 0.9.8o-4squeeze20]  
> >           linux-image-3.2.0-0.bpo.4-amd64 [3.2.65-1+deb7u1~bpo60+1 -> 3.2.65-1+deb7u2~bpo60+1]  
> >           locales [2.11.3-4+deb6u4 -> 2.11.3-4+deb6u5]  
> >           openssl [0.9.8o-4squeeze19 -> 0.9.8o-4squeeze20]  
> >         
> > Is there an easy way to fix that detection ?
> > 
> > Thanks,
> > Olivier
> > 
> > 
> > 
> 
> -- 
> Mike Forbes
> System Administrator
> 
> NZRS Ltd.
> M +64 21 999 416
> P +64 4 555 0125
> 
> PGP: A2BB DF0B 311C 3C8F E1D7  5EEB DA03 46C0 D68F BF2E
> 
>

Reply to:

References:
- Detect security update on Squeeze LTS
  - From: Olivier Bonvalet <ob@daevel.fr>
- Re: Detect security update on Squeeze LTS
  - From: Mike Forbes <mikef@nzrs.net.nz>

Prev by Date: Re: Detect security update on Squeeze LTS
Next by Date: About the security issues affecting redmine in Squeeze
Previous by thread: Re: Detect security update on Squeeze LTS
Next by thread: Re: Detect security update on Squeeze LTS
Index(es):
- Date
- Thread