[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: task-unstable-security-updates?

You solution just optimizes doing a dist-upgrade.  I'd like something that
doesn't require that I do a dist-upgrade so often.

By time-consuming, I didn't particularly mean the amount of time it takes
to download.  That can clearly be done in the backround, by cron, etc.
Going through the configuation questions requires human intervention and
that takes time and makes the human not want to go through the process as
often.  If only security relevent changes are made, the number of packages
upgraded at any one time will be much smaller and more manageable.

On Mon, 20 Nov 2000, Peter Cordes wrote:

> On Sun, Nov 19, 2000 at 12:55:00PM -0700, Mike Fisk wrote:
> > There doesn't seem to be an automatic way to get all of the unstable
> > packages necessary to address reported security problems.  You either
> > have to watch the security mailing lists and upgrade individual packages 
> > yourself or do a full dist-upgrade every so often.  As often as packages
> > get updated in unstable, that can be prohibitibely bandwidth and
> > time-consuming.
>  Set up a cron job to do the downloads while you sleep.  Do the 
> apt-get dist-upgrade  while you're sitting in front of it, in case anything
> goes wrong, of course.  This is much faster, since you are going off your
> hard drive instead of downloading.
> I do this:
> 55 5    * * sun root    apt-get update && apt-get autoclean && apt-get -q -d -y -u dist-upgrade
>  This uses -d, so it _will not_ do anything more than download.  You have to
> use -y, but it is safe since you are using -d.
>  I've been doing this for several months, and I haven't had any problems
> with it.  It sends me a nice email detailing what got deleted and what is
> ready to get installed.
>  If I'm busy that weekend and there weren't any security critical things
> (except for local-user stuff, which I don't bust my butt about since the
> only people who have accounts are my family, and they have physical access
> anyway.  (err, also there's the fact that I trust them:) )
>  Happy hacking.

Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National Lab
See http://home.lanl.gov/mfisk/ for contact information

Reply to: