[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: script for security update notification

On Fri, 24 May 2002, Matt Zimmerman wrote:

> On Fri, May 24, 2002 at 09:41:46AM -0400, Nathan Valentine wrote:
> > I'm thinking of writing a script but I am hoping that someone else has
> > beaten me to the punch. Perhaps someone has seen something that will do
> > this:
> > 
> > 1) Check the Debian security announcement list.
> > 2) Compare new announcements to the local package database.
> > 3) If vulnerable packages installed, send an 'I need updated' email to
> > an address defined by the SysAdmin.
> > 
> > Anyone ever seen such a beast? I've searched the archives of this list
> > and not found any reference to anything along these lines. 
> If an announcement has been made, then there is a fixed package available,
> and (assuming you have the relevant sources.list entry) it will be
> automatically made available to apt, and all you need is a tool like
> apt-show-versions (or even apt-get) to automatically retrieve a list of
> packages for which updates exist.

This can be simply done with the following statement:

apt-get -qq update && apt-get -dqq upgrade && apt-get -sqq upgrade

(assuming your machine is 24/7 connected to the internet and you have
securiy.debian.org in your /etc/apt/sources.list)

This will update your packages list, and then simulate an
upgrade. Schedule it using a cron job, and you will only receive mail if
new packages are available. I use this to maintain a network of about 50
Debian servers (potato and woody).

Hope this helps,


Teun Vink - teun@moonblade.net - icq: 15001247 - http://teun.moonblade.net

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: