Re: I'm searching for a network wide system update tool

To: debian-security <debian-security@lists.debian.org>
Subject: Re: I'm searching for a network wide system update tool
From: Ivo Marino <eim@eimbox.org>
Date: Sun, 19 Jan 2003 17:46:34 +0100
Message-id: <[🔎] 20030119164633.GD2472@eimbox.org>
Mail-followup-to: debian-security <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20030119160734.GA17419@ch208h>
References: <[🔎] 20030119114503.GA2472@eimbox.org> <[🔎] 20030119123353.GA3053@pflugstaedt.de> <[🔎] 20030119131815.GB2472@eimbox.org> <[🔎] 20030119160734.GA17419@ch208h>

On Sun, Jan 19, 2003 at 10:07:34AM -0600, Mike Renfro wrote:
> On Sun, Jan 19, 2003 at 02:18:16PM +0100, Ivo Marino wrote:
> 
> > I think using a cron-job like cron-apt for updating security related
> > packages automaticly on the servers not only could be a problem
> > considering the securtiy point of view but also this could corrupt a
> > server configuration and leave the system/service out of function.
> 
> cron-apt's apparent default setting of only updating and downloading
> (not upgrading packages) should be pretty safe.
> 
> > Anyone has allready written a script like the one described above or
> > maybe knows an allready existing application which could perform
> > this task? Thanks.
> 
> Having not looked at dsh before, here's the one I worked up. I do have
> to make sure that PATH contains /sbin, /usr/sbin, etc. for an apt-get
> upgrade, but that's no big deal.
> 
> =====
> 
> #!/bin/sh
> FIREWALLS="fw1 fw2"
> SERVERS="srv1"
> WORKSTATIONS="wk1 wk2 wk3"
> XTERMS="xt1 xt2 xt3"
> 
> case $1 in
>     "-f") HOSTS=$FIREWALLS;;
>     "-s") HOSTS=$SERVERS;;
>     "-w") HOSTS=$WORKSTATIONS;;
>     "-x") HOSTS=$XTERMS;;
>     "-a") HOSTS="$FIREWALLS $SERVERS $WORKSTATIONS $XTERMS";;
>     *) echo "Usage: $0 (-f|-s|-w|-x|-a) command"; exit 1;;
> esac
> shift
> for HOST in $HOSTS; do
>   echo $HOST:
>   /usr/bin/ssh $HOST ${1+"$@"}
> done
> 
> =====

Thanks for the code and the pointers, Mike.

I consider it as a base concept for the script I'll eventually write,
probably I'll use dsh, let's see.

> -- 
> Mike Renfro  / R&D Engineer, Center for Manufacturing Research,
> 931 372-3601 / Tennessee Technological University -- renfro@tntech.edu
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Ivo Marino                   eim@eimbox.org
 UN*X Developer, running Debian GNU/Linux
 irc.FreeNode.net                    #debian
 http://eimbox.org/~eim    http://eimbox.org
 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Attachment: pgpe2H_sZSdp8.pgp
Description: PGP signature

Reply to:

References:
- I'm searching for a network wide system update tool
  - From: Ivo Marino <eim@eimbox.org>
- Re: I'm searching for a network wide system update tool
  - From: Horst Pflugstaedt <horst@uni-duisburg.de>
- Re: I'm searching for a network wide system update tool
  - From: Ivo Marino <eim@eimbox.org>
- Re: I'm searching for a network wide system update tool
  - From: Mike Renfro <renfro@tntech.edu>

Prev by Date: Re: I'm searching for a network wide system update tool
Next by Date: Re: I'm searching for a network wide system update tool - fun stuff
Previous by thread: Re: I'm searching for a network wide system update tool
Next by thread: Re: I'm searching for a network wide system update tool - fun stuff
Index(es):
- Date
- Thread