Re: [gentoo-server] I search a Gentoo Linux "update system"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Brian
Your work sounds interesting to me.
2 questions so far:
- - Is it also possible to "download" the portage tree and pre-compiled
packages, perhaps with modified mirror url in make.conf? I use different
networks for the servers, so sharing is not an option.
- - You wrote other features are planned, will you work them out?
Unfortunately I have no perl experience and I haven't got time to
contribute with perl. But I would appreciate to see your work. Why not
make it public? If I am possible to use your scripts I'd like to give
you report and constructive input based on practical experience.
Pat
Brian Kroth wrote:
| I imagine you're looking for something along the lines of WSUS. There are
| lots of ways to organize a set of (gentoo) servers, so I don't know if
| there's one common tool out there to accomplish this just yet. However,
| since it can be a chore to manage many of them individually, I've been
| working on something kinda like this in my spare time. The current model
| is as follows:
|
| - A build server for each class of servers. They build updates for their
| clients nightly.
|
| - "Client" servers (auto) nfs mount the portage tree and packages dir for
| their build server. Each client runs some reports each night that are
| emailed to a common account. The reports include the output from the
| following: emerge -NDu world, glsa-check -p affected, revdep-rebuild -p
|
| - Some procmail filters/perl scripts take each of those emails and dump
| them into a database for web viewing. Various other features are
| planned for the web end, like inventory information, diffs of these
| reports, etc. Logwatch data is also split up by type and dumped in
| here.
|
| - Another cron script sifts through the reports in the database from that
| day and compiles a summary report.
|
| Originally there were only a few servers, so a few emails to check a day
| was no biggie, but eventually I needed a way to summarize it. I admit
| this is isn't the most efficient way of getting that, but its been
| evolving rather slowly.
|
| Anyways, if anyone's interested I can post the procmailrc, scripts, and db
| schema somewhere.
|
| Here's an example of a security-check summary report. Currently the
output is
| split up by server class via data from the database and is formatted
to allow
| copy and paste execution on all hosts via cssh.
|
| gentoo-i686ws update list:
| You can perform the following command(s) to update the hosts
with their updates:
| # cssh \
| rocket
|
| # emerge -1ka \
| =net-analyzer/wireshark-0.99.7
|
|
| gentoo-ppcencoder update list:
| You can perform the following command(s) to update the hosts
with their updates:
| # cssh \
| ppcencoder01 \
| ppcencoder02 \
| ppcencoder03 \
| ppcencoder04 \
| ppcencoder05 \
| ppcencoder06 \
| ppcencoder07 \
| ppcencoder08 \
| ppcencoder09 \
| ppcencoder10 \
| ppcencoder11
|
| # emerge -1ka \
| =app-admin/syslog-ng-2.0.6
|
|
| gentoo-p4srv update list:
| You can perform the following command(s) to update the hosts
with their updates:
| # cssh \
| mysql1 \
| mysql2 \
| gentest
|
| # emerge -1ka \
| =app-admin/syslog-ng-2.0.6
|
| Brian
|
| sysspoof <sysspoof@ng-lab.org>:
| Hello ML members,
|
| I am curious if there is any update system available for Gentoo Linux
| server for corporate use.
| With update system I mean a full concept with dist host, perhaps a
| webinterface where you can see all available server and what packages are
| out of date, cron job for daily --sync and world update. It should also
| contain a guide, shows how to configure the Gentoo server for those
| updates. For example it should recommend settings like
| FEATURES="protect-collisions" etc.
|
| Any input?
|
| Thank you,
|
|>
- --
gentoo-server@lists.gentoo.org mailing list
|>
- --
Patrick Grieshaber
sysspoof@ng-lab.org
http://ng-lab.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHgp9FPtCAYLeEIgwRAsDTAJ91R4Ow77p6Bri6ptw4MTu6/Q0bWwCfWjAd
65UjzQBpHsIOCVDy7bKl1RI=
=uYMe
-----END PGP SIGNATURE-----
--
gentoo-server@lists.gentoo.org mailing list
Reply to: