LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 12-02-2004, 04:44 AM   #1
esasse
LQ Newbie
 
Registered: Nov 2004
Location: Americana, SP - Brazil
Distribution: Fedora
Posts: 17

Rep: Reputation: 0
Auto-update: Good idea for servers?


Is it a good idea to setup an auto update process, like running apt-get or yum every night to download and install updated packages in a server?
 
Old 12-02-2004, 05:05 AM   #2
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
I would say no. On both my gentoo servers I have a script that checks for available updates and emails me the results daily. I only update packages if an exploit has been found in them. Otherwise I leave it.

In my opinion, the actual updating of packages should be done under the admin's supervision and not by some script.
 
Old 12-02-2004, 05:10 AM   #3
Caysho
Member
 
Registered: Sep 2002
Location: Perth Australia
Distribution: OpenWRT, debian, Ubuntu
Posts: 135
Blog Entries: 18

Rep: Reputation: 15
I second this.
You don't know what the update could potentially break, and if it's a heavy use server, and it does break, you can be a world of hurt if it's automated.
 
Old 12-02-2004, 09:14 AM   #4
esasse
LQ Newbie
 
Registered: Nov 2004
Location: Americana, SP - Brazil
Distribution: Fedora
Posts: 17

Original Poster
Rep: Reputation: 0
Thanks! Could you share your script that emails you with updates?

What's the best way to know if an update is important and if I should install it?
Check websites of every package?
 
Old 12-02-2004, 01:23 PM   #5
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Well the script is written for Gentoo but I'm sure you could replace the 'emerge sync' stuff with apt-get commands to get the same effect.

Code:
#!/usr/bin/perl -w

$date = `date`;
$hostname = `hostname`;
$text_file = "/root/email.txt";
$chk_file = "/root/chkrootkit_results.txt";

# CHKROOTKIT SECTION
system("echo 'Chkrootkit Results:\n' > $text_file");
system("chkrootkit > $chk_file");

open(CHK_IN, $chk_file);
while(<CHK_IN>) {
   push(@infected,$_) if (/INFECTED/);
}
close  CHK_IN;

if (@infected) {
   system("echo 'INFECTED LINES FOUND!\n\n' >> $text_file");
   system("echo '$_\n' >> $text_file") for @infected;
}
else {
   system("echo 'Nothing infected.\n' >> $text_file");
}

# SYNC TO CURRENT PORTAGE TREE
system("emerge sync > /dev/null 2> /dev/null");

# CHECK FOR AVAILABLE UPDATES
system("echo '\nAvailable Package Updates:\n' >> $text_file");
system("emerge -up world | grep ebuild >> $text_file");

# RUN GLSA-CHECK TO SEE IF ANY SECURITY UPDATES ARE AVAILABLE
system("echo '\nGlsa-Check Results:\n' >> $text_file");
system("glsa-check -ln 2> /dev/null >> $text_file");

# E-MAIL RESULTS
system("cat $text_file | mail -s \"Security Report For $hostname On $date\" security\@localhost");

# CLEAN UP TEMPORARY TEXT FILES
system("rm -f $text_file");
system("rm -f $chk_file");

# TO DO LIST
# ADD SUPPORT TO PARSE LOG FILES FOR DAILY LOGINS AND DAILY FAILED LOGINS VIA METALOG
By the way, I'm no perl expert as you can see.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Rebooting Linux servers bad idea? dippelw Linux - General 4 11-30-2005 03:50 PM
Good idea? Berticus Linux - General 2 09-28-2005 10:19 AM
apt-get update a good idea in a crontab? moana Debian 3 07-29-2005 05:26 AM
Is this a good or bad idea? kemplej Linux - Software 2 10-26-2004 09:34 AM
I think this is a good idea! pe2338 Linux - General 7 09-14-2003 05:52 AM


All times are GMT -5. The time now is 08:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration