Debian Sarge Server Setup

LinuxGeek · 10-18-2004, 06:25 PM

I've been asked to set up a Debian server for a company. I'm a regular Debian user but am currently using the SID branch. I plan on installing Sarge on the server for the client as security patches are submitted to Sarge and aren't in SID (from what I understand). However, I would like to automate security patching as much as possible so that I can forget about the headache of manually apt-getting updates. Does any one of you know how I can do this? I was thinking of making it a cron job or something, but I don't know the exact command. Also, what would my /etc/apt/sources.list look like for it to retrieve the security updates? Any other hints/tips would be greatly appreciated. Thanks for your time.

PS. I plan on having the following services running on the server:

Code:

a) qmail
b) mysql
c) apache with php and ssl

macondo · 10-18-2004, 09:41 PM

Read the last posting (peeples) on page 4 of the sticky:

Debian Configuration Post Install

at the top of the page

LinuxGeek · 10-19-2004, 04:37 PM

Thanks for the hint. However, I just wanted to be sure of something. If I'm using sarge, are there security updates for it? I read a little in the Debian Security Howto and it says there that most updates are for the stable branch and not for sarge or sid. Is this true? Also, does anyone know of good howtos for configuring the previously mentioned services? Thanks for your time...

darthtux · 10-19-2004, 09:16 PM

http://www.debian.org/security/faq#testing

LinuxGeek · 10-19-2004, 10:35 PM

darthtux,
I had read the security FAQ before posting. What I mean to ask is although they state the following: "However, the security secretaries will try to fix problems in testing and unstable after they are fixed in the stable release.", how true is it? Do security patches get through to the testing branch regularly or do they rarely get through, especially as there is a move towards Sarge with the next release of Sarge approaching. Furthermore, I read the following from an article about the next release of Sarge (http://www.debianhelp.org/modules.ph...ticle&sid=3363)
"we would /like/ to have security support in place for sarge before encouraging widespread upgrade woody->sarge upgrade testing, but we /need/ to have it in place before releasing, so it would be unwise to try to freeze the rest of the archive without any confirmed schedule for the last stages of the release."