LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-25-2014, 08:39 AM   #1
kbscores
Member
 
Registered: Oct 2011
Location: USA
Distribution: Red Hat
Posts: 259
Blog Entries: 9

Rep: Reputation: 32
How does yum-plugin-security work?


I'm curious how yum-plugin-security works (not how to use it) Does it key off of pre-made groups within the repository?

The reason I ask is I'd like to create a package repository, however I'd only like to update security packages, but rather than cherry pick through 2k+ packages I only want security packages. Currently just trying to use the --security with yum on the custom repository does not work.

Centos is the distro.
 
Old 02-25-2014, 11:21 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592Reputation: 3592
IIRC (probably some CentOS ticket) yum-plugin-security relies on an XML file existing in the repo containing security-related nfo. CentOS doesn't have that AFAIK but RHEL / RHN does. If you can't find the nfo anywhere else then checking the YUM plugin source probably will reveal what is required.
 
Old 02-25-2014, 11:33 AM   #3
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654
It should be mentioned that EPEL does have security info of its own, and Scientific Linux relates the RHEL security updates to SL. This info is contained within the repo in a file called updateinfo.xml.gz.

(if you didnt read the post above, please note that Centos does not have its own security updates, nor does it use RedHats)

Examples of EPEL and SL:

Code:
# cat /etc/redhat-release
CentOS release 5.8 (Final)

# yum info-security varnish
Loaded plugins: fastestmirror, priorities, security
Loading mirror speeds from cached hostfile
 * base: centos.sonn.com

===============================================================================
  varnish-2.0.6-4.el5
===============================================================================
  Update ID : FEDORA-EPEL-2013-12157
    Release : Fedora EPEL 5
       Type : security
     Status : stable
     Issued : 2013-11-20 15:54:20
       Bugs : 1025129 - CVE-2013-4484 varnish: denial of service handling certain GET requests [epel-all]
Description : Backported a patch for CVE-2013-4484
info-security done
and scientific linux

Code:
# cat /etc/redhat-release
Scientific Linux release 6.5 (Carbon)

# yum info-security kernel
Loaded plugins: security

===============================================================================
  Important: kernel security update
===============================================================================
  Update ID : SLSA-2014:0159-1
    Release : Scientific Linux
       Type : security
     Status : final
     Issued : 2014-02-12 00:00:00
       Bugs : 1028148 - kernel: exec/ptrace: get_dumpable() incorrect tests
            : 1033600 - Kernel: qeth: buffer overflow in snmp ioctl
            : 1035875 - Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
This is one reason why i am required to use SL6 instead of Centos.
 
Old 02-25-2014, 12:30 PM   #4
kbscores
Member
 
Registered: Oct 2011
Location: USA
Distribution: Red Hat
Posts: 259

Original Poster
Blog Entries: 9

Rep: Reputation: 32
Thanks. Has anyone worked towards getting the plugin to work with Centos or is there some sort of proprietary aspect to it?
 
Old 02-25-2014, 12:33 PM   #5
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654Reputation: 1654
Centos is welcome to use the XML to create their own security patches, just as Scientific Linux does.

Perhaps with the acquisition of Centos by Redhat, things will change regarding this.
 
Old 02-25-2014, 12:38 PM   #6
kbscores
Member
 
Registered: Oct 2011
Location: USA
Distribution: Red Hat
Posts: 259

Original Poster
Blog Entries: 9

Rep: Reputation: 32
Never mind - it is just a matter of the information being within the XML file and maintaining that file would be a fairly time consuming en devour with so many packages on a custom repository.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Should I use yum-plugin-priorities? NotionCommotion Linux - Newbie 9 06-20-2013 02:30 AM
how to update rhel 5 using centos yum updater without conflict with yum redhat plugin udayvikram Linux - Software 2 03-30-2010 08:15 AM
how to update rhel 5 using centos yum updater without conflict with yum redhat plugin udayvikram Linux - Newbie 1 03-29-2010 12:56 PM
[SOLVED] flash plugin for mozilla plugin doesn't work. raju.mopidevi SUSE / openSUSE 3 11-28-2009 07:25 AM
yum install flash-plugin ...... please? Gogul Linux - Software 2 07-13-2006 04:43 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration