On 16/05/2011 10:30 PM, Warren Togami Jr. wrote:
On 5/16/2011 4:26 PM, Daryl C. W. O'Shea wrote:
On 16/05/2011 5:59 PM, Kevin A. McGrail wrote:
However, I am using sa-update's rules version 1083704. What are your
thoughts on including 1083704.tar.gz as the rules tarball for 3.3.2
since sa-update is our focus and a rule tarball is just kind of a base
install moreso than the intended method of running SA?
That would be the correct thing to do, that is use the latest 3.3.x
update.
I would imagine that there will be new updates, too, in the next couple
of days. I'm just going through old email and bugs trying to figure out
if there are any other issues that need resolving before turning it back
on.
Daryl
Could we please have the unpublished candidate for the next rules
tarball posted for review before it goes live?
Update 1104058 on the update mirrors.
No real changes... the last round of issues were rules that triggered
code issues -- unavoidable, I think.
I've made one important improvement. Scores in the sandboxes are now
used to set the absolute maximum rule score (positive or negative).
Evolved scores may be less than the score value in the sandbox but
should not exceed it.
I plan to write a script to handle reverting to a known good update in
an emergency before I re-enable the updates. The script will need to be
run as updatesd on the Solaris zone and will have syntax something like:
./revert-stable-update 1083704
Usage details will follow when its ready. The script will:
- accept an update number (that will be on the update mirrors already)
- test the given update against the stable versions of SA
- update DNS immediately
- *maybe* automatically halt future automatic update generation
Daryl
