Hello, I would like to solicit comments about an auto upgrade feature for clients. The email message I have included below was sent to me nearly four years ago! I have hesitated implementing a feature such as this because of security concerns, but I think now is the time to start discussing it.
The ideas in this email are very good. However, I would like to implement something possibly a bit more comprehensive. The main considerations for me are: 1. The sysadmin should be able to either upgrade all clients, or only clients he selects. 2. The client conf file should define whether or not the client can be upgraded, and possibly the URL of the repository from which the upgrade will be obtained. 3. We need some very clear indication of the OS version so that the correct version can be selected from the various packages that could be used for an upgrade. 4. The operation needs to be extremely secure so that only a very specific Director can effect the upgrade, and possibly using a different authentication method. 5. We need some way to verify the cryptographic signature on an upgrade candidate before applying it. 6. All this must be OS independent or at least adaptable to various OSes and various packaging methods (including possibly building the client from source). There are probably a few other considerations as well. Though it could be possible, I am not sure this can be put into the next release. However, it is something that is becoming critical -- I saw one user report that he is backing up 10,000 server machines with Bacula -- can you imagine the problems of upgrading the File daemons on those machines! Comments would be appreciated. Best regards, Kern ---------- Forwarded Message ---------- Subject: [Bacula-devel] [PATCH] Auto upgrade clients. Date: Thursday 18 November 2004 From: Juan Luis Frances <[EMAIL PROTECTED]> To: [email protected] Hello, Because I needed a faster method to upgrade clients when new bacula versions are released, I have develop a system to upgrade linux clients. At the moment, it's only tested with Red Hat 9 clients. This project is at a first stage as far as I need your feedback and your opinion. Maybe you can suggest me a best method to do it? The system have 3 parts: - Patch to director and file daemon: New command added "upgrade". (Kern, I'm sorry in advance if I have soiled your code). - Perl script to do automate task of upgrade: upgrade_clients.pl - Bash script that does theupgrade task: bupgrade.sh Description of each part: "upgrade" dir command (PATCH of 1.36.0 version) -------------------------------------------------------------------------------- Syntax: upgrade CLIENTNAME URL Where: URL is the URL where the client will download the bacula "tar.gz" When upgrade command is sent, filed client will run bupdater.sh and it will die. When bupgrade.sh ends, it will restart bacula-fd. PS: You need apply patch to both, director and clients. bupdater.sh for Red Hat 9 ----------------------------------------- Syntax: bupdater.sh URL Where: URL is the URL where to download the bacula "tar.gz". This script will do the task to download, to configure, to compile and to install the new bacula-fd. Put bupdater.sh at /bin of each client machine. PS: bupgrade.sh is tested with Red Hat 9 but you can catch it to create a new script for your distribution if you want. When you pack the patched source, put the same dir that the packet file. Ex: # tar cvfp bacula-patched.tar bacula-patched # gzip bacula-patched You can view the log of each update attempt at /tmp/bupdater.log upgrade_clients.pl ------------------------------- Features: - Generate clients list from director. - Upgrade clients of a personalized clients list. - Check clients version. Edit this file with your preferences. Surely, I haven't explained myself clearly; My fight with the english... ;-) I wait your comments and your critics. Best regards, Juan Luis Francés -------------------------------------------------------
bupdater.sh
Description: Binary data
bacula-1.36.0-upgrade.patch
Description: Binary data
upgrade_clients.pl
Description: Binary data
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
