I have a similar setup to you, with binary updates for the class.
owever, the script for generating the update commands ios slightly more
complicated than just simple glsa-check -p affected.
I've posted it several month ago on oneof the gentoo lists.
kos
#!/bin/bash
tmp="/tmp/`cat /proc/sys/kernel/random/uuid`"
update="/root/run-to-update.sh"
glsa="/usr/portage/metadata/glsa"
if [ -f $tmp ] ; then
rm -f $tmp
fi
if [ -f $update ] ; then
rm -f $update
fi
emerge --sync >/dev/null 2>&1
glsa-check -n --list affected 2> /dev/null > $tmp
arr=(`cat $tmp | awk '{print $1}'`)
[EMAIL PROTECTED]
if [ $BUGCOUNT -gt "0" ] ; then
echo -e '#!/bin/bash' > $update
echo -ne '#relevant as for ' >> $update
echo `date +%D` >> $update
n=0
while (($n < $BUGCOUNT)); do
echo "/usr/bin/glsa-check -f" ${arr[$n]} >> $update
cat $glsa/glsa-${arr[$n]}.xml | grep "# emerge" | grep -v "emerge
--sync" | \
sed 's/\"\;/\"/g' | sed 's/\>\;/\>/g' | sed 's/<\/code>//g' >>
$update
echo >> $update
let n+=1
done
echo -e "\nRun $update to update the system" >> $tmp
cat $tmp | /bin/mail -s GLSA_UNAPPLIED [EMAIL PROTECTED]
rm -rf $tmp
fi
-------- Original Message --------
Subject: Re: [gentoo-server] I search a Gentoo Linux "update system"
From: Brian Kroth <[EMAIL PROTECTED]>
To: sysspoof <[EMAIL PROTECTED]>
CC: [email protected]
Date: Mon Jan 07 2008 22:58:36 GMT+0000 (BST)
> Forgot to copy the list originally:
>
> sysspoof <[EMAIL PROTECTED]>:
> Hi Brian
>
> Your work sounds interesting to me.
> 2 questions so far:
> - Is it also possible to "download" the portage tree and pre-compiled
> packages, perhaps with modified mirror url in make.conf? I use different
> networks for the servers, so sharing is not an option.
>
>> man make.conf, PORTAGE_BINHOST is what you want. In the tar below there's
>> a script, emerge-binpkg, that makes downloading those packages a little
>> quicker than emerge -g, which tries to maintain a cache.
>
> - You wrote other features are planned, will you work them out?
>
>> At some point, when I have time. The database schema should show you what
>> I have planned. Everything is just a name value pair for the post part.
>
> Unfortunately I have no perl experience and I haven't got time to
> contribute with perl. But I would appreciate to see your work. Why not make
> it public? If I am possible to use your scripts I'd like to give you report
> and constructive input based on practical experience.
>
>> Well, this is my second or third perl project as well. Don't learn unless
>> you try, right? I think all the relevant scripts should be in there.
>> Probably need to emerge/cpan some perl modules.
>
>> https://mywebspace.wisc.edu/bpkroth/web/update-summary-scripts/update-summary-scripts.tar.bz2
>
>> Anyone else out there do something similar?
>
>> Brian
>
> Brian Kroth wrote:
> | I imagine you're looking for something along the lines of WSUS. There
> are
> | lots of ways to organize a set of (gentoo) servers, so I don't know if
> | there's one common tool out there to accomplish this just yet. However,
> | since it can be a chore to manage many of them individually, I've been
> | working on something kinda like this in my spare time. The current model
> | is as follows:
> |
> | - A build server for each class of servers. They build updates for their
> | clients nightly.
> |
> | - "Client" servers (auto) nfs mount the portage tree and packages dir for
> | their build server. Each client runs some reports each night that are
> | emailed to a common account. The reports include the output from the
> | following: emerge -NDu world, glsa-check -p affected, revdep-rebuild -p
> |
> | - Some procmail filters/perl scripts take each of those emails and dump
> | them into a database for web viewing. Various other features are
> | planned for the web end, like inventory information, diffs of these
> | reports, etc. Logwatch data is also split up by type and dumped in
> | here.
> |
> | - Another cron script sifts through the reports in the database from that
> | day and compiles a summary report.
> |
> | Originally there were only a few servers, so a few emails to check a day
> | was no biggie, but eventually I needed a way to summarize it. I admit
> | this is isn't the most efficient way of getting that, but its been
> | evolving rather slowly.
> |
> | Anyways, if anyone's interested I can post the procmailrc, scripts, and
> db
> | schema somewhere.
> |
> | Here's an example of a security-check summary report. Currently the
> output is
> | split up by server class via data from the database and is formatted to
> allow
> | copy and paste execution on all hosts via cssh.
> |
> | gentoo-i686ws update list:
> | You can perform the following command(s) to update the hosts with
> their updates:
> | # cssh \
> | rocket
> |
> | # emerge -1ka \
> | =net-analyzer/wireshark-0.99.7
> |
> |
> | gentoo-ppcencoder update list:
> | You can perform the following command(s) to update the hosts with
> their updates:
> | # cssh \
> | ppcencoder01 \
> | ppcencoder02 \
> | ppcencoder03 \
> | ppcencoder04 \
> | ppcencoder05 \
> | ppcencoder06 \
> | ppcencoder07 \
> | ppcencoder08 \
> | ppcencoder09 \
> | ppcencoder10 \
> | ppcencoder11
> |
> | # emerge -1ka \
> | =app-admin/syslog-ng-2.0.6
> |
> |
> | gentoo-p4srv update list:
> | You can perform the following command(s) to update the hosts with
> their updates:
> | # cssh \
> | mysql1 \
> | mysql2 \
> | gentest
> |
> | # emerge -1ka \
> | =app-admin/syslog-ng-2.0.6
> |
> | Brian
> |
> | sysspoof <[EMAIL PROTECTED]>:
> | Hello ML members,
> |
> | I am curious if there is any update system available for Gentoo Linux
> | server for corporate use.
> | With update system I mean a full concept with dist host, perhaps a
> | webinterface where you can see all available server and what packages are
> | out of date, cron job for daily --sync and world update. It should also
> | contain a guide, shows how to configure the Gentoo server for those
> | updates. For example it should recommend settings like
> | FEATURES="protect-collisions" etc.
> |
> | Any input?
> |
> | Thank you,
> |
> |>
>>
--
[email protected] mailing list
>>
--
[email protected] mailing list
