In theory it should be pretty safe but in practice pulling in
updates has been problematic. This is why we decided to make
default behavior to pull updates from the Honeynet repo of tested
updates. This leaves you open during the time between when updates
are issued from upstream and when the Project can get things tested
and uploaded to the Honeynet repository.
That said, we set things up so, if you desire, you can enabled the
same repos we get updates form (as you mention) on your own. We
put as many sanity checks in as possible to help prevent bringing
in updates that will break things but there is certainly no
guarantee that won't happen. This has been one of the biggest
challenges of maintaining a "Custom Linux Distro" built from
1. A mainstream Linux Distro
2. A third party RPM repo
3. RPM's of our own built from scratch
4. RPMs built by others custom built by us
Many may remember the snort update fiascoes of long ago - this was
NOT a snort problem. It was largely due to me not properly
excluding snort as an updatable package. I *think* we're ok there.
PERL modules are notoriously a huge PITA. I bet there will ALWAYS
be pain there.
There's a simple script to handle repo config on roo or you can
just flip enablerepo=0/1 per config file.
hwrepoconf --show (show current settings)
hwrepoconf --enable all (turn all of them on)
hwrepoconf --disable honeynet-test media (disable test/media)
to get back to the default setting:
hwrepoconf --default
Hope this helps.
Earl
On Thu, 16 Oct 2008 06:35:21 -0400 carlopmart
<[EMAIL PROTECTED]> wrote:
>Hi all,
>
> Today I have installed a new honeywall server to test some
>honeynet
>configurations. When I try to update packages, only honeynet repo
>is used, but
>honeywall use packages from EPEL, rpmforge, centos, etc. Can i
>enable these
>repos securely to update packages, except honeynet-test.repo??
>--
>CL Martinez
>carlopmart {at} gmail {d0t} com
>_______________________________________________
>Honeywall mailing list
>[email protected]
>https://public.honeynet.org/mailman/listinfo/honeywall
_______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
