Re: [Spacewalk-list] Errata...purpose?
Take a look at Steve's scripts and you can get the errata added to Spacewalk for all the CentOS repos. Excellent scripts, been using them to get errata into Spacewalk for years. Thanks Steve! Wish CentOS would just provide the errata in the repos like red hat, fedora, oracle. Bill Howe howe.b...@gmail.com On Fri, Jan 25, 2019, 02:54 Steve Meier wrote: > Hi Dave, > > Errata can be provided by any RPM/YUM repository. The Red Hat > repositories > have them, while CentOS does not. The popular EPEL repository also has > Errata (with IDs like FEDORA-EPEL...). > > When you use spacewalk-repo-sync, Spacewalk will import any Errata from > the repository automatically. > > I am not aware of any open-source project repositories providing Errata. > > Kind regards, >Steve > > Am 2019-01-25 00:50, schrieb Dave Thoms: > > Steve, > > > > Thank you so much for the overview. I'm surprised most people don't > > ask this question...or maybe they are just smarter than me. > > > > So errata is official which mean it only comes from Red Had? Or do > > others (python, etc.) release official errata? > > > > Dave T > > - > > > > FROM: spacewalk-list-boun...@redhat.com > > on behalf of Steve Meier > > > > SENT: Tuesday, January 22, 2019 1:47:18 PM > > TO: spacewalk-list@redhat.com > > SUBJECT: Re: [Spacewalk-list] Errata...purpose? > > ___ > Spacewalk-list mailing list > Spacewalk-list@redhat.com > https://www.redhat.com/mailman/listinfo/spacewalk-list ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
Re: [Spacewalk-list] Errata...purpose?
Hi Dave, Errata can be provided by any RPM/YUM repository. The Red Hat repositories have them, while CentOS does not. The popular EPEL repository also has Errata (with IDs like FEDORA-EPEL...). When you use spacewalk-repo-sync, Spacewalk will import any Errata from the repository automatically. I am not aware of any open-source project repositories providing Errata. Kind regards, Steve Am 2019-01-25 00:50, schrieb Dave Thoms: Steve, Thank you so much for the overview. I'm surprised most people don't ask this question...or maybe they are just smarter than me. So errata is official which mean it only comes from Red Had? Or do others (python, etc.) release official errata? Dave T - FROM: spacewalk-list-boun...@redhat.com on behalf of Steve Meier SENT: Tuesday, January 22, 2019 1:47:18 PM TO: spacewalk-list@redhat.com SUBJECT: Re: [Spacewalk-list] Errata...purpose? ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
Re: [Spacewalk-list] Errata...purpose?
Dave, I think this is a great source of information for your questions? https://petersouter.xyz/the-story-of-errata-for-centos/ — Dennis P Get Outlook for iOS<https://aka.ms/o0ukef> From: spacewalk-list-boun...@redhat.com on behalf of Dave Thoms Sent: Thursday, January 24, 2019 6:50 PM To: spacewalk-list@redhat.com Subject: Re: [Spacewalk-list] Errata...purpose? Steve, Thank you so much for the overview. I'm surprised most people don't ask this question...or maybe they are just smarter than me. So errata is official which mean it only comes from Red Had? Or do others (python, etc.) release official errata? Dave T From: spacewalk-list-boun...@redhat.com on behalf of Steve Meier Sent: Tuesday, January 22, 2019 1:47:18 PM To: spacewalk-list@redhat.com Subject: Re: [Spacewalk-list] Errata...purpose? [ALERT] Hi Dave, since I have done a lot of stuff around Errata in the last few years (see https://cefs.steve-meier.de<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcefs.steve-meier.de=02%7C01%7C%7C03369627b8f545979bb008d68256c422%7C84df9e7fe9f640afb435%7C1%7C0%7C636839706496539532=1Bza%2FZlvvNNTExQy5Ru%2BMygekSIErEyI4qaZEHk%2BpZw%3D=0>), I wanted to share my knowledge. Errata for RedHat/CentOS come in three "flavours": Security, Bugfix and Enhancement. An erratum includes one or more RPMs that fixes one or more bugs of that flavour. Let's look at a specific example: CESA-2019:0049 (Source: https://lists.centos.org/pipermail/centos-announce/2019-January/023143.html<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.centos.org%2Fpipermail%2Fcentos-announce%2F2019-January%2F023143.html=02%7C01%7C%7C03369627b8f545979bb008d68256c422%7C84df9e7fe9f640afb435%7C1%7C0%7C636839706496539532=jqBQDB2xr50DFGGFg8vjfq3b%2BqAsmJXCpzGyHfHMgy8%3D=0>) This erratum holds three important pieces of information for a sysadmin. It's a security update, its severity is "Important" (which is the second highest) and you need to install "systemd-219-62.el7_6.2.x86_64.rpm" (plus its dependencies also listed) to remediate this on your system. When you run "yum check-update" on a standalone CentOS server, the only information you will see is that "systemd-219-62.el7_6.2.x86_64.rpm" (again, plus dependencies) is available. The CentOS repositories do not contain additional information about these updates (type, severity, release date, etc.). When you have Spacewalk and Errata loaded you will get a nice overview of how many systems have which Errata outstanding and what their type and severity is. You will also be able to schedule the installation of the those updates easily. Especially in an environment where compliance (HIIPA, PCI, SOX, etc.) is important, such an overview can be very valuable. In my past job as a sysadmin I would go through this list each week and put the installation of security updates into our change plan for the coming week. Once the next audit rolled around we could just pull out these plans and prove that we had kept up with security patching. Let me know if you have further questions. Kind regards, Steve Am 2019-01-22 19:45, schrieb Dave Thoms: > I have a Spacewalk 2.8 install on CentOS 7.x. I've done a fair amount > of digging to understand what errata actually is. Why it's needed > when you are already getting all updates. Whether it applies to ALL > repos or just the official ones for CentOS. Does anyone have a handle > on this - fundamentally speaking? > > Thanks in advance, > > Dave T. The information in this e-mail (including attachments, if any) > is considered confidential and is intended only for the recipient(s) > listed above. Any review, use, disclosure, distribution or copying of > this e-mail is prohibited except by or on behalf of the intended > recipient. If you have received this email in error, please notify me > immediately by reply e-mail, delete this e-mail, and do not disclose > its contents to anyone. Any opinions expressed in this e-mail are > those of the individual and not necessarily the TruHearing group. > Thank you. > ___ > Spacewalk-list mailing list > Spacewalk-list@redhat.com > https://www.redhat.com/mailman/listinfo/spacewalk-list<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.redhat.com%2Fmailman%2Flistinfo%2Fspacewalk-list=02%7C01%7C%7C03369627b8f545979bb008d68256c422%7C84df9e7fe9f640afb435%7C1%7C0%7C636839706496539532=Miendwu4HP0VSX2dCBMKG6k6w5BOTloEyN1GzaGOeyE%3D=0> ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw
Re: [Spacewalk-list] Errata...purpose?
Steve, Thank you so much for the overview. I'm surprised most people don't ask this question...or maybe they are just smarter than me. So errata is official which mean it only comes from Red Had? Or do others (python, etc.) release official errata? Dave T From: spacewalk-list-boun...@redhat.com on behalf of Steve Meier Sent: Tuesday, January 22, 2019 1:47:18 PM To: spacewalk-list@redhat.com Subject: Re: [Spacewalk-list] Errata...purpose? [ALERT] Hi Dave, since I have done a lot of stuff around Errata in the last few years (see https://cefs.steve-meier.de), I wanted to share my knowledge. Errata for RedHat/CentOS come in three "flavours": Security, Bugfix and Enhancement. An erratum includes one or more RPMs that fixes one or more bugs of that flavour. Let's look at a specific example: CESA-2019:0049 (Source: https://lists.centos.org/pipermail/centos-announce/2019-January/023143.html) This erratum holds three important pieces of information for a sysadmin. It's a security update, its severity is "Important" (which is the second highest) and you need to install "systemd-219-62.el7_6.2.x86_64.rpm" (plus its dependencies also listed) to remediate this on your system. When you run "yum check-update" on a standalone CentOS server, the only information you will see is that "systemd-219-62.el7_6.2.x86_64.rpm" (again, plus dependencies) is available. The CentOS repositories do not contain additional information about these updates (type, severity, release date, etc.). When you have Spacewalk and Errata loaded you will get a nice overview of how many systems have which Errata outstanding and what their type and severity is. You will also be able to schedule the installation of the those updates easily. Especially in an environment where compliance (HIIPA, PCI, SOX, etc.) is important, such an overview can be very valuable. In my past job as a sysadmin I would go through this list each week and put the installation of security updates into our change plan for the coming week. Once the next audit rolled around we could just pull out these plans and prove that we had kept up with security patching. Let me know if you have further questions. Kind regards, Steve Am 2019-01-22 19:45, schrieb Dave Thoms: > I have a Spacewalk 2.8 install on CentOS 7.x. I've done a fair amount > of digging to understand what errata actually is. Why it's needed > when you are already getting all updates. Whether it applies to ALL > repos or just the official ones for CentOS. Does anyone have a handle > on this - fundamentally speaking? > > Thanks in advance, > > Dave T. The information in this e-mail (including attachments, if any) > is considered confidential and is intended only for the recipient(s) > listed above. Any review, use, disclosure, distribution or copying of > this e-mail is prohibited except by or on behalf of the intended > recipient. If you have received this email in error, please notify me > immediately by reply e-mail, delete this e-mail, and do not disclose > its contents to anyone. Any opinions expressed in this e-mail are > those of the individual and not necessarily the TruHearing group. > Thank you. > ___ > Spacewalk-list mailing list > Spacewalk-list@redhat.com > https://www.redhat.com/mailman/listinfo/spacewalk-list ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list [External Email] This email originated outside TruHearing. Please exercise caution with links and attachments. For assistance, please contact HelpDesk --IT Ops Team The information in this e-mail (including attachments, if any) is considered confidential and is intended only for the recipient(s) listed above. Any review, use, disclosure, distribution or copying of this e-mail is prohibited except by or on behalf of the intended recipient. If you have received this email in error, please notify me immediately by reply e-mail, delete this e-mail, and do not disclose its contents to anyone. Any opinions expressed in this e-mail are those of the individual and not necessarily the TruHearing group. Thank you. ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
Re: [Spacewalk-list] Errata...purpose?
Hi Dave, since I have done a lot of stuff around Errata in the last few years (see https://cefs.steve-meier.de), I wanted to share my knowledge. Errata for RedHat/CentOS come in three "flavours": Security, Bugfix and Enhancement. An erratum includes one or more RPMs that fixes one or more bugs of that flavour. Let's look at a specific example: CESA-2019:0049 (Source: https://lists.centos.org/pipermail/centos-announce/2019-January/023143.html) This erratum holds three important pieces of information for a sysadmin. It's a security update, its severity is "Important" (which is the second highest) and you need to install "systemd-219-62.el7_6.2.x86_64.rpm" (plus its dependencies also listed) to remediate this on your system. When you run "yum check-update" on a standalone CentOS server, the only information you will see is that "systemd-219-62.el7_6.2.x86_64.rpm" (again, plus dependencies) is available. The CentOS repositories do not contain additional information about these updates (type, severity, release date, etc.). When you have Spacewalk and Errata loaded you will get a nice overview of how many systems have which Errata outstanding and what their type and severity is. You will also be able to schedule the installation of the those updates easily. Especially in an environment where compliance (HIIPA, PCI, SOX, etc.) is important, such an overview can be very valuable. In my past job as a sysadmin I would go through this list each week and put the installation of security updates into our change plan for the coming week. Once the next audit rolled around we could just pull out these plans and prove that we had kept up with security patching. Let me know if you have further questions. Kind regards, Steve Am 2019-01-22 19:45, schrieb Dave Thoms: I have a Spacewalk 2.8 install on CentOS 7.x. I've done a fair amount of digging to understand what errata actually is. Why it's needed when you are already getting all updates. Whether it applies to ALL repos or just the official ones for CentOS. Does anyone have a handle on this - fundamentally speaking? Thanks in advance, Dave T. The information in this e-mail (including attachments, if any) is considered confidential and is intended only for the recipient(s) listed above. Any review, use, disclosure, distribution or copying of this e-mail is prohibited except by or on behalf of the intended recipient. If you have received this email in error, please notify me immediately by reply e-mail, delete this e-mail, and do not disclose its contents to anyone. Any opinions expressed in this e-mail are those of the individual and not necessarily the TruHearing group. Thank you. ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list