Hi all, since a while, I use Steve Meiers script to synchronize Debian repositories to our spacewalk server. From @philicious (https://github.com/philicious/spacewalk-scripts) and @pandujar (https://github.com/pandujar) I also use the excellent work to add Ubuntu errata information into spacewalk. I used these scripts as basis to build scripts, that do the same work for Debian security announcements.
So everone who is using Debian systems and uses Spacewalk to "manage" these systems, feel free to test these scripts. @philicious just "merged" my PR into its master branch. I requested this PR, so all "debian" based scripts are held on one place. Currently there is one requirement. The "channel" labels for the "distributions" (e.g. "jessie", "stretch") must "start" with the distribution name. As said, I use Steve Meiers script to synchronize the debian repos Here is a list of "channel:url" mapping I use jessie_main;http://ftp.de.debian.org/debian/dists/jessie/main/binary-amd64/ jessie_contrib;http://ftp.de.debian.org/debian/dists/jessie/contrib/binary-amd64/ jessie_non-free;http://ftp.de.debian.org/debian/dists/jessie/non-free/binary-amd64/ jessie_updates_main;http://ftp.de.debian.org/debian/dists/jessie-updates/main/binary-amd64/ jessie_updates_contrib;http://ftp.de.debian.org/debian/dists/jessie-updates/contrib/binary-amd64/ jessie_updates_non-free;http://ftp.de.debian.org/debian/dists/jessie-updates/non-free/binary-amd64/ jessie_backports_main;http://ftp.de.debian.org/debian/dists/jessie-backports/main/binary-amd64/ jessie_backports_contrib;http://ftp.de.debian.org/debian/dists/jessie-backports/contrib/binary-amd64/ jessie_backports_non-free;http://ftp.de.debian.org/debian/dists/jessie-backports/non-free/binary-amd64/ jessie_security_main;http://security.debian.org/dists/jessie/updates/main/binary-amd64/ jessie_security_contrib;http://security.debian.org/dists/jessie/updates/contrib/binary-amd64/ jessie_security_non-free;http://security.debian.org/dists/jessie/updates/non-free/binary-amd64/ ## stretch stretch_main_main;http://ftp.de.debian.org/debian/dists/stretch/main/binary-amd64/ stretch_main_contrib;http://ftp.de.debian.org/debian/dists/stretch/contrib/binary-amd64/ stretch_main_non-free;http://ftp.de.debian.org/debian/dists/stretch/non-free/binary-amd64/ stretch_updates_main;http://ftp.de.debian.org/debian/dists/stretch-updates/main/binary-amd64/ stretch_updates_contrib;http://ftp.de.debian.org/debian/dists/stretch-updates/contrib/binary-amd64/ stretch_updates_non-free;http://ftp.de.debian.org/debian/dists/stretch-updates/non-free/binary-amd64/ stretch_backports_main;http://ftp.de.debian.org/debian/dists/stretch-backports/main/binary-amd64/ stretch_backports_contrib;http://ftp.de.debian.org/debian/dists/stretch-backports/contrib/binary-amd64/ stretch_backports_non-free;http://ftp.de.debian.org/debian/dists/stretch-backports/non-free/binary-amd64/ stretch_security_main;http://security.debian.org/dists/stretch/updates/main/binary-amd64/ stretch_security_contrib;http://security.debian.org/dists/stretch/updates/contrib/binary-amd64/ stretch_security_non-free;http://security.debian.org/dists/stretch/updates/non-free/binary-amd64/ As said before, there is the current limitation that the channel label must start with the name of the distribution (e.g. "jessie" or "stretch"). This might be changed in https://github.com/philicious/spacewalk-scripts/blob/fb82685ab78e18138f94584b26759ba039eb5617/errata-import-debian.py#L158 But if you have the channels like I have and already have the packages synchronized, you start with getDebianAnnouncement.py to download the debian security announcements of *this* year and the year before. These files also gets parsed through "html2text" (you need to install this package on the SW server - yum install html2text). parseDebian.py parses these files and creates an XML file (just like parseUbuntu.py). For every distribution that is listed within a security announcement, one errata (for this distribution will be created, as long there are packages found for this distribution within SW). So if you have "stretch" and "jessie", you will get "jessie-DSA-1234" errata and "stretch-DSA-1234" errata within SW. Use errata-import-debian.py to parse the XML file and create the errata within SW. This is how the output of "errata-import-debian.py" looks if called with "-d 1" (is just from today, only 2 new announcements parsed) Started errata import..... Debug level: 1 [+] Creating inventory from Server: [+] Including channel(s): ['jessie_security_main', 'jessie_security_contrib', 'jessie_security_non-free', 'stretch_security_main', 'stretch_security_contrib', 'stretch_security_non-free'] [+] Retrieving Package List from Channel: jessie_security_main [+] Retrieving Package List from Channel: jessie_security_contrib [+] Retrieving Package List from Channel: jessie_security_non-free [+] Retrieving Package List from Channel: stretch_security_main [+] Retrieving Package List from Channel: stretch_security_contrib [+] Retrieving Package List from Channel: stretch_security_non-free [+] Retrieving data from /tmp/debian_security/debian-errata.xml [+] stretch-DSA-4138-1 doesn't exist: creating [+] Creating errata stretch-DSA-4138-1: [+] stretch-DSA-4139-1 doesn't exist: creating [+] Creating errata stretch-DSA-4139-1: [+] jessie-DSA-4139-1 doesn't exist: creating [+] Creating errata jessie-DSA-4139-1: Finished errata import Hope this helps someone. Robert _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list