[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch Installation

On Tue, 27 Jul 2004 11:59:28 -0700
chuck+obsd@2004.snew.com (Chuck Yerkes) wrote:

> Quoting Brandon Mercer (b.mercer@trustetc.com):
> > Steve Shockley wrote:
> > 
> > >Brandon Mercer wrote:
> > > 
> > >
> > >>Yeah, kind of how I feel.  It would be cool to have a make archive
> > >in>the make file that would do the same thing as the make install
> > >except>put it into a .tgz that I could push to the boxes.  I can do
> > >that on>my own, but I'm thinking that long term I need to find a
> > >more simple>way of doing this.  I'm usually pushing one or two
> > >packages to a>large number of boxes with not a lot of space on them
> > >(256MB total). So I >guess the individual binaries is the easiest
> > >way.>   
> > >>
> > >
> > >Why not build a CD, then upgrade?  Or boot from bsd.rd and upgrade
> > >via network? 
> > >
> > Not sure that a CD would be very helpful on a soekris ;-).  I could 
> > consider booting from bsd.rd, but these boxes can't go down.  I
> > suppose I could do them one at a time.... but... yeah. 
> 
> Well, PXE then...
> 
> Software management on distruted computers.  Not a new topic. Less
> a topic now that Unix on desktop is more rare that it was 10 years
> ago.
> 
> depot, sup, rsync, cvs, cfengine - all tools that come to mind in
> the free arena that were designed or help in this.

Just my 2 cents after readin all the nice e-Mails because patching:
I think the most *NIXs have the same problem.

I don't know a sokution how to patch easy and fast a whole network (e.g.
with 300 clients) and I think some Admins here angree with me.
Well.. CVS seams to be the best avaiable solution so just think about:

You've to set up a CVS-Mirror-Server
You've to run SSHd on EACH computer in the network [also servers]
You've to write a Script (Perl, Shell, whatever..)

The script has to login via SSH and execute the command to update (e.g.
Kernel or something else).
For that it's neceserry that all clients have the actual Src for their
hardware platform.
Then maybe you've to copie the script for each hardware platform
(because SUNs are e.g. not affected, just AMD64).

That is the easiert way for ME to do it...
But I can feel the pain of the disadvantages...

1. SSHd at each computer
2. CVS-Code at EACH computer (wasting HDD-Space)
3. Network traffic
4. A computer just as CVS-Mirror
5. Writing a script (not everybody could do it)
5.1 Write diffrent versions of the Script for diffrent Hardware
Platforms

I personaly prefere OpenBSD and I also have NO big Network (just i386
and AMD64) but I talked a littlebit with the Administrators at my
University. The Windows-Administrators have something called "Software
Update Server" and wich is provided for free by MS (I'm sorry if I'm
wrong with the Name).
This SUS has all the things I miss at *NIX.
The SUS fetchs all patches (Ok MS provide them in Binary form).
The only change in the registry you've to do is tell the clients that
this SUS is responseable for them.
I don't know (because I never set up such a Server at home) exactly if
the SUS patches also the MS-programms (word, exel and so) but I think he
do.

It's easy to administrate/set up, fast and effectiv for networks
(even I dislike MS Windows).

A *NIX SUS could fetch the SRC and compile them for the needed hardware
platform (using GCC).
Ok I know OpenBSD is NOT MS but maybe that could be a inspiration for
some OpenBSD-Versions later.

The LINUX-Admins have apt-get (yes they're using Debian..).
Even the Solaris-Administrators have a tool for distributed patching
(but I don't know the name I saw it just 2 times as I talked with them).


Just my 2 Cents... and just a inspiration.
I can life with this disadvantage but I know they're maybe not
accaptable for a whole University Campus.


vh

p.s. Sorry for my english ;)

[demime 0.98d removed an attachment of type application/pgp-signature]