[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch Installation

To: van Helsing <vh@helith.net>
Subject: Re: Patch Installation
From: Gerardo Santana G髆ez Garrido <santana@tuxtla.openbsd.org.mx>
Date: Sun, 1 Aug 2004 13:10:26 -0500
Cc: Chuck Yerkes <chuck+obsd@2004.snew.com>, misc@openbsd.org
Content-Disposition: inline
References: <41068853.3010109@trustetc.com> <20040727185928.GC95533@2004.snew.com> <20040801182226.1b9ad23e.vh@helith.net>
User-Agent: Mutt/1.4.2i

On (01/08/2004 18:22), van Helsing wrote:
> On Tue, 27 Jul 2004 11:59:28 -0700
> chuck+obsd@2004.snew.com (Chuck Yerkes) wrote:
> 
> > Quoting Brandon Mercer (b.mercer@trustetc.com):
> > > Steve Shockley wrote:
> > > 
> > > >Brandon Mercer wrote:
> > > > 
> > > >
> > > >>Yeah, kind of how I feel.  It would be cool to have a make archive
> > > >in>the make file that would do the same thing as the make install
> > > >except>put it into a .tgz that I could push to the boxes.  I can do
> > > >that on>my own, but I'm thinking that long term I need to find a
> > > >more simple>way of doing this.  I'm usually pushing one or two
> > > >packages to a>large number of boxes with not a lot of space on them
> > > >(256MB total). So I >guess the individual binaries is the easiest
> > > >way.>   
> > > >>
> > > >
> > > >Why not build a CD, then upgrade?  Or boot from bsd.rd and upgrade
> > > >via network? 
> > > >
> > > Not sure that a CD would be very helpful on a soekris ;-).  I could 
> > > consider booting from bsd.rd, but these boxes can't go down.  I
> > > suppose I could do them one at a time.... but... yeah. 
> > 
> > Well, PXE then...
> > 
> > Software management on distruted computers.  Not a new topic. Less
> > a topic now that Unix on desktop is more rare that it was 10 years
> > ago.
> > 
> > depot, sup, rsync, cvs, cfengine - all tools that come to mind in
> > the free arena that were designed or help in this.
> 
> Just my 2 cents after readin all the nice e-Mails because patching:
> I think the most *NIXs have the same problem.
> 
> I don't know a sokution how to patch easy and fast a whole network (e.g.
> with 300 clients) and I think some Admins here angree with me.
> Well.. CVS seams to be the best avaiable solution so just think about:
> 
> You've to set up a CVS-Mirror-Server
> You've to run SSHd on EACH computer in the network [also servers]
> You've to write a Script (Perl, Shell, whatever..)
> 
> The script has to login via SSH and execute the command to update (e.g.
> Kernel or something else).
> For that it's neceserry that all clients have the actual Src for their
> hardware platform.
> Then maybe you've to copie the script for each hardware platform
> (because SUNs are e.g. not affected, just AMD64).
> 
> That is the easiert way for ME to do it...
> But I can feel the pain of the disadvantages...
> 
> 1. SSHd at each computer
> 2. CVS-Code at EACH computer (wasting HDD-Space)
> 3. Network traffic
> 4. A computer just as CVS-Mirror
> 5. Writing a script (not everybody could do it)
> 5.1 Write diffrent versions of the Script for diffrent Hardware
> Platforms
> 
> I personaly prefere OpenBSD and I also have NO big Network (just i386
> and AMD64) but I talked a littlebit with the Administrators at my
> University. The Windows-Administrators have something called "Software
> Update Server" and wich is provided for free by MS (I'm sorry if I'm
> wrong with the Name).
> This SUS has all the things I miss at *NIX.
> The SUS fetchs all patches (Ok MS provide them in Binary form).
> The only change in the registry you've to do is tell the clients that
> this SUS is responseable for them.
> I don't know (because I never set up such a Server at home) exactly if
> the SUS patches also the MS-programms (word, exel and so) but I think he
> do.
> 
> It's easy to administrate/set up, fast and effectiv for networks
> (even I dislike MS Windows).
> 
> A *NIX SUS could fetch the SRC and compile them for the needed hardware
> platform (using GCC).
> Ok I know OpenBSD is NOT MS but maybe that could be a inspiration for
> some OpenBSD-Versions later.
> 
> The LINUX-Admins have apt-get (yes they're using Debian..).
> Even the Solaris-Administrators have a tool for distributed patching
> (but I don't know the name I saw it just 2 times as I talked with them).
> 
> 
> Just my 2 Cents... and just a inspiration.
> I can life with this disadvantage but I know they're maybe not
> accaptable for a whole University Campus.


There's already an openbsdupdate.openbsd.org.mx ;)
and even a script to automate downloads from it a la windowsupdate.

I faced the same problem some time ago and came to the conclusion that
binary patching is the best solution. As you could see in the list, many of
us do that, in different ways. Some people enjoy building everything and
making release just to patch a few files; some others like me just build what
is needed and make small packages (using binpatch); the smarter ones just
download the binary patches already built from openbsdupdate.openbsd.org.mx :)

> 
> 
> vh
> 
> p.s. Sorry for my english ;)

Bad English is the international language ;)

-- 
Gerardo Santana G髆ez Garrido
http://www.openbsd.org.mx/~santana/
"Between people, as among nations, respect of each other's rights insures
the peace." -Don Benito Ju醨ez

References:
- Re: Patch Installation
  - From: van Helsing <vh@helith.net>

Prev by Date: 沥己阑促窍咯绊按丛捞脚汾且荐乐档废弥急阑促窍咯惑淬秦靛摆嚼聪促. qexkqchy
Next by Date: Re: reviewing httpd access log
Prev by thread: Re: Patch Installation
Next by thread: Re: Patch Installation
Index(es):
- Date
- Thread