Slashdot Mirror
Cross-Distro Remote Package Administration?
tobiasly writes "I administer several Ubuntu desktops and numerous CentOS servers. One of the biggest headaches is keeping them up-to-date with each distro's latest bugfix and security patches. I currently have to log in to each system, run the appropriate apt-get or yum command to list available updates, determine which ones I need, then run the appropriate install commands. I'd love to have a distro-independent equivalent of the Red Hat Network where I could do all of this remotely using a web-based interface. PackageKit seems to have solved some of the issues regarding cross-distro package maintenance, but their FAQ explicitly states that remote administration is not a goal of their project. Has anyone put together such a system?"
Maybe that works for your home network, but SSH'ing to 25 or (maybe a lot) more different boxes to repeat the same task is a bit tedious. Hey, doesn't this sound like the kind of automated task a computer might be good at?
Uh, right. Like putting ssh commands into a script?
ssh user@host aptitude update
Set up key based login and you don't even have to type passwords. By the sounds of it he needs to pay some attention to each individual machine anyway, as he has multiple distros and wants to determine which patches he needs for each box.
Because as any decent linux-server-farm admin, you have a closely controlled local repository mirror that only has updates you specifically add.
You could also use nagios and check_apt/check_yum to alert you of out of necessary security updates, put a script for installing updates on every box (different script for centos/ubuntu, but same syntax), create a user who is added to sudoers for only that script, and create an ssh key for authentication...
Then you can feed the list of hosts that need updating into a script which will ssh to each one in sequence and execute the update script followed if necessary by a reboot..
http://spamdecoy.net - free throwaway anonymous email - avoid spam!