Re: [gentoo-server] I search a Gentoo Linux "update system"

[Brian Kroth <bpkroth@wisc.edu>]

[-- Attachment #1: Type: text/plain, Size: 5956 bytes --]

Forgot to copy the list originally:

sysspoof <sysspoof@ng-lab.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Brian
>
> Your work sounds interesting to me.
> 2 questions so far:
> - - Is it also possible to "download" the portage tree and pre-compiled 
> packages, perhaps with modified mirror url in make.conf? I use different 
> networks for the servers, so sharing is not an option.

man make.conf, PORTAGE_BINHOST is what you want.  In the tar below there's
a script, emerge-binpkg, that makes downloading those packages a little
quicker than emerge -g, which tries to maintain a cache.

> - - You wrote other features are planned, will you work them out?

At some point, when I have time.  The database schema should show you what
I have planned.  Everything is just a name value pair for the post part.

> Unfortunately I have no perl experience and I haven't got time to 
> contribute with perl. But I would appreciate to see your work. Why not make 
> it public? If I am possible to use your scripts I'd like to give you report 
> and constructive input based on practical experience.

Well, this is my second or third perl project as well.  Don't learn unless
you try, right?  I think all the relevant scripts should be in there.
Probably need to emerge/cpan some perl modules.
                                                                                                                                                                                                    
https://mywebspace.wisc.edu/bpkroth/web/update-summary-scripts/update-summary-scripts.tar.bz2

Anyone else out there do something similar?

Brian

> Brian Kroth wrote:
> | I imagine you're looking for something along the lines of WSUS.  There 
> are
> | lots of ways to organize a set of (gentoo) servers, so I don't know if
> | there's one common tool out there to accomplish this just yet.  However,
> | since it can be a chore to manage many of them individually, I've been
> | working on something kinda like this in my spare time.  The current model
> | is as follows:
> |
> | - A build server for each class of servers.  They build updates for their
> |   clients nightly.
> |
> | - "Client" servers (auto) nfs mount the portage tree and packages dir for
> |   their build server.  Each client runs some reports each night that are
> |   emailed to a common account.  The reports include the output from the
> |   following: emerge -NDu world, glsa-check -p affected, revdep-rebuild -p
> |
> | - Some procmail filters/perl scripts take each of those emails and dump
> |   them into a database for web viewing.  Various other features are
> |   planned for the web end, like inventory information, diffs of these
> |   reports, etc.  Logwatch data is also split up by type and dumped in
> |   here.
> |
> | - Another cron script sifts through the reports in the database from that
> |   day and compiles a summary report.
> |
> | Originally there were only a few servers, so a few emails to check a day
> | was no biggie, but eventually I needed a way to summarize it.  I admit
> | this is isn't the most efficient way of getting that, but its been
> | evolving rather slowly.
> |
> | Anyways, if anyone's interested I can post the procmailrc, scripts, and 
> db
> | schema somewhere.
> |
> | Here's an example of a security-check summary report.  Currently the 
> output is
> | split up by server class via data from the database and is formatted to 
> allow
> | copy and paste execution on all hosts via cssh.
> |
> | gentoo-i686ws update list:
> |         You can perform the following command(s) to update the hosts with 
> their updates:
> |         # cssh \
> |                 rocket
> |
> |         # emerge -1ka \
> |                 =net-analyzer/wireshark-0.99.7
> |
> |
> | gentoo-ppcencoder update list:
> |         You can perform the following command(s) to update the hosts with 
> their updates:
> |         # cssh \
> |                 ppcencoder01 \
> |                 ppcencoder02 \
> |                 ppcencoder03 \
> |                 ppcencoder04 \
> |                 ppcencoder05 \
> |                 ppcencoder06 \
> |                 ppcencoder07 \
> |                 ppcencoder08 \
> |                 ppcencoder09 \
> |                 ppcencoder10 \
> |                 ppcencoder11
> |
> |         # emerge -1ka \
> |                 =app-admin/syslog-ng-2.0.6
> |
> |
> | gentoo-p4srv update list:
> |         You can perform the following command(s) to update the hosts with 
> their updates:
> |         # cssh \
> |                 mysql1 \
> |                 mysql2 \
> |                 gentest
> |
> |         # emerge -1ka \
> |                 =app-admin/syslog-ng-2.0.6
> |
> | Brian
> |
> | sysspoof <sysspoof@ng-lab.org>:
> | Hello ML members,
> |
> | I am curious if there is any update system available for Gentoo Linux
> | server for corporate use.
> | With update system I mean a full concept with dist host, perhaps a
> | webinterface where you can see all available server and what packages are
> | out of date, cron job for daily --sync and world update. It should also
> | contain a guide, shows how to configure the Gentoo server for those
> | updates. For example it should recommend settings like
> | FEATURES="protect-collisions" etc.
> |
> | Any input?
> |
> | Thank you,
> |
> |>
> - --
> gentoo-server@lists.gentoo.org mailing list
> |>
>
> - --
> Patrick Grieshaber
> sysspoof@ng-lab.org
> http://ng-lab.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHgp9FPtCAYLeEIgwRAsDTAJ91R4Ow77p6Bri6ptw4MTu6/Q0bWwCfWjAd
> 65UjzQBpHsIOCVDy7bKl1RI=
> =uYMe
> -----END PGP SIGNATURE-----
>
> -- 
> gentoo-server@lists.gentoo.org mailing list
>

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 2192 bytes --]