help-cfengine
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: automating redhat package updates?

From: John Valdes
Subject: Re: automating redhat package updates?
Date: Tue, 3 Jul 2001 00:10:13 -0500
User-agent: Mutt/1.2.5i 
On Sun, Jul 01, 2001 at 12:33:51PM -0700, Philip J. Hollenback wrote:
> Here's something I want to solve with cfengine but I haven't figured
> out the best way to do it: automated package installs.
[...]
> Has anyone implemented this?  It seems to be a fairly general issue
> which would turn up on just about any modern OS.

We've done this; we've automated software package installation as well
as OS patch installation for SunOS (solaris) and Linux (RedHat) using
cfengine.  What we did was create two cfengine modules, one for
handling software and one for patches.  The modules query an SQL
database for a list of software and patches which should be installed
on a given system, compare the lists with what's installed on the
system, download any necessary files from a private anonymous ftp
server, and finally install (or remove) the packages or patches.

Where cfengine comes into play is that the modules will define classes
for any packages or patches which are installed, which can then be
used by cfengine's various actions (shellcommands, processes,
editfiles, etc) to complete the installation of the package or patch.
For example, if a package installs a new daemon which runs under inetd
control, a class will be defined which can then be used by editfiles
to add a line for the daemon in /etc/inetd.conf which in turn will
define another class to be used by processes to send a SIGHUP to
inetd.

We still need to document what we've done more thoroughly, but you can
find examples of our modules as well as a copy of a paper we've
written about it (it's a little low on specifics; it discusses more
the motivation and background of the system we implemented) at
http://astro.uchicago.edu/~davidr/cfengine-tools/.  The intent of the
files there are mainly to serve as an example of one way of automating
software & patch installs; they're not really meant to be downloaded
as used as it.

John

-------------------------------------------------------------------------
John Valdes                        Department of Astronomy & Astrophysics
valdes@uchicago.edu                                 University of Chicago
reply via email to
[Prev in Thread] Current Thread [Next in Thread]