Folks, my google fu and lopsa.org searches are not narrowing it down for me.
I've been handed a group that uses MacOSX and asked to craft a patch management approach for them. I use MacOSX at home, but have never managed a group of MacOSX machines (not server). We need to do some sort of patch management for these MacOSX machines. I could have sworn Ski or Leon had been in on a discussion about that long ago, but all I find is the bemoaning of a lack of Enterprise-ish tools and discussion of MacOSX vs. Linux. I'm trying to find what patch management approaches MacOSX sysadmins actually utilize, that they like. Two generic scenarios come to my MacOSX rookie mind: 1. Write ssh queries that look for OS versions and patch status, or 2. Utilize a CM tool like puppet/bcfg2/lfcg/<fill in your fave>. What do people who manage groups of MacOSX desktop machines actually use? To bound the exercise, let's just call patch management the following task. A vulnerability is announced, along with the patch. I want to generate a report that shows how many machines are affected in the denominator, and how many machines have actually been patched in the numerator. How do you manage MacOSX group patch deployment in this scenario? For this query, it doesn't matter whether your approach is home grown, open source, or commercial. _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
