Hi All,
The latest security issue with sudo (
https://access.redhat.com/errata/RHSA-2021:0221 ) is making me
look at how we distribute updates with xcat.
I'd appreciate hearing how others do this to keep it timely without necessarily
re-building the
entire fleet or needing to go into maintenance mode.
We have an osimage list and within most of those we have a set of pkgdir set:
pkgdir=/install/centos7.8/x86_64,/install/epel/7/x86_64,/install/centos-updates/7.8/x86_64
(our last maintenance window was the day before 7.9 was released. Timing was
not excellent)
I'm wondering if it wouldn't be smarter to just have these repos instead:
/install/centos/7/x86_64
/install/epel/7/x86_64
/install/centos-updates/7/x86_64
so we don't need to change our osimage defs all the time?
Today's security issue has created a lot more work than I'd strictly like - in
situations like this
I'd like to be able to sync my repos, and then `xdsh yum update -y sudo` and
leave it at that.
How does everyone else manage this?
cheers
L.
--
Lachlan Simpson
Research Technology Services
UNSW Research Technology Services
Level 3, Chemical Sciences Building F10
UNSW SYDNEY NSW 2052 AUSTRALIA
E: [email protected]
W: https://research.unsw.edu.au
T: (+612) 9065 4056
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
