Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update a single package on many host #97

Open
JGroselle opened this issue Jul 8, 2015 · 6 comments
Open

Update a single package on many host #97

JGroselle opened this issue Jul 8, 2015 · 6 comments
Assignees
@liske
Labels
enhancement
Milestone
apt-dater 1.1.0

Comments

@JGroselle
Copy link

Hello,

First of all thank you for this tool. Really efficient.
Is it possible to update a defined package for a selected group ?
For example:

  • if I want to upgrade (not install) the package libjpeg-dev on all the server in group [web]
  • if I want to upgrade (not install) the package libjpeg-dev on all the server in apt-dater

The command line should be:

apt-get install --only-upgrade libjpeg-dev

This feature is really important for us.
Thank you.
@DejavuDmitry
Copy link

I'm supporting this feature request.

@kiranos
Copy link

kiranos commented Jul 8, 2015

can you explain a scenario where you dont want to do upt-get upgrade instead of upgrade a single package. For security reasons its a good rule to follow to try to keep all packages up2date.

Im just thinking about keeping apt-dater with minimal very usable features so it dont become cluttered with features only very few uses. Would be great to hear about scenarios where you dont want to do apt-get dist-upgrade|upgrade

@JGroselle
Copy link
Author

First of all thank you for your quick answer.
About the scenario, imagine 3 servers, one PostgreSQL server and two web servers. After a aptitude update I have those package out of date:
On PostgreSQL:

  • postgresql

On web server "a":

  • openssl
  • nginx

On web server "b"

  • apache
  • php
  • openssl
  • nodejs

I do not want to update postgresql package, nginx, apache, php or nodejs, because this will be a little project, but security team want me to upgrade all the openssl packages on all the linux servers. This lead to two problems:

  1. I need to upgrade just openssl on this server, so I could press "i" and as it is already installed, apt-dater will upgrade it.
  2. I need to upgrade only openssl on all my servers but if it is not installed I do not want install it. Just upgrade all servers (on a group for example) which contain this package.

I hope I am clear.
Have a good day.

@liske
Copy link
Member

liske commented Jul 8, 2015

Hi,

as a quick workaround you might try to use the "install" function. On
Debian installing a package again will install the update. Although this
records the package as "manual installed" (while the package might be
"auto installed" due to dependencies). I think this should work on other
package managers, too.

The is a --only-upgrade option for apt-get to prevent accidentally
installing a package on a host where the package was not installed. As a
hack for Debian based systems you could press 'i' on a
section/group/host and enter something like:

--ony-upgrade pkg1 pkg2

This should upgrade pkg1 and pkg2 and their dependencies.

HTH,
Thomas

On 07/08/2015 04:18 PM, Julien Groselle wrote:

First of all thank you for your quick answer.
About the scenario, imagine 3 servers, one PostgreSQL server and two web
servers. After a aptitude update I have those package out of date:
On PostgreSQL:

  • postgresql

On web server "a":

  • openssl
  • nginx

On web server "b"

  • apache
  • php
  • openssl
  • nodejs

I do not want to update postgresql package, nginx, apache, php or
nodejs, because this will be a little project, but security team want me
to upgrade all the openssl packages on all the linux servers. This lead
to two problems:

  1. I need to upgrade just openssl on this server, so I could press "i"
    and as it is already installed, apt-dater will upgrade it.
  2. I need to upgrade only openssl on all my servers but if it is not
    installed I do not want install it. Just upgrade all servers (on a
    group for example) which contain this package.

I hope I am clear.
Have a good day.


Reply to this email directly or view it on GitHub
#97 (comment).

support@ibh.de Tel. +49 351 477 77 30
www.ibh.de Fax +49 351 477 77 39

Dipl.-Ing. Thomas Liske
DataCenter Services

IBH IT-Service GmbH Amtsgericht Dresden
Gostritzer Str. 67a HRB 13626
D-01217 Dresden GF: Prof. Dr. Thomas Horn

Germany VAT DE182302907

Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV

   professioneller IT-Service - kompetent und zuverlässig

@JGroselle
Copy link
Author

Hi,

The workaround work in my case, thank you. But it should be better to implement this option.
I think it is something really important.

Upgrade a GNU/Linux production server is not always a simple task due to the number and the type of package out of date. We are not Windows sysadmin and their "Patch & pray" policy... :-P

Have a good day. Again thanks.

@liske
Copy link
Member

liske commented Jul 17, 2015

ACK

The first step is to extend the apt-dater-host stuff to support 'selective package upgrades' before apt-dater could implement it. After a quick look at different package manager backends most of them seems to support upgrading selected packages.

HTH,
Thomas

@liske liske added this to the apt-dater 1.1.0 milestone Jul 17, 2015
@liske liske self-assigned this Jul 17, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@liske liske

Labels
enhancement
Projects
None yet
Milestone
apt-dater 1.1.0
Development

No branches or pull requests
4 participants
@liske @kiranos @JGroselle @DejavuDmitry