General :: Check Number Of Pending Security Updates In Ubuntu
Oct 15, 2010
I have been forbidden to enable automatic updates on our Ubuntu servers, for both security and regular packages.When I log into any of my four Ubuntu servers, the welcome message contains this:
39 packages can be updated.
26 updates are security updates.
However, when I run the Nagios plugin that monitors APT, I get:
% /usr/lib/nagios/plugins/check_apt
APT WARNING: 33 packages available for upgrade (0 critical updates).
I need to know how to properly detect that there are pending security updates, and regular updates. Once I can do that, I plan to write a Nagios script that will return WARNING for pending regular updates, and CRITICAL for pending security updates.
I have one of my Red Hat 5.4 box connected to the RHN and I managed to download and install selected files and updates. Lately, it has stopped doing so. I can go to the RHN webpage and select/apply the uppates I chose. But when I run the command "rhn_check", all I get is this
if i have not registered my RHEL at RHN then how will I check new errata and updates of my rhel servers. As my organisation policy don't allow me to register my RHEL servers at rhn due to security issue.
I'm running CentOS 5.4 and noticed that for the past month there haven't been any new updates showing up either on 'yum check-update' or 'yum update' (I'm interested in basic and security updates). Although this may be right, I wonder if there is an online reference where I can check the updates that are released for CentOS (security bulletins) and make sure if there is anything wrong with my update system.
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
I have a heavily used file server that I want to restart, then if it requires e2fsck's on any volume to run them after it restarts. The only problem is that the server is rarely rebooted, and they said it might kernel panic because its been so long. I've heard there's a way to have it go past the kernel panic if it does happen, but I'm not sure how to do that or the other stuff.If it was a Windows server, I would schedule a shutdown with the force switch, and have the chkdsk's already scheduled for each volume on reboot. But for RHEL, I really don't know.I'm hoping this can be done, so that way I can have it kick off at say 7am, then when I get in at 8am it will probably be near the end of the e2fsck's so I can see what's going on.
I'm trying to do an online security check on my Linux system.I would like to do a Firewall/Antivirus test. What free online sites do you know?For instance, I use ShieldsUp to test some firewall's components.Does someone recommend anything else?I still can't find a site that tests for the presence of virus/malware installed.Are there any?
Im trying to make a script that will test the suitability of a password. I understand that all the features I want are in the /etc/pam.d/common-password file. From here I can change the length of a password, what characters must be in a password, if the words are in the dictionary, etc... but I don't know how to change these values by using a script. I want it in a script because I want to be able to suggest a more suitable password if the original password doesn't meet the criteria.
when i open update manager, i click check for updates, than i get this:
W:Failed to fetch http://archive.canonical.com/ubuntu/...source/Sources 404 Not Found , W:Failed to fetch http://archive.canonical.com/ubuntu/...-i386/Packages 404 Not Found
I didn't realize my system drive had filled up... and TaskWarrior overwrote my 'pending.data' with a 0-byte copy. d-: I had worked SO hard to get all my tasks imported from various other notes (many of which I deleted along the way), and hadn't yet prepared for the possibility of data loss. Should've set it up to use my Dropbox...why doesn't TaskWarrior make ANY backup buy default? That data is so important, and yet so small and trivial to backup. Anyway, my 'undo.data' is totally intact and seems to contain all the information theoretically needed to reconstruct 'pending.data'. Unfortunately right now I have no sample 'pending.data' to look at. d-: OR: does anybody know of a simple Linux utility I can use to recover previous file versions? It's possible no data was overwritten, since the replacement is empty.
I am trying to open one site.When i open at home or internet cafe or at my friends place it opens properly but when i try to open it in my office i get this error and some other page opens "This domain is parked, pending renewal, or has expired.Please contact the domain provider with questions."
But when I install new updates for Ubuntu and restart my computer to apply those updates.... a new Ubuntu with different number appears on the list of the operating systems that I need to choose from
[Code]...
does this mean every time I updated Ubuntu I'll have additional OS on my device?
The last round of updates to 10.04 changed the initrd image, which I wasn't expecting. How do I check the updates to make sure that this is in fact the expected behavior? I.e., how do I go back and check which updates were supposed to have been installed, check what was actually installed, and see which one modified the initrd and why?
In my project i cannot determine the number of check list initially. I will know dynamically during execution.How to specify the number of check list dynamically in zenity.
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
I recently upgraded to Fedora 15 from Fedora 14 using preupgrade. Most of the applications are working fine. But I am finding now that the OS does NOT check for updates. I am having to manually do the update each time although it is set to check for updates daily.
However, when I manually update using the code (below), it works fine.
Does anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
Starting with Ubuntu Server 9.04, when I log in at times the OS smartly reports the number of updates available. I have a couple of questions of how to extend this functionality:
1) How could I back-port that functionality to 8.04 servers? Does that happen somewhere in the /etc/cron.daily/apt script? (Just the checking on # of packages needing updates, does not need to appear on the login screen.)
2) Then with that information, if the number >0 then use mailx to send admins an email. Since 9.04 and higher already do the first item, then in my mind #2 is the only thing needed for 9.04 and higher servers, and #1 is also needed for 8.04 boxes.
I ran update through the terminal and rebooted i get this error message on start up and again after I log in Please Help!! I'm running Ubuntu 11.04 using unity 2d and the latest version of Gnome 2 on a Dell Inspiron 5150 laptop There is a problem with the configuration server. (/usr/lib/libgconf2-4/gconf-sanity-check-2 exited with status 32512)
I currently have Red Hat 5.4 installed and subscribed to red hat network for alert updates.The updates will be done by our administrator but I will like to check if the admin has done so on a weekly basis. Is there a command that generates a report or allows me to check if certain updates has been patched? I understand running a yum update will list all applicable patches. Should we just simply update all or only certain applications applicable to our organization environment?
