Re: [K12OSN] WARNING: V2.1 compromised was: New Server
Dragos Manac (dragosh@lsd.ro)
11 Mar 2003 23:48:48 +0200
On Tue, 2003-03-11 at 22:24, Steve Wright wrote:
> Dragos Manac wrote:
> >More like once a day, using grab.
> >And use a firewall, and a good IDS, and backup, and have monitoring
> >tools and so on and so forth.
>
> Tell us about "grab".. never heard of it. How do you use it ? a conf
> file for it ?
http://www.runlevelzero.net/greg/grab/
Basically grab is apt-get done right.
You install it (it only requires per-lib-net), run it once (grab --help
is a good start), that's when it installs it's config files (/etc/grab),
you only have to edit /etc/grab/server and add some mirrors. It knows
how to recognize the newest rpms available and how to search location
for new ones, it doesn't require some special setting on the mirror
machine. It reads the package header so the process of creating a local
database is pretty slow and resource demanding, after that it all goes
smooth.
My home example, I have 6 machinesin in my room , 5 of them running
different versions of redhat, I've set up one of them as a repository,
mounted the iso's of all the redhat versions on it, mirrored
redhat-updates, and added one rpm-contrib directory, exported it trough
ftp so that it could be used remote (internally NFS works as well,
didn't use it because I wanted a standard config file).
I have on universal config file and I comment unneeded stuff on each
machine, on my workstation it looks like this:
server powder.lsd.ro /loop/rh80/1/RedHat/RPMS rh80-1
server powder.lsd.ro /loop/rh80/2/RedHat/RPMS rh80-2
server powder.lsd.ro /loop/rh80/3/RedHat/RPMS rh80-3
server powder.lsd.ro /loop/rh-updates/8.0/en/os/i386 rh80-updates
server powder.lsd.ro /loop/rpm-contrib contribs
after this step you just need to run grab --update (builds its database,
takes some time, I also have a script on cron.daily that does this
automatically in order to re-index the updated files).
In you dial-up situation you could just add the nearest redhat-updates
mirror and use what you really need from there.
Well, when its all ready you can run: grab package and it autmagically
installs its, resolving the dependencies. It has features like --search,
--install, --sysupdate (gives you a list of all the packages that need
to be updated and lets you choose which one of them you will update).
It has some other neat features, you really should try it out.
>From what I saw there are just minor problems, sometimes it doesn't
install *lib *lib-devel packages, but they are downloaded in
/var/cache/grab/RPMS and you can install them by hand. I've used it for
some time, it never messed up things, when something is too hard for it
instead of spoiling you day it lets you do the work. I always install
the minimum packages and then grab whatever I need.
When it comes to packages this is the right tool for RedHat users. I can
understand the commercial reasons for which RedHat distributes only
up2date and I cannot blame them, after all installing grab is a
20seconds job.
I've also tried out apt-get rpm (from conectiva if I'm not wrong) and
YUM (Yellow dog Updater, Modified), none even compares to grab.
That's it, use it and tell me if you like, I've rarely seen a tool as
useful as this.
PS: The OS-distro-l33t-h4x0r-security wars got to me today, I apologize
for my early violent reaction, there went my first (BAD) impression, as
always...
Thank you David for telling me to chill out, a beer, some Rammstein
songs and 2 episodes from SouPark did the trick ;-), now I'm eager to
complete my 20 hours a day medium computer usage period.
Best regards,
Dragos
> regards,
> Steve
>
> p.s. Logged in as root, we learn to before pressing .
> On-List, it is no different. Be careful out there.
--
I'm sorry if the correct way of doing things offends you.
_______________________________________________
K12OSN mailing list
K12OSN@redhat.com
https://listman.redhat.com/mailman/listinfo/k12osn
For more info see