[Server-devel] quasi-automatic security updates: state-of-art headed where?
Adam Holt
holt at laptop.org
Mon Aug 15 09:56:43 EDT 2016
"yum update" on CentOS regularly tells me that "yum-cron" should likely be
installed+run instead. Does anyone have experience / informal
recommendations (or just tricks-of-the-trade, no matter how hacky) around
yum-cron or dnf-automatic or similar, in Debian-land or all around?
Ideally some such/similar would:
(1) be patient enough to deal with developing world servers being offline
for many months at a time, yet smart enough to grab security updates
quickly when Internet appears unpredictably every few weeks or months (or
years, such server are almost inherently re/distributed re/donated re/sold
Without centralized control...Internet-of-Things / IoT "anarchy" fears are
indeed relevant+real ;)
(2) Ideally only download "security" updates (however informally managed,
anything closer to LTS than constant upgrades of major/minor packages!) Is
CentOS catching up to RHE on this front, or does Red Hat intentionally
differentiate its products such that Red Hat Enterprise gets security
updates faster or in a cleaner way?
(3) Avoid bloating smaller (e.g. 120GB) SSD drives & 128GB MicroSD cards
driving RPi3's and similar? Sometimes I see ~100MB/week of updates from
"yum update" which makes me wonder if yum is smart enough to fully delete
not just deprecate older/unused packages?? Hopefully I am wrong to fear
disk bloat. Or does this truly represent an estimated ~5GB/year of disk
bloat in recent years, purely for OS-level updates? (Part of a larger
challenge on how to manage bloat of log files, content files, tmp files,
user files for sure!)
(4) Email the owner of the machine (offline is increasingly online, no
matter how we slice it: offline servers will increasingly be at risk for
years to come sad to say!) Some kind of interface to Gmail or a similar
online notification service should be possible when the server reappears
online, without running a mail server heaven forbid? For moments when
truly-more-critical-intervention's required -- with the obvious risk that
excessive "nagware" and "liabilityware" warnings will be ignored or far
worse -- when local (often less-literate) operators even exist at all
within developing world schools, trying their best!
PS there's no perfect solution for sure -- Apple/Microsoft/Google spend
many, many millions on their security-auto-updating infra (nevermind
associated UX's) we just don't have. Offline security updates on a
quasi-monthly basis may be one answer, if older quasi-offline solutions
from the 1990s also/still have legit hope & lessons for us all? What
should such services cost, if it comes down to money?
As real-world challenges evolve: what practical non-puritanical compromises
are evolving out there in CentOS-land / Debian-land / Etc as "offline
increasingly becomes online" ? (as serious online risks increasingly reach
offline servers, IoT devices, etc...what quasi-automatic security update
regimes should we be looking at for the coming decade, realistically?)
Thanks for ideas facing up to these existential challenges uniting us all,
knowing there's a serious diversity of opinions / tripwires / threat models
/ mitigations out there quite naturally!
--
Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/server-devel/attachments/20160815/919b84dd/attachment.html>
More information about the Server-devel
mailing list