It’s been over a month since I’ve gotten an update.
Something has to have broken by now and I really think that I should be getting updates.
Either inform me of a new place to obtain updates via yum or put the updates out there.
There has been one CVS server update since the last batch up updates (from fedora legacy). If you aren’t running a CVS server on your box the update won’t do anything for you.
The next InterWorx update will automatically switch to the fedoralegacy updates, but since you obviously don’t want to wait :):
edit /home/interworx/etc/yum-os.conf and comment out the blocks referring to “Red Hat Linux 9 - Updates” and “Red Hat Linux 9 - OS”, and uncomment the blocks referring to “Fedora Legacy - Updates” and “Red Hat Linux 9 - Fedora Legacy - OS”
The fact of the matter is that it’s broke. If something is broke shouldn’t it be fixed.
I’m sure that if there was a serious bug to be released you folks would have released an update to change the yum-os.conf and get the update out to people.
But at that point you’d have thousands of vulnerable servers out there. Plain and simple, if it’s broke fix it.
This is what the revised file looks like for anyone who doesn’t understand what Paul is refering to. This is a quick fix that takes about two minutes. It can be done using vi (or any other command line text editor) or your FTP client’s internal editor if it has one:
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
exclude=webalizer* httpd* qmail* djbdns* courier-imap* vpopmail* ucspi-tcp* daemontools* mod_*
[updates]
name=Red Hat Linux 9 - Updates
baseurl=http://updates.interworx.info/redhat/updates/9/en/os/
[os]
name=Red Hat Linux 9 - OS
baseurl=http://updates.interworx.info/redhat/9/en/os/i386/RedHat/RPMS
#[updates]
#name=Red Hat Linux 9 - Fedora Legacy - Updates
#baseurl=http://updates.interworx.info/fedoralegacy/redhat/9/updates/i386/
#[os]
#name=Red Hat Linux 9 - Fedora Legacy - OS
#baseurl=http://updates.interworx.info/fedoralegacy/redhat/9/os/i386/
The original looked like this:
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
exclude=webalizer* httpd* qmail* djbdns* courier-imap* vpopmail* ucspi-tcp* daemontools* mod_*
#[updates]
#name=Red Hat Linux 9 - Updates
#baseurl=http://updates.interworx.info/redhat/updates/9/en/os/
#[os]
#name=Red Hat Linux 9 - OS
#baseurl=http://updates.interworx.info/redhat/9/en/os/i386/RedHat/RPMS
[updates]
name=Red Hat Linux 9 - Fedora Legacy - Updates
baseurl=http://updates.interworx.info/fedoralegacy/redhat/9/updates/i386/
[os]
name=Red Hat Linux 9 - Fedora Legacy - OS
baseurl=http://updates.interworx.info/fedoralegacy/redhat/9/os/i386/
But I share Olaf’s concern about upgrades. I know that there are several known vulnerabilities to the “final” RH9 release and as Olaf sais this leaves hundreds or thousand’s of servers vulnerable.
I really do not know why Sago/Nexcess are not more concerned about it. A vulnerable box is an easily hacked box. Sago’s answer is to install those updates from source, but many of us are not as Linux savvy as we’d like. That’s part of why we bought Interworx.
I managed to get Mailman installed using a script from Paul (my first Source install endeavor that actually worked) but he had to fix some things for me post install because something didn’t configure right.
I know that Nexcess are busy working on Fedora/CentOS versions of Interworx, but since that will require a reinstall when it’s ready (and the commensorate fees and major inconveience of reinstalling/reconfiguring everything) a lot of us are not going to do that right away.
I’m not trying to be snotty here, but I really am confused about this.