We have somewhere around 15 linux boxes and I'm about to sign-up to Progeny service - 5$ per box a month for security updates that RH won;t issue anymore for RH7-9.
They say I should simply go to their site (when subscribed) and download available updates.
A couple of questions:
1. The say 'download and install it', which is the manual thing, they don't provide up2date service so it looks like everything is manual. Any ideas on how to automate the deployment anyway?
2. Is there anyway to figure out which security updates by box DOES NOT have? LIke with wiindows update...you go to their site, it scans your computer and tells which updates are not installed (should be installed) on your PC?
Apt won't work as this is not really a progeny thing....this is progeny taking on legacy support for redhat systems for those who got fucked over when RedHat dropped support.
That said, perhaps they do provide apt repos (apt is available for redhat at http://apt4rpm.sf.net/ ). I can't accept a service like this offering manual downloads only, especially from a debian-based company. Have you emailed their support on this issue? This would certainly solve all your problems.
If they don't provide apt repos, it's probably possible to manually query the RPM database to find out what you have and don't have. I really have no idea how to go about doing this, but once you find out where the database is/how it works it should be a matter of throwing together a perl script or two.
Ok well the only thing I can think of is to have some sort of master server that you would sit at and and d/l and install this stuff on but then setup the other boxes to grab the d/led things from that master box via up2date or some other automated update system. Maybe that would then get around the whole $5/box/month thing you'd only be using it for one box :P
I would reccomend making a local apt/yum repository for the rpms and having all of the clients point to that. I am not sure if the up2date for RH7-9 can be updated to the new one, but that would allow the up2date daemon to autupdate them then.
Well either is fine. Apt is the port from debian (well documented here. Yum is a completely independent way of doing it which is both better in many ways and worse in some. Namely the fact that it does talk to the repository toi get the whole list of current packages EACH time you try to do something. Yum is detailed here. I personally would say go for yum simply because I prefer the simplicity of it, and for the fact it was designed to deal with RPMs as opposed to DEBs (as to what apt is for). Honestly though, after stepping back for a moment, both can do the job for you and well at it.
I say pick one, go with it, and let [s]me[/s] us know how it went. a PET would be cool ... hint hint hint ;D