[wplug-announce] The Open Pitt, Issue 16

Vance Kochenderfer vkochend at nyx.net
Fri Sep 30 13:25:39 EDT 2005


PDF version: <http://www.wplug.org/top/wplug-top016.pdf>

                              THE OPEN PITT
      What's cooking in Linux and Open Source in Western Pennsylvania

===========================================================================
Issue 16                        August 2005                   www.wplug.org
===========================================================================

In this issue:
  Keeping Your Linux System Updated
  August Roundup
  Bylaws Update

---------------------------------------------------------------------------
                               Coming Events

Oct. 1:  Ohio LinuxFest 2005.  Columbus, Ohio: see
         <http://www.ohiolinux.org/> for details
Oct. 15: General User Meeting, Topic: Weblogs and Open Source.  Also:
         Board Nominations.  10am to 2pm, 1507 Newell-Simon Hall, CMU
Oct. 22: Tutorial, Topic: Intro to Objective C.  10am to 3pm, 1507 Newell-
         Simon Hall, CMU
Nov. 5:  General User Meeting/Election Meeting.  10am to 2pm, 1507 Newell-
         Simon Hall, CMU

                    The public is welcome at all events
---------------------------------------------------------------------------

Keeping Your Linux System Updated

Applying updates to your computer's software is a lot like changing the oil
in your car.  Although a few people out there might derive pleasure from
doing both of these things, for the rest of us it's a bit of drudgery that
we know needs to be done, yet probably don't take care of as often as we
should.

Ten years ago, such neglect wasn't a big deal.  Updates tended to focus on
correcting bugs in software functionality, and if it wasn't obviously
broken there was little need to fix it.  But in today's world of always-on
Internet connections, security concerns have moved to the forefront.  Bugs
in software packages you didn't even know were installed on your system can
allow an attacker to gain superuser access and take control.

If your machine is compromised, it's not just a problem for you.  Malicious
individuals use armies of these "zombies" to send out spam and break into
others' systems.  Although it is by no means a complete security program,
keeping your software up to date reduces your vulnerability and is one way
to be a good neighbor to others on the network.

Here's a review of some major Linux distributions and how to keep them
current.

Fedora
The traditional way to get updates in Fedora Core is by using the up2date
tool developed by Red Hat.  This puts a check-mark icon in the system tray
that turns into a red exclamation mark when updates are available.  You can
download and install them by clicking on the icon.

Another option is yum, which stands for "Yellow Dog updater, modified."
Its name gives away the fact that it was originally developed for Yellow
Dog Linux, a variant of Red Hat that runs on Apple and other PowerPC
hardware.  Yum can be run as needed or set to check for updates each day by
issuing the commands "chkconfig yum on" and "service yum start" at a root
prompt.

As installed, Fedora systems download their updates from a single
overloaded server at Red Hat, so you may want to change this to a closer
and less-busy mirror.  More help can be found at
<http://fedoranews.org/contributors/alexander_dalloz/mirror/>.

Red Hat Enterprise Linux
Like Fedora, Red Hat's enterprise offerings also use up2date.  However,
updates come from the Red Hat Network, a dedicated set of servers that also
offers additional management services.  A Red Hat Enterprise Linux
subscription starts at $179/year for client workstations and $349/year for
servers.

SUSE
Both the commercial versions of SUSE and their free counterpart openSUSE
use YaST (Yet another Setup Tool) to handle many system administration
tasks.  Part of this is YOU (YaST Online Update).  You can run YOU
periodically, or use the SUSEWatcher auto-notification as described in
<http://www.novell.com/coolsolutions/feature/11823.html>.  If you prefer to
use the command line, run "online_update -h" for information on a tool
that's easy to script or run as a cron job.

For the enterprise versions of SUSE as well as Novell Linux Desktop,
updates can be performed with the high-powered ZENworks management suite. 
Its capabilities and pricing options are far too complex to describe here,
so check out the Novell web site for further details.

Mandriva
As with many tasks, this is handled through the Mandriva Linux Control
Center.  You'll find the update function under Software Management; when
run for the first time it will give you a list of mirror servers to choose
from.  After that, it's a matter of checking for new updates on a regular
basis.  This is actually just a graphical front end for urpmi, Mandriva's
package management tool.  Another way to download and apply updates would
be to run "urpmi --update --auto --auto-select" at a root prompt (you need
to select a mirror before doing this, though).

A paid service called Mandriva Online provides e-mail notifications and can
also automatically install updated packages.  Subscriptions are $22 per
year or free for Mandriva Club members at the Silver level and above.

Debian
Debian users love to point out that simply typing "apt-get update &&
apt-get upgrade" at a root prompt will bring your system up to date. 
Another option is Aptitude, a menu-driven (but still text-based) program
that can handle all aspects of package management.  If you'd rather point
and click, Synaptic provides an easy-to-use graphical interface. 
Additional helpful tips can be found at
<http://www.debian-administration.org/articles/241>.

Ubuntu
In keeping with its philosophy of making things simple and straightforward,
Ubuntu includes the friendly Update Manager, as well as an Update Notifier
icon to tell you when new packages are available.  Of course, as a
Debian-derived distribution all of those methods can be used as well.

The Hard Way
As we've seen, there are numerous tools out there to make updating easy.
But sometimes, things can go wrong and you have to fall back to a more
manual method.  This can happen if, for example, there's a bug in the
update manager itself.

Systems which use RPM packages can have upgrades applied with the "freshen"
option to rpm.  Place all the RPMs to be installed into a single directory
and run "rpm -Fvh ./*.rpm" as root.  Packages are only installed if you
already have an older version, so you don't have to be careful about which
updates are in the directory.

You can install DEB packages by running "dpkg -i filename.deb" on Debian
and related distributions, substituting the actual file name of course.  To
install _all_ of the DEB files in a directory or its subdirectories, use
the -R option to dpkg.

No matter which method you prefer, keeping current is an essential part of
system administration.  Don't let yourself fall behind.

---------------------------------------------------------------------------

August Roundup

Aug. 7 Open Source Picnic: Held at Snyder Park in Whitehall Borough,
WPLUG's 4th annual picnic brought out a couple dozen people for an
afternoon cookout.  The day included games, conversation, and copious
amounts of food.

Aug. 13 General User Meeting: Beth Lynn Eicher discussed performing
security audits using Linux live CDs.  After recommending distributions
like Knoppix-STD and WHAX, she went into the reasons for conducting an
audit and important legal and ethical issues.  Beth then presented several
scenarios and techniques such as capturing packets, port scanning, and
recovering passwords.  A PDF copy of her slides is available at
<http://www.wplug.org/meetings/one-meeting?wp_meeting_id=3187>.

---------------------------------------------------------------------------

Bylaws Update

Nominations for the Board will be taken at the October 15 General User
Meeting.  Members may nominate any eligible member, including themselves.

Once nominations are in, ballots will go out to all registered members. 
They can be returned according to the instructions on the ballot, or
brought in person to the election meeting to be held on November 5.

E-mail announcements have been sent to all members--if you haven't received
any, you may not be registered.  To resolve any problems, contact the
Secretary at <wplug at borkware.com> or the Chair at <bethlynn at wplug.org>.

===========================================================================
The Open Pitt is published by the Western Pennsylvania Linux Users Group
<http://www.wplug.org/top/>

Editors: Elwin Green, Vance Kochenderfer

Copyright 2005 Western Pennsylvania Linux Users Group.  Any article in
this newsletter may be reprinted elsewhere in any medium, provided it is
not changed and attribution is given to the author and WPLUG.


More information about the wplug-announce mailing list