John Rudd wrote:
Dennis Peterson wrote:
John Rudd wrote:
Dennis Peterson wrote:
Erez Epstein wrote:
Hello,
I see that about every month, there is new version,
what does one do when it has about 30 servers, that need to be
updated?
is there an automatic way?
all servers have compiled versions of clamav.
I use Cfengine. All updates happen within 30 minutes regardless of
how many systems you have to update.
cfengine has a built in script for downloading only the most recent
clamav (and not re-downloading an existing one), building it, and
installing it?
Cfengine will do what ever you tell it to do. It is a framework but
you fill in the details. There are no turnkey solutions for solving
arbitrary data center needs - only tools. Cfengine is one such tool.
One could also write a script to do this, but Cfengine is already
running here so why not use it?
Yes, I know what cfengine is, and what it does. My point was simply
saying "I use cfengine" doesn't answer the question being asked UNLESS
it comes with the full solution ready to go.
It is like being asked "Does anyone here know where to get a 5 cheese
lasagna?", and you answered "I eat food." Great ... but not really a
useful answer.
At this point I've not installed anything myself [...]
While I wasn't the original poster, the need I see in this arena isn't
really filled by what you've described. And I disagree that you haven't
installed anything yourself. You installed it in the cfengine
repository. The fact that that isn't the final destination for the
binary is splitting hairs about what it means to "install the software".
What I'm looking for is pretty much what I mentioned:
I want something that will check if there's a new source distribution
(tar, not rpm), download it, config it against some set parameters,
build it, and run some post-build scripts (which may or may not include:
test it against some known routines, inform me that a new binary is
built and ready, and/or go ahead and install it on my non-production
servers).
I could write some of it, but the fact that there isn't a simple and
consistent "http://some.site.net/some/path/clamav-current.tar.gz"; url
makes that a lot more complex. The url includes the version number,
which means you need to know what the next version number will be before
you look to see if its there (and simple incrementation may or may not
work ... for example, if I'm on 0.88.7 ... then the program may be
looking for 0.88.8 to come out ... but it looks like the next version
will be 0.90 ... so the program is going to sit there looking for
something that never arrives).
The easiest thing would be if clamav always had a clamav-current to
download. Writing the rest would be easy. And then there would be a
simple answer to "Is there an automatic version update utility", because
"I use cfengine" is not that answer.
I also could have said "I use Perl" and we probably wouldn't be having
this conversation. Any tool anyone can suggest comes with the
implication that some local effort is going to be required. Nobody has
yet written the magic.sh script that can run autonomously, scan your
network, and decide on it's own what needs to be done. For that we have
first-year admins. The OP asked how someone would replicate an
installation 30 times and I offered Cfengine. He did not ask how to
automatically download, build, verify, and distribute the product.
It is not in "installed" condition in the repository because it will not
execute while there. It is staged. The hair splitting is your contribution.
I agree with the versioning issue - it would be nice to be able to rsync
a known stable name and let rsync sort it out (or curl, wget, nftp,
whatever), but since this process cannot be automated entirely and still
have safety (the configs may change as happened in 0.90) so some
administrative time is required. It is a trivial amount of time. Or you
could watch your freshclam logs and scan for this:
WARNING: Local version: 0.88.2 Recommended version: 0.88.7
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
