On Mon, Oct 28, 2013 at 12:52:30PM +0100, Philipp Born wrote: > Hi, > > we're looking for something a bit WSUS-like for Debian (and Ubuntu) > to roll out updates etc on our Debian- and Ubuntu-based > infrastructure. We've already tried Landscape (the licensing fees > are not economically for us) and Spacewalk (which would be perfect, > if it would correctly recognize all packages..) > > What we definitely need is > - webinterface > - should do its own update lookups > - should tell all and/selected clients to install/update > all/selected packages > - communication needs to be client-initiated (internal routing won't > allow anything else) > - Permissions (limit certain users to certain systems, user xy can > see updates but not start a rollout) > - logging (very important, every action done needs to be logged somewhere) > > Also LDAP-Authentification would be a nice-to-have. > > Would be great if it would be an (active) open source project. > > Maybe you know something usable that would fit somehow these requirements? > What if you created your own repository with only approved packages? Then you could configure all your machines to update based on that repository only.
To avoid replicating the entire debian repository, maybe you could duplicate only the security and updates repos, and let the machines have access to repositories like this: deb http://ftp.us.debian.org/debian/ wheezy main #should be pretty much static deb http://localsecurityrepo/ wheezy main deb http://localupdatesrepo/ wheezy main I realize this doesn't address a lot of the needs you listed, but maybe the answer is to just set your machines to automatically update every night, and they'll get whatever updates you have put into your local repository. -Rob
signature.asc
Description: Digital signature
