Deploying Red Hat Workstations
Tom 'Needs A Hat' Mitchell
mitch48 at sbcglobal.net
Wed Mar 17 20:58:52 UTC 2004
On Wed, Mar 17, 2004 at 02:40:39PM -0500, Chris Purcell wrote:
> Date: Wed, 17 Mar 2004 14:40:39 -0500 (EST)
> From: "Chris Purcell" <redhat at cjp.us>
> To: <fedora-list at redhat.com>
> Subject: Re: Deploying Red Hat Workstations
> Reply-To: For users of Fedora Core releases <fedora-list at redhat.com>
>
> >> 1) each workstation would execute a cron job daily that would download
> >> a script from our central server each day
> >
> > I take it that the script is doing more than updating rpm packages.
> >
> > Can you make a pseudo code type list of what you intend
> > to allow and exclude this script from doing.
>
> Well, its just an idea at this point, I haven't actually written anything
> yet. All the script would do is grab whatever changes need to be made
> from a central server (using scp), and then do whatever needs to be done
> with them. If I need to place a Perl script in /usr/bin on everyones
> machines, the script would simply scp the script to /usr/bin. If I needed
> to install an RPM, the script would download the RPM and then install it.
> Nothing too fancy.
>
> Right now, I'm leaning towards creating a central apt-get (or yum) server
> and packaging up any changes into an RPM package.
A yum server is easy to build and manage.
Others have posted on how to do this.
Yum can be run from cron so this sounds like the 80% solution.
RPM packages have checksums and are signed so with the right
care this is a sane and safe thing.
You can build and sign rpm packages to distribute things specific to
your business. Pre and Post scripts can do 'interesting things'. That
should cover the next 15%.
At the point you distribute confidential content make sure that the
web server is cautious about who connects, including robots.
--
T o m M i t c h e l l
/dev/null the ultimate in secure storage.
More information about the fedora-list
mailing list