[Spacewalk-list] help - who to apply security patches/erratas only
rhn-satellite at epperson.homelinux.net
rhn-satellite at epperson.homelinux.net
Thu May 17 19:44:47 UTC 2012
On Thu, May 17, 2012 13:20, Musayev, Ilya wrote:
> I’m thinking on how to do this in programmatic way
>
>
> 1) gather a list of security errata applicable to specific group of
> hosts via spacecmd or API.
>
>
> 2) Clone a channel and add only applicable security erratas to this
> channel, also via spacecmd or API.
>
>
> 3) Assign channel to needed hosts and push the packages that are
> applicable via security errata. You should only have security packages
> appicable if done right.
>
This is basically how we do it. We use the API for 1&2 and the gui to do
3. We have a QA clone channel and a production one. After resolving
issues for a push from the QA channel to the QA group, we clone prod from
QA and push to the prod group. We have a cron job that puts systems into
QA or prod group nightly depending on whether they're subscribed to a QA
or prod base channel.
More information about the Spacewalk-list
mailing list