Basic Patching Script

Support for security such as Firewalls and securing linux
Post Reply
EL_Beginner
Posts: 13
Joined: 2015/02/06 23:30:32

Basic Patching Script

Post by EL_Beginner » 2015/03/09 18:24:20

Hello,

I have a few low importance utility servers running CentOS 6.6 x64 .They are basically just used as SSH jump boxes and a few little utilities installed here and there. I'd like them to just go ahead and patch themselves when ever they feel like it. I really don't care if they break, go down or anything like that. The challenge is that there is 1 package in our repos that I don't want them updating since our config management system manages that package and just immediately downgrades it.

Here is what I started with.

Code: Select all

host=`hostname`
yum clean all
yum update -y
logger "app=patching start=true host=$host message=host_was_patched"
Seemed simple enough. But what I need to is an exception to the package "facter". It appears there is an -x option on yum, but I can see this getting out of hand quick if I add a lot of packages later? Any thoughts on how best to tackle this? Any existing tools/scripts I am overlooking?
Top
skesterson
Posts: 3
Joined: 2015/03/06 14:56:45

Re: Basic Patching Script

Post by skesterson » 2015/03/10 10:17:58

How about this?

Code: Select all

echo "exclude=facter*" >> /etc/yum.conf
https://access.redhat.com/solutions/10185
Top
Post Reply

Return to “CentOS 6 - Security Support”