Difference between revisions of "Manual Package Updates"

From NST Wiki
Jump to navigationJump to search
(New page: Currently, there are no packages which have "add-ons" which need to be manually updated. = Packages Which Have Updates = * The clamav package should ship with the latest signatures (this...)
 
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
Currently, there are no packages which have "add-ons" which need to be manually updated.
 
Currently, there are no packages which have "add-ons" which need to be manually updated.
  
= Packages Which Have Updates =
+
* Update the IAB and OUI files used by the arp-scan utility (use NST WUI to get two new ones download then transfer to ''src'' directory for the ''arp-scan'' RPM).
  
* The clamav package should ship with the latest signatures (this should be automatic in the configure/build process).
+
= Check Package URLs =
  
* The Metasploit exploits are no longer updated during the packaging. They are now updated as needed by the end user after the distribution.
+
There are many ''pkginfo.xml'' files which are associated with the RPM packages making up the NST yum repository. Each of these ''pkginfo.xml'' files will have two or more URLs. As time goes by these URLs may ''move'' and need to be updated. You can run the ''make url-check'' command from the ''yum'' directory to:
  
* The nikto package has a update feature, but at this time it is not done prior to build the ISO image.
+
* Extract the URLs from each fo the ''pkginfo.xml'' files.
 +
* Run the ''curl -head'' command on each of the extracted URLs.
 +
* See '''ok''', '''skip''' or '''FAIL''' displayed on the screen next to each URL as it is checked.
 +
* Create two log files: ''url-check.log'' and ''url-check-details.log''.
 +
 
 +
Here is a example of running the command:
 +
 
 +
[root@taco-dev32 dev]# cd yum
 +
[root@taco-dev32 yum]# make url-check
 +
[ok]  file:///root/dev/yum/pkgs/ipsc/src/ipsc-0.4.3.tar.bz2
 +
[ok]  file:///root/dev/yum/pkgs/nst-disk-speed/src/seeker.c
 +
[ok]  file:///root/dev/yum/pkgs/smtpclient/src/smtpclient-1.0.0.tar.gz
 +
[ok]  file:///root/dev/yum/pkgs/tcptrack/src/tcptrack-1.4.2.tar.gz
 +
 +
... output continues as all URLs are checked ...
 +
 +
[root@taco-dev32 yum]#
 +
 
 +
If you just want to see the list of URLs with issues, you can run the following '''grep''' command on the generated log file:
 +
 
 +
[root@taco-dev32 yum]# grep -v ok url-check.log
 +
[skip] git://github.com/gnumaniacs/netsniff-ng.git
 +
[root@taco-dev32 yum]#
 +
 
 +
NOTE: The ''skip'' entries indicate protocols which '''curl''' is unable to handle and verification is skipped. If you would like to verify the skipped entries, you will need to do it manually.
 +
 
 +
= Check Date Change Logs =
 +
 
 +
Run the following command to verify that all change log dates in the spec files are good.
 +
 
 +
[nst28-repo@nst yum]$ make changelog-date-check
 +
all - Changelog date(s) ok
 +
[nst28-repo@nst yum]$

Latest revision as of 13:05, 13 June 2021

Currently, there are no packages which have "add-ons" which need to be manually updated.

  • Update the IAB and OUI files used by the arp-scan utility (use NST WUI to get two new ones download then transfer to src directory for the arp-scan RPM).

Check Package URLs

There are many pkginfo.xml files which are associated with the RPM packages making up the NST yum repository. Each of these pkginfo.xml files will have two or more URLs. As time goes by these URLs may move and need to be updated. You can run the make url-check command from the yum directory to:

  • Extract the URLs from each fo the pkginfo.xml files.
  • Run the curl -head command on each of the extracted URLs.
  • See ok, skip or FAIL displayed on the screen next to each URL as it is checked.
  • Create two log files: url-check.log and url-check-details.log.

Here is a example of running the command:

[root@taco-dev32 dev]# cd yum
[root@taco-dev32 yum]# make url-check
[ok]   file:///root/dev/yum/pkgs/ipsc/src/ipsc-0.4.3.tar.bz2
[ok]   file:///root/dev/yum/pkgs/nst-disk-speed/src/seeker.c
[ok]   file:///root/dev/yum/pkgs/smtpclient/src/smtpclient-1.0.0.tar.gz
[ok]   file:///root/dev/yum/pkgs/tcptrack/src/tcptrack-1.4.2.tar.gz

... output continues as all URLs are checked ...

[root@taco-dev32 yum]# 

If you just want to see the list of URLs with issues, you can run the following grep command on the generated log file:

[root@taco-dev32 yum]# grep -v ok url-check.log
[skip] git://github.com/gnumaniacs/netsniff-ng.git
[root@taco-dev32 yum]# 

NOTE: The skip entries indicate protocols which curl is unable to handle and verification is skipped. If you would like to verify the skipped entries, you will need to do it manually.

Check Date Change Logs

Run the following command to verify that all change log dates in the spec files are good.

[nst28-repo@nst yum]$ make changelog-date-check
all - Changelog date(s) ok
[nst28-repo@nst yum]$