| Tobias DiPasquale on Mon, 15 Apr 2002 19:09:35 -0400 |
|
Gabe, I've heard that a lot of people stuck in your situation will create their own RPM's from the source tarball. I've never done this, I always just installed from source what didn't work as an RPM, but this seems to be the way to go for having to update a lot of machines. You might try apt-rpm, if you haven't already, but I think that uses the same channels rpmfind, so that prob. wouldn't do you much good. Worth a try, though. I, too, moved away from RH for that reason, and I'm sorry I can't be of any more help to you. On Mon, 2002-04-15 at 17:57, gabriel rosenkoetter wrote: > Fair warning: the last time I dealt with RedHat systems (RH 6.2) > problems similar to those I'm having now pissed me off so extremely > that I swore I'd never use RH again. But now it's the mandate at my > workplace, so there's not a whole lot I can do about it. (So, "just > use Debian and apt!" is not an answer I need to hear, because I'm > already saying that without effect.) > > I was handed a machine on which I was assured that RedHat's up2date > had already been run (I cannot re-run up2date, as I don't have > access to the account with RH which is used to update it; long > story... in the long run, this machine will use up2date, but it's > not right now). > > One of the first things I do when I'm responsible for a new machine > is make sure that security-scary things are up to date. Since > OpenSSH has been having root holes about every two weeks lately, > it's high on the list: > > # ssh -V > OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f > > Whoops, that's no good. Hey, I thought they said this machine was > updated... > > # rpm -qa | grep openssh > openssh-askpass-gnome-2.9p2-12 > openssh-clients-2.9p2-12 > openssh-2.9p2-12 > openssh-server-2.9p2-12 > openssh-askpass-2.9p2-12 > > Curious. Well, how 'bout we find upgrades for those: > > # rpmfind --upgrade openssh > Resource openssh : no need to upgrade > > Hrm. Weird. You sure? > > # rpmfind -v -v --upgrade openssh > Host : foo.bar.dom, Country: 840, Zones 0 0 0, Continent 1 > Arch : i386, Os : Linux > Default distribution : Red Hat, Inc.(Red Hat Linux) > owning 1099 of 1105 installed packages > findResource openssh > Resource openssh is provided by: openssh-2.9p2-7 > lookupRemoteResource openssh > Get http://speakeasy.rpmfind.net//resources/openssh.rdf > Fetching : http://speakeasy.rpmfind.net//resources/openssh.rdf to /root/.rpmfinddir/fetch9383 > HTTPRequest returned : -1 > Failed ! > Get rpmfind.net/resources/openssh.rdf > Fetching : rpmfind.net/resources/openssh.rdf to /root/.rpmfinddir/fetch886 > Failed ! > Error fetching openssh metadata > Resource openssh : no need to upgrade > > Oh, I see you're just hiding error messages from me. That's just > swell. But what does this mean? That I need to upgrade rpmfind? As > near as I can tell from rpmfind's web interface, rpmfind-1.7-2 is > the current version. So which version am I running? Well, there's > some dispute about that: > > # rpm -q rpmfind > rpmfind-1.7-2 > # rpmfind --version > rpmfind: unknown option --version > rpmfind 1.6 : RPM packages search engine > [...] > > Huh? > > In any case, I can grab the openssh packages one by one, rpm -e the > old packages, then rpm -i the new ones, only but that doesn't > actually work: > > # rpm -i ftp://speakeasy.rpmfind.net/linux/redhat/updates/7.2/en/os/i386/openssh-server-3.1p1-2.i386.rpm > error: unpacking of archive failed on file > /usr/libexec/openssh/sftp-server;3cbc105e: cpio: read > [root@mta1 root]# which sshd > /usr/bin/which: no sshd in (/usr/kerberos/sbin:/usr/kerberos/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin) > > ARGH! > > What the hell am I supposed to do now? (Or, what the hell should I > have done before?) > > I'm throwing up my hands and just installing OpenSSH in the sane way > I know will work (from source), but I don't want to be scurrying > around upgrading every one of our Linux machines every two weeks > when OpenBSD realizes they've reintroduced another bug from the > '80s... > > -- > gabriel rosenkoetter > gr@eclipsed.net -- ------------------------------------------------------ << Tobias DiPasquale >> UNIX Software Engineer [Linux/BSD/UNIX/C/Java/Ruby] mailto:anany@ece.villanova.edu | web:http://cbcg.net/ ------------------------------------------------------ Software engineers are not traditional engineers; they're rock stars. -- Greg Copeland, CTO of Cenzic Attachment:
signature.asc
|
|