Security updates without updating petasan
neiltorda
99 Posts
July 16, 2023, 10:08 pmQuote from neiltorda on July 16, 2023, 10:08 pmIs there a process for applying general security updates without updating to the latest version of the petasan software?
For example, I would like to upgrade libtiff5 on our cluster nodes, but not update to the latest version of petasan.
Neil
Is there a process for applying general security updates without updating to the latest version of the petasan software?
For example, I would like to upgrade libtiff5 on our cluster nodes, but not update to the latest version of petasan.
Neil
neiltorda
99 Posts
July 16, 2023, 10:15 pmQuote from neiltorda on July 16, 2023, 10:15 pmThis question is a followup to a previous thread:
https://www.petasan.org/forums/?view=thread&id=771&part=2
The difference from that thread and this thread is that previously, there was not a new version of petasan available. So upgrading standard packages had no effect on the cluster.
This time however, there is a new version of petasan that I do not want to install yet. When I run apt upgrade, it shows me that it will be loading a lot of petasan specific packages in addition to standard security updates. I want to make sure I am not updating the cluster/ceph/petasan software. Just apply some security fixes for right now.
I will be updating the cluster soon (before september), but just want to apply some security patches right now.
Thanks,
Neil
This question is a followup to a previous thread:
https://www.petasan.org/forums/?view=thread&id=771&part=2
The difference from that thread and this thread is that previously, there was not a new version of petasan available. So upgrading standard packages had no effect on the cluster.
This time however, there is a new version of petasan that I do not want to install yet. When I run apt upgrade, it shows me that it will be loading a lot of petasan specific packages in addition to standard security updates. I want to make sure I am not updating the cluster/ceph/petasan software. Just apply some security fixes for right now.
I will be updating the cluster soon (before september), but just want to apply some security patches right now.
Thanks,
Neil
admin
2,967 Posts
July 17, 2023, 8:12 amQuote from admin on July 17, 2023, 8:12 amYou should be able to do this, but it is not something we test so please test in first in same environment.
1) commend the petasan.org line in
/etc/apt/sources.list
2) mark petasan to not change
apt-mark hold petasan
You should do this on all nodes, then:
apt update
apt upgrade
Whenever you need to upgrade PetaSAN, you need to reverse this.
Again please test it first.
You should be able to do this, but it is not something we test so please test in first in same environment.
1) commend the petasan.org line in
/etc/apt/sources.list
2) mark petasan to not change
apt-mark hold petasan
You should do this on all nodes, then:
apt update
apt upgrade
Whenever you need to upgrade PetaSAN, you need to reverse this.
Again please test it first.
Security updates without updating petasan
neiltorda
99 Posts
Quote from neiltorda on July 16, 2023, 10:08 pmIs there a process for applying general security updates without updating to the latest version of the petasan software?
For example, I would like to upgrade libtiff5 on our cluster nodes, but not update to the latest version of petasan.
Neil
Is there a process for applying general security updates without updating to the latest version of the petasan software?
For example, I would like to upgrade libtiff5 on our cluster nodes, but not update to the latest version of petasan.
Neil
neiltorda
99 Posts
Quote from neiltorda on July 16, 2023, 10:15 pmThis question is a followup to a previous thread:
https://www.petasan.org/forums/?view=thread&id=771&part=2
The difference from that thread and this thread is that previously, there was not a new version of petasan available. So upgrading standard packages had no effect on the cluster.
This time however, there is a new version of petasan that I do not want to install yet. When I run apt upgrade, it shows me that it will be loading a lot of petasan specific packages in addition to standard security updates. I want to make sure I am not updating the cluster/ceph/petasan software. Just apply some security fixes for right now.
I will be updating the cluster soon (before september), but just want to apply some security patches right now.
Thanks,
Neil
This question is a followup to a previous thread:
https://www.petasan.org/forums/?view=thread&id=771&part=2
The difference from that thread and this thread is that previously, there was not a new version of petasan available. So upgrading standard packages had no effect on the cluster.
This time however, there is a new version of petasan that I do not want to install yet. When I run apt upgrade, it shows me that it will be loading a lot of petasan specific packages in addition to standard security updates. I want to make sure I am not updating the cluster/ceph/petasan software. Just apply some security fixes for right now.
I will be updating the cluster soon (before september), but just want to apply some security patches right now.
Thanks,
Neil
admin
2,967 Posts
Quote from admin on July 17, 2023, 8:12 amYou should be able to do this, but it is not something we test so please test in first in same environment.
1) commend the petasan.org line in
/etc/apt/sources.list
2) mark petasan to not change
apt-mark hold petasanYou should do this on all nodes, then:
apt update
apt upgrade
Whenever you need to upgrade PetaSAN, you need to reverse this.
Again please test it first.
You should be able to do this, but it is not something we test so please test in first in same environment.
1) commend the petasan.org line in
/etc/apt/sources.list
2) mark petasan to not change
apt-mark hold petasan
You should do this on all nodes, then:
apt update
apt upgrade
Whenever you need to upgrade PetaSAN, you need to reverse this.
Again please test it first.