In this post, I just tested it on Oracle Linux 6.3. I hope I will have time, I will test on Oracle Linux another version. Actually, You can read how to use it at http://www.ksplice.com/uptrack/using
First of all, Sign up and install Uptrack. I have to say thank you Oracle... for key to test on Oracle Linux :)
After you singed up, you will page to help about Install Uptrack.
[root@ol6test ~]# wget -N https://www.ksplice.com/uptrack/install-uptrack
--2012-08-18 00:45:56-- https://www.ksplice.com/uptrack/install-uptrack
Resolving www.ksplice.com... 137.254.56.32
Connecting to www.ksplice.com|137.254.56.32|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9168 (9.0K) [text/plain]
Server file no newer than local file “install-uptrackâ€
[root@ol6test ~]# sh install-uptrack keyabcdefghigklm
[ Release detected: ol ]
--2012-08-18 00:46:08-- https://www.ksplice.com/yum/uptrack/ol/ksplice-uptrack-release.noarch.rpm
Resolving www.ksplice.com... 137.254.56.32
Connecting to www.ksplice.com|137.254.56.32|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6876 (6.7K) [application/x-redhat-package-manager]
Server file no newer than local file “ksplice-uptrack-release.noarch.rpmâ€
[ Installing Uptrack ]
Loaded plugins: security
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package uptrack.noarch 0:1.2.2-0.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================
Installing:
uptrack noarch 1.2.2-0.el6 ksplice-uptrack 371 k
Transaction Summary
================================================================================================================================================
Install 1 Package(s)
Total download size: 371 k
Installed size: 1.1 M
Downloading Packages:
uptrack-1.2.2-0.el6.noarch.rpm | 371 kB 00:02
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : uptrack-1.2.2-0.el6.noarch 1/1
Verifying : uptrack-1.2.2-0.el6.noarch 1/1
Installed:
uptrack.noarch 0:1.2.2-0.el6
Complete!
Effective kernel version is 2.6.39-200.24.1.el6uek
The following steps will be taken:
Install [y0nt92xe] Use random access mode for dm-nfs backing file.
Install [s5wsi4gb] Load spike in leap second insertion.
Install [lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
Install [3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
[ Installation Complete! ]
[ Please run '/usr/sbin/uptrack-upgrade -y' to bring your system up to date ]
I can run '/usr/sbin/uptrack-upgrade -y' to update, but wait before. I would like to show some a bit. Then /etc/uptrack/uptrack.conf file, it's kept configuration for Uptrack, example: autoinstall = no //To automatically install updates
[root@ol6test ~]# cat /etc/uptrack/uptrack.conf
[Auth]
accesskey = keyabcdefghigklm
[Network]
# Proxy to use when accessing the Uptrack server, of the form
# [protocol://][username:password@][:port], where
# * protocol is the protocol to connect to the proxy (http or https)
# * the username and password are the authentication
# information needed to use your proxy (if any).
# * host and port are the hostname/ip address and port number used to
# connect to the proxy
#
# The proxy must support making HTTPS connections. If this is unset,
# Uptrack will look for the https_proxy, HTTPS_PROXY, and http_proxy
# environment variables in that order, and then finally look for a
# proxy setting in the system-wide GConf database, if available and
# enabled below.
#
# You can also set this to "None" to force Uptrack not to use a proxy,
# even if one is set in the environment.
https_proxy =
# Look for proxy setting in the system-wide GConf database, if it's
# not set in the above variable or in an environment variable.
gconf_proxy_lookup = no
[Settings]
# Automatically install updates at boot time. If this is set, on
# reboot into the same kernel, Uptrack will re-install the same set of
# updates that were present before the reboot.
install_on_reboot = yes
# Uptrack runs in a cron job every few hours to check for and download
# new updates. You can can configure this cron job to automatically
# install new updates as they become available.
#
# Enable this option to make the cron job automatically install new
# updates.
#
# Please note that enabling autoinstall does not mean the Uptrack
# client itself is automatically upgraded. You will be notified via
# e-mail when a new Uptrack client is available, and it can be
# upgraded through your package manager.
autoinstall = no
Ok, came back for run '/usr/sbin/uptrack-upgrade -y' to bring your system up to date.
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-upgrade -y
The following steps will be taken:
Install [y0nt92xe] Use random access mode for dm-nfs backing file.
Install [s5wsi4gb] Load spike in leap second insertion.
Install [lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
Install [3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
Installing [y0nt92xe] Use random access mode for dm-nfs backing file.
Installing [s5wsi4gb] Load spike in leap second insertion.
Installing [lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
Installing [3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
Your kernel is fully up to date.
Effective kernel version is 2.6.39-200.29.2.el6uek
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.29.2.el6uek.x86_64
[root@ol6test ~]# uptrack-show
Installed updates:
[y0nt92xe] Use random access mode for dm-nfs backing file.
[s5wsi4gb] Load spike in leap second insertion.
[lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
[3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
Effective kernel version is 2.6.39-200.29.2.el6uek
I would explain a bit. Use "uptrack-upgrade -y" to apply Ksplice updates and answer 'yes' to all user prompts.
[root@ol6test ~]# uptrack-upgrade -h
Usage: uptrack-upgrade [options]
Options:
-h, --help show this help message and exit
-q, --quiet don't print status messages
-v, --verbose provide more detail about what this program is doing
-y answer 'yes' to all user prompts
-n answer 'no' to all user prompts
--wait=WAIT time to wait between applying updates
--all take action for all updates
-V, --version print the version information and exit
However, Use "uptrack-uname -r" prints the effective kernel version according to Ksplice Uptrack. You can check from your Web Interface. Example:
and Use "uptrack-show" To show the list of Ksplice updates currently installed. You can read more from above link :)
However, It's so easy to remove as well. Use "uptrack-remove"
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.29.2.el6uek.x86_64
[root@ol6test ~]# uptrack-remove --all
The following steps will be taken:
Remove [3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
Remove [lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
Remove [s5wsi4gb] Load spike in leap second insertion.
Remove [y0nt92xe] Use random access mode for dm-nfs backing file.
Go ahead [y/N]? y
Removing [3uzbjwql] CVE-2011-1083: Algorithmic denial of service in epoll.
Removing [lkbyskll] CVE-2012-2745: Denial-of-service in kernel key management.
Removing [s5wsi4gb] Load spike in leap second insertion.
Removing [y0nt92xe] Use random access mode for dm-nfs backing file.
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.24.1.el6uek.x86_64
That's great! anyway. If you have question, you can read at FAQ. I like a question in FAQ - What happens when I reboot? You can read to find out an answer. Anyway, let me show you. In /etc/uptrack/uptrack.conf file, install_on_reboot = yes (default).
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.29.2.el6uek.x86_64
[root@ol6test ~]# grep install_on_reboot /etc/uptrack/uptrack.conf
install_on_reboot = yes
[root@ol6test ~]# reboot
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.29.2.el6uek.x86_64
In case, install_on_reboot = no
[root@ol6test ~]# cp /etc/uptrack/uptrack.conf /etc/uptrack/uptrack.conf-org
[root@ol6test ~]# vim /etc/uptrack/uptrack.conf
[root@ol6test ~]# diff /etc/uptrack/uptrack.conf-org /etc/uptrack/uptrack.conf
31c31
< install_on_reboot = yes
---
> install_on_reboot = no
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.29.2.el6uek.x86_64
[root@ol6test ~]# reboot
[root@ol6test ~]# uname -r
2.6.39-200.24.1.el6uek.x86_64
[root@ol6test ~]# uptrack-uname -r
2.6.39-200.24.1.el6uek.x86_64
What do you see? What's happened? You have to run "uptrack-upgrade" again. So, It's better to set install_on_reboot = yes. However, the choice is yours!
Posts
No comments:
Post a Comment