netcomp
asked on
Installing updates on Linix servers
I have two linix servers in our network. I believe the are Suse , but I don't know how to be sure?
What I like to do is to be able to update the OS. I tried running a the commend Yum on the terminal and got a good amount of lines back. I was not sure if they are the updates that have already been installed or they are the ones that are now available to be installed. I noticed that some of the results were bold. Also, how do I can I distinguish between updates for the OS vs updates for some of the software that we have installed. ? In general it would be good to know how to use the Yum command altogether.
I am more concerned about the shell lock bash, but being able to figure out the above should resolve that. Thank you
What I like to do is to be able to update the OS. I tried running a the commend Yum on the terminal and got a good amount of lines back. I was not sure if they are the updates that have already been installed or they are the ones that are now available to be installed. I noticed that some of the results were bold. Also, how do I can I distinguish between updates for the OS vs updates for some of the software that we have installed. ? In general it would be good to know how to use the Yum command altogether.
I am more concerned about the shell lock bash, but being able to figure out the above should resolve that. Thank you
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If "yum" works on those systems, they aren't SUSE. SUSE uses zypper as mentioned above, not yum... Or you can also use Yast.
yum is mainly used on RedHat or RedHat based OS's, like CentOS, Oracle Linux etc.
yum is mainly used on RedHat or RedHat based OS's, like CentOS, Oracle Linux etc.
First we need to confirm what type of system asker has.
ASKER
Ok, So I got the same output for both.
[root@ourserver ~]# cat /etc/issue
CentOS release 6.5 (Final)
Kernel \r on an \m
2.6.32-431.20.3.el6.x86_64 ( i got this by doing a uname -r command I found online)
So now, I like to know if any of that needs an update and also to know if any of the software that we installed in OS needs updates or if updates are available for them as I mentioned above. I am also concerned about Shelllock Bash? Thank you!
On one of them
[root@ourserver ~]# cat /etc/issue
CentOS release 6.5 (Final)
Kernel \r on an \m
2.6.32-431.20.3.el6.x86_64
So now, I like to know if any of that needs an update and also to know if any of the software that we installed in OS needs updates or if updates are available for them as I mentioned above. I am also concerned about Shelllock Bash? Thank you!
On one of them
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
But I am not sure what Ynm update does. Does that update the OS or does it udpate all the software that is installed. Can I pick and chose? Also, how do I know what updates have already been done.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yum clean all
yum install yum-downloadonly
yum upgrade --downloadonly (repeat until it comes out clean with all downloaded)
yum upgrade
reboot
(with 6U6 in sight you need to run "yum upgrade" as couple of packages are renamed and will be skipped with yum update)
yum install yum-downloadonly
yum upgrade --downloadonly (repeat until it comes out clean with all downloaded)
yum upgrade
reboot
(with 6U6 in sight you need to run "yum upgrade" as couple of packages are renamed and will be skipped with yum update)
ASKER
Ok, when I do Yum check-update, I got the following result, but nothing bout the Kernal update or nothing about any Shelllock Bash udpate.
yum check-update
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.us.oneandone.net
* extras: repo.dimenoc.com
* updates: repo.dimenoc.com
at.x86_64 3.1.10-44.el6_5.2 updates
avahi.x86_64 0.6.25-12.el6_5.3 updates
avahi-autoipd.x86_64 0.6.25-12.el6_5.3 updates
avahi-devel.x86_64 0.6.25-12.el6_5.3 updates
avahi-glib.x86_64 0.6.25-12.el6_5.3 updates
avahi-libs.x86_64 0.6.25-12.el6_5.3 updates
avahi-ui.x86_64 0.6.25-12.el6_5.3 updates
ca-certificates.noarch 2014.1.98-65.0.el6_5 updates
coreutils.x86_64 8.4-31.el6_5.2 updates
coreutils-libs.x86_64 8.4-31.el6_5.2 updates
cpio.x86_64 2.10-12.el6_5 updates
cups.x86_64 1:1.4.2-52.el6_5.2 updates
cups-libs.x86_64 1:1.4.2-52.el6_5.2 updates
e2fsprogs.x86_64 1.41.12-18.el6_5.1 updates
e2fsprogs-libs.x86_64 1.41.12-18.el6_5.1 updates
gdb.x86_64 7.2-64.el6_5.2 updates
glibc.x86_64 2.12-1.132.el6_5.4 updates
glibc-common.x86_64 2.12-1.132.el6_5.4 updates
glibc-devel.x86_64 2.12-1.132.el6_5.4 updates
glibc-headers.x86_64 2.12-1.132.el6_5.4 updates
grub.x86_64 1:0.97-84.el6_5 updates
gstreamer-plugins-bad-free .x86_64 0.10.19-3.el6_5 updates
httpd.x86_64 2.2.15-31.el6.centos updates
httpd-tools.x86_64 2.2.15-31.el6.centos updates
initscripts.x86_64 9.03.40-2.el6.centos.4 updates
java-1.6.0-openjdk.x86_64 1:1.6.0.0-7.1.13.4.el6_5 updates
java-1.7.0-openjdk.x86_64 1:1.7.0.65-2.5.1.2.el6_5 updates
kernel.x86_64 2.6.32-431.29.2.el6 updates
kernel-firmware.noarch 2.6.32-431.29.2.el6 updates
kernel-headers.x86_64 2.6.32-431.29.2.el6 updates
kexec-tools.x86_64 2.0.0-273.el6_5.1 updates
kpartx.x86_64 0.4.9-72.el6_5.4 updates
libcgroup.x86_64 0.40.rc1-6.el6_5.1 updates
libcom_err.x86_64 1.41.12-18.el6_5.1 updates
libcom_err-devel.x86_64 1.41.12-18.el6_5.1 updates
libss.x86_64 1.41.12-18.el6_5.1 updates
libtirpc.x86_64 0.2.1-6.el6_5.2 updates
libvpx.x86_64 1.3.0-5.el6_5 updates
lzo.x86_64 2.03-3.1.el6_5.1 updates
microcode_ctl.x86_64 1:1.17-17.el6_5.1 updates
nfs-utils.x86_64 1:1.2.3-39.el6_5.3 updates
nfs-utils-lib.x86_64 1.1.5-6.el6_5 updates
nspr.x86_64 4.10.6-1.el6_5 updates
nss.x86_64 3.16.1-7.el6_5 updates
nss-softokn.x86_64 3.14.3-12.el6_5 updates
nss-softokn-freebl.x86_64 3.14.3-12.el6_5 updates
nss-sysinit.x86_64 3.16.1-7.el6_5 updates
nss-tools.x86_64 3.16.1-7.el6_5 updates
nss-util.x86_64 3.16.1-2.el6_5 updates
openssl.x86_64 1.0.1e-30.el6_5.2 updates
openssl-devel.x86_64 1.0.1e-30.el6_5.2 updates
plymouth.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-core-libs.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-gdm-hooks.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-graphics-libs.x86 _64 0.8.3-27.el6.centos.1 updates
plymouth-plugin-label.x86_ 64 0.8.3-27.el6.centos.1 updates
plymouth-plugin-two-step.x 86_64 0.8.3-27.el6.centos.1 updates
plymouth-scripts.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-system-theme.noar ch 0.8.3-27.el6.centos.1 updates
plymouth-theme-rings.noarc h 0.8.3-27.el6.centos.1 updates
plymouth-utils.x86_64 0.8.3-27.el6.centos.1 updates
ql2400-firmware.noarch 7.03.00-1.el6_5 updates
ql2500-firmware.noarch 7.03.00-1.el6_5 updates
samba.x86_64 3.6.9-169.el6_5 updates
samba-client.x86_64 3.6.9-169.el6_5 updates
samba-common.x86_64 3.6.9-169.el6_5 updates
samba-winbind.x86_64 3.6.9-169.el6_5 updates
samba-winbind-clients.x86_ 64 3.6.9-169.el6_5 updates
samba4-libs.x86_64 4.0.0-63.el6_5.rc4 updates
sysstat.x86_64 9.0.4-22.el6_5.1 updates
tzdata.noarch 2014h-1.el6 updates
tzdata-java.noarch 2014h-1.el6 updates
[root@ourserver ~]#
yum check-update
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.us.oneandone.net
* extras: repo.dimenoc.com
* updates: repo.dimenoc.com
at.x86_64 3.1.10-44.el6_5.2 updates
avahi.x86_64 0.6.25-12.el6_5.3 updates
avahi-autoipd.x86_64 0.6.25-12.el6_5.3 updates
avahi-devel.x86_64 0.6.25-12.el6_5.3 updates
avahi-glib.x86_64 0.6.25-12.el6_5.3 updates
avahi-libs.x86_64 0.6.25-12.el6_5.3 updates
avahi-ui.x86_64 0.6.25-12.el6_5.3 updates
ca-certificates.noarch 2014.1.98-65.0.el6_5 updates
coreutils.x86_64 8.4-31.el6_5.2 updates
coreutils-libs.x86_64 8.4-31.el6_5.2 updates
cpio.x86_64 2.10-12.el6_5 updates
cups.x86_64 1:1.4.2-52.el6_5.2 updates
cups-libs.x86_64 1:1.4.2-52.el6_5.2 updates
e2fsprogs.x86_64 1.41.12-18.el6_5.1 updates
e2fsprogs-libs.x86_64 1.41.12-18.el6_5.1 updates
gdb.x86_64 7.2-64.el6_5.2 updates
glibc.x86_64 2.12-1.132.el6_5.4 updates
glibc-common.x86_64 2.12-1.132.el6_5.4 updates
glibc-devel.x86_64 2.12-1.132.el6_5.4 updates
glibc-headers.x86_64 2.12-1.132.el6_5.4 updates
grub.x86_64 1:0.97-84.el6_5 updates
gstreamer-plugins-bad-free
httpd.x86_64 2.2.15-31.el6.centos updates
httpd-tools.x86_64 2.2.15-31.el6.centos updates
initscripts.x86_64 9.03.40-2.el6.centos.4 updates
java-1.6.0-openjdk.x86_64 1:1.6.0.0-7.1.13.4.el6_5 updates
java-1.7.0-openjdk.x86_64 1:1.7.0.65-2.5.1.2.el6_5 updates
kernel.x86_64 2.6.32-431.29.2.el6 updates
kernel-firmware.noarch 2.6.32-431.29.2.el6 updates
kernel-headers.x86_64 2.6.32-431.29.2.el6 updates
kexec-tools.x86_64 2.0.0-273.el6_5.1 updates
kpartx.x86_64 0.4.9-72.el6_5.4 updates
libcgroup.x86_64 0.40.rc1-6.el6_5.1 updates
libcom_err.x86_64 1.41.12-18.el6_5.1 updates
libcom_err-devel.x86_64 1.41.12-18.el6_5.1 updates
libss.x86_64 1.41.12-18.el6_5.1 updates
libtirpc.x86_64 0.2.1-6.el6_5.2 updates
libvpx.x86_64 1.3.0-5.el6_5 updates
lzo.x86_64 2.03-3.1.el6_5.1 updates
microcode_ctl.x86_64 1:1.17-17.el6_5.1 updates
nfs-utils.x86_64 1:1.2.3-39.el6_5.3 updates
nfs-utils-lib.x86_64 1.1.5-6.el6_5 updates
nspr.x86_64 4.10.6-1.el6_5 updates
nss.x86_64 3.16.1-7.el6_5 updates
nss-softokn.x86_64 3.14.3-12.el6_5 updates
nss-softokn-freebl.x86_64 3.14.3-12.el6_5 updates
nss-sysinit.x86_64 3.16.1-7.el6_5 updates
nss-tools.x86_64 3.16.1-7.el6_5 updates
nss-util.x86_64 3.16.1-2.el6_5 updates
openssl.x86_64 1.0.1e-30.el6_5.2 updates
openssl-devel.x86_64 1.0.1e-30.el6_5.2 updates
plymouth.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-core-libs.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-gdm-hooks.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-graphics-libs.x86
plymouth-plugin-label.x86_
plymouth-plugin-two-step.x
plymouth-scripts.x86_64 0.8.3-27.el6.centos.1 updates
plymouth-system-theme.noar
plymouth-theme-rings.noarc
plymouth-utils.x86_64 0.8.3-27.el6.centos.1 updates
ql2400-firmware.noarch 7.03.00-1.el6_5 updates
ql2500-firmware.noarch 7.03.00-1.el6_5 updates
samba.x86_64 3.6.9-169.el6_5 updates
samba-client.x86_64 3.6.9-169.el6_5 updates
samba-common.x86_64 3.6.9-169.el6_5 updates
samba-winbind.x86_64 3.6.9-169.el6_5 updates
samba-winbind-clients.x86_
samba4-libs.x86_64 4.0.0-63.el6_5.rc4 updates
sysstat.x86_64 9.0.4-22.el6_5.1 updates
tzdata.noarch 2014h-1.el6 updates
tzdata-java.noarch 2014h-1.el6 updates
[root@ourserver ~]#
bash-4.1.2-15.el6_5.2 on CentOS 6.5 is not vulnerable for CVE-2014-6271.
Check your bash version with
Check your bash version with
# rpm -qv bash
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
how do I find out what is at.x86-64. Is that the bash update or are you saying that's for updating the kernal? Any way to get explanation of what each update is. Sorry, come from the Windows word, but have command line experience with Widndows/Cisco and ...., but new at this.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
how do I find out what is at.x86-64. Is that the bash update or are you saying that's for updating the kernal?at command runs programs at given time. It's independent package from bash.
If you want to get info about installed package, use:
$ rpm -qi packagename
And don't wait with updating all packages (yum update). After few minutes you'll have up-to-date system, with all known vulnerabilities fixed. It's especially important for kernel.
The version of bash on your system bash-4.1.2-15.el6_5.2 has been fixed to correct the bash shell shock vulnerability. It created a problem with the at and batch commands where they would no longer run. So that is fixed in the at-3.1.10-44.el6_5.2 update.
I agree with slubek that you should update all packages.
I agree with slubek that you should update all packages.
ASKER
Thanks for all the inputs. So, no easy way to see if the Kernal needs an update or not. I guess not in my case because its not being listed. ? Also, is a reboot needed after the updates?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
cat /etc/*-release
Is it SUSE? openSUSE?
Then:
zypper ref; zypper up
all good? reboot if it says so...