890
edits
Difference between revisions of "Mesh/Server security"
Jump to navigation
Jump to search
no edit summary
(Created page with "This document attempts to outline some of the steps that have been taken to enhance the security of sudomesh servers. = Automatic updates = We only ever install the debian/u...") |
|||
| Line 7: | Line 7: | ||
aptitude update && aptitude safe-upgrade | aptitude update && aptitude safe-upgrade | ||
= cron-apt = | We use one of the following methods to set up automatic security upgrades. | ||
= unattended-upgrades method = | |||
Install and configure the unattended-upgrades package. | |||
aptitude update && aptitude install unattended-upgrades | |||
dpkg-reconfigure -plow unattended-upgrades | |||
Edit the file /etc/apt/apt.conf.d/50unattended-upgrades and make sure it contains a section like this: | |||
Unattended-Upgrade::Allowed-Origins { | |||
"${distro_id}:${distro_codename}-security"; | |||
// "${distro_id}:${distro_codename}-updates"; | |||
// "${distro_id}:${distro_codename}-proposed"; | |||
// "${distro_id}:${distro_codename}-backports"; | |||
}; | |||
= cron-apt method = | |||
cron-apt is installed and set up to automatically download and install security updates once every 24 hours. | cron-apt is installed and set up to automatically download and install security updates once every 24 hours. | ||