892
edits
(Created page with "This document attempts to outline some of the steps that have been taken to enhance the security of sudomesh servers. = Automatic updates = We only ever install the debian/u...") |
|||
Line 7: | Line 7: | ||
aptitude update && aptitude safe-upgrade | aptitude update && aptitude safe-upgrade | ||
= cron-apt = | We use one of the following methods to set up automatic security upgrades. | ||
= unattended-upgrades method = | |||
Install and configure the unattended-upgrades package. | |||
aptitude update && aptitude install unattended-upgrades | |||
dpkg-reconfigure -plow unattended-upgrades | |||
Edit the file /etc/apt/apt.conf.d/50unattended-upgrades and make sure it contains a section like this: | |||
Unattended-Upgrade::Allowed-Origins { | |||
"${distro_id}:${distro_codename}-security"; | |||
// "${distro_id}:${distro_codename}-updates"; | |||
// "${distro_id}:${distro_codename}-proposed"; | |||
// "${distro_id}:${distro_codename}-backports"; | |||
}; | |||
= cron-apt method = | |||
cron-apt is installed and set up to automatically download and install security updates once every 24 hours. | cron-apt is installed and set up to automatically download and install security updates once every 24 hours. |