Difference between revisions of "Mesh/Server security"

Jump to navigation Jump to search
no edit summary
(Created page with "This document attempts to outline some of the steps that have been taken to enhance the security of sudomesh servers. = Automatic updates = We only ever install the debian/u...")
 
Line 7: Line 7:
   aptitude update && aptitude safe-upgrade
   aptitude update && aptitude safe-upgrade


= cron-apt =
We use one of the following methods to set up automatic security upgrades.
 
= unattended-upgrades method =
 
Install and configure the unattended-upgrades package.
 
aptitude update && aptitude install unattended-upgrades
dpkg-reconfigure -plow unattended-upgrades
 
Edit the file /etc/apt/apt.conf.d/50unattended-upgrades and make sure it contains a section like this:
 
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}-security";
//      "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};
 
= cron-apt method =


cron-apt is installed and set up to automatically download and install security updates once every 24 hours.
cron-apt is installed and set up to automatically download and install security updates once every 24 hours.

Navigation menu