yum: name=* state=latest\n<\/code><\/pre>\n\u3092\u6bce\u56de\u3084\u3063\u3066\u3044\u305f\u306e\u3067\u3059\u304c\u3001\u6642\u9593\u304c\u304b\u304b\u308a\u3059\u304e\u3066\u8f9b\u304f\u306a\u3063\u3066\u304d\u307e\u3057\u305f\u3002\u305d\u3093\u306a\u308f\u3051\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3060\u3051\u3059\u308b\u306e\u304c\u3044\u3044\u304b\u306a\u3001\u3068\u8abf\u3079\u59cb\u3081\u307e\u3057\u305f\u3002<\/p>\n
yum-plugin-security\u3068\u3044\u3046\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u5229\u7528\u3057\u3066<\/p>\n
$ yum --security update\n<\/code><\/pre>\n\u304c\u51fa\u6765\u308b\u3053\u3068\u3092\u77e5\u308a\u307e\u3057\u305f(\u305d\u3082\u305d\u3082CentOS7\u3067\u306fyum-plugin-security\u304cyum\u306b\u7d71\u5408\u3055\u308c\u3066\u3044\u308b\u6a21\u69d8)\u3002 \u3084\u3063\u305f\u305c\uff01<\/p>\n
CentOS\u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u3067\u306f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u60c5\u5831\u304c\u63d0\u4f9b\u3055\u308c\u3066\u3044\u306a\u304f\u3066\u6b63\u5e38\u52d5\u4f5c\u3057\u306a\u3044<\/strong>\u3089\u3057\u3044\u3053\u3068\u3082\u77e5\u308a\u307e\u3057\u305f\u3002 \u3084\u3063\u3066\u306a\u304b\u3063\u305f\u305c\uff01<\/p>\n\u5148\u4eba\u306e\u77e5\u6075\u3068\u52aa\u529b\u3092\u983c\u308a\u307e\u3057\u3087\u3046\u3002<\/p>\n
\n- CEFS: CentOS Errata for Spacewalk<\/a>\n
\n- Spacewalk<\/a>\u7528\u306eCentOS\u30a8\u30e9\u30c3\u30bf\u3092\u63d0\u4f9b\u3057\u3066\u3044\u308b\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3002<\/li>\n<\/ul>\n<\/li>\n
- Inject a little security in to your CentOS repositories<\/a>\n
\n- CEFS\u306e\u30a8\u30e9\u30c3\u30bf\u304b\u3089updateinfo.xml\u4f5c\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u4f5c\u3063\u305f\u305c\u30fc\u3001\u3068\u3044\u3046\u8a71\u3002<\/li>\n<\/ul>\n<\/li>\n
- CentOS 7\u3067yum\u304b\u3089SecurityUpdate\u3092\u884c\u3048\u308b\u3088\u3046\u306b\u3059\u308b<\/a>\n
\n- \u4f5c\u696d\u5185\u5bb9\u306f\u6b86\u3069\u3053\u3061\u3089\u306e\u30da\u30fc\u30b8\u305d\u306e\u307e\u307e\u3067\u3059\u3002\u3042\u308a\u304c\u3068\u3046\u3054\u3056\u3044\u307e\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
\u3068\u3044\u3046\u3053\u3068\u3067\u307e\u3068\u3081\u307e\u3059\u3068\u3001securiy\u7528\u306e\u30ed\u30fc\u30ab\u30eb\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u4f5c\u308a\u3001CEFS\u304c\u63d0\u4f9b\u3057\u3066\u3044\u308bSpacewalk\u7528\u306e\u30a8\u30e9\u30c3\u30bf\u304b\u3089updateinfo.xml\u3092\u4f5c\u3063\u3066\u8a2d\u7f6e\u3001yum –security update<\/strong> \u3057\u307e\u3059\u3002
\n<\/p>\n\u306f\u3058\u3081\u307e\u3057\u3087\u3046\u3002CentOS7\u3001root\u3067\u306e\u4f5c\u696d\u3068\u3057\u307e\u3059\u3002<\/p>\n
\u5fc5\u8981\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u5c0e\u5165\u3057\u307e\u3059\u3002<\/p>\n
$ yum install createrepo bzip2\n<\/code><\/pre>\n\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7528\u306e\u30ed\u30fc\u30ab\u30eb\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u4f5c\u308a\u307e\u3059\u3002<\/p>\n
$ mkdir \/security\n$ createrepo \/security\n$ cat << \"EOF\" >> \/etc\/yum.repos.d\/CentOS-Base.repo\n[security]\nname=CentOS-$releasever - Security\nbaseurl=file:\/\/\/security\nEOF\n<\/code><\/pre>\n\/security \u306b\u79fb\u52d5(\u4ee5\u964d\u3053\u3053\u3067\u4f5c\u696d)\u3001CEFS\u306e\u30a8\u30e9\u30c3\u30bf\u304b\u3089updateinfo.xml\u4f5c\u308b\u30b9\u30af\u30ea\u30d7\u30c8 generate_updateinfo.py \u3092\u8a2d\u7f6e\u3057\u307e\u3059\u3002<\/p>\n
$ cd \/security\n$ curl https:\/\/raw.githubusercontent.com\/vmfarms\/generate_updateinfo\/master\/generate_updateinfo.py -O\n<\/code><\/pre>\nCEFS\u306e\u30a8\u30e9\u30c3\u30bf\u304b\u3089updateinfo.xml\u3092\u66f4\u65b0\u3057\u307e\u3059\u3002Ansible\u30b9\u30af\u30ea\u30d7\u30c8\u5316\u306e\u3053\u3068\u3092\u8003\u616e\u3057\u4e00\u65e6 errata.latest.xml.bz2 \u3092\u4fdd\u5b58\u3057\u3066\u304b\u3089\u306e\u51e6\u7406\u3068\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n
$ curl http:\/\/cefs.steve-meier.de\/errata.latest.xml.bz2 -O\n$ python generate_updateinfo.py --destination=\/security --release=7 <(bzip2 -dc errata.latest.xml.bz2)\n$ modifyrepo \/security\/updateinfo-7\/updateinfo.xml \/security\/repodata\/\n<\/code><\/pre>\n\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u6b63\u5e38\u306b\u52d5\u4f5c\u3059\u308b\u304b\u3001\u307e\u305a\u306f check-update \u3057\u3066\u307f\u307e\u3057\u3087\u3046\u3002<\/p>\n
$ yum --security check-update\n\u8aad\u307f\u8fbc\u3093\u3060\u30d7\u30e9\u30b0\u30a4\u30f3:fastestmirror\nbase\/7\/x86_64 | 3.6 kB 00:00:00 \nextras\/7\/x86_64 | 3.4 kB 00:00:00 \nsecurity | 3.3 kB 00:00:00 \nsecurity\/updateinfo | 48 kB 00:00:00 \nsecurity\/primary_db | 1.1 kB 00:00:00 \nupdates\/7\/x86_64 | 3.4 kB 00:00:00 \nLoading mirror speeds from cached hostfile\n * base: centos.crazyfrogs.org\n * extras: centos.quelquesmots.fr\n * updates: mirrors.standaloneinstaller.com\n\n<\u9014\u4e2d\u7701\u7565>\n\n11 package(s) needed for security, out of 171 available\n\nglibc.x86_64 2.17-196.el7 base \nglibc-common.x86_64 2.17-196.el7 base \nlibtirpc.x86_64 0.2.4-0.10.el7 base \nnss.x86_64 3.28.4-11.el7_4 updates\nnss-sysinit.x86_64 3.28.4-11.el7_4 updates\nnss-tools.x86_64 3.28.4-11.el7_4 updates\nnss-util.x86_64 3.28.4-3.el7 base \npolicycoreutils.x86_64 2.5-17.1.el7 base \npolicycoreutils-python.x86_64 2.5-17.1.el7 base \npython-perf.x86_64 3.10.0-693.2.2.el7 updates\nrpcbind.x86_64 0.2.0-42.el7 base \n\n<\/code><\/pre>\n\u3084\u3063\u305f\u305c\uff01<\/p>\n
update \u3067\u5b9f\u969b\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/p>\n
$ yum --security update\n<\/code><\/pre>\n\u30ea\u30dd\u30b8\u30c8\u30ea\u4f5c\u6210\u6e08\u306a\u306e\u3067\u3001\u4ee5\u964d\u306f\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u30bb\u30c3\u30c8\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u304d\u307e\u3059\u306d\u3002<\/p>\n
$ cd \/security\n$ curl http:\/\/cefs.steve-meier.de\/errata.latest.xml.bz2 -O\n$ python generate_updateinfo.py --destination=\/security --release=7 <(bzip2 -dc errata.latest.xml.bz2)\n$ modifyrepo \/security\/updateinfo-7\/updateinfo.xml \/security\/repodata\/\n$ yum --security update\n<\/code><\/pre>\n![\"Facebook\"](\"https:\/\/www.lancard.com\/blog\/wp-content\/plugins\/social-media-feather\/synved-social\/image\/social\/regular\/48x48\/facebook.png\" "\\"Share")
<\/a>![\"twitter\"](\"https:\/\/www.lancard.com\/blog\/wp-content\/plugins\/social-media-feather\/synved-social\/image\/social\/regular\/48x48\/twitter.png\" "\\"Share")
<\/a>![\"linkedin\"](\"https:\/\/www.lancard.com\/blog\/wp-content\/plugins\/social-media-feather\/synved-social\/image\/social\/regular\/48x48\/linkedin.png\" "\\"Share")
<\/a>![\"tumblr\"](\"https:\/\/www.lancard.com\/blog\/wp-content\/plugins\/social-media-feather\/synved-social\/image\/social\/regular\/48x48\/tumblr.png\" "\\"Share")
<\/a>![\"mail\"](\"https:\/\/www.lancard.com\/blog\/wp-content\/plugins\/social-media-feather\/synved-social\/image\/social\/regular\/48x48\/mail.png\" "\\"Share")
<\/a>","protected":false},"excerpt":{"rendered":"\u590f\u98a8\u90aa\u3067\u6e1b\u3063\u305f\u4f53\u91cd\u304c\u3059\u3063\u304b\u308a\u3082\u3069\u3063\u3066\u3057\u307e\u3044\u307e\u3057\u305f\u3002murave\u3067\u3059\u3002 \u81ea\u8eab\u3078\u306e\u7d30\u83cc\u306e\u4fb5\u5165\u306f\u8a31\u3057\u307e\u3057\u305f\u304c\u3001\u30b5\u30fc\u30d0\u30fc\u3078\u306e\u4fb5\u5165\u306f\u9632\u304c\u306d\u3070\u306a\u308a\u307e\u305b\u3093(\u81ea\u7136\u306a\u5c0e\u5165) \u305d\u3093\u306a\u308f\u3051\u3067 Ansible \u3067\u306f yum update \u76f8\u5f53\u306e […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[136,170],"class_list":["post-5158","post","type-post","status-publish","format-standard","hentry","category-server","tag-centos","tag-yum"],"_links":{"self":[{"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/posts\/5158","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/comments?post=5158"}],"version-history":[{"count":3,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/posts\/5158\/revisions"}],"predecessor-version":[{"id":5161,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/posts\/5158\/revisions\/5161"}],"wp:attachment":[{"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/media?parent=5158"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/categories?post=5158"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lancard.com\/blog\/wp-json\/wp\/v2\/tags?post=5158"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}