I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly. Does that makes sense? On Fri, Mar 27, 2015 at 2:58 PM, <m.roth at 5-cent.us> wrote:> Mark Haney wrote: > > I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring > > server. Clean install, nothing real complicated just the server version > > with no GUI, just command line/SSH. > > > > I have noticed over the last 3 months that I've not had ANY updates when > I > > run 'yum update'. I have run 'yum clean all' to see if that might be a > > problem, and I've made sure the updates repo is enabled (it is), but I'm > > getting no CentOS updates. > > > > Did something change that I'm not aware of? I'm even clueless how to > > being debugging this. I'm no noob to RPM based systems as I run Fedora > pretty > > much everywhere else. > > > > Ideas? > > There's been a bunch. Two ideas: first, are the repos enabled (check in > /etc/yum.repos.d, and make sure enabled=1, and second, do you have any > excludes (and wildcards count) in /etc/yum.conf? > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-- Mark Haney Sr. Systems Engineer, VIF International Education mark.haney at vifprogram.com 919-265-5006
On 3/27/2015 12:30 PM, Mark Haney wrote:> I have no excludes in yum.conf. But I noticed something odd in the > CentOS-Base.repo file. The [updates] section didn't have an explicit > 'enabled=1' in it. Though, when I added it in, it made no difference. I > have noticed that I do have some updated packages (like httpd) that are > from February and appear to be the most recent based on the mirrors, but > every mirror I hit I see no updated packages listed for this month. Maybe > there's just not been any and I'm overreacting.indeed, odd. I just looked at my local mirror of a mirror, and I'm not seeing anything in /7/ newer than Jan 20 -- john, recycling bits in santa cruz
Le 27/03/2015 20:30, Mark Haney a ?crit :> But to give an example, we run several Ubuntu 14.04 LTS virtual machines > and I've have a dozen or so security related updates that I've not seen for > CentOS, like openssl (which I do have installed on it) and gnutls. I know > package names don't always match up, but these are recent known > vulnerabilities and I don't like the feeling I'm not securing my systems > properly.I've just setup a few CentOS 7 machines, using the minimal CD. After the initial reboot, I have 78 MB worth of updates. Everything looks quite normal. Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'?glise - 30730 Montpezat Web : http://www.microlinux.fr Mail : info at microlinux.fr T?l. : 04 66 63 10 32
On Fri, Mar 27, 2015 at 2:30 PM, Mark Haney <mark.haney at vifprogram.com> wrote:> I have no excludes in yum.conf. But I noticed something odd in the > CentOS-Base.repo file. The [updates] section didn't have an explicit > 'enabled=1' in it. Though, when I added it in, it made no difference. I > have noticed that I do have some updated packages (like httpd) that are > from February and appear to be the most recent based on the mirrors, but > every mirror I hit I see no updated packages listed for this month. Maybe > there's just not been any and I'm overreacting.I think all of the current work is being held in the cr repo while they are scrambling to get a full 7.1 release completed. -- Les Mikesell lesmikesell at gmail.com
Am 27.03.15 um 20:30 schrieb Mark Haney: ....> > But to give an example, we run several Ubuntu 14.04 LTS virtual machines > and I've have a dozen or so security related updates that I've not seen for > CentOS, like openssl (which I do have installed on it) and gnutls. I know > package names don't always match up, but these are recent known > vulnerabilities and I don't like the feeling I'm not securing my systems > properly. > > Does that makes sense?yes it does - take a look at the centos announce mailinglist and see that the last update for centos 7 was pushed out on feb 25 you might want to have a look at the archives... http://lists.centos.org/pipermail/centos-announce/ or the announcement regarding the CR repo: http://lists.centos.org/pipermail/centos-announce/2015-March/020980.html
On 3/27/2015 12:36 PM, John R Pierce wrote:> On 3/27/2015 12:30 PM, Mark Haney wrote: >> I have no excludes in yum.conf. But I noticed something odd in the >> CentOS-Base.repo file. The [updates] section didn't have an explicit >> 'enabled=1' in it. Though, when I added it in, it made no >> difference. I >> have noticed that I do have some updated packages (like httpd) that are >> from February and appear to be the most recent based on the mirrors, but >> every mirror I hit I see no updated packages listed for this month. >> Maybe >> there's just not been any and I'm overreacting. > > indeed, odd. I just looked at my local mirror of a mirror, and I'm > not seeing anything in /7/ newer than Jan 20oh. is /7/ supposed to be a symlink to /7.0.1406/ or a separate directory ? it appears my mirroring of the mirror may be broken if its supposed to be a symlink. in /7.0.1406/, I'm seeing files up to Feb 22. fyi, I'm using... $ more ~/lftp.sh #!/bin/sh echo "=========================================================" >> $HOME/lftp.log date -R >> $HOME/lftp.log /usr/local/bin/lftp -c 'open ftp://mirrors.sonic.net && lcd /mnt/zbig/mirror && mirror --continue --verbose=1 -x ia64 -x s390 -x s390x -x alpha -x SRPMS centos' >> $HOME/lftp.log on a freebsd (freenas) box to do the mirror. $ lftp --version LFTP | Version 4.6.1 | Copyright (c) 1996-2014 Alexander V. Lukyanov -- john, recycling bits in santa cruz