[Demi-devel] Screen shots

Andrew Pollock apollock@debian.org
Fri, 11 Mar 2005 08:46:11 +1100 

On Thu, Mar 10, 2005 at 03:34:22PM -0500, John Morrissey wrote:
> On Tue, Mar 08, 2005 at 08:12:29AM +1100, Andrew Pollock wrote:
> > so we'd have a "demi" account, which the central server uses to SSH in and
> > retrieve the status file, as well as upload new .debs to. A cron job could
> > then check for the presence of a command file telling it what to do.
> 
> Interesting... I'll start working in that direction, since I like that idea
> better. Could I get access to the Alioth svn repo for Demi so I have an
> externally-accessible place to put this once it's in a more releasable
> state?

Do you have an Alioth username already? If so, let me know what it is, and
I'll figure out how to add you to the project.
 
> > > The only major difference is placing the package (plus dependencies) in
> > > /var/cache/apt/archives/ so it's already downloaded on the client. I
> > > admit I'm biased on this, since our machines have access to a local
> > > mirror.
> > 
> > Well that's not a lot different to using cron-apt on the client, with a
> > pretty web interface showing central version levels (which isn't a bad thing
> > I might add).
> 
> The thing we're looking for immediately is a centralized place to check
> patch levels and apply patches to groups of machines (or perhaps execute
> commands) at once without having to log in to them individually. I see your
> point about a pretty GUI on cron-apt, but cron-apt is really a big
> sledgehammer when it comes to installing new packages. A central interface
> like Demi is more like a scalpel.
> 

Yes, agreed. The interface is what Demi is all about.

Your efforts made me kick myself in the arse again and I've had a bit of a
play with some more proof of concept type stuff. This time I've skipped
doing version comparison, which ought to make things a bit faster.

I wrote a few scripts:

One which retrieves the Packages file for testing from a Debian mirror (but
it could just as easily retrieve the Packages file from security.debian.org.
It also grabs the /var/lib/dpkg/status file from each host to be monitored.

Another script, which blows away the contents of a couple of tables of a
database and then repopulates them the package name and version of packages
from the Packages file, and the host, package name and version from the
status files.

A third script runs an SQL query joining the two tables together and
returning rows where there is a package name match but a package version
mismatch.

So in the case where I'm sucking the Packages file for testing from a Debian
mirror, it's showing me what packages are outstanding for a dist-upgrade.
If I were running stable on the box I'm pulling the status file from, and
pulled the Packages file from security.debian.org, it'd show the outstanding
security updates.

The biggest issue I've had is finding a way to correlate the DSAs with
packages.

regards

Andrew

-- 
linux.conf.au 2005   -  http://linux.conf.au/  -  Birthplace of Tux
April 18th to 23rd   -  http://linux.conf.au/  -       LINUX
Canberra, Australia  -  http://linux.conf.au/  -    Get bitten!