I’ve done that using saltstack (2K system), but the company is moving to ansible (so i will have to redo it all a second time i guess…)
The harder is (for the entire team) to have the will to never change something by hand on the system. but that mean longer reaction time …
Urgh - there’s a vulnerability in Grub2…
The fix is worse than the problem, so far.
I heard - Patched about 20 preprod servers this weekend that use SLES - they’re doing ok so far (knock on wood).
I hear RHEL is taking it on the chin.
See thread here. GRUB2 Secure Boot Vulnerability: Boothole
Though not much discussion that is fully on topic.
Destroy and redeploy is the life I live.
Red Hat has a fixed shim in the big report that is saw if it’s critical to patch sooner than later… I’d hold off honestly and consider other options.
stroke?
Absoblibky
You’re thinking standby on this one?
It looks like they have fixed it but I’ve not checked through it all
https://access.redhat.com/errata/RHBA-2020:3262
That’s definitely the shim bug that caused the no boot issue
So presumably as long as your up to date it should pull that. Not sure what the package delay is for centos et al.
I’m running SLES 15 && 15 SP1 and the patch for this seems to be good, but I’m wondering about some CentOS boxes I have running…
https://bugs.centos.org/view.php?id=17631
Looks like you should be ok now.
I am closing this bug as the shim packages with the correct fix were pushed to mirrors. Make sure you use shim-x64-15-15.el8_2.x86_64.rpm ( EL8 ) or respectively shim-x64-15-8.el7_8.x86_64.rpm ( EL7 ) ( or newer )
laughing in BSD loader
laughs in systemd-boot
inb4 reee
Oracle is breathing new life into the Spacewalk project.
https://blogs.oracle.com/linux/announcing-the-release-of-spacewalk-210-for-oracle-linux
For those unaware, Spacewalk was the popular open-source tool used for managing updates in a RHN (RedHat Network). RedHat basically killed off the project in favor of Satellite, and anyone still using Spacewalk was just plum out of luck.
Now, Oracle has spun its own version of Spacewalk to make it compatible with OEL 8.
This is important because there was a heavily reliance on Postgres 9 which has been deprecated and Java.
It’s good to see the project living on.
The absolute state of winning on GNU/GNU
Good guy Oracle
…wait…
…what?
But yeah, if they manage it properly this might win them some goodwill back, lord knows they could use it if they want to work with the FLOSS community.
They’re not really white knights about this though. They have no intention of FLOSS, but they do value OSS software.
The biggest issue is that since OEL pulls from upstream RHEL, and RedHat made Satellite, there was a gap in services offered because Oracle, and most other big companies, believe in eating their own dog food so if they have a service that they offer they will use it internally instead of using competitors.
With this step, they are closer to providing a more comprehensive environment like what Red Hat offers.
Still waiting for a Foreman replacement though.