Author: Michael Jang

Format: Paperback, 288 pages

Published: Prentice Hall PTR; 1st edition (January 9, 2006)

ISBN: 0132366754



Review by James Pyles

March 28, 2006



Anyone who has had to manage patches for a single Windows computer or an entire Windows network, has watched at least some of their hair fall out or at least go a bit gray. Trying to keep your Windows systems up to date and secure, while facing the specter of a well-meaning patch breaking your computers, is not for the faint of heart.



Lest we forget however, Linux systems also require patches to update software packages and package management on Linux is not always an easy task. Windows computers have a single web interface...the much vaunted Windows Update Manager...for the user or admin to navigate to and update the variety of Windows workstations and servers...but while “Windows” may be a single, monolithic entity, such is not the case for Linux.



Most books on Linux software package management limit themselves to one or perhaps two distros. After all, each flavor of Linux seems to use a different tool for package management on the system. Michael Jang decides to take on all the major systems including Red Hat Enterprise Linux (RHEL), Fedora, SUSE, and Debian, plus several others. The range of this book goes from patch management on the individual computer to updating software packages on entire networks.



Chances are that if you have just burned your first Ubuntu installation disk from an image and are toying with the idea of loading it on that old computer now harboring a long abandoned Windows 98 OS, you may not want to start out with Linux Patch Management. This book assumes the reader has at least some knowledge with Linux and at a minimum, is a newbie Linux administrator (or perhaps a talented wannabe). The complete Linux newbie will need to earn a few stripes before moving on to this guide.



The proud owner of this text may not necessarily want to read every chapter. The various chapters describe the use of the specific patch management tools used by different distros. If you are a Debian junkie (and who wouldn't want to be?), you may be focused on the apt system and could not care less about YaST or yum. However in this review, we are going to take the complete guided tour of everything Linux Patch Management has to offer. Let's go.



While the stated audience of this book is in the “newbie Linux admin range”, Chapter 1 “Patch Management Systems” starts off with a definition of what a patch is and the different types of patches including security fixes, service upgrades, bug fixes and kernel patches and upgrades. There's even a brief mention of the risks you take when you install a patch (Ok, so it's not just a “Windows-thing”).RPM vs. DEB package formats are addressed and the three distro-specific repositories are introduced; Red Hat/Fedora, Novell SUSE, and Debian.



It was interesting to me that at one point, the author defined a “tarball” which is a pretty basic concept but didn't provide the instructions on how to package and unpackage a tar.gz file (if I didn't know what a tarball was, I probably wouldn't know what to do with it). On the other hand, much of the rest of the book assumes that the reader has at least mastered the basics of Linux systems management, so it was an odd element to encounter.



The chapter then launches into a compressed illustration of how to install and update Red Hat, SUSE, and Debian systems...just enough to get your feet wet (I did notice that the author seems to favor Dell PowerEdge servers as proxy servers for updating groups of RHEL systems). The rest of the chapter covers how to configure a LAN to accommodate a patch management infrastructure, presenting just enough to set the stage for the rest of the book.



Chapter 2, “Consolidating Patches on a Red Hat/Fedora Network” propels the reader into the true purpose and focus of this book...to teach the newbie admin how to set up and configure a repository server on the network to manage patches for client machines. In this case, the clients are Red Hat or related client OS types (Fedora, CentOS and so on). I wouldn't recommend blinking or you're libel to miss something as you turn pages. The reader is moved directly into creating a Fedora repository, rocketing through hardware requirements, hard drive partitioning, and creating a repository for Fedora. RHEL servers use a Red Hat Network Proxy Server as a repository and we immediately shift gears and cover the various nuts and bolts of this set up including specialized install requirements, firewall provisions, network time servers, routing, registration, and installing proxy packages.



It becomes abundantly clear that the reader is expected to know his or her stuff. The book doesn't spend a lot of time on the basics and if you don't know them by now, you will have a tough time operationalizing what you are being taught here. You are expected to follow the instructions for creating certificate keys, configuring a proxy client, setting up automatic updates, and more. The instructions are in the chapter, however you won't be spoon fed.



Next, you cross the border from Red Hat to SUSE in Chapter 3, “SUSE's Update Systems and rsync Mirrors”. The reader is immediately introduced to YaST and Zenworks Linux Management (ZLM), which interestingly enough, can be installed not only on SUSE Linux Enterprise Server (SLES) but on RHEL as well (I know, Novell is sort of the red headed, left-handed step-child of the Linux world, but it may suffer more from poor marketing and management than from poor products). This chapter addresses ZLM later on but begins by focusing on YaST as the primary package management tool of SUSE Linux computers. YaST being a graphical interface, the reader doesn't see a glimpse of the CLI through this portion of the chapter.



This changes when the focus shifts to using rsync to create a local mirror. The set up instructions operate at the same level as those presented in the previous chapter. Chapter 3 rounds out with a HOW TO on configuring a ZLM server and adding clients. Unfortunately, the author states that a full treatment of ZLM is beyond the scope of the book, so to find out more, you'll have to seek out supplementary material.



The next two chapters cover the apt system with the final two chapters discussing yum. Chapter 4, “Making apt Work for You” presents the fundamentals of apt. The pace slows down a little and the chapter takes time to introduce apt and how to use the various options it comes with. There is a set of instructions that discusses setting up an apt mirror but that area isn't as well covered as the “apt basics”. Chapter 5, “Configuring apt for RPM Distributions” was written for apt fans who want to use RPM software packages. I didn't think I'd encounter a “history lesson” so deep into the book (history lessons are usually confined to the introductory chapter of a Linux text), but I found “A History of APT for RPM” nestled right at the beginning of the chapter. Apt can be configured to be used with Red Hat/Fedora, SUSE, and other distros and this material is touched upon here, as well as setting up apt RPM-based repositories. Although there was a section in Chapter 4 covering apt commands, a more detailed coverage is provided in this chapter, including Debian-only and RPM-only apt commands. Configuring apt for use with RPM isn't as easy as rolling off a log and the determined tech or admin might want gather other materials and read up a little more about the process before jumping right in.



The final two chapters of the book cover the yum system which is designed to natively handle RPM packages. Chapter 6 “Configuring a yum Client” describes (as you might imagine) how to set up yum clients, including a brief foray into Yellow Dog Linux and yum's predecessor, yup or Yellowdog Updater (continuing with this naming theme, Fedora Core 5 is introducing the Package Updater, also known as “Pup”). Fedora is the only distro that makes extensive use of yum, although there are repositories that service RHEL. This chapter is roughly analogous to Chapter 4's treatment of apt basics except that all the information regarding setting up a yum repository is reserved for the final chapter.

Chapter 7 “Setting Up a yum Repository” is the flip side of the previous chapter, instructing the reader on the ins and outs of configuring yum mirrors for both Fedora and RHEL. This and the previous chapter function well as bookends and are perhaps the two chapters in the book that best do so.



Summary



Michael Jang's Linux Patch Management: Keeping Linux Systems Up to Date is a variable smörgåsbord of Linux software managers compressed in a scant 288 pages. The text covers a brief rundown of the various major distros including Red Hat/Fedora, SUSE, and Debian and some variants as well as the various methods used by each of these to install and manage software packages including yum, YaST, and apt. While the primary focus of the book seems to be how to manage software deployment over a network using software repositories, the tools necessary to update an individual system or small LAN are also included. If you need to understand the comparative methods used by different “Linuxes” to manage patches, this book fits the bill.



Conclusion



This book takes on quite a chunk of information for a smaller text and has its strengths and weaknesses. If you are looking for a text that introduces you to Linux patch management across different distros, or as a tech or admin, you encounter a “mixed bag” of Linux servers in different environments, this is one handy book to have around. The downside is that there is only so much you can learn about any one software management system since the book apparently had to sacrifice detail for coverage. Don't get me wrong...Jang did a noble job of hitting all the high points of each software manager and distribution, but I wouldn't want to tackle any one of them without having more detailed information at my fingertips. While this book is a good place to start, you will still need supplementary material to become expert at configuring apt, YaST or yum for a networked environment. I'd like to see Jang expand the information and perhaps organize it a bit better for the 2nd Edition. Having said that, it does make a very good reference if you want a tour of all of these systems and it seems obvious that the author is familiar with each of them.

Title: Linux Patch Management: Keeping Linux Systems Up to Date
Category: Linux
Sub-Category: Linux Books
Author: tripwire45
Related Link: Find it on Amazon
Added: March 28th 2006
Viewed: 14468 Times
Score:
Options:  
  

[ Back to Reviews Index | Back to Linux Index | Post Comment ]