On 2 March 2016 at 11:24, Anthony K akcentos@anroet.com wrote:
On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
On 03/01/2016 09:41 PM, Johnny Hughes wrote:
BUt the security plugins do not work for CentOS and they never have, Peter is correct, you need to run yum update or call out the specific packages you want updated.
I totally understand the necessity of a full system update. However, this begs the question "Why code an option into yum that is of no use?" Was there a time when this option was functional? If yes, what caused its removal? Was it a system compromise at some big corporation and someone got sued/fired? What? Don't spare any gory details either!
Specifically it requires errata data within the repo metadata.
It exists in yum since CentOS is a RHEL rebuild and upstream provides that errata data for RHEL users.
If you set up something like Spacewalk then you can use something like CEFS to import that errata data to make --security work for centos systems.
Potentially you could use a combination of his work, a bit of scripting and createrepo to provide your own errata data.
*That all being said* apply all errata still applies whenever issues arise ;)