If you manage a whole bunch of servers or client workstations (or both), it comes in handy
to update them all with just one command.
(Credits: This is based on an article to be found in the "Linux Magazin 5/2003, page 33". Thanks!)
Servers/Workstations
Run:
# adduser --disabled-login update
# apt-get install sudo
Use visudo to edit /etc/sudoers similar to:
Cmnd_Alias APTGET = /usr/bin/apt-get update, /usr/bin/apt-get -y upgrade, /usr/bin/apt-get -y dist-upgrade root ALL=(ALL) ALL update ALL = NOPASSWD : APTGET
This allows user root to execute every command on every machine (default) as well as the user update
to execute all commands from APTGET as root on every machines without having to enter a password.
(If you have a NIS/NFS-network, of course just add the user update to the NIS-server and add "+update:*:::::" to the other machines.)
You also have to create the file ~update/.ssh/authorized_keys which simply holds the public-key(s) from the key-pair(s) to be generated on the initiating machine(s) (see below). This allows you to login to your servers/workstations as user update without having to provide a password.
The initiating machine
Run:
# apt-get install dsh
/etc/dsh/dsh.conf:
verbose = 0 remoteshell = ssh showmachinenames = 1 waitshell = 1
~/.dsh/machines.list:
update@machine1 update@machine2 [...]
This configures the "dancer's shell".
If you don't already have an ssh-keypair, generate one (man ssh-keygen) and - as mentioned above -
copy the public-key to your machines' ~update/.ssh/authorized_keys file(s).
Update all machines using:
# dsh -a -- 'sudo apt-get update && sudo apt-get -y upgrade'
You might also want to use "-c" as an option to dsh. Check out its manpage.