If you manage a whole bunch of servers or client workstations (or both), it comes in handy
to update them all with just one command.
(Credits: This is based on an article to be found in the "Linux Magazin 5/2003, page 33". Thanks!)
# adduser --disabled-login update # apt-get install sudo
visudo to edit
/etc/sudoers similar to:
Cmnd_Alias APTGET = /usr/bin/apt-get update, /usr/bin/apt-get -y upgrade, /usr/bin/apt-get -y dist-upgrade root ALL=(ALL) ALL update ALL = NOPASSWD : APTGET
This allows user
root to execute every command on every machine (default) as well as the user
to execute all commands from APTGET as root on every machines without having to enter a password.
(If you have a NIS/NFS-network, of course just add the user
update to the NIS-server and add "+update:*:::::" to the other machines.)
You also have to create the file
~update/.ssh/authorized_keys which simply holds the public-key(s) from the key-pair(s) to be generated on the initiating machine(s) (see below). This allows you to login to your servers/workstations as user
update without having to provide a password.
The initiating machine
# apt-get install dsh
> verbose = 0 > remoteshell = ssh > showmachinenames = 1 > waitshell = 1 >
update@machine1 update@machine2 [...]
This configures the "dancer's shell".
If you don't already have an ssh-keypair, generate one (
man ssh-keygen) and - as mentioned above -
copy the public-key to your machines'
Update all machines using:
# dsh -a -- 'sudo apt-get update && sudo apt-get -y upgrade'
You might also want to use "-c" as an option to
dsh. Check out its manpage.