Book review: Linux Patch Management <i>by Michael Jang</i>

Book review: Linux Patch Management by Michael Jang


In “Linux Patch Management”, Michael Jang describes in necessary detail how to achieve patch efficiency via tools such as apt-get, rpm and rsynch.

GNU/Linux has a multitude of distributions and a significant number of approaches to security patching and installing and upgrading software. Taking a non-religious approach Michael Jang explores the most well used patch tools and their associated GUI helpers. Advanced details such as how to create your own local repository to limit network traffic and setting proxy and satellite servers are also covered in detail. It is of worth to note that the author has previously written a number of training books that help beginners and experts alike toward passing specific certifications. His strength and skill at structuring the most relevant information can be seen throughout the book.

The book’s coverThe book’s cover

The contents

Linux Patch Management is not a thick bible mentioning every command option. Rather, the 288 page book contains the expected recipes required to get the job done. This recipe based approach appears to be consistent across the whole range of books in the Bruce Perens’ Open Source Series. The first chapter quickly dives into an explanation of what a patch is and how to manage patching. The book as a whole flows from patch management for individual machines to maintaining an infrastructure for a large numbers of computers on an intranet. This book is well focused for system administrators that wish to transition to intranet wide control from daily machine-by-machine efforts. I specifically enjoyed the extensive and efficient use of rsync and the screen grabs that made each task very clear. My favourite moment was reading how to mount an ISO image as if it was CD and use that image as an installation repository. Without the book, these little details can take days to find out when they only take seconds to use. Distributions such as Redhat and SUSE are exampled and contrasted. The advantages of Yum over direct RPMing are illuminating.

Without the book, these little details can normally take days to find out when they only take seconds to use

Who’s this book for?

This book is of interest primarily to system administrators that wish to maintain a healthy GNU/Linux based network. Seemingly esoteric topics such as setting up of mirrored repositories and configuring an FTP Yum server have great practical value for building stable and up-to-date infrastructures. Architects and consultants can also benefit from such knowledge. Security experts must also realise that such workflows can be created as part of a hardened environment with a low security surface.

This book is of interest primarily to system administrators

Relevance to free software

Diversity of free software is profoundly positive. However this is only true as long as that diversity does not totally confuse the end user and system administrators with an over abundance of choice. With apt, rpm, yast, yum, zenworks, Redhat advance servers, etc., patch management tools run the risk of generating a feeling of too much diversity. Michael Jang’s book places the diversity within a recognizable framework and structures the information in such a way that practical goals such as creating a local reposity and proxy servers are achievable. Removing confusion can only give managers more confidence when making buying decisions. One can only hope that this book helps decision makers make educated total cost of ownership augmentations for migrating to GNU/Linux based on good patching policies

Pros

This book has value for daily administration of a GNU/Linux biased intranet. Linux Patch Management is well structured and practical. If you wish to get things done such as building an enterprise wide infrastructure for the most popular distributions this is a good to excellent place to start. The screen grabs are pictorially intuitive and define how GUI based tools deskill complex tasks.

Cons

Due to the wealth and range of tools mentioned the book has not dwelled on every detail and every approach. In general, this is not necessary because the two main types of package extensions deb and rpm are well covered. But for exotic systems or very specific problems such as deb to rpm conversion via the alien tool the reader may need to look elsewhere.
Title Linux Patch Management: keeping Linux systems up to date
Author Michael Jang
Publisher Prentice Hall — Pearson Education
ISBN 0132366754
Year 2006
Pages 288
CD included No
FS Oriented 10
Over all score 8

In short

Category: 
Reviews
License: 
CC-BY

Author information

Alan Berg's picture

Biography

Alan Berg Bsc. MSc. PGCE, has been a lead developer at the Central Computer Services at the University of Amsterdam for the last eight years. In his spare time, he writes computer articles. He has a degree, two masters and a teaching qualification. In previous incarnations, he was a technical writer, an Internet/Linux course writer, and a science teacher. He likes to get his hands dirty with the building and gluing of systems. He remains agile by playing computer games with his kids who (sadly) consistently beat him physically, mentally and morally.

You may contact him at reply.to.berg At chello.nl

Most forwarded

Interview with Dave Mohyla, of DTIDATA

Dave Mohyla is the president and founder of dtidata.com, a hard drive recovery facility based in Tampa, Florida.

TM: Where are you based? What does your company do?
DTI Data recovery is based in South Pasadena, Florida which is a suburb of Tampa. We have been here for over 10 years. We operate a bio-metrically secured class 100 clean room where we perform hard drive recovery on all types of hard disks, from laptop hard drives to multi drive RAID systems.

Anybody up to writing good directory software?

Since the very beginning, directories (of any kind) have had a very central role in the internet. (I have recently grown fond of Free Web Directory. Even Slashdot can be considered a directory: a collection of great news and invaluable user-generated comments. As far as software is concerned, doing a quick search on Google about software directories will return the free (as in freedom) software directories like Savannah, SourceForge, Freshmeat and so on, followed by shareware and freeware sites such as FileBuzz, PCWin Download Center and All Freeware (great if you're looking for shareware and freeware, but definitely less comprehensive than their free-as-in-freedom counterparts).

Interview with Mark Shuttleworth

Mark Shuttleworth is the founder of Thawte, the first Certification Authority to sell public SSL certificates. After selling Thawte to Verisign, Mark moved on to training as an astronaut in Russia and visiting space. Once he got back he founded Ubuntu, the leading GNU/Linux distribution. He agreed on releasing a quick interview to Free Software Magazine.

Is better education the key to finding better software?

I read David Jonathon's article Anybody Up To Writing Good Directory Software? the other day, which got me thinking about software directories in general. As David mentioned, many of the software directories one finds when doing a quick google search are free as in beer, not as in freedom. But what interests me is the software directories that already exist, providing a combination of both free as in beer software, and open source software. Sites such as Freeware Downloads and Shareware Download don't advertise themselves as providing free as in liberty software, but each of them have a good selection of open source software available... if you know where to look.

Most emailed

Free Open Document label templates

If you’ve ever spent hours at work doing mailings, cursed your printer for printing outside the lines on your labels, or moaned “There has got to be a better way to do this,” here’s the solution you’ve been looking for. Working smarter, not harder! Worldlabel.com, a manufacture of labels offers Open Office / Libre Office labels templates for downloading in ODF format which will save you time, effort, and (if you want) make really cool-looking labels

Creating a user-centric site in Drupal

A little while ago, while talking in the #drupal mailing list, I showed my latest creation to one of the core developers there. His reaction was "Wow, I am always surprised what people use Drupal for". His surprise is somehow justified: I did create a site for a bunch of entertainers in Perth, a company set to use Drupal to take over the world with Entertainers.Biz.

Update: since writing this article, I have updated the system so that the whole booking process happens online. I will update the article accordingly!

So, why, why do people and companies develop free software?

More and more people are discovering free software. Many people only do so after weeks, or even months, of using it. I wonder, for example, how many Firefox users actually know how free Firefox really is—many of them realise that you can get it for free, but find it hard to believe that anybody can modify it and even redistribute it legally.

When the discovery is made, the first instinct is to ask: why do they do it? Programming is hard work. Even though most (if not all) programmers are driven by their higher-than-normal IQs and their amazing passion for solving problems, it’s still hard to understand why so many of them would donate so much of their time to creating something that they can’t really show off to anybody but their colleagues or geek friends.

Sure, anybody can buy laptops, and just program. No need to get a full-on lab or spend thousands of dollars in equipment. But... is that the full story?

Fun articles

Santa Claus - the most successful open source project

It dawned on me the other day, as I was shopping for the dozens of gifts it seems I have to buy every December, that Santa Claus is the most successful open source project in history. (Bridget @ Illiterarty would agree with that). Santa Claus is essentially a marketing development that is embodied by everyone who stuffs a sock, gives a gift, hosts a dinner or wishes Merry Christmas over the holiday season.

Most emailed

Editorial

When I first started thinking about Free Software Magazine, I was feeling enthusiastic about the dream. I had Dave, Gianluca, and Alan willing to help me, I had established members of the free software community willing to help me out, I had writers volunteering their time and energy for free, and I had a generous offer from OpenHosting for servers, all before I'd proved myself. There was a sense of excitement in the air, and I thought maybe, just maybe, I could make this work.

Free Software Magazine uses Apollo project management software and CRM for its everyday activities!