
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
OS Hardening Principles
|
67
Overall, yast2’s Online Update functionality is simple and fast. The only error I’ve
encountered running it on my two SUSE servers was the result of invoking yast2
from an xterm as an unprivileged user: yast2 claimed that it couldn’t find the update
list on ftp.suse.com, which wasn’t exactly true. The real problem was that yast2
couldn’t write that file locally where it needed to because it was running with my
non-root privileges.
Invoking yast2 from a window-manager menu (in any window manager that susewm
configures) obviates this problem: you will be prompted for the root password if you
aren’t running X as root. Running X as root, of course, is another workaround, but
not one I recommend due to the overall insecurity of X. A better approach is to open
a terminal window, su to root by using the command
su -, and then run the com-
mand yast2.Bysu-ing with the “-” (hyphen), you’ll set all your environment vari-
ables to root’s default values, including
DISPLAY.
How to be notified of and obtain security updates: Debian
As is typical of Debian GNU/Linux, updating Debian packages is less flashy yet sim-
pler than with most other distributions. The process consists mainly of two com-
mands (actually, one command, apt-get, invoked twice but with different options): ...