{ "info": { "author": "Marcus Furlong", "author_email": "furlongm@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Web Environment", "Framework :: Django", "License :: OSI Approved :: GNU General Public License v3 (GPLv3)", "Topic :: Internet :: WWW/HTTP :: WSGI :: Application" ], "description": "# Patchman\n\n\n## Summary\n\nPatchman is a Django-based patch status monitoring tool for linux systems.\nPatchman provides a web interface for monitoring the package updates available\nfor linux hosts.\n\n[![](https://raw.githubusercontent.com/furlongm/patchman/gh-pages/screenshots/dashboard.png)](https://github.com/furlongm/patchman/tree/gh-pages/screenshots)\n\n\n## How does it work?\n\nPatchman clients send a list of installed packages and enabled repositories to\nthe Patchman server. The Patchman server updates its package list for each\nrepository and determines which hosts require updates, and whether those updates\nare normal or security updates. The web interface also gives information on\npotential issues, such as installed packages that are not from any repository.\n\nHosts, packages, repositories and operating systems can all be filtered. For\nexample, it is possible to find out which hosts have a certain version of a\npackage installed, and which repository it comes from.\n\nPatchman does not install update packages on hosts, it determines and displays\nwhat updates are available for each host.\n\n`yum`, `apt` and `zypper` plugins can send reports to the Patchman server every\ntime packages are installed or removed on a host.\n\n\n## Source\n\nThe current source code is available on github:\n\n https://github.com/furlongm/patchman\n\n\n## Dependencies\n\n### Server-side dependencies\n\n\n```\npython-django\npython-django-tagging\npython-django-extensions\npython-django-bootstrap3\npython-djangorestframework\npython-debian\npython-rpm\npython-progressbar\npython-lxml\npython-argparse\npython-requests\npython-humanize\n```\n\nThe server can optionally make use of celery to asynchronously process the\nreports sent by hosts.\n\n\n### Client-side dependencies\n\nThe client-side dependencies are kept to a minimum. `rpm` and `dpkg` are\nrequired to report packages, `yum`, `zypper` and `apt` are required to report\nrepositories. These packages are normally installed by default on most systems.\n`dnf` is not yet supported.\n\nrpm-based OS's can tell if a reboot is required to install a new kernel by\nlooking at `uname -r` and comparing it to the highest installed kernel version.\n\ndeb-based OS's do not always change the kernel version when a kernel update is\ninstalled, so the `update-notifier-common` package needs to be installed to\nenable this functionality.\n\n\n## Usage\n\nThe web interface contains a dashboard with items that need attention, and\nvarious pages to manipulate hosts, repositories, packages, operating systems and\nreports.\n\nTo populate the database, simply run the client on some hosts:\n\n```shell\n$ patchman-client -s http://patchman.example.org\n```\n\nThis should provide some initial data to work with.\n\nOn the server, the `patchman` command line utility can be used to run certain\nmaintenance tasks, e.g. processing the reports sent from hosts, downloading\nrepository update information from the web. Run `patchman -h` for a rundown of\nthe usage:\n\n```shell\n$ sbin/patchman -h\nusage: patchman [-h] [-f] [-q] [-r] [-R REPO] [-lr] [-lh] [-u] [-A] [-H HOST]\n [-p] [-c] [-d] [-n] [-a] [-D hostA hostB]\n\nPatchman CLI tool\n\noptional arguments:\n -h, --help show this help message and exit\n -f, --force Ignore stored checksums and force-refresh all mirrors\n -q, --quiet Quiet mode (e.g. for cronjobs)\n -r, --refresh-repos Refresh repositories\n -R REPO, --repo REPO Only perform action on a specific repository (repo_id)\n -lr, --list-repos List all repositories\n -lh, --list-hosts List all hosts\n -u, --host-updates Find host updates\n -A, --host-updates-alt\n Find host updates (alternative algorithm that may be\n faster when there are many homogeneous hosts)\n -H HOST, --host HOST Only perform action on a specific host (fqdn)\n -p, --process-reports\n Process pending reports\n -c, --clean-reports Remove all but the last three reports\n -d, --dbcheck Perform some sanity checks and clean unused db entries\n -n, --dns-checks Perform reverse DNS checks if enabled for that host\n -a, --all Convenience flag for -r -A -p -c -d -n\n -D hostA hostB, --diff hostA hostB\n Show differences between two hosts in diff-like output\n -e, --errata Download CentOS errata from https://cefs.steve-\n meier.de/\n```\n\n\n## Concepts\n\nThe default settings will be fine for most people but depending on your setup,\nthere may be some initial work required to logically organise the data sent in\nthe host reports. The following explanations may help in this case.\n\nThere are a number of basic objects - Hosts, Repositories, Packages, Operating\nSystems and Reports. There are also Operating System Groups (which are optional)\nand Mirrors.\n\n### Host\nA Host is a single host, e.g. test01.example.org.\n\n### Operating System\nA Host runs an Operating System, e.g. CentOS 7.1, Debian 8.4, Ubuntu 16.04\n\n### Package\nA Package is a package that is either installed on a Host, or is available to\ndownload from a Repository mirror, e.g. `strace-4.8-11.el7.x86_64`,\n`grub2-tools-2.02-0.34.el7.centos.x86_64`, etc.\n\n### Mirror\nA Mirror is a collection of Packages available on the web, e.g. a `yum`, `yast`\nor `apt` repo.\n\n### Repository\nA Repository is a collection of Mirrors. Typically all the Mirrors will contain\nthe same Packages. For Red Hat-based Hosts, Repositories automatically link\ntheir Mirrors together. For Debian-based hosts, you may need to link all\nMirrors that form a Repository using the web interface. This may reduce the\ntime required to find updates. Repositories can be marked as being security or\nnon-security. This makes most sense with Debian and Ubuntu repositories where\nsecurity updates are delivered via security repositories. For CentOS security\nupdates, see the Erratum section below.\n\n### Report\nA Host creates a Report using `patchman-client`. This Report is sent to the\nPatchman server. The Report contains the Host's Operating System, and lists\nof the installed Packages and enabled Repositories on a Host. The Patchman\nserver processes and records the list of Packages and Repositories contained in\nthe Report.\n\n### Operating System Group (optional)\nAn OSGroup is a collection of OS's. For example, an OSGroup named \"Debian 8\"\nwould be comprised of the following OS's:\n\n```\nDebian 8.0\nDebian 8.1\nDebian 8.4\n```\n\nLikewise, an OSGroup named \"CentOS 7\" would be made up of the following OS's:\n\n```\nCentOS 7.0\nCentOS 7.2.1511\n```\n\nRepositories can be associated with an OSGroup, or with the Host itself. If the\n`use_host_repos variable` is set to True for a Host, then updates are found by\nlooking only at the Repositories that belong to that Host. This is the default\nbehaviour and does not require OSGroups to be configured.\n\nIf `use_host_repos` is set to False, the update-finding process looks at the\nOSGroup that the Host's Operating System is in, and uses the OSGroup's\nRepositories to determine the applicable updates. This is useful in environments\nwhere many hosts are homogeneous (e.g. cloud/cluster environments).\n\n### Erratum\nErrata for CentOS can be downloaded from https://cefs.steve-meier.de/ .\nThese errata are parsed and stored in the database. If a PackageUpdate\ncontains a package that is a security update in the errata, then that update is\nmarked as being a security update.", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://patchman.openbytes.ie/", "keywords": "django patch status monitoring linux spacewalk patchman", "license": "GPLv3", "maintainer": "", "maintainer_email": "", "name": "patchman", "package_url": "https://pypi.org/project/patchman/", "platform": "", "project_url": "https://pypi.org/project/patchman/", "project_urls": { "Homepage": "http://patchman.openbytes.ie/" }, "release_url": "https://pypi.org/project/patchman/1.0.9/", "requires_dist": null, "requires_python": "", "summary": "Django based patch status monitoring tool for linux systems", "version": "1.0.9" }, "last_serial": 4358714, "releases": { "1.0.9": [ { "comment_text": "", "digests": { "md5": "de4868e2fae632449d7c56dd7ef641ab", "sha256": "4d589daff4bd812c8f267b06df50f0a86a8fa4779ffabdb2cb4b701268be961c" }, "downloads": -1, "filename": "patchman-1.0.9.tar.gz", "has_sig": false, "md5_digest": "de4868e2fae632449d7c56dd7ef641ab", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 77003, "upload_time": "2018-10-10T04:48:42", "url": "https://files.pythonhosted.org/packages/a8/6d/50764b6d5210e68e2d90acbc55f3bf44754d7a6afd85ce4512d10180e44c/patchman-1.0.9.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "de4868e2fae632449d7c56dd7ef641ab", "sha256": "4d589daff4bd812c8f267b06df50f0a86a8fa4779ffabdb2cb4b701268be961c" }, "downloads": -1, "filename": "patchman-1.0.9.tar.gz", "has_sig": false, "md5_digest": "de4868e2fae632449d7c56dd7ef641ab", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 77003, "upload_time": "2018-10-10T04:48:42", "url": "https://files.pythonhosted.org/packages/a8/6d/50764b6d5210e68e2d90acbc55f3bf44754d7a6afd85ce4512d10180e44c/patchman-1.0.9.tar.gz" } ] }