Custombuild and yum for security patches

paul-w

Verified User
Joined
Jan 25, 2006
Messages
51
Location
Berkshire, UK
Hi everyone

I should know the answer to this having had a server running directadmin for donkey's years but I've forgotten.

I've been slack about keeping my CentOS 6.3 server up to date with security patches. Am I right in thinking that on a server running directadmin you can use yum update but a fair few packages are excluded as per /etc/yum.conf:
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* bind-chroot*


Presumably, therefore, it is custombuild that you use to update all the packages excluded by yum.conf?

I'm not seeking any new functionality and my exim for example is non-standard because I run MailScanner. Rather, I'm only interested in security updates.

What's my best option?
 
Yes you use custombuild to update all software that you do not update with yum.
 
Yes you use custombuild to update all software that you do not update with yum.

Thanks for the reminder. I guess that the potential problem with this for me is that I'm just looking for security patches, eg, the kind of 1.01 to 1.02 type update rather than 1.01 to 1.1. Do I have a valid point here or is what I'm saying invalid?
 
They both have the same security patches. Custombuild 1.02 just supports php v6 and maybe a few other things.

All you need to run is:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build update_versions
 
All you need to run is:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build update_versions

Thanks, did that after doing a yum update and upgrading to custombuild 2.

It seemed to work and it did upgrade most packages but not apache or php even though the only change I made to options.conf was to change pureftpd to proftpd.

Code:
# ./build versions
Latest version of DirectAdmin: 1.45.0
Installed version of DirectAdmin: 1.45.0

Latest version of Apache: 2.4.7
Installed version of Apache: 2.2.22

Apache 2.2.22 to 2.4.7 update is available.

Latest version of ProFTPD: 1.3.4d
Installed version of ProFTPD: 1.3.4d

Latest version of libpng: 1.2.51
Installed version of libpng: 1.2.51

Latest version of libxslt: 1.1.28
Installed version of libxslt: 1.1.28

Latest version of libxml2: 2.9.1
Installed version of libxml2: 2.9.1

Latest version of iconv: 1.14
Installed version of iconv: 1.14

Latest version of PCRE: 8.20
Installed version of PCRE: 8.20

Latest version of curl: 7.37.0-20140401
Installed version of curl: 7.37.0-20140401

Latest version of FreeType: 2.5.3
Installed version of FreeType: 2.5.3

Latest version of dovecot: 2.2.12
Installed version of dovecot: 2.2.12

Latest version of PHP (mod_php): 5.5.11
Installed version of PHP (mod_php): 5.2.17

PHP 5.5 (mod_php) 5.2.17 to 5.5.11 update is available.

Latest version of RoundCube webmail: 0.9.5
Installed version of RoundCube webmail: 0.9.5

Latest version of phpMyAdmin: 4.1.12-all-languages
Installed version of phpMyAdmin: 4.1.12-all-languages

Latest version of SquirrelMail: 1.4.22
Installed version of SquirrelMail: 1.4.22
 
Just to say I managed to solve it. Apache wasn't installing for reasons I can't now recall but these commands solved it:
Code:
yum install libcap-devel
yum install autoconf
yum install libtool

I see now that I could have used the following. Hopefully no harm done. Not sure why I installed libcap-devel:
Code:
 ./build autoconf
./build libtool

./build update_versions then got stuck on php. I used php 5.3.

Noticed on further examination of the errors that I had this:
Code:
configure: error: Unable to detect ICU prefix or no failed. Please verify ICU install prefix and make sure icu-config works.

I used the advice at http://forum.directadmin.com/showthread.php?t=44788 and did:
Code:
./build icu

I then got errors starting apache:
Code:
httpd: Configuration error: No MPM loaded.

The advice here - http://forum.directadmin.com/showthread.php?t=44985 - solved it:
Code:
./build rewrite_confs

Thanks very much scsi.
 
Hi,

Did you run the following commands before installing DirectAdmin?

Common pre-install commands

Else you can be missing more essential packages for running all the applications in CustomBuild.

With kind regards,

Robin
 
Back
Top