strongswan_sec-updater - Man Page
Extracts security update information of Linux distributions
Synopsis
Description
sec-updater extracts information about security updates and backports of Linux repositories (e.g. Debian or Ubuntu). This information is used to update the package version information stored in the strongTNC SQLite database. The "dbkg --compare-versions" command is used to determine which package versions are affected by a given security update.
Options
- -h, --help
Prints usage information and a short summary of the available commands.
- -v, --debug level
Set debug level, default: 1.
- -q, --quiet
Disable debug output to stderr.
- -s, --security
Set when parsing a distributions file with security updates.
- -o, --os string
Name of operating system (OS). eg. "Ubuntu 16.04".
- -o, --arch string
Name of HW architecture. eg. "x86_64".
- -o, --uri uri
URI where to download deb package from.
- -f, --file filename
Linux package information file to parse.
Configuration
The following parameters can be configured in strongswan.conf:
sec-updater {
database = sqlite:///etc/pts/config.db
swid_gen {
command = /usr/local/bin/swid_generator
tag_creator {
name = strongSwan Project
regid = strongswan.org
}
}
tnc_manage_command = /var/www/tnc/manage.py
tmp {
deb_file = /tmp/sec-updater.deb
tag_file = /tmp/sec-updater.tag
}
}