# vim /etc/zypp/zypp.conf
将以下内容:
......
multiversion.kernels = latest,latest-1,running
......
修改为:
......
multiversion.kernels = latest,latest-1,latest-2,latest-3,running
......
(补充:这里以使用 zypper 升级内核时保留内核的数量从 3 个增加到 5 个为例)
# vim /etc/zypp/zypp.conf
将以下内容:
......
multiversion.kernels = latest,latest-1,running
......
修改为:
......
multiversion.kernels = latest,latest-1,latest-2,latest-3,running
......
(补充:这里以使用 zypper 升级内核时保留内核的数量从 3 个增加到 5 个为例)
CVE 全称是:Common Vulnerabilities and Exposures,翻译成中文是:常见脆弱性和暴露,是一个业界统一的脆弱性和暴露。
CVE-2016-4658,其中 2016-4658 是编号
用于标签系统和应用的漏洞,并实现了一个漏洞数据库以进行漏洞的查询和管理
https://www.cvedetails.com
https://access.redhat.com/security/security-updates/#/cve
https://access.redhat.com/management/errata
openSUSE CVE 安全补丁官方网站
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/
SUSE CVE 安全补丁官方网站
https://www.suse.com/security/cve/
# rpm -q openssh-clients --changelog | grep -i cve
(补充:这里以显示 openssh-clients 软件的 CVE 信息的变更历史为例)
# rpm -qpi --changelog redis-6.0.14-6.8.1.x86_64.rpm |grep -E '32675'
- Fix CVE-2021-32675, Denial Of Service when processing RESP request
(CVE-2021-32675, bsc#1191303)
* cve-2021-32675.patch
(补充:这里以确认 redis-6.0.14-6.8.1.x86_64.rpm 软件包是否已修复 CVE-2021-32675 为例)
http://mirror.centos.org/centos/7/os/x86_64/
http://mirror.centos.org/centos/7/updates/x86_64/
http://mirror.centos.org/centos/7/extras/x86_64/
http://mirror.centos.org/centos/7/centosplus/x86_64/
http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=$infra
http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=$infra
http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=$infra
http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=centosplus&infra=$infra
http://mirror.centos.org/centos/8/BaseOS/x86_64/os/
http://mirror.centos.org/centos/8/AppStream/x86_64/os/
http://mirrorlist.centos.org/?release=8&arch=x86_64&repo=BaseOS&infra=$infra
http://mirrorlist.centos.org/?release=8&arch=x86_64&repo=AppStream&infra=$infra
作者:朱明宇
名称:批量设置官方软件源(openSUSE 版)
作用:批量设置官方软件源(openSUSE 版)
1. 服务器清单 $add_repo_servers_list.txt 每个服务器名占用 1 行,并和此脚本放在同一目录下
2. 在此脚本的分割线内写入相应的内容
3. 给此脚本添加执行权限
4. 执行此脚本
add_repo_servers_list.txt #指定存放要设置官方软件源的文件
1. 此脚本执行前必须要先保证执行此脚本的用户能无密码 ssh 远程这些远程服务器
2. 服务器的系统需要是 openSUSE 15.2 版本
3. 服务器系统要配置好可用的软件源(最好是软件数量最多的官方版本)
4. 这些远程服务器要能够连接外网
#!/bin/bash
####################### Separator ########################
add_repo_servers_list.txt
####################### Separator ########################
cat add_repo_servers_list.txt
read -p "will add opensuse_leap_15.2 repo please input y " a
echo $a
if [ "$a" != "y" ];then
echo "you don't agree so exit now"
exit
fi
for i in `awk '{print $1}' add_repo_servers_list.txt`
do
ssh $i '
sudo -u root su - root -c "zypper mr -da"
sudo -u root su - root -c "zypper ar -fcg http://download.opensuse.org/distribution/leap/15.2/repo/oss/ OpenSUSE_Leap_152_x64_update-oss"
sudo -u root su - root -c "zypper ar -fcg http://download.opensuse.org/distribution/leap/15.2/repo/non-oss/ OpenSUSE_Leap_152_x64_update-non-oss"
sudo -u root su - root -c "zypper ar -fcg http://download.opensuse.org/update/leap/15.2/oss/ OpenSUSE_Leap_152_x64_oss"
sudo -u root su - root -c "zypper ar -fcg http://download.opensuse.org/update/leap/15.2/non-oss/ OpenSUSE_Leap_152_x64_non-oss"
sudo -u root su - root -c "zypper ref"
done
(步骤略)
# mount /dev/cdrom /mnt
(补充:这里以挂载 /dev/sr1 到 /mnt 目录为例)
# zypper ar file:///mnt/Module-Basesystem openSUSE15-Base
或者:
# zypper ar -f /mnt/Module-Basesystem openSUSE15-Base
(补充:这里以将 /mnt/Module-Basesystem 添加到软件源并命名为 openSUSE15-Base 为例)