SEC-UPDATER

Section: strongSwan (8)
Updated: 2017-08-25
Page Index

NAME

sec-updater - Extracts security update information of Linux distributions

SYNOPSIS

[ --debug level ] [ --quiet ] [ --security ] --os string --arch string --uri uri --file filename -h | --help

DESCRIPTION

sec-updater extracts information about security updates and backports of Linux repositories (e.g. Debian or Ubuntu). This information is used to update the package version information stored in the strongTNC SQLite database. The "dbkg --compare-versions" command is used to determine which package versions are affected by a given security update.

OPTIONS

-h, --help: Prints usage information and a short summary of the available commands.
-v, --debug level: Set debug level, default: 1.
-q, --quiet: Disable debug output to stderr.
-s, --security: Set when parsing a distributions file with security updates.
-o, --os string: Name of operating system (OS). eg. "Ubuntu 16.04".
-o, --arch string: Name of HW architecture. eg. "x86_64".
-o, --uri uri: URI where to download deb package from.
-f, --file filename: Linux package information file to parse.

CONFIGURATION

The following parameters can be configured in strongswan.conf:

sec-updater {
   database = sqlite:///etc/pts/config.db
   swid_gen {
       command = /usr/local/bin/swid_generator
       tag_creator {
          name = strongSwan Project
          regid = strongswan.org
       }
    }
    tnc_manage_command = /var/www/tnc/manage.py
    tmp {
       deb_file = /tmp/sec-updater.deb
       tag_file = /tmp/sec-updater.tag
    }
}