strongswan_sec-updater - Man Page

Extracts security update information of Linux distributions


sec-updater[--debug level] [--quiet] [--security] --os string --arch string --uri uri --file filename
sec-updater-h | --help


sec-updater extracts information about security updates and backports of Linux repositories (e.g. Debian or Ubuntu). This information is used to update the package version information stored in the strongTNC SQLite database. The "dbkg --compare-versions" command is used to determine which package versions are affected by a given security update.


-h,  --help

Prints usage information and a short summary of the available commands.

-v,  --debug level

Set debug level, default: 1.

-q,  --quiet

Disable debug output to stderr.

-s,  --security

Set when parsing a distributions file with security updates.

-o,  --os string

Name of operating system (OS). eg. "Ubuntu 16.04".

-o,  --arch string

Name of HW architecture. eg. "x86_64".

-o,  --uri uri

URI where to download deb package from.

-f,  --file filename

Linux package information file to parse.


The following parameters can be configured in strongswan.conf:

sec-updater {
  database = sqlite:///etc/pts/config.db
  swid_gen {
      command = /usr/local/bin/swid_generator
      tag_creator {
         name = strongSwan Project
         regid =
   tnc_manage_command = /var/www/tnc/
   tmp {
      deb_file = /tmp/sec-updater.deb
      tag_file = /tmp/sec-updater.tag

See Also



2017-08-25 5.9.11 strongSwan