Feature changed by: Duncan Mac-Vicar (dmacvicar) Feature #310085, revision 20 Title: Zypper: Filter Security Needed patches - openSUSE-11.4: Evaluation by product manager - Priority - Requester: Important Package Wishlist: Unconfirmed Priority Requester: Desirable Info Provider: (Novell) Requested by: Michael Moser (mose) Product Manager: (Novell) Project Manager: (Novell) Engineering Manager: (Novell) Developer: (Novell) Technical Contact: (Novell) Technical Contact: (Novell) Partner organization: openSUSE.org Description: I would be nice if there was a way to install only security patches that are 'Needed'. I have a multitude of SuSE based servers under management where I work, and we need to keep boxes up to date with security releases. Since we dont manage the applications the customer uses, we have no way of knowing if recommended patches for any given package will have adverse affects on their software. Currently we zypper pch | grep security | grep '| Needed' then copy & paste the output of that list to zypper patch. I've thought about trying to write a script to generate the list, but thought an intrinsic feature would be cleaner, especially when cssh'd into 30+ boxes at a time. I've seen alot of threads on google on this subject, so it seems that others are trying to accomplish the same task. I think such a feature would be a worthwhile implementation. Something to the order of: * zypper patch -s (security only) * zypper patch -r (recommended only) * zypper patch (Defaults to all patches) Or implement it similar to "zypper lp --issue=security", i.e. "zypper patch --issue=security". Discussion: #1: Carl Linden (carllinden) (2010-11-01 15:47:12) Hi I have several customer asking for this feature. We used to have "rug up -t patch -g security" which worked fine on SLES10 but with SLES11 and zypper this is not yet availble. #2: Matthias Eckermann (mge1512) (2010-11-01 17:17:39) In my view, the commandline should be similar to "zypper lp -- issue=security", i.e. "zypper patch --issue=security". #3: Rob Fortune (rob-fortune) (2011-03-11 20:53:17) zypper -n in --auto-agree-with-licenses `zypper -A list-patches | grep 'needed$' | cut -f2 -d\|` #4: Rob Fortune (rob-fortune) (2011-03-11 20:54:31) (reply to #3) You could grep out recommended if you didn't want them after grepping for needed. #5: Federico Lucifredi (flucifredi) (2011-03-26 00:43:33) (reply to #4) valid use case. Let's do this, unless Engineering reports it as a significant effort, I think it is clearly worth it. -- openSUSE Feature: https://features.opensuse.org/310085