How can I get security.ubuntu.com items?

You have the security repos enabled....

I don't know how to do it.

sudo apt-get update; sudo apt-get -y upgrade

You will get the secutrity updates. Or do you mean you ONLY want the security updates?

Thanks

'sudo apt-get update' fetched only items from archive.ubuntu.com

Check in software centre that the security updates are ticked.

Search Results of security updates are:

1.Simple tool to mail about pending package updates(apticron)
2.Debian Security Analyzer (debsecan)
3.DNSSEC extension to NET::DNS (libnet-dns-sec-perl)
4.automatic update of packages using apt-get (cron-apt)
5.diff and patch utilities which work with Debian packages (debdelta)
6.A dockable app that displays information about mailboxes (wmbiff)
7.run programs by URL (zeroinstall-injector)

But nothing is tick marked. I don't know which one is needed.

Security updates are listed there.
http://www.ubuntu.com/usn

Depends which packages are installed on your system, but certainly there has been e.g. an update recently for bind9 and gdm.
You can recheck if the latest versions are installed on your system.
e.g.
dpkg -l gdm
dpkg -l libdns69
dpkg -l bind9-host

Latest package versions and changelogs can also be searched there.
http://packages.ubuntu.com/

The only dpkg ( package name 'dpkg' ) is in natty/main. ( dpkg-dev is also there installed ). Installed version: 1.16.0~ubuntu7. There are no dpkg -l gdm , dpkg -l libdns69 or dpkg -l bind9-host in my system. I wish to know whether the items (i.e. the particular packages) from 'ubuntu.com/usn' should be saved. Some windows showed 'open with' and some showed 'save'. Since it was default I didn't try to change them. After rebooting no change happened.

There are no 'devecot' , 'rampart', or 'eucalyptus' items (installed)
Should I try to install them? .....
natty/main shows a 'pam' package installed --'libpam-ck-connector'. Removal of this item removes 'ubuntu-desktop' also.
In 'gdm' category 'gnome-session-bin' & 'gnome-session (versions 2.32.1-0ubuntu19) are attached to 'ubuntu-desktop' (so removal not possible)

I want the all the essential items for the smooth functioning of Ubuntu11.04. (from security.ubuntu.com) --through the easiest way

madhu,
as in your question
https://answers.launchpad.net/ubuntu/+source/synaptic/+question/157739

it doesn't help any further if you name and list random packages.
Your sources.list is *almost* ok this time and as you can see yourself from your topic entry, security repo is enabled already.
> deb http://security.ubuntu.com/ubuntu natty-security main restricted

However sources.list is still missing Natty updates, as already suggested in Question #157739
deb http://archive.ubuntu.com/ubuntu natty-updates main restricted
#deb-src http://archive.ubuntu.com/ubuntu natty-updates main restricted

Actually no one has to edit sources.list and run command line tools since there is a GUI called Software-Sources to en/disable repositories and updates.

What acutally is your problem with enabling repositories
https://help.ubuntu.com/community/Repositories/Ubuntu#Ubuntu%20Software%20Tab

and enabling recommended updates in a GUI?
https://help.ubuntu.com/community/Repositories/Ubuntu#Updates%20Tab

> Should I try to install them? .....

# e.g. eucalyptus
Do you run an enterprise cloud, servers?
https://help.ubuntu.com/community/UEC

For example, if you don't know what a package does, search it there and read descriptions.
http://packages.ubuntu.com/search?suite=default&section=all&arch=any&searchon=names&keywords=eucalyptus

> The only dpkg ( package name 'dpkg' ) is in natty/main

The mentioned commands aren't there to search for the package 'dpkg', they're meant to show installed packages *via* dpkg. This is why you may rather show the output of these commands instead of commenting on it, otherwise the approach to help you doesn't generate results you're expecting.

'dpkg' is a package manager command line tool.
http://manpages.ubuntu.com/manpages/natty/en/man1/dpkg.1.html

I think I had already set them as needed (for enabling repositories). Used 'Other Software' in Software Sources. 'Software-properties-gtk' window appeared. Added APT line http://seurity.ubuntu.com/ubuntu natty main. After reloading only very few items showed downloaded. Almost 99% items showed 'Failed' or 'Hit'. Synaptic Package Manager didn't show anything from natty-security/main (security.ubuntu.com) yet. (I don't know actually) Will 'Edit Sources' do any help? If so where can I see 'Edit sources' and the details to be added? (i.e. Distribution, Components etc) How should I do it?

> Added APT line http://seurity.ubuntu.com/ubuntu natty main

madhu,
you don't need to *add* the line in third party software tab, you just need to tick 'Important and Recommended updates' there.
https://help.ubuntu.com/community/Repositories/Ubuntu#Updates%20Tab

If above is impossible to achieve, try this.
As already suggested in Question #157739, close all GUIs, such as Software-Center, Synaptic, Update-Manager.

Open a terminal: ctrl+alt+t
Make a backup of the current sources.list:
sudo cp /etc/apt/sources.list /etc/apt/sources.list-backup

Open current sources.list:
gksudo gedit /etc/apt/sources.list

Compare the content between your current sources.list and pastebin, add missing lines.
http://paste.ubuntu.com/609653/

If above is impossible to achieve try to carefully paste complete content from pastebin into sources.list.
To empty current sources.list, highlight content with: ctrl+a, hit 'backspace' key to delete content completely.
Then copy and paste the content of pastebin into the sources.list file.

Save the file and close it.
Reload package list and test update.
sudo apt-get update
sudo apt-get upgrade

If uncertain about any steps, please ask and in case post error messages including the command you've issued.

I had tick marked them both already. So when I opened 'Update manager' today, more than 133 MB items were ready to install. Since many items are not useful to me I didn't try to install them. sudo cp /etc/apt/sources.list /etc/apt/sources.list-backup didn't give any result. The result of gksudo gedit /etc/apt/sources.list is:

# deb cdrom:[Ubuntu 11.04 _Natty Narwhal_ - Release i386 (20110427.1)]/ natty main restricted

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://archive.ubuntu.com/ubuntu natty main restricted
deb-src http://archive.ubuntu.com/ubuntu natty main restricted

## Major bug fix updates produced after the final release of the
## distribution.

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu natty universe
deb-src http://archive.ubuntu.com/ubuntu natty universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://archive.ubuntu.com/ubuntu natty multiverse
deb-src http://archive.ubuntu.com/ubuntu natty multiverse

## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb http://in.archive.ubuntu.com/ubuntu/ natty-backports main restricted universe multiverse
# deb-src http://in.archive.ubuntu.com/ubuntu/ natty-backports main restricted universe multiverse

deb http://archive.ubuntu.com/ubuntu natty-security main restricted
deb-src http://archive.ubuntu.com/ubuntu natty-security main restricted
deb http://archive.ubuntu.com/ubuntu natty-security universe
deb-src http://archive.ubuntu.com/ubuntu natty-security universe
deb http://archive.ubuntu.com/ubuntu natty-security multiverse
deb-src http://archive.ubuntu.com/ubuntu natty-security multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu natty partner
# deb-src http://archive.canonical.com/ubuntu natty partner

## This software is not part of Ubuntu, but is offered by third-party
deb http://archive.ubuntu.com/ubuntu natty-updates restricted main multiverse universe
## developers who want to ship their latest software.
# deb http://security.ubuntu.com/ubuntu natty main
# deb-src http://security.ubuntu.com/ubuntu natty main
--------------------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------------------
After emptying sources.list, The new saved items from pastebin appeared as an additional item 'sources.list-backup' in etc/apt ( Old one is still there in sources.list.save)
I DIDN'T USE INTERNET for the following. I shall use internet if you say everything is OK

First few lines of sudo apt-get update is :

Err http://archive.ubuntu.com natty InRelease

Err http://archive.ubuntu.com natty-updates InRelease

Err http://archive.ubuntu.com natty-security InRelease

Err http://extras.ubuntu.com natty InRelease

Err http://extras.ubuntu.com natty Release.gpg
  Could not resolve 'extras.ubuntu.com'
Err http://archive.ubuntu.com natty Release.gpg
  Could not resolve 'archive.ubuntu.com'
Err http://archive.ubuntu.com natty-updates Release.gpg
  Could not resolve 'archive.ubuntu.com'
Err http://archive.ubuntu.com natty-security Release.gpg
  Could not resolve 'archive.ubuntu.com'
Reading package lists... Done

madhu,
this
> sudo cp /etc/apt/sources.list /etc/apt/sources.list-backup didn't give any result

doesn't give a result in terminal, but creates a backup of sources.list in /etc/apt.

> new saved items from pastebin appeared as an additional item 'sources.list-backup' in etc/apt

The content isn't from pastebin, it's the -backup which you've made before with mentioned command above.

The output of
> First few lines of sudo apt-get update is

suggests that your current sources.list is missing essential repositories, such as updates and security.

The output of /etc/apt/sources.list from post #13 is not the content of pastebin.
This:
## This software is not part of Ubuntu, but is offered by third-party
deb http://archive.ubuntu.com/ubuntu natty-updates restricted main multiverse universe

is not third party, it's an essential part of Ubuntu repository.

This:
## developers who want to ship their latest software.
# deb http://security.ubuntu.com/ubuntu natty main
# deb-src http://security.ubuntu.com/ubuntu natty main

is not developers latest software, instead it's an essential part of Ubuntu repository and it's wrongly commented out.

Please explain where the problem is to replace a content from a given output A into file B, or comparing A and B in order to correct B?

> The content isn't from pastebin, it's the -backup which you've made before with mentioned command above.

You are right.

> Please explain where the problem is to replace a content from a given output A into file B, or comparing A and B in order to correct B?

Even though I clicked 'Edit anyway', I couldn't add the missing lines. I couldn't replace it either.

I didn't use the command. That is why 'Edit anyway' appeared. Understood my mistake and used command. I removed the content,replaced and saved. But the output is:

                            -desktop:~$ gksudo gedit /etc/apt/sources.list

(gedit:2206): Gtk-WARNING **: Attempting to set the permissions of `/root/.local/share/recently-used.xbel', but failed: No such file or directory

(gedit:2206): Gtk-WARNING **: Attempting to store changes into `/root/.local/share/recently-used.xbel', but failed: Failed to create file '/root/.local/share/recently-used.xbel.GZ8KWV': No such file or directory

(gedit:2206): Gtk-WARNING **: Attempting to set the permissions of `/root/.local/share/recently-used.xbel', but failed: No such file or directory

ok run:

sudo -i

then run:

touch /root/.local/share/recently-used.xbel; exit

Then retry, should stop those pesky messages

                             -desktop:~$ sudo -i
[sudo] password :
root@ -desktop:~# touch /root/.local/share/recently-used.xbel
touch: cannot touch `/root/.local/share/recently-used.xbel': No such file or directory
root@ -desktop:~#

Tried using '; exit' also :) ...... Same result repeated.
The only thing I want is the essential items to make Ubuntu 11.04 secure.

Connect to Server is in "Public FTP". Need I do anything here?

In another attempt I got this output

          -desktop:~$ gksudo gedit /etc/apt/sources.list

(gedit:1884): Gtk-WARNING **: Attempting to set the permissions of `/root/.local/share/recently-used.xbel', but failed: No such file or directory

(gedit:1884): Gtk-WARNING **: Attempting to store changes into `/root/.local/share/recently-used.xbel', but failed: Failed to create file '/root/.local/share/recently-used.xbel.EFUSWV': No such file or directory

(gedit:1884): Gtk-WARNING **: Attempting to set the permissions of `/root/.local/share/recently-used.xbel', but failed: No such file or directory

(gedit:1884): Gtk-WARNING **: Attempting to store changes into `/root/.local/share/recently-used.xbel', but failed: Failed to create file '/root/.local/share/recently-used.xbel.EP59WV': No such file or directory

(gedit:1884): Gtk-WARNING **: Attempting to set the permissions of `/root/.local/share/recently-used.xbel', but failed: No such file or directory
                             -desktop:~$

> > but failed: No such file or directory

Admit a user needs to guess what is missing now, file or directory, instead of giving an output such as "directory XY is missing, do you want to create it: y/n" or creating it automatically.
## Maybe worth a papercut bug in 'sudo'.

Open a terminal and create the directory:
sudo mkdir -p /root/.local/share

> Connect to Server is in "Public FTP". Need I do anything here?

No.

Reference.
https://help.ubuntu.com/community/Security
http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
http://www.gentoo.org/doc/en/security/security-handbook.xml

> do you want to create it: y/n" or creating it automatically.

I don't know which is good. As I have mentioned already in #18 -- The only thing I want is the essential items to make Ubuntu 11.04 secure. ( Get all the security items listed and essential ones installed )

I searched in 'InstallingSecurityTools'. But didn't understand which ones are essentials

> Open a terminal and create the directory:

Since I didn't know what to do next, I didn't try to use 'sudo mkdir -p /root/.local/share'

Did you mean to do as you mentioned in#12? --

"To empty current sources.list, highlight content with: ctrl+a, hit 'backspace' key to delete content completely.
Then copy and paste the content of pastebin into the sources.list file.

Save the file and close it.
Reload package list and test update.
sudo apt-get update
sudo apt-get upgrade"

Ctrl+a didn't work. So I added the missing lines. Saved & Closed. Used Internet

                             -desktop:~$ sudo apt-get update
[sudo] password for
Ign http://archive.ubuntu.com natty InRelease
Ign http://archive.ubuntu.com natty-updates InRelease
Ign http://archive.ubuntu.com natty-security InRelease
Hit http://archive.ubuntu.com natty Release.gpg
Hit http://archive.ubuntu.com natty-updates Release.gpg
Hit http://archive.ubuntu.com natty-security Release.gpg
Hit http://archive.ubuntu.com natty Release
Hit http://archive.ubuntu.com natty-updates Release
Hit http://archive.ubuntu.com natty-security Release
Hit http://archive.ubuntu.com natty/main Sources
Hit http://archive.ubuntu.com natty/restricted Sources
Hit http://archive.ubuntu.com natty/universe Sources
Hit http://archive.ubuntu.com natty/multiverse Sources
Hit http://archive.ubuntu.com natty/main i386 Packages
Hit http://archive.ubuntu.com natty/restricted i386 Packages
Hit http://archive.ubuntu.com natty/universe i386 Packages
Hit http://archive.ubuntu.com natty/multiverse i386 Packages
Ign http://archive.ubuntu.com natty/main TranslationIndex
Ign http://archive.ubuntu.com natty/multiverse TranslationIndex
Ign http://archive.ubuntu.com natty/restricted TranslationIndex
Ign http://archive.ubuntu.com natty/universe TranslationIndex
Hit http://archive.ubuntu.com natty-updates/main Sources
Hit http://archive.ubuntu.com natty-updates/restricted Sources
Hit http://archive.ubuntu.com natty-updates/universe Sources
Hit http://archive.ubuntu.com natty-updates/multiverse Sources
Hit http://archive.ubuntu.com natty-updates/main i386 Packages
Hit http://archive.ubuntu.com natty-updates/restricted i386 Packages
Hit http://archive.ubuntu.com natty-updates/universe i386 Packages
Hit http://archive.ubuntu.com natty-updates/multiverse i386 Packages
Ign http://archive.ubuntu.com natty-updates/main TranslationIndex
Ign http://archive.ubuntu.com natty-updates/multiverse TranslationIndex
Ign http://archive.ubuntu.com natty-updates/restricted TranslationIndex
Ign http://archive.ubuntu.com natty-updates/universe TranslationIndex
Hit http://archive.ubuntu.com natty-security/main Sources
Hit http://archive.ubuntu.com natty-security/restricted Sources
Hit http://archive.ubuntu.com natty-security/universe Sources
Hit http://archive.ubuntu.com natty-security/multiverse Sources
Hit http://archive.ubuntu.com natty-security/main i386 Packages
Hit http://archive.ubuntu.com natty-security/restricted i386 Packages
Hit http://archive.ubuntu.com natty-security/universe i386 Packages
Hit http://archive.ubuntu.com natty-security/multiverse i386 Packages
Ign http://archive.ubuntu.com natty-security/main TranslationIndex
Ign http://archive.ubuntu.com natty-security/multiverse TranslationIndex
Ign http://archive.ubuntu.com natty-security/restricted TranslationIndex
Ign http://archive.ubuntu.com natty-security/universe TranslationIndex
Ign http://archive.ubuntu.com natty/main Translation-en_IN
Ign http://archive.ubuntu.com natty/main Translation-en
Ign http://archive.ubuntu.com natty/multiverse Translation-en_IN
Ign http://archive.ubuntu.com natty/multiverse Translation-en
Ign http://archive.ubuntu.com natty/restricted Translation-en_IN
Ign http://archive.ubuntu.com natty/restricted Translation-en
Ign http://archive.ubuntu.com natty/universe Translation-en_IN
Ign http://archive.ubuntu.com natty/universe Translation-en
Ign http://archive.ubuntu.com natty-updates/main Translation-en_IN
Ign http://archive.ubuntu.com natty-updates/main Translation-en
Ign http://archive.ubuntu.com natty-updates/multiverse Translation-en_IN
Ign http://archive.ubuntu.com natty-updates/multiverse Translation-en
Ign http://archive.ubuntu.com natty-updates/restricted Translation-en_IN
Ign http://archive.ubuntu.com natty-updates/restricted Translation-en
Ign http://archive.ubuntu.com natty-updates/universe Translation-en_IN
Ign http://archive.ubuntu.com natty-updates/universe Translation-en
Ign http://archive.ubuntu.com natty-security/main Translation-en_IN
Ign http://archive.ubuntu.com natty-security/main Translation-en
Ign http://archive.ubuntu.com natty-security/multiverse Translation-en_IN
Ign http://archive.ubuntu.com natty-security/multiverse Translation-en
Ign http://archive.ubuntu.com natty-security/restricted Translation-en_IN
Ign http://archive.ubuntu.com natty-security/restricted Translation-en
Ign http://archive.ubuntu.com natty-security/universe Translation-en_IN
Ign http://archive.ubuntu.com natty-security/universe Translation-en
Reading package lists... Done
                            -desktop:~$
-------------------------------------------------------
> What do you want to achieve, what kind of security tools you want to install and what should they secure?

I am an ordinary user. So I want to secure Internet connection, Emails, Folders, Files etc. ( i.e. essentials for normal purposes ). If possible I wish to avoid 3rd party items also.

The default install is pretty secure, just keep root use to a minimum and you'll be ok. You can use a proxy to secure web access. Depends what you have to hide

> just keep root use to a minimum and you'll be ok.

Didn't understand. Would you please explain it very briefly (in 2 or 3 lines)?
-----------------------------------------

In 'sudo apt-get update' (#24) there are so many 'Hits'. And everything is from 'archive'. Will I get updates from natty-security/main(security.ubuntu.com)?

Though I had added the first few lines,Sources.list.save didn't show them -- (i.e. # deb cdrom:[Ubuntu 11.04 _Natty Narwhal_ - Release i386 (20110427.1)]/ natty main restricted)

This line is seen only in sources.list-backup

The FIRST 4 LINES in sources.list.save are:

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.

deb http://archive.ubuntu.com/ubuntu natty main restricted
deb-src http://archive.ubuntu.com/ubuntu natty main restricted
----------------------------------------
Can I avoid 3rd Party items?

Your user is only a user, it just happens to be a member of the admin grup. This allows it to use sudo. If you keep sudo use to ONLY when it is needed then it helps keep your system secure a LOT. Logging on as root significantly reduces security but a lot of users do it as they dislike typing their passwords so much.

Nothing to worry about the following? (as mentioned in #26)
           1. Hit ( seen in #24)
           2. Missing " # deb cdrom:[Ubuntu 11.04 _Natty Narwhal_ - Release i386 (20110427.1)]/ natty main restricted)"
                                  from the sources.list.save
           3. updates from natty-security/main(security.ubuntu.com)
           4. 3rd Party items

In /srv/irclogs.ubuntu.com/2011/06/10/#ubuntu-classroom.txt, I saw "the single most important thing you can do to stay safe is to stay up to date on your security updates". That was why I asked you about security.ubuntu.com

> Will I get updates from natty-security/main

Yes.
Read the output from source.list (#24), everything 'hit' is what you'll get.
To simple exclude, lets put it the other way around, if there were anything wrong, we would tell you.

> Missing " # deb cdrom:[Ubuntu 11.04 _Natty Narwhal_ - Release i386 (20110427.1)]/

You can add the line in sources.list if you wish, I didn't have it in pastebin, because I don't need it.
It just means, if the line is there, deb.cdrom... isn't outcommented in sources.list, and apt expects it to find, so just comment it out with '#'.

> stay safe is to stay up to date on your security updates". That was why I asked you about security.ubuntu.com

Again, as the output from #24 suggests no errors where encountered.

Thank you Sam. Thank you actionparsnip.
Both of you cleared my doubts (with great patience) and made 'my' Ubuntu more safe.

Thanks Sam_, that solved my question.

natty-updates/main (archive.ubuntu.com)
natty-updates/multiverse (archive.ubuntu.com)
natty-updates/universe (archive.ubuntu.com)
natty/main (archive.ubuntu.com)
natty/multiverse (archive.ubuntu.com)
natty/restricted (archive.ubuntu.com)
natty/universe (archive.ubuntu.com)

Updated without any difficulty. These are the 7 origins now I have in Synaptic Package Manager.