SuSE Linux provides two different ways to keep your server up-to-date: interactive updates through YaST2, and online_update for unattended updates. We can use maintenance CDs or any directory, NFS-share, http or ftp server. The server list is automatically updated.
Tip
If you are behind a firewall and need to use passive ftp for online updates set “passive_ftp = on” in /etc/wgetrc, as YaST uses wget to retrieve patches.
Online update is a useful feature, but in a production environment, we do not always have Internet access from every node or LPAR. In order to keep these nodes up-to-date, we need to set up our own update server.
In order to create our own update server in a private network, we need to replicate the directory structure used by SuSE on our network share. We can use NFS, FTP, HTTP.
1. | In our case, we decided to use NFS. We created a new logical volume, update-lv, and mounted it under /update. We shared this directory through NFS to all nodes in the network. |
2. | |
3. | Now we can download the patches and RPMs or copy them from the maintanence CD (Service Pack CD) in to the created directories. |
4. | On the client, we need to edit /etc/sysconfig/onlineupdate and set: YAST2_LOADFTPSERVER="no"
This will prevent overwriting of our custom setting in /etc/suseservers. |
5. | We edit /etc/suseservers: # # sample /etc/suseservers # #ftp://ftp.suselinux.hu/pub/suse # Our local update server: nfs://p630sles/update |
6. | At this point, we can try to run online updates with -V (verbose) -d (dry run) and -D (debug) (see online_update --help for more options): # online_update -V -d -D We can choose to update a particular package; for more online_update options, see Example 3-24: |
Usage: online-update [-u url] [-p product] [-v version] [-a arch] [-d] [-s] [-n] [-g] [-i] [security] [recommended] [document] [optional] -u url Base URL of directory tree used to get patches from. -g Only download patches, don't install. -i Install downloaded patches, don't download. -p product Name of product to get patches for. -v version Version of product to get patches for. -a arch Base architecture of product to get patches for. -d Dry run. Only get patches, don't install them. -n No signature check of downloaded files. -s Show list of patches. -V Be verbose. -D Debug output. |
Red Hat provides a tool for online updates through Red Hat Network: up2date. This tool works in X Windows or from the command line. First you need to issue:
rpm --import /usr/share/rhn/RPM-GPG-KEY
Next, run up2date or rhn_register. The first time you run the command, it will ask you to provide your Red Hat Network user name and password, and you will need to register your system. It will display a list of available channels and the list of available updates. For more information, see:
http://www.redhat.com/software/rhn/update/
You can also start rhn_register with the --configure option to change the default settings or to configure a proxy server, as shown in Figure 3-12.
Up2date gathers information about system hardware and software and sends this to Red Hat Network in order to determine available software updates. It runs from the command line or in graphical mode if the DISPLAY variable is set. Figure 3-13 on page 142 shows a list of available updates.
3.138.181.196