Sneakernetting SLES10 SP2 Updates using the Subscription Management Tool (SMT)
An installation server can be added if there are a number of servers in the secured location that can be updated over the secured network. Look at the “Using an Installation server in the secured location” section. Otherwise, the updates will need to be local to each SLES server that is updated.
Here is a simple diagram how this will work:
Sneakernetting_SLES_Updates_using_SMT.jpg (29.32 KB)
Prep work on a SLES server that is connected to the Internet
- Download the SMT iso from http://download.novell.com/Download?buildid=5YxjWD8_ZZk
- Install SMT using the following instructions http://www.novell.com/documentation/sles10/esd/ii_smt.html
- Use the SMT documentation to configure and begin the mirroring of updates from Novell. The documentation is located in /usr/share/doc/manual/sle-smt_en after the SMT installation.
Sneakernetting the updates from the SMT server
- On the SMT server, the default location of the mirror is /srv/www/htdocs on the SMT server. To verify, type “grep MirrorTo /etc/smt.conf”
- SMT builds a directory structure under the default location which is repo/$RCE/SLES10-SP2-Updates. Use the CLI or a GUI file browser to look at this directory. You should see directories like sles-10-architecture
- The Updates directory structure may be larger than can fit on one DVD. Use the –multi-volume and –tape-length options with tar to create multiple tar files that can fit on several DVDs. Example: “tar -c -ML 4718592 -vf disk1.tar SLES10-SP2-Updates/*” assumes approximately 4.5GB in a single tar file. NOTE: When prompted “Prepare volume #2 for disk1.tar and hit return:” type “n disk2.tar” and <Enter> to write to the next tar file. Repeat until all tar files have been created. Great resource – http://www.base64.co.uk/splitting-large-files/
- Burn to a DVD (use Nautilus > Go > CD/DVD Creator) or copy to USB storage the entire SLES10-SP2-Updates directory, specific SLES10-SP2-Updates/sles-10-<architecture> directories or the tar files that need to be sneakernetted to the server not connected to the internet
- Sneakernet the DVD or USB media to the secure location.
- Extract or copy SLES10-SP2-Updates or create a symlink (ln -s <mounted DVD or USB media>/SLES10-SP2-Updates /SLES10-SP2-Updates) to /SLES10-SP2-Updates
Updating the server(s) in the secure network
- Use rug to add a local installation source
FILE: “rug sa -t zypp /SLES10-SP2-Updates/sles-10-architecture Updates” - Use “rug sub Updates” to subscribe to the Updates channel
- Use “rug lu” to list the available updates
- Use “rug up” to install the available updates
Using an Installation server in the secured location
Follow the Prep work on a SLES server that is connected to the Internet section above.
Prep work on SLES server that is not connected to the Internet
- Create an installation server (HTTP, FTP or NFS) using YAST | Miscellaneous | Installation Server – http://www.novell.com/documentation/sles10/sles_admin/data/sec_deployment_remoteinst_instserver.html
Follow the Sneakernetting the updates from SMT section above and add the following steps.
- On the server not connected to the Internet, the root of the installation server can be determined by typing “grep ‘<directory>’ /etc/YaST2/instserver/instserver.xml”. The location is information between the directory tags
- Create a symbolic link from /SLES10-SP2-Updates to the root of the installation server.
Updating the server(s) in the secure network
- Use rug to add an installation source to the installation server
HTTP: “rug sa -t zypp http:<installation server ip address>/<alias>/SLES10-SP2-Updates/sles-10-architecture Updates”
FTP: “rug sa -t zypp ftp:<installation server ip address>/<alias>/SLES10-SP2-Updates/sles-10-architecture Updates”
NFS: “rug sa -t zypp nfs:<installation server ip address>/<nfs export path>/SLES10-SP2-Updates/sles-10-architecture Updates” - Use “rug sub Updates” to subscribe to the Updates channel
- Use “rug lu” to list the available updates
- Use “rug up” to install the available updates
If you are using zypper instead of rug to perform the updates
Replace the Updating the server(s) in the secure network sections above with the following steps.
- Use zypper to add an installation source to the installation server
FILE: “zypper sa file://SLES10-SP2-Updates/sles-10-architecture”
HTTP: “zypper sa http:<installation server ip address>/<alias>/SLES10-SP2-Updates/sles-10-architecture”
FTP: “zypper sa ftp:<installation server ip address>/<alias>/SLES10-SP2-Updates/sles-10-architecture”
NFS: “zypper sa nfs:<installation server ip address>/<nfs export path>/SLES10-SP2-Updates/sles-10-architecture” - Use “zypper lu” to list the available updates
- Use “zypper up” to install the available updates
(Visited 1 times, 1 visits today)
5,626 views
Run SAP
SUSE for Public Cloud
Security
Comments
I was happy to see this, until I tried it. –multi-volume on tar files are limited to shorter file names, and so for SLES10 SP3 we find
tar -c -ML 4718592 -vf disk1.tar /mnt/repo
Prepare volume #2 for `disk1.tar’ and hit return: n disk2.tar
Prepare volume #2 for `disk2.tar’ and hit return:
tar: mnt/repo/$RCE/SLE10-SDK-SP3-Updates/sles-10-x86_64/rpm/src/mozilla-xulrunner190-1.9.0.18-0.4.1.src.rpm: file name too long to be stored in a GNU multivolume header
tar: Error is not recoverable: exiting now
Need to use star, as in
star -c -C=/path/to/repo -multivol -tsize=4450M f=repo1.tar f=repo2.tar f=repo3.tar f=repo4.tar f=repo5.tar repo