SUSE Conversations


Forensic analysis of patchlevel in a supportconfig

ataschner

By:

October 29, 2014 10:44 am

Reads:6,879

Comments:3

Score:5

Print/PDF

License:
GPL

Download oscc-0.2-0.4.noarch.rpm

Update – October 2014 : New version that supports SUSE Linux Enterprise 12

Do you ever get exposed to supportconfig files from servers that do not have access to update repositories ? Or do you find it difficult to relate to patch numbers of updates (not) installed in updates.txt of a supportconfig?

If so, how do you easily find out if there are pending updates available from SUSE/Novell to be installed on the system to make it up to date?
Exactly – you don’t.

Until now…

Install the oscc (for Offline SupportConfig Checker) package on a system with acess to either the online update repositories at Novell Customer Center (NCC) or a local mirror on e.g. a Subscription Management Tool (SMT) server.

This package contains a digested cache of the update repositories for the main SUSE Linux Enterprise (SLE) products along with a plain shell script.

When executed against a supportconfig archive, oscc

  • detects the SLE products installed
  • sets up and updates the “cache” for the applicable repositories
  • examines the SLE package versions installed on the system
  • checks if each of the packages is up to date
  • displays the results to the user

By default, the script uses the NCC update repositories when determining the currently available packages. Accessing the NCC repositories requires authentication, so the user will be prompted for the mirror credentials of his/her account in NCC. These credentials should match the username and password obtained from My Products|Mirror Credentials in the Novell Customer Center.

Getting prompted for this username/password every time you run oscc may become rather annoying. So this interaction can be eliminated by storing the credentials in the configuration file /etc/opt/oscc/oscc.conf (yes, unsafe, I know).

Also configurable in the config file is the URL to the update repositories. In addition to the NCC servers they could be accessible via http, https, nfs or local storage.

Currently the script supports the x86_64 and i586 architectures of:

  • SUSE Linux Enterprise Server 10 SP{1,2,3,4}, 11 SP{1,2,3}
  • SUSE Linux Enterprise Software Development Kit 10 SP4, 11 SP{1,2,3}
  • SUSE Linux Enterprise High Availability Extension 11 SP{1,2,3}
  • Subscription Management Tool 11 SP{1,2,3}

SLE 11 without service packs is not supported, since it is not available under the Long Term Service Pack Support (LTSS) program. See the Long Term Service Pack Support page for details on that.

Below is an example of how an execution of the script looks.

After determining products installed on the system and setting up the repositories, it cycles through each package:

oscc-screenshot-1_1

The tool checks for available updates for the repositories applicable to the supportconfig, it is executed against.

In the example above, new versions of some packages have become available since the update “database” was last updated.

When the analysis is completed, a summary like this is displayed:

oscc-screenshot-2_1

Download the RPM and try it out.

Since version string comparison turned out to be a somewhat complicated matter, the script is rather long and may seem chaotic. But it does the job.

And if it does not, please feel free to leave a comment here.

Feedback is welcome.

2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...

Tags: , , , ,
Categories: Free Tools, SUSE Linux Enterprise Server, Technical Solutions

Disclaimer: As with everything else at SUSE Conversations, this content is definitely not supported by SUSE (so don't even think of calling Support if you try something and it blows up).  It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.

3 Comments

  1. By:ataschner

    New version uploaded :
    – Added support for SLES11-SP2-LTSS
    – Check for missing database files
    – Fixed more bugs in update_repo_cache

  2. By:ataschner

    This version also creates a report file with the findings.

  3. By:ataschner

    Range error fixed, so that the tool also works with ssh connections from Windows putty and in Mac OS X Terminal

Comment

RSS