Red Hat Training
A Red Hat training course is available for Red Hat Satellite
Installation Guide
Red Hat Network Satellite
Edition 3
Abstract
Preface
1. About This Guide
2. Audience
Chapter 1. Introduction
1.1. About Red Hat Network Satellite
- Maintain complete control and privacy over package management and server maintenance within their own networks;
- Store System Profiles on a Satellite server, which connect to the Red Hat Network website via a local web server; and,
- Perform package management tasks, including errata updates, through the local area network.
- Stand-Alone Database — One with a stand-alone database on a separate machine; and
- Embedded Database — One with an embedded database installed on the same machine as the Satellite.
1.2. System Overview
- Database
- Satellite functions using two database types:
- Stand-Alone Database — An organization's existing database or, preferably, a separate machine. Satellite supports Oracle Database 11g Release 2, Standard or Enterprise Edition for the stand-alone database.
- Embedded Database — The database comes bundled with Satellite and is installed on the same machine as the Satellite during the installation process. The included database is Oracle Database 10g Release 2.
- Satellite Core
- The core system and entry point for Red Hat Update Agent running on client systems. Satellite also includes an Apache HTTP Server, which serves XML-RPC requests.
- Satellite Web Interface
- A user interface for advanced system, system group, user, and channel management. The organization configures access to the Satellite web interface from the local area network only or from both the local area network and the Internet. The Satellite's version of the Red Hat Network website allows full control over client systems, system groups, and users.
- RPM Repository
- Package repository for Red Hat RPM packages and custom RPM packages identified by the organization.
- Management Tools
- The Satellite Management Tools are used to synchronize the Satellite database and package repository with Red Hat Network. Satellite also includes management tools for:
- Database and file system synchronization;
- Custom RPM and repository imports;
- Channel maintenance (Web-based);
- Errata management (Web-based);
- User management (Web-based); and
- Client system and system grouping (Web-based).
- Red Hat Update Agent
- Reconfigure Red Hat Update Agent on client systems to retrieve updates from the organization's internal Satellite instead of the central Red Hat Network Servers. After this one-time reconfiguration, client systems retrieve updates locally using the Red Hat Update Agent. System administrators also schedule actions through the Satellite Web Interface.
Important
Red Hat strongly recommends that clients connected to Satellite be running the latest update of Red Hat Enterprise Linux to ensure proper connectivity.
Figure 1.1. Using Satellite and Red Hat Network Proxy Server Together
1.3. Terms to Understand
- Channel
- A Channel is a list of software packages. There are two types of channels: base channels and child channels. A base channel consists of a list of packages based on a specific architecture and Red Hat release. A child channel is a channel associated with a base channel that contains extra packages.
- Organization Administrator
- An Organization Administrator is a user role with the highest level of control over an organization's Red Hat Network account. Members of this role can add other users, systems, and system groups to the organization as well as remove them. A Red Hat Network organization must have at least one Organization Administrator.
- Channel Administrator
- A Channel Administrator is a user role with full access to channel management capabilities. Users with this role are capable of creating channels, assigning packages to channels, cloning channels, and deleting channels. This role can be assigned by an Organization Administrator through the Users tab of the Red Hat Network website.
- Certificate Authority
- A Certificate Authority distributes digital signatures to users as part of public key infrastructure for encrypted authentication and communication.
- Red Hat Update Agent
- The Red Hat Update Agent is the Red Hat Network client application that allows users to retrieve and install new or updated packages for the client system on which the application is run.
- Traceback
- A Traceback is a detailed description of "what went wrong" that is useful for troubleshooting the Red Hat Network Satellite. Tracebacks are automatically generated when a critical error occurs and are mailed to the individual(s) designated in the Red Hat Network Satellite's configuration file.
1.4. Summary of Steps
Obtaining Satellite
- After an evaluation, contact your Red Hat sales representative to purchase Red Hat Network Satellite.
- Receive a Red Hat Network Entitlement Certificate and login information for Red Hat Network from your sales representative.
- Log into the Red Hat Network website (rhn.redhat.com) and download the distribution ISOs for Red Hat Enterprise Linux 5 or 6 and Red Hat Network Satellite. These can be found within the Downloads tab of the respective Channel Details pages. Refer to the Red Hat Network Reference Guide for instructions.
- While still logged into the Red Hat Network website, download the Channel Content ISOs to be served by your Satellite, also available through the Downloads tab of your Satellite's Channel Details page. These Channel Content ISOs differ from the distribution ISOs previously mentioned in that they contain metadata necessary for parsing and serving packages by Satellite.
Preparing Satellite
- Check your software requirements. See Section 2.1, “Software Requirements”.
- If installing a Stand-Alone Database, check your hardware fits the requirements in Section 2.2, “Stand-Alone Database Requirements” and prepare your database instance using the formula provided in Section 2.2.3, “Database Requirements for Stand-Alone Database Installations”.
- If installing an Embedded Database, check that your hardware fits the requirements in Section 2.3, “Embedded Database Requirements”.
Installing Satellite
- Install Red Hat Enterprise Linux on the machine to be the Satellite.
- Check any pre-installation steps before installing Red Hat Network Satellite.
- Mount the Red Hat Network Satellite installation media and run the script.
- Follow the prompts as outlined in the installation instructions.
- Open the Satellite's hostname in a web browser and create the first user account. This will be the Satellite Administrator's (also referred to as the Organization Administrator) account.
- Finalize Satellite with any post-installation steps.
Initial Use
- Use the Red Hat Network Satellite Synchronization Tool to import the channels and associated packages into the Satellite.
- Register a representative machine for each distribution type or channel (such as Red Hat Enterprise Linux 5 or 6) to the Satellite.
- Copy (using
scp
)rhn_register
configuration files from the/etc/sysconfig/rhn/
directory of each machine individually to the/pub/
directory on the Satellite. Therhn-org-trusted-ssl-cert-*.noarch.rpm
will already be there. - Download and install from the Satellite the configuration files and
rhn-org-trusted-ssl-cert-*.noarch.rpm
on the remaining client systems of the same distribution type. Repeat this and the previous step until all distribution types are complete. - Through the Satellite's website, create an Activation Key for each distribution aligned to the appropriate base channel. At this point, system groups and child channels may also be predefined.
- Run the Activation Key from the command line (
rhnreg_ks
) of each client system. Note that this step can be scripted to batch register and reconfigure all remaining client systems in a distribution. - Record all relevant usernames, passwords and other login information and store in multiple secure places.
- Now that the Satellite is populated with standard Red Hat channels and packages and all clients are connected to it, you may begin creating and serving custom channels and packages. Once the custom RPMs are developed, you can import them into the Satellite using Red Hat Network Push and add custom channels in which to store them through the Satellite's website. Refer to the Red Hat Network Channel Management Guide for details.
Chapter 2. Requirements
2.1. Software Requirements
- Base operating system
- Red Hat Network Satellite is supported with Red Hat Enterprise Linux 5 and 6. The operating system can be installed from disc, local ISO image, kickstart, or any of the methods supported by Red Hat. Red Hat Enterprise Linux installations require the
@Base
package group with no other package-set modifications, and without third-party configurations or software that is not directly necessary for the direct operation of the server. This restriction includes hardening or other non-Red Hat security software. If such software is required in your infrastructure, first install and verify a complete working Satellite first, and then make a backup of the system before adding any non-Red Hat software.When installing a new Red Hat Network Satellite, it is recommended that the latest supported update to Red Hat Enterprise Linux is installed.Satellite can be installed on Red Hat Enterprise Linux 5 or 6 in any virtualized environment supported by Red Hat, including Xen, KVM, and VMware. Functional support for virtualized environments does not always equal the same performance of running on physical hardware. Make sure to consider your virtualized environment's performance and implement any recommended tuning guidelines.When installing Red Hat Enterprise Linux 5 or 6 from CD or ISO image, there is no need to select any package groups, only the base install is required. When installing either operating system via kickstart, select the@Base
package group.Important
Each purchased Satellite product includes one supported instance of Red Hat Enterprise Linux Server. Install Satellite on a fresh installation of Enterprise Linux where Satellite is the only application and service provided by the OS. Using the Red Hat Enterprise Linux OS included with Satellite to run other daemons, applications, or services within your environment is not supported.Important
The Satellite base operating system requires registration to Red Hat Network Classic using Red Hat Network Client. Satellite installation fails when registering the system with Red Hat Subscription Manager. - Satellite installation disc or ISO
- This contains the Satellite Installer. All packages required in order to support Satellite are installed automatically, and require no intervention from the user.
Important
Additional packages beyond@Base
are required to install Red Hat Network Satellite. The Satellite installer will prompt you to either install the listed packages or ask if you want it to download the files from Red Hat Network. If your system is not registered to Red Hat Network, you should have the Red Hat Enterprise Linux installation media available during the Satellite installation process to install these additional packages as needed.The files necessary for Satellite installation are listed in therhelrpms
file located in theupdates
directory on the Satellite installation ISO image.Ensure that your Satellite host system is also subscribed to the Red Hat Enterprise Linux Optional channel to resolve package dependencies during installation. - Channel content
- All software packages and data exported for all entitled Red Hat channels. This content is loaded directly on the Satellite after installation using the Red Hat Network Satellite Synchronization Tool.
2.2. Stand-Alone Database Requirements
2.2.1. x86_64 Hardware Requirements for Stand-Alone Database Installations
Table 2.1. Stand-Alone Database Satellite Hardware Requirements
Required | Recommended |
---|---|
Intel Core processor, 2.4GHz, 512K cache or equivalent | Intel multi-core processor, 2.4GHz dual processor, 512K cache or equivalent |
2 GB of memory | 8 GB of memory |
5 GB storage for base install of Red Hat Enterprise Linux | At least 30 GB storage per software channel (including Base and child channels), in /var/satellite/ , configurable at install |
An external SAN for more reliable backups |
2.2.2. s/390 Hardware Requirements for Stand-Alone Database Installations
Table 2.2. Stand-Alone Database Satellite Hardware Requirements for s/390 Platform
Required | Recommended |
---|---|
1 IFL, either in LPAR configuration or shared through z/VM | 2+ IFLs on z9 or earlier, 1+ IFL on z10 |
2 GB of memory | 8 GB of memory |
1 GB swap on ECKD DASD | 512 MB swap on VDISK + 1 GB swap on ECKD DASD |
1xMod3 ECKD DASD or ≥ 2 GB FCP SCSI LUN for OS install | 1xMod9 ECKD DASD or ≥ 2 GB multipathed FCP SCSI LUN for Red Hat Enterprise Linux installation |
At least 30 GB storage per software channel (including Base and child channels), in /var/satellite/ , configurable at install | |
z/VM 5.3 or later[a] | |
VSWITCH or Hipersocket LAN for high speed connections to guests | |
[a]
z/VM required for kickstart/provisioning of guests.
|
2.2.3. Database Requirements for Stand-Alone Database Installations
Important
- 250 KiB per client system
- 500 KiB per channel, plus 230 KiB per package in the channel (so a channel with 5000 packages would require 1.1 Gib)
- The number of public Red Hat packages imported (typical: 5000)
- The number of private packages to be managed (typical: 500)
- The number of systems to be managed (typical: 1000)
- The number of packages installed on the average system (typical: 500)
- ALTER SESSION
- CREATE SEQUENCE
- CREATE SYNONYM
- CREATE TABLE
- CREATE VIEW
- CREATE PROCEDURE
- CREATE TRIGGER
- CREATE TYPE
- CREATE SESSION
- Security Identifier (SID)
- Listener Port
- Username
- UTF-8 character set
- Uniform Extent Size
- Auto Segment Space Management
Important
2.3. Embedded Database Requirements
2.3.1. x86_64 Hardware Requirements for Embedded Database Installations
Table 2.3. Embedded Database Satellite Hardware Requirements
Required | Recommended |
---|---|
Intel Core processor, 2.4GHz, 512K cache or equivalent | Intel multi-core processor, 2.4GHz dual processor, 512K cache or equivalent |
2 GB of memory | 8 GB of memory |
5 GB storage for base install of Red Hat Enterprise Linux | At least 30 GB storage per software channel (including Base and child channels), in /var/satellite/ , configurable at install |
An external SAN for more reliable backups | |
12 GB storage for the database repository, in the /rhnsat partition (local storage only) | |
a SCSI drive connected to a level 5 RAID (strongly recommended) | |
Separate partition (or better, a separate set of physical disks) for storing backups, which can be any directory specifiable at backup time |
2.3.2. s/390 Hardware Requirements for Embedded Database Installations
Table 2.4. Embedded Database Satellite Hardware Requirements for s/390 Platform
Required | Recommended |
---|---|
1 IFL, either in LPAR configuration or shared through z/VM | 2+ IFLs on z9 or earlier, 1+ IFL on z10 |
2 GB of memory | 8 GB of memory |
1 GB swap on ECKD DASD | 512 MB swap on VDISK + 1 GB swap on ECKD DASD |
1xMod3 ECKD DASD or ≥ 2 GB FCP SCSI LUN for OS install | 1xMod9 ECKD DASD or ≥ 2 GB multipathed FCP SCSI LUN for Red Hat Enterprise Linux installation |
Estimated 12 GB disk space for embedded database | At least 30 GB storage per software channel (including Base and child channels), in /var/satellite/ , configurable at install |
z/VM 5.3 or later[a] | |
VSWITCH or Hipersocket LAN for high speed connections to guests | |
[a]
z/VM required for kickstart/provisioning of guests.
|
2.4. Additional Requirements
2.4.1. Firewall
Table 2.5. Ports to open on the Satellite
Port | Protocol | Direction | Reason |
---|---|---|---|
67 | TCP/UDP | Inbound | Open this port to configure the Satellite system as a DHCP server for systems requesting IP addresses. |
69 | TCP/UDP | Inbound | Open this port to configure Satellite as a PXE server and allow installation and re-installation of PXE-boot enabled systems. |
80 | TCP | Outbound | Satellite uses this port to reach Red Hat Network. |
80 | TCP | Inbound | Web UI and client requests come in via http. |
443 | TCP | Inbound | Web UI and client requests come in via https. |
443 | TCP | Outbound | Red Hat Network Satellite uses this port to reach Red Hat Network (unless running in a disconnected mode for Satellite). |
4545 | TCP | Inbound and Outbound | Red Hat Network Satellite Monitoring makes connections to rhnmd running on client systems, if Monitoring is enabled and probes are configured for registered systems. |
5222 | TCP | Inbound | If you plan to push actions to client systems. |
5269 | TCP | Inbound and Outbound | If you push actions to or via an Red Hat Network Proxy Server. |
2.4.2. SELinux Policy
enforcing
or permissive
mode on Red Hat Enterprise Linux 5 and 6. SELinux is a set of secure software policies that implement mandatory access control to Red Hat Enterprise Linux and other operating systems. Users can have SELinux in enforcing
or permissive
mode with the targeted
policy set during installation of Proxy or Satellite.
2.4.3. DMZ Proxy Solution
rhn.redhat.com
, xmlrpc.rhn.redhat.com
, and satellite.rhn.redhat.com
). To ensure correct functioning of the satellite system, do not restrict access to these hosts and ports. If required, an http or https proxy can be used, by issuing the satellite-sync --http-proxy
command.
rhnmd
running on client systems if Monitoring is enabled and probes are configured for registered systems.
jabberd
service on Satellite and Proxy, respectively. In addition, it needs to allow inbound connections on port 5222 from client systems directly registered to the Satellite. This is used for one-way (client to server) communications between the osad
service on client systems and the jabberd
service on the Satellite.
2.4.4. Synchronized System Times
2.4.5. Setting System Language and Locale
/etc/sysconfig/i18n
file. The LANG
setting in the file must be in the following format:
LANG="[language_TERRITORY].UTF-8"
language
and TERRITORY
are entered as two-letter codes. For example if your language is English and your locale is the United States, you set your LANG
setting to en_US.UTF-8
.
2.4.6. Fully Qualified Domain Name (FQDN)
Important
jabberd
to fail.
2.4.7. Functioning Domain Name Service (DNS)
2.4.8. Entitlement Certificate
2.4.9. Red Hat Network Account
Warning
- Red Hat Developer Suite
- Red Hat Application Server
- Red Hat Extras
- JBoss product channels
2.4.10. Backups of Login Information
2.4.11. Channel Content ISOs
Note
@base
to be installed, then the installation program will exit. This allows you to install those packages. You may want to use the installation ISO image or DVD media to create a repository for those additional packages, and then rerun the Satellite installer.
2.4.12. Service Access
chkconfig
.
- jabberd
- oracle (for Embedded Database Installation)
- tomcat5 (for installation on Red Hat Enterprise Linux 5)
- tomcat6 (for installation on Red Hat Enterprise Linux 6)
- httpd
- osa-dispatcher
- Monitoring
- MonitoringScout
- rhn-search
- cobblerd
- taskomatic
2.4.13. Additional Documentation
- The Red Hat Network Client Configuration Guide — This guide explains how to configure the systems to be served by an Red Hat Network Proxy Server or Red Hat Network Satellite. (This will also likely require referencing The Red Hat Network Reference Guide, which contains steps for registering and updating systems.)
- The Red Hat Network Channel Management Guide — This guide identifies the recommended methods for building custom packages, creating custom channels, and managing private errata.
- The Red Hat Network Reference Guide — This guide describes how to create Red Hat Network accounts, register and update systems, and use the Red Hat Network website to its utmost potential. This guide will probably come in handy throughout the installation and configuration process.
Chapter 3. Example Topologies
- The total number of client systems to be served by the Red Hat Network Satellite.
- The maximum number of clients expected to connect concurrently to the Red Hat Network Satellite.
- The number of custom packages and channels to be served by the Red Hat Network Satellite.
- The number of Red Hat Network Satellites being used in the customer environment.
- The number of Red Hat Network Proxy Servers being used in the customer environment.
3.1. Single Satellite Topology
Figure 3.1. Single Satellite Topology
3.2. Multiple Satellite Horizontally Tiered Topology
rhn-satellite-exporter
and satellite-sync -m
commands. Alternatively, the Inter-Satellite Sync 2 feature is designed for this purpose.
Figure 3.2. Multiple Satellite Horizontally Tiered Topology
3.3. Satellite-Proxy Vertically Tiered Topology
Figure 3.3. Satellite-Proxy Vertically Tiered Topology
Chapter 4. Installation
4.1. Prerequisites
4.1.1. Base Operation System
- Allocate plenty of space to the partitions storing data. The default location for channel packages is
/var/satellite/
. For Red Hat Network Satellite with Embedded Database, remember the database RPMs go in the/opt/
partition, while the database itself is built in/rhnsat/
. - Enable Network Time Protocol (NTP) on the Satellite and separate database, if it exists, and select the appropriate time zone. All client systems should already be running the
ntpd
daemon and be set to the correct time zone. - It is strongly advised that the
/home/
partition is locally mounted. - Register to Red Hat Network Classic. Once installation of the base operating system is complete, run the following command to register your system:
# rhn_register
4.1.2. Mounting the Installation Media
Procedure 4.1. Mounting from a CD
- Log into the machine as
root
. - Insert the Red Hat Network Satellite Server CD containing the installation files.
- Red Hat Enterprise Linux might automount the CD. If so, it mounts the CD to the
/media/cdrom/
directory. If Red Hat Enterprise Linux does not automount the CD, manually mount it to the/media/cdrom/
directory with the following command:# mkdir /media/cdrom # mount /dev/cdrom /media/cdrom
Procedure 4.2. Mounting from an ISO image
- Log into the machine as
root
. - Download the ISO image from the Red Hat Network website.
- Mount the ISO image from within the directory containing it using the command:
# mkdir /media/cdrom # mount -o loop iso_filename /media/cdrom
/media/cdrom/
. Use this location to access the Red Hat Network Satellite installation script.
4.1.3. Obtaining an Entitlement Certificate
Important
4.2. Pre-Installation
/media/cdrom/
. The installation media contains the install.pl
installer script.
4.2.1. Options for the Installer Script
install.pl
installer script:
Table 4.1. Installation Options
Option | Usage |
---|---|
--help | Print this help message. |
--answer-file=<filename> | Indicates the location of an answer file to be use for answering questions asked during the installation process. |
--non-interactive | For use only with --answer-file . If the --answer-file does not provide a required response, exit instead of prompting the user. |
--re-register | Register the system with Red Hat Network, even if it is already registered. |
--external-db | Install Satellite with a Stand-Alone Database |
--disconnected | Install the satellite in disconnected mode. |
--clear-db | Clear any pre-existing database schema before installing. This will destroy any data in the Satellite database and re-create empty Satellite schema. |
--skip-system-version-test | Do not test the Red Hat Enterprise Linux version before installing. |
--skip-selinux-test | Do not check to make sure SELINUX is disabled. |
--skip-fqdn-test | Do not verify that the system has a valid hostname. Red Hat Network Satellite requires that the hostname be properly set during installation. Using this option may result in a Satellite server that is not fully functional. |
--skip-db-install | Do not install the embedded database. This option may be useful if you are reinstalling the satellite, and do not want to clear the database. |
--skip-db-diskspace-check | Do not check to make sure there is enough free disk space to install the embedded database. |
--skip-db-population | Do not populate the database schema. |
--skip-gpg-key-import | Do not import Red Hat's GPG key. |
--skip-ssl-cert-generation | Do not generate the SSL certificates for the Satellite. |
--run-updater | Do not ask to install needed packages from Red Hat Network, if the system is registered. |
4.2.2. Automated Red Hat Network Satellite Server Installation
answers.txt
file found in the install/
directory of the CD or ISO.
Procedure 4.3. Installing with an Answers File
- Copy the example
answers.txt
file to/tmp/answers.txt
# cp answers.txt /tmp/answers.txt
- Edit the file and add your organization's desired options.
- Once the answer file is ready, use the
--answer-file
option when starting the installation process from the command line:# ./install.pl --answer-file=/tmp/answers.txt
The Red Hat Network Satellite Installation Program then looks for answers in the file. For any option not filled out in the file, the Installer Program prompts the user for the missing information.
4.2.3. Installing Behind a HTTP Proxy: Pre-Configuration
rhn.conf
to control its connection settings, there is no way to add options to that file prior to installation of Red Hat Network Satellite. If your network is behind an HTTP proxy in your organization, you cannot activate the Red Hat Network Satellite at installation time. A workaround to this issue is to first perform a disconnected installation of Red Hat Network Satellite, then switch the configuration to a connected method after installation is completed. The following demonstrates how to create a connected Red Hat Network Satellite installation behind an HTTP proxy:
Procedure 4.4. Installing Satellite behind an HTTP Proxy - Pre-Configuration
- Complete a minimal installation of Red Hat Enterprise Linux 5 or 6.
- Configure the system so that it can connect to Red Hat Network behind the HTTP proxy. Edit the file
/etc/sysconfig/rhn/up2date
as follows:enableProxy=1 enableProxyAuth=1 httpProxy=<http-proxy-fqdn> proxyUser=<proxy-username> proxyPassword=<proxy-password>
- Register the system to Red Hat Network.
- Begin the installation of Red Hat Network Satellite with the disconnected option:
./install.pl --disconnected
4.3. Installer Script Process
/media/cdrom/
. The installation media contains the install.pl
installer script.
4.3.1. Running the Installer Script
root
user.
Warning
Procedure 4.5. Running Installer Script
- Run the installer script with an option to install with either Embedded Database or Stand-Alone Database.
- Embedded Database - From the
/media/cdrom/
directory, enter the following command to start the Red Hat Network Satellite Installation Program:# ./install.pl
- Stand-Alone Database - From the
/media/cdrom/
directory, enter the following command to start the Red Hat Network Satellite Installation Program:# ./install.pl --external-db
- The script first runs through a pre-requisite check. These checks make certain that all prerequisites from Chapter 2, Requirements are met before proceeding with the installation.
* Starting the Red Hat Network Satellite installer. * Performing pre-install checks. * Pre-install checks complete. Beginning installation.
- The Satellite is then registered with Red Hat Network Classic and all required packages are installed and updated.
* RHN Registration * Installing updates. * Installing RHN packages.
4.3.2. Database Configuration
tail
in a separate window to monitor the /var/log/rhn/install_db.log
file.
If you are installing Red Hat Network Satellite with an Embedded Database, this process is automatic.
** Database: Setting up database connection for Oracle backend. ** Database: Testing database connection. ** Database: Populating database. *** Progress: ######
If you are installing Red Hat Network Satellite with a Stand-Alone Database, the installer asks for connection details to your Stand-Alone Database.
** Database: Setting up database connection for Oracle backend. Database service name (SID)? orcl Database hostname [localhost]? 10.5.63.161 Username? satuser Password? ******** ** Database: Testing database connection. ** Database: Populating database. *** Progress: ######
4.3.3. Initial Configuration
/root/.gnupg/
directory, if required.
* Setting up environment and users. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory
Important
# rpm --import /media/RHEL/RPM-GPG-KEY-redhat-release
You must enter an email address. Admin Email Address? admin@example.com * Performing initial configuration.
4.3.4. Entitlement Certificate Configuration
* Activating Satellite. Where is your satellite certificate file? /root/example.cert ** Loading RHN Satellite Certificate. ** Verifying certificate locally. ** Activating RHN Satellite.
4.3.5. CA Certificate Configuration
- CA cert
- Enter a password for the certificate.
- Organization
- Enter the name of your organization.
- Organization Unit
- Enter the name of your department within your organization.
- Email Address
- Enter an email address to be associated with this certificate, such as the admin email entered in the steps above.
- City
- Enter the city where the Satellite resides.
- State
- Enter the state where the Satellite resides.
- Country
- Enter the country where the Satellite resides. The country code must be exactly two letters, or the certificate generation fails. Type
?
to see a list of country codes.
* Final configuration. * Restarting services. Installation complete. Visit https://your-satellite.example.com to create the satellite administrator account.
4.4. Post-Installation
4.4.1. Installing Behind a HTTP Proxy: Post-Configuration
/etc/rhn/rhn.conf
file:
server.satellite.http_proxy = <http-proxy-fqdn> server.satellite.http_proxy_username = <proxy-username> server.satellite.http_proxy_password = <proxy-password> disconnected=0
/etc/rhn/rhn.conf
file to include the parent parameter satellite.rhn.redhat.com
:
server.satellite.rhn_parent = satellite.rhn.redhat.com
Note
Administrator
privileges. Browse to Admin → Red Hat Network Satellite Configuration → General. From here, enter the HTTP Proxy settings, and toggle the Disconnected Red Hat Network Satellite option.
service rhn-satellite restart
rhn-satellite-activate --rhn-cert=<path-to-cert>
4.4.2. Create Admin User
Figure 4.1. Admin Account Creation
4.4.3. Finalize Configuration
Figure 4.2. Final Configuration Prompt
4.4.3.1. General Configuration
Figure 4.3. General Configuration
4.4.3.2. Certificate
Figure 4.4. Certificate
4.4.3.3. Bootstrap
/var/www/html/pub/bootstrap/
directory of the Satellite, significantly reduces the effort involved in reconfiguring all systems, which by default obtain packages from the central Red Hat Network Servers. The required fields are pre-populated with values derived from previous installation steps. Ensure this information is accurate.
Figure 4.5. Bootstrap
4.4.4. Organizations
Figure 4.6. Organizations
4.4.5. Restart
Figure 4.7. Restart
4.4.6. Cobbler Rebuild
Figure 4.8. Cobbler
4.4.7. Message Transfer Agent (MTA) Configuration
4.4.7.1. Sendmail
- Create a symbolic link allowing sendmail to run the notification enqueuer with the following command:
# ln -s /usr/bin/ack_enqueuer.pl /etc/smrsh/.
- Edit the
/etc/aliases
file on the mail server and add the following line:rogerthat01: | /etc/smrsh/ack_enqueuer.pl
- Edit the
/etc/mail/sendmail.mc
file and change:"DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl"
to:"DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl"
- Process the alias with the following command:
# newaliases
- Update the
sendmail-cf
package:# yum update sendmail-cf
- Restart sendmail:
# service sendmail restart
4.4.7.2. Postfix
- Create a symbolic link allowing postfix to run the notification enqueuer with the following command:
# ln -s /usr/bin/ack_enqueuer.pl /etc/smrsh/.
- Edit the
/etc/aliases
file on the mail server and add the following line:rogerthat01: | /etc/smrsh/ack_enqueuer.pl
- Ensure the following line exists in your
/etc/postfix/main.cf
file and change:inet_interfaces = all
- Process the alias with the following command:
# newaliases
- Restart sendmail:
# service postfix restart
4.4.8. MySQL Installation for Monitoring
mysql-server
package either through the Red Hat Network website or by yum
.
mysql-server
package to be installed and run successfully. Once finished, your Satellite may be used to schedule MySQL probes.
Chapter 5. Entitlements
5.1. Red Hat Network Satellite Activate
rhn-satellite-activate
). This is included with the Satellite installation as part of the spacewalk-backend-tools
package.
rhn-satellite-activate
tool offers a handful of command line options for activating a Satellite using its Red Hat Network Entitlement Certificate:
Table 5.1. Red Hat Network Entitlement Certificate Options
Option | Description |
---|---|
-h , --help | Display the help screen with a list of options. |
--sanity-only | Confirm certificate sanity. Does not activate the Satellite locally or remotely. |
--disconnected | Activates locally but not on remote Red Hat Network Servers. |
--rhn-cert=/PATH/TO/CERT | Uploads new certificate and activates the Satellite based upon the other options passed (if any). |
--systemid=/PATH/TO/SYSTEMID | For testing only - Provides an alternative system ID by path and file. The system default is used if not specified. |
--no-ssl | For testing only - Disable SSL. |
rhn-satellite-activate
command.
5.2. Activate Satellite with a New Entitlement Certificate
- Validate the Red Hat Network Entitlement Certificate's sanity (or usefulness).
- Activate the Satellite locally by inserting the Red Hat Network Entitlement Certificate into the local database.
- Activate the Satellite remotely by inserting the Red Hat Network Entitlement Certificate into the central Red Hat Network (remote) database. This is typically accomplished during local activation but may require a second step if you chose the
--disconnected
option.
rhn-satellite-activate --sanity-only --rhn-cert=/path/to/demo.cert
rhn-satellite-activate --disconnected --rhn-cert=/path/to/demo.cert
rhn-satellite-activate --rhn-cert=/path/to/demo.cert
5.3. Satellite Entitlement Certificate Expiration
- The Satellite remains active.
- Each user that logs into the Satellite sees a banner on their Overview page that explains that the Satellite certificate has expired.
- Once a day, for all seven days, the Satellite Administrator's email receives notification that the certificate has expired.
Chapter 6. Content and Synchronization
- The Red Hat Network Satellite installation must have been performed successfully.
- The Red Hat Network Channel Content ISOs or Red Hat Network Satellite Exporter data must be available, or the Satellite must have access to the Internet and the Red Hat Network website.
6.1. Red Hat Network Satellite Synchronization Tool
satellite-sync
) enables an Red Hat Network Satellite to update its database metadata and RPM packages with various sources.
Important
satellite-sync
imports a large amount of data, especially on newly installed Satellite servers. If your database has performance issues after a significant amount of data changes, consider gathering statistics on the database. Refer to Section 9.4, “Using RHN DB Control” for more information.
# satellite-sync
channel-families
— Import/synchronize channel family (architecture) data.channels
— Import/synchronize channel data.rpms
— Import/synchronize RPMs.packages
— Import/synchronize full package data for those RPMs retrieved successfully.errata
— Import/synchronize errata information.
rpms
step will automatically ensure the channels
and channel-families
steps take place first. To initiate an individual step, use the --step
option.
# satellite-sync --step=rpms
--step
, the Red Hat Network Satellite Synchronization Tool provides other command line options. To use them, insert the option and the appropriate value after the satellite-sync
command when launching import/synchronization.
Table 6.1. satellite-sync
Options
Option | Description |
---|---|
-h , --help | Display this list of options and exit. |
-d= , --db=DB | Include alternate database connect string: username/password@SID. |
-m= , --mount-point=MOUNT_POINT | Import/sync from local media mounted to the Satellite. To be used in closed environments (such as those created during disconnected installs). |
--list-channels | List all available channels and exit. |
-c CHANNEL , --channel=CHANNEL_LABEL | Process data for this channel only. Multiple channels can be included by repeating the option. If no channels are specified, the Satellite updates all channels. |
-p, --print-configuration | Print the current configuration and exit. |
--no-ssl | Not Advisable - Turn off SSL. |
--step=STEP_NAME | Perform the sync process only to the step specified. Typically used in testing. |
--no-rpms | Do not retrieve actual RPMs. |
--no-packages | Do not process full package data. |
--no-errata | Do not process errata information. |
--no-kickstarts | Do not process kickstart data (provisioning only). |
--force-all-packages | Forcibly process all package data without conducting a diff. |
--debug-level=LEVEL_NUMBER | Override the amount of messaging sent to log files and generated on the screen set in /etc/rhn/rhn.conf , 0-6 (2 is default). |
--email | Email a report of what was imported/synchronized to the designated recipient of traceback email. |
--traceback-mail=TRACEBACK_MAIL | Direct sync output (from --email ) to this email address. |
-s= , --server=SERVER | Include the hostname of an alternative server to connect to for synchronization. |
--http-proxy=HTTP_PROXY | Add an alternative HTTP proxy server in the form hostname:port. |
--http-proxy-username=PROXY_USERNAME | Include the username for the alternative HTTP proxy server. |
--http-proxy-password=PROXY_PASSWORD | Include the password for the alternative HTTP proxy server. |
--ca-cert=CA_CERT | Use an alternative SSL CA certificate by including the full path and filename. |
--systemid=SYSTEM_ID | For debugging only - Include path to alternative digital system ID. |
--batch-size=BATCH_SIZE | For debugging only - Set maximum batch size in percent for XML/database-import processing. Open man satellite-sync for more information. |
6.2. Synchronization with Local Media
6.2.1. Preparing for Import from Local Media
Procedure 6.1. Obtain the Channel Content ISOs
- Log into the Web UI.
- Click Channels in the top navigation bar.
- Click on the Red Hat Network Satellite channel. Ensure you select the Satellite channel that corresponds to your version of Satellite.
- Click the Downloads tab and use the instructions on the page to obtain the Channel Content ISOs, available by version of Red Hat Enterprise Linux.
- If the desired Channel Content ISOs do not appear, ensure your Red Hat Network Entitlement Certificate has been uploaded to Red Hat Network and correctly identifies the target channels.
Procedure 6.2. Mount and copy Channel Content ISOs
- Log into the machine as root.
- Create a directory in
/mnt/
to store the file(s) with the command:# mkdir /mnt/import/
- Mount the ISO file using the following command:
# mount [iso_filename] /mnt/import -o loop
- Create a target directory for the files:
# mkdir /var/rhn-sat-import/
- This sample command assumes the administrator wants to copy the contents of the ISO (mounted in
/mnt/import/
) into/var/rhn-sat-import/
:# cp -ruv /mnt/import/* /var/rhn-sat-import/
- Then unmount
/mnt/import
in preparation for the next ISO:# umount /mnt/import
- Repeat these steps for each Channel Content ISO of every channel to be imported.
6.2.2. Import from Local Media
/var/rhn-sat-import
.
- List the channels available for import.
# satellite-sync --list-channels --mount-point /var/rhn-sat-import
- Initiate the import of a specific channel using a channel label presented in the previous list.
# satellite-sync -c [channel-label] --mount-point /var/rhn-sat-import
Note
Importing package data can take up to two hours per channel. Register systems to channels as soon as they appear in the Red Hat Network Satellite Web Interface. No packages are necessary for registration, although updates cannot be retrieved from the Satellite until the channel is completely populated. - Repeat this step for each channel or include them all within a single command by passing each channel label preceded by an additional
-c
flag, like so:# satellite-sync -c [channel-label-1] -c [channel-label-2] --mount-point /var/rhn-sat-import
# cd /var/rhn-sat-import/; ls -alR | grep rpm
/var/rhn-sat-import/
repository.
6.3. Synchronization via Satellite Export
rhn-satellite-exporter
) tool exports Satellite content in an XML format, which a user imports into another identical Satellite. Export the content into a chosen directory with the -d
option, transport the directory to another Satellite, and use the Red Hat Network Satellite Synchronization Tool to import the contents. This synchronizes the two Satellites.
- Channel Families
- Architectures
- Channel metadata
- Blacklists
- RPMs
- RPM metadata
- Errata
- Kickstarts
- The Satellite installation must have been performed successfully.
- There must be sufficient disk space in the directory specified in the
--dir
option to contain the exported contents.
6.3.1. Performing an Export
# rhn-satellite-exporter --dir=/var/rhn-sat-export --no-errata
rsync
or scp -r
.
rhn-satellite-exporter
command.
Table 6.2. Red Hat Network Satellite Exporter Options
Option | Description |
---|---|
-d, --dir= | Place the exported information into this directory. |
-cCHANNEL_LABEL , --channel=CHANNEL_LABEL | Process data for this specific channel (specified by label) only. NOTE: the channel's *label* is NOT the same as the channel's *name*. |
--list-channels | List all available channels and exit. |
--list-steps | List all of the steps that rhn-satellite-exporter takes while exporting data. These can be used as values for --step. |
-p --print-configuration | Print the configuration and exit. |
--print-report | Print a report to the terminal when the export is complete. |
--no-rpms | Do not retrieve actual RPMs. |
--no-packages | Do not export RPM metadata. |
--no-errata | Do not process errata information. |
--no-kickstarts | Do not process kickstart data (provisioning only). |
--debug-level=LEVEL_NUMBER | Override the amount of messaging sent to log files and generated on the screen set in /etc/rhn/rhn.conf , 0-6 (2 is default). |
--start-date=START_DATE | The start date limit that the last modified dates are compared against. Must be in the format YYYYMMDDHH24MISS (for example, 20071225123000 ) |
--end-date=END_DATE | The end date limit that the last modified dates are compared against. Must be typed in the format YYYYMMDDHH24MISS (for example, 20071231235900 ) |
--make-isos=MAKE_ISOS | Create a channel dump ISO directory called satellite-isos (for example, --make-isos=cd or dvd |
--email | Email a report of what was exported and what errors may have occurred. |
--traceback-mail=EMAIL | Alternative email address for --email. |
--db=DB | Include alternate database connect string: username/password@SID. |
--hard-links | Export the RPM and kickstart files with hard links to the original files. |
rhn-satellite-exporter
to export data is dependent on the number and size of the channels being exported. Using the --no-packages
, --no-kickstarts
, --no-errata
, and --no-rpms
options reduces the amount of time required for rhn-satellite-exporter
to run, but also prevents potentially useful information from being exported. For that reason, these options should only be used when you are certain that you will not need the content that they exclude. Additionally, you must use the matching options for satellite-sync
when importing the data. For example, if you use --no-kickstarts
with rhn-satellite-exporter
you must specify the --no-kickstarts
option when importing the data.
6.3.2. Moving Red Hat Network Satellite Exporter Content
Procedure 6.3. Moving Exporter Content
- Log into the machine as root.
- Create a target directory for the files, such as:
# mkdir /var/rhn-sat-import/
- Make the export data available on the local machine in the directory created in the previous step. This can be done by copying the data directly, or by mounting the data from another machine using NFS. Copy the data into the new directory with the following command:
# scp -r root@storage.example.com:/var/rhn-sat-export/* /var/rhn-sat-import
6.3.3. Performing an Import
/var/rhn-sat-import
.
- List the channels available for import with the command:
# satellite-sync --list-channels --mount-point /var/rhn-sat-import
- Initiate the import of a specific channel using a channel label presented in the previous list. Run the following command :
# satellite-sync -c [channel-label] --mount-point /var/rhn-sat-import
Note
Importing package data can take up to two hours per channel. You may begin registering systems to channels as soon as they appear in the Red Hat Network Satellite's website. No packages are necessary for registration, although updates cannot be retrieved from the Satellite until the channel is completely populated.Repeat this step for each channel or include them all within a single command by passing each channel label preceded by an additional-c
flag:# satellite-sync -c channel-label-1 -c channel-label-2 -mount-point /var/rhn-sat-import
- The population of channels is complete. Verify all of the packages are moved out of the repository with the following command:
# cd /var/rhn-sat-import/; ls -alR | grep rpm
This count will be zero if all RPMs have been installed and moved to their permanent locations. Remove the temporary/var/rhn-sat-import/
repository:# rm -rf /var/rhn-sat-import
6.4. Synchronization with Red Hat Network
satellite-sync
command also synchronizes a connected Red Hat Network Satellite with Red Hat Network. This updates database metadata and RPM packages from the Red Hat Network servers.
Procedure 6.4. Synchronize with Red Hat Network
- List available channels on your connected Red Hat Network Satellite using the
--list-channels
command.# satellite-sync --list-channels
- Synchronize with a Red Hat Network channel using the
-c
option.# satellite-sync -c [channel-label]
satellite-sync
options, see Section 6.1, “Red Hat Network Satellite Synchronization Tool”.
Chapter 7. Inter-Satellite Synchronization
- At least two Red Hat Network Satellite (version 5.3 or greater) servers;
- At least one Red Hat Network Satellite populated with at least one channel; and,
- Master Red Hat Network Satellite SSL certificate available on each of the Slave Red Hat Network Satellites for secure connection.
7.1. Recommended Models for Inter-Satellite Sync
Figure 7.1. Staging Satellite
Figure 7.2. Master Server and Slave Peers that include their own custom content
Figure 7.3. Slave Satellites are maintained exactly as the Master Satellite
7.2. Configuring the Master Red Hat Network Satellite Server
/etc/rhn/rhn.conf
contains the following line:
disable_iss=0
allowed_iss_slaves=
allowed_iss_slaves=slave1.satellite.example.org,slave2.satellite.example.org
rhn.conf
file, restart the httpd
service by issuing the following command:
service httpd restart
7.3. Configuring the Slave Red Hat Network Satellite Servers
/pub/
directory of any Satellite. The file is called RHN-ORG-TRUSTED-SSL-CERT
, but can be renamed and placed anywhere on the Slave Satellite, such as the /usr/share/rhn/
directory.
master.satellite.example.com
with the hostname of the Master Satellite server):
satellite-sync --iss-parent=master.satellite.example.com --ca-cert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT --list-channels
7.4. Using Inter-Satellite Sync
/etc/rhn/rhn.conf
file:
iss_parent = master.satellite.domain.com iss_ca_chain = /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
satellite-sync
command by typing:
# satellite-sync -c your-channel
Note
satellite-sync
command will override any default or customized settings in the /etc/rhn/rhn.conf
file
7.4.1. Syncing between a Development Staging Server and a Production Satellite
Figure 7.4. Syncing from Red Hat Network Hosted and a Satellite Staging Server
satellite-sync -c your-channel
satellite-sync --iss-parent=staging-satellite.example.com -c custom-channel
7.4.2. Bi-directional sync
Figure 7.5. Bi-directional syncing
iss_parent
option in the /etc/rhn/rhn.conf
file of Satellite A to point to the hostname of Satellite B, and do the same for Satellite B to point to Satellite A as the iss_parent
.
7.5. Synchronizing by Organization
orgid
. This targets two sets of users. One is the disconnected Multi-Org case, where the main source of content for the user is either to get content from channel dumps or to export them from connected satellites and import it to the Satellite. The user mainly hosts custom channels from disconnected satellites. If they wish to export custom channels from connected satellites, they can do so by organizational sync.
- If the source content belongs to a base org (any Red Hat content) it will default to the base org even if a destination org is specified. This ensures that the specified content is always in that privileged base org.
- If an org is specified at the command line, it will import content from that org.
- If no org is specified, it will default to org 1.
Example 7.1. Import content from Master to Slave satellite.
# satellite-sync --parent-sat=master.satellite.domain.com -c channel-name --orgid=2
Example 7.2. Import content from an exported dump of a specific org
# satellite-sync -m /dump -c channel-name --orgid=2
Example 7.3. Import content from Red Hat Network Hosted
# satellite-sync -c channel-name
Chapter 8. Upgrades
8.1. Upgrade Requirements
- An updated Satellite certificate;
- Satellite Upgrade Package (
rhn-upgrade
); - New Installation ISO;
Procedure 8.1. Preparing for Satellite Upgrade
Obtain Satellite Certificate
- Obtain a Satellite certificate from the Red Hat Customer Portal at https://access.redhat.com/home under Subscriptions.
- Save this Certificate on your Satellite server.
Obtain Satellite Upgrade Package (
rhn-upgrade
)- Ensure the Satellite is registered to the Red Hat Network Satellite Channel.
- Install the
rhn-upgrade
package with the following commmand:# yum install rhn-upgrade
This package installs scripts and a comprehensive set of instructions for a Satellite upgrade within the/etc/sysconfig/rhn/satellite-upgrade
directory.
Obtain Installation ISO
- Obtain a Red Hat Network Satellite 5.5 ISO from the Red Hat Customer Portal at https://access.redhat.com/home under Downloads.
- Download this ISO to your Satellite server.
8.2. Upgrading a Satellite
Important
/etc/sysconfig/rhn/satellite-upgrade/README
file in the rhn-upgrade
package.
Procedure 8.2. Upgrade a Satellite
- Mount the ISO as specified in Section 4.1.2, “Mounting the Installation Media”
- Change your directory to the mounted ISO and run the Installer Program using the
--upgrade
option.# cd /mount/cdrom # ./install.pl --upgrade
Important
Ensure to use additional options if your Red Hat Network Satellite is disconnected or using a Stand-Alone Database. For more information, read Section 4.2.1, “Options for the Installer Script”. - Disable all services on the Satellite server:
# /usr/sbin/rhn-satellite stop
Important
The next step will upgrade the database schema. Ensure the database is running on your Stand-Alone Database. If using an Embedded Satabase, ensure the database is running via the following command:# service oracle start
- Upgrade the database with
spacewalk-schema-upgrade
:# /usr/bin/spacewalk-schema-upgrade
Important
It is recommended to backup your database before upgrading. - Activate the Satellite. If using a connected Satellite:
# rhn-satellite-activate --rhn-cert [PATH-TO-NEW-CERT] --ignore-version-mismatch
If disconnected, run:# rhn-satellite-activate --rhn-cert [PATH-TO-NEW-CERT] --disconnected --ignore-version-mismatch
- Rebuild search indexes with the following command:
# service rhn-search cleanindex
This command makes therhn-search
service clean search indexes and restart. - Enable Monitoring and Monitoring Scout. To enable Monitoring without enabling Monitoring Scout, run the following command:
# /usr/share/spacewalk/setup/upgrade/rhn-enable-monitoring.pl
To enable both Monitoring and Monitoring Scout, run the following command:# /usr/share/spacewalk/setup/upgrade/rhn-enable-monitoring.pl --enable-scout
- Restart Satellite services:
# /usr/sbin/rhn-satellite restart
Chapter 9. Maintenance
9.1. Managing the Satellite with rhn-satellite
rhn-satellite
. This tool accepts all of the typical commands:
/usr/sbin/rhn-satellite start /usr/sbin/rhn-satellite stop /usr/sbin/rhn-satellite restart /usr/sbin/rhn-satellite reload /usr/sbin/rhn-satellite enable /usr/sbin/rhn-satellite disable /usr/sbin/rhn-satellite status
rhn-satellite
to shut down and bring up the entire Red Hat Network Satellite and retrieve status messages from all of its services at once.
9.2. Updating the Satellite
yum update
on the Red Hat Network Satellite or use the website at https://rhn.redhat.com to apply the updates.
Important
yum update
), Apache may fail. To avoid this, make sure you restart the httpd
service after upgrading it.
Warning
9.3. Backing up the Satellite
/rhnsat/
- Embedded Database only (never to be backed up while the database is running - refer to Section 9.4.2, “Backing up the Database”)/etc/sysconfig/rhn/
/etc/rhn/
/etc/sudoers
/etc/tnsnames.ora
/var/www/html/pub/
/var/satellite/redhat/1
- custom RPMs/root/.gnupg/
/root/ssl-build/
/etc/dhcp.conf
/etc/httpd
/tftpboot/
/var/lib/cobbler/
/var/lib/rhn/kickstarts/
/var/www/cobbler
/var/lib/nocpulse/
/var/satellite/
, as well. In case of failure, this will save lengthy download time. Since /var/satellite/
(specifically /var/satellite/redhat/NULL/
) is primarily a duplicate of Red Hat's RPM repository, it can be regenerated with satellite-sync
. Red Hat recommends the entire /var/satellite/
tree be backed up. In the case of disconnected satellites, /var/satellite/
must be backed up.
satellite-sync
tool. Finally, reinstall the following file:
/root/ssl-build/rhn-org-httpd-ssl-key-pair-MACHINE_NAME-VER-REL.noarch.rpm
Important
rhn-search
service is started:
/etc/init.d/rhn-search cleanindex
9.4. Using RHN DB Control
su - oracle
db-control option
9.4.1. DB Control Options
db-control
command.
Table 9.1. RHN DB Control Options
Option | Description |
---|---|
help | Lists these db-control options with additional details. |
backup DIRNAME | Backs up the database to the directory specified. |
examine DIRNAME | Examines the contents of a backup directory. Returns the timestamp of backup creation and reports on its contents. |
extend | Increase the Red Hat Network Oracle tablespace |
gather-stats PCT | Gather statistics on Red Hat Network Oracle database objects. PCT is the percentage of rows to estimate (the default is 15%). |
report | Reports on current usage of database space. |
report-stats | Reports on segments with stale or empty statistics. |
restore DIRNAME | Restores the database from backup kept in DIRNAME. Database must be stopped for this command to run successfully. |
start | Starts the database instance. This can also be accomplished by issuing the service oracle start command as root. |
shrink-segments | Shrinks Red Hat Network Oracle database segments with signifcant amounts of free space. |
status | Shows the current status of the database, either "running" or "offline". |
stop | Stops the database instance. This can also be accomplished by issuing the service oracle stop command as root. |
tablesizes | Show space report for each table |
verify DIRNAME | Verifies the contents of the backup kept in DIRNAME. This command runs a checksum of each of the files kept in the backup. |
Note
Note
segment-shrink
feature to reclaim fragmented free space in an Oracle Database segment. The benefits of segment-shrink
are compaction of data that leads to better cache utilization and the compacted data requires fewer blocks to be scanned in full table scans, which both lead to better performance.
9.4.2. Backing up the Database
/usr/sbin/rhn-satellite stop
db-control backup DIRNAME
/usr/sbin/rhn-satellite start
9.4.3. Verifying the Backup
db-control examine DIRNAME
db-control verify DIRNAME
9.4.4. Restoring the Database
/usr/sbin/rhn-satellite stop
db-control restore DIRNAME
/usr/sbin/rhn-satellite start
9.5. Cloning the Satellite with Embedded DB
- Install Red Hat Network Satellite with Embedded Database (and a base install of Red Hat Enterprise Linux) on a separate machine, skipping the SSL Certificate generation step.
- Back up the primary Satellite's database daily using the commands described in Section 9.4.2, “Backing up the Database”. If this is done, only changes made the day of the failure will be lost.
- Establish a mechanism to copy the backup to the secondary Satellite and keep these repositories synchronized using a file transfer program such as rsync. Copying is not necessary if using a SAN.
- Use RHN DB Control's
restore
option to import the duplicate data. - If the primary Satellite fails, transfer the SSL key pair RPM package in
/root/ssl-build
from the primary to the secondary Satellite, and install the package. This ensures that Red Hat Network clients can authenticate with and securely connect to the secondary Satellite. - Change DNS to point to the new machine or configure your load balancer appropriately.
9.6. Establishing Redundant Satellites with Stand-Alone Database
Procedure 9.1. Creating Redundant Satellites with Stand-Alone Database
- Prepare the Stand-Alone Database for failover using Oracle's recommendations for building a fault-tolerant database. Consult your database administrator.
- Install Red Hat Network Satellite with Stand-Alone Database on a separate machine, skipping the database configuration, database schema, SSL certificate, and bootstrap script generation steps. Include the same Red Hat Network account and database connection information provided during the initial Satellite install and register the new Satellite. For more information, see Section 4.3, “Installer Script Process”.If your original SSL certificate does not take your high-availability solution into account, create a new one with a more appropriate Common Name value (see 3.2. The RHN SSL Maintenance Tool in the Red Hat Network Satellite Client Configuration Guide). In this case, generate a new bootstrap script (as defined in 5.2. Generating RHN Bootstrap Scripts in the Red Hat Network Satellite Client Configuration Guide) that captures this new value. Ensure the Common Name value represents the combined Satellite solution, not a single machine's hostname.
- After installation, copy the following files from the primary Satellite to the secondary Satellite:
/etc/rhn/rhn.conf
/etc/tnsnames.ora
/var/www/rhns/server/secret/rhnSecret.py
- Copy and install the server-side SSL certificate RPMs from the primary Satellite to the secondary.If you generated a new SSL certificate during Satellite installation that included a new Common Name value, copy the SSL certificate RPMs from the secondary to the primary Satellite and redistribute the client-side certificate. If you also created another bootstrap script, use it to install the certificate on client systems.
- If you did not create a new bootstrap script, copy the contents of
/var/www/html/pub/bootstrap/
from the primary Satellite to the secondary. If you did generate a new one, copy that directory's contents to the primary Satellite. - Turn off the Red Hat Network Task Engine on the secondary Satellite with the following command:
/sbin/service taskomatic stop
You may use custom scripting or other means to establish automatic start-up/failover of the Red Hat Network Task Engine on the secondary Satellite. Regardless, it will need to be started upon failover. - Share channel package data (by default located in
/var/satellite
) between the Satellites over some type of networked storage device. This eliminates data replication and ensures a consistent store of data for each Satellite. - Share cache data (by default located in
/var/cache/rhn
) between the Satellites over some type of networked storage device. This eliminates data replication and ensures a consistent store of cached data for each Satellite. - Make the various Satellites available on your network via Common Name and a method suiting your infrastructure. Options include round-robin DNS, a network load balancer, and a reverse-proxy setup.
9.7. Changing the Satellite Hostname
spacewalk-utils
package contains the spacewalk-hostname-rename
script.
spacewalk-hostname-rename
script, you must first ensure that you know your SSL CA passphrase by performing the following command:
openssl rsa -in path/RHN-ORG-PRIVATE-SSL-KEY
spacewalk-hostname-rename
requires one mandatory argument, which is the IP address of the Satellite server, regardless of whether the IP address will change along with the hostname or not.
spacewalk-hostname-rename
is as follows:
spacewalk-hostname-rename <ip address> [ --ssl-country=<country> --ssl-state=<state>\ --ssl-org=<organization/company> --ssl-orgunit=<department> --ssl-email=<email address> --ssl-ca-password=<password>]
spacewalk-hostname-rename
will generate a certificate.
spacewalk-hostname-rename
, refer to the following Red Hat Knowledgebase entry:
9.8. Conducting Satellite-Specific Tasks
9.8.1. Deleting Users
Figure 9.1. User Deletion
Note
Figure 9.2. User Delete Confirmation
9.8.2. Configuring Satellite Search
/etc/rhn/search.rhn-search.conf
file. The following list defines the search configuration and their default values in parentheses.
- search.index_work_dir
- Specifies where Lucene indexes are kept (
/usr/share/rhn/search/indexes
). - search.rpc_handlers
- Semi-colon separated list of classes to act as handlers for XMLRPC calls.
(filename>index:com.redhat.satellite.search.rpc.handlers.IndexHandler, db:com.redhat.satellite.search.rpc.handlers.DatabaseHandler, admin:com.redhat.satellite.search.rpc.handlers.AdminHandler)
- search.max_hits_returned
- Maximum number of results which will be returned for the query (
500
). - search.connection.driver_class
- JDBC driver class to conduct database searches (
oracle.jdbc.driver.OracleDriver
). - search.score_threshold
- Minimum score a result needs to be returned back as query result (
.10
). - search.system_score_threshold
- Minimum score a system search result needs to be returned back as a query result (
.01
). - search.errata_score_threshold
- Minimum score an errata search result needs to be returned back as a query result (
.20
). - search.errata.advisory_score_threshold
- Minimum score an errata advisory result needs to be returned back as a query result (
.30
). - search.min_ngram
- Minimum length of n-gram characters. Note that any change to this value requires
clean-index
to be run, and doc-indexes need to be modified and rebuilt (1
). - search.max_ngram
- Maximum length of n-gram characters. Note that any change to this value requires
clean-index
to be run, and doc-indexes need to be modified and rebuilt (5
). - search.doc.limit_results
- Type
true
to limit the number of results both on search.score_threshold and restrict max hits to be below search.max_hits_returned; typefalse
means to return all documentation search matches (false
). - search.schedule.interval
- Input the time in miliseconds to control the interval with which the SearchServer polls the database for changes; the default is 5 minutes (
300000
). - search.log.explain.results
- Used during development and debugging. If set to true, this will log additional information showing what influences the score of each result (
false
).
9.9. Automating Synchronization
crontab -e
EDITOR
variable, like so: export EDITOR=gedit
.
0 1 * * * perl -le 'sleep rand 9000' && satellite-sync --email >/dev/null \ 2>/dev/null
stdout
and stderr
from cron
to prevent duplicating the more easily read message from satellite-sync
. Options other than --email
can also be included. Refer to Table 6.1, “satellite-sync
Options” for the full list of options. Once you exit from the editor, the modified crontab is installed immediately.
9.10. Implementing PAM Authentication
Note
pam-devel
package.
Configuring Red Hat Network Satellite to use PAM
- Create a PAM service file in the
/etc/pam.d/
directory:touch /etc/pam.d/rhn-satellite
- Edit the file with the following information:
auth required pam_env.so auth sufficient pam_sss.so auth required pam_deny.so account sufficient pam_sss.so account required pam_deny.so
- Instruct the satellite to use the PAM service file by adding the following line to the
/etc/rhn/rhn.conf
file:pam_auth_service = rhn-satellite
- Restart the service to pick up the changes:
rhn-satellite restart
- To enable a user to authenticate against PAM, select the checkbox labeled Pluggable Authentication Modules (PAM). It is positioned below the password and password confirmation fields on the Create User page.
9.11. Enabling Push to Clients
osa-dispatcher
).
Important
osa-dispatcher
package, which can be found in the Red Hat Network Satellite software channel for the Satellite within the central Red Hat Network website. Once installed, start the service on the Satellite as root using the command:
service osa-dispatcher start
osad
package on all client systems to receive pushed actions. The package can be found within the Red Hat Network Tools child channel for the systems on the Red Hat Network Satellite.
Warning
osad
package on the Satellite server, as it will conflict with the osa-dispatcher
package installed on the Satellite.
service osad start
osa-dispatcher
and osad
accept stop
, restart
, and status
commands, as well.
Chapter 10. Troubleshooting
tail -f
command for all log files and then run yum list
. You should then examine all new log entries for potential clues.
# df -h
# /usr/sbin/rhn-satellite status
# service httpd status
- 10.1. Installing and Updating
- 10.2. Services
- Q: Why isn't the Apache Web server running?
- Q: How do I find out what the status of the Red Hat Network Task Engine is?
- Q: How do I find out what the status of the Satellite's Embedded Database is?
- Q: What do I do if yum, up2date, or the push capability of the Red Hat Network Satellite stops working?
- 10.3. Connectivity
- 10.4. Logging and Reporting
- 10.5. Errors
- Q: I'm getting an "Error validating satellite certificate" error during Red Hat Network Satellite installation. How do I fix it?
- Q: I'm getting an "ERROR: server.mount_point not set in the configuration file" error when I try to activate or synchronize the Red Hat Network Satellite. How do I fix it?
- Q: Why does cobbler check give an error saying that it needs a different version of yum-utils?
- Q: I'm getting a "unsupported version" error when I try to activate the Red Hat Network Satellite certificate. How do I fix it?
- Q: I'm getting an "Internal Server Error" complaining about ASCII when I try to edit the kickstart profile. What's going on?
- Q: I'm getting "Host Not Found" or "Could Not Determine FQDN" errors. What do I do now?
- Q: I'm getting a "This server is not an entitled Satellite" when I try to synchronize the Red Hat Network Satellite server. How do fix it?
10.1. Installing and Updating
audit.log
files available so that Red Hat Support personnel can assist you. You can find the file in /var/log/audit/audit.log
and can attach the file to your Support ticket for engineers to assist you.
/var/satellite
to an NFS mount, and now SELinux is stopping it working properly. What do I need to do?
# /usr/sbin/setsebool -P spacewalk_nfs_mountpoint on
# /usr/sbin/setsebool -P cobbler_use_nfs on
- Red Hat Developer Suite
- Red Hat Application Server
- Red Hat Extras
- JBoss product channels
10.2. Services
/etc/hosts
file may be incorrect.
# service taskomatic status
# service oracle status
yum
, up2date
, or the push capability of the Red Hat Network Satellite stops working?
yum
, up2date
, or the push capability of the Red Hat Network Satellite ceases to function, it is possible that old log files may be at fault. Stop the jabberd daemon before removing these files. To do so, issue the following commands as root:
# service jabberd stop # rm -f /var/lib/jabberd/db/_db* # service jabberd start
10.3. Connectivity
- Attempt to connect to the Red Hat Network Satellite's database at the command line using the correct connection string as found in
/etc/rhn/rhn.conf
:# sqlplus username/password@sid
- Ensure the Red Hat Network Satellite is using Network Time Protocol (NTP) and set to the appropriate time zone. This also applies to all client systems and the separate database machine in Red Hat Network Satellite with Stand-Alone Database.
- Confirm the correct package:
rhn-org-httpd-ssl-key-pair-MACHINE_NAME-VER-REL.noarch.rpm
is installed on the Red Hat Network Satellite and the correspondingrhn-org-trusted-ssl-cert-*.noarch.rpm
or raw CA SSL public (client) certificate is installed on all client systems. - Verify the client systems are configured to use the appropriate certificate.
- If also using one or more Red Hat Network Proxy Servers, ensure each Proxy's SSL certificates are prepared correctly. The Proxy should have both its own server SSL key-pair and CA SSL public (client) certificate installed, since it will serve in both capacities. Refer to the SSL Certificates chapter of the Red Hat Network Client Configuration Guide for specific instructions.
- Make sure client systems are not using firewalls of their own, blocking required ports as identified in Section 2.4, “Additional Requirements”.
# rm -rf temporary-directory
Note
/var/rhn-sat-import/
as the temporary directory.
SSL_CONNECT
errors, is the result of a Satellite being installed on a machine whose time had been improperly set. During the Satellite installation process, SSL certificates are created with inaccurate times. If the Satellite's time is then corrected, the certificate start date and time may be set in the future, making it invalid.
# date
# openssl x509 -dates -noout -in /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
# openssl x509 -dates -noout -in /etc/httpd/conf/ssl.crt/server.crt
10.4. Logging and Reporting
/var/log/rhn/
directory. These are rotated logs, which are log files created with a .<NUMBER> extension when the current rhn_satellite_install.log
file fills up to a size as specified by the logrotate(8)
daemon and the contents written to a rotated log file. For example, the rhn_satellite_install.log.1
contains the oldest rotated log file, while rhn_satellite_install.log.4
contains the most recently rotated log.
Table 10.1. Log Files
Component/Task | Log File Location |
---|---|
Apache Web server | /var/log/httpd/ directory |
Red Hat Network Satellite | /var/log/rhn/ directory |
Red Hat Network Satellite Installation Program | /var/log/rhn/rhn_satellite_install.log |
Database installation - Embedded Database | /var/log/rhn/install_db.log |
Database population | /var/log/rhn/populate_db.log |
Red Hat Network Satellite Synchronization Tool | /var/log/rhn/rhn_server_satellite.log |
Monitoring infrastructure | /var/log/nocpulse/ directory |
Monitoring notifications | /var/log/notification/ directory |
Red Hat Network DB Control - Embedded Database | /var/log/rhn/rhn_database.log |
Red Hat Network Task Engine (taskomatic) | /var/log/messages |
yum | /var/log/yum.log |
XML-RPC transactions | /var/log/rhn/rhn_server_xmlrpc.log |
spacewalk-report
?
spacewalk-report
command to gather and display vital Satellite information at once.
Note
spacewalk-report
you must have the spacewalk-reports
package installed.
spacewalk-report
allows administrators to organize and display reports about content, errata, systems, system event history, and user resources across the Satellite. The spacewalk-report
command is used to generate reports on:
- System Inventory — Lists all of the systems registered to the Satellite.
- Entitlements — Lists all organizations on the Satellite, sorted by system or channel entitlements.
- Errata — Lists all the errata relevant to the registered systems, sorts errata by severity as well as the systems that apply to a particular erratum.
- Users — Lists all the users registered to the Satellite, and lists any systems associated with a particular user.
- System History — Lists all, or a subset, of the system events that have occurred.
# spacewalk-report report_name
Table 10.2. spacewalk-report
Reports
Report | Invoked as | Description |
---|---|---|
System Inventory | inventory | List of systems registered to the server, together with hardware and software information |
Entitlements | entitlements | Lists all organizations on the Satellite with their system or channel entitlements |
Errata in channels | errata-channels | Lists errata in channels |
All Errata | errata-list-all | Complete list of all errata |
Errata for systems | errata-systems | Lists applicable errata and any registered systems that are affected |
Users in the system | users | Lists all users registered to the Satellite |
Systems administered | users-systems | Lists systems that can be administered by individual users |
Kickstart Trees | kickstartable-trees | Lists trees able to be kickstarted |
System history | system-history | Lists system event history |
System history channels | system-history-channels | Lists system event history |
System history configuration | system-history-configuration | Lists system configuration event history |
System history entitlements | system-history-entitlements | Lists system entitlement event history |
System history errata | system-history-errata | Lists system errata event history |
System history kickstart | system-history-kickstart | Lists system kickstart and provisioning event history |
System history packages | system-history-packages | Lists system package event history |
spacewalk-report
with the --info
or --list-fields-info
and the report name. The description and list of possible fields in the report will be shown.
spacewalk-report(8)
manpage as well as the --help
parameter of the spacewalk-report
program can be used to get additional information about the program invocations and their options.
# rhn-schema-version
# rhn-charsets
traceback_mail
in /etc/rhn/rhn.conf
.
web.default_mail_from
option and appropriate value in /etc/rhn/rhn.conf
.
10.5. Errors
install.log
file, and locating the following error:
ERROR: unhandled exception occurred: Traceback (most recent call last): File "/usr/bin/rhn-satellite-activate", line 45, in ? sys.exit(abs(mod.main() or 0)) File "/usr/share/rhn/satellite_tools/rhn_satellite_activate.py", line 585, in main activateSatellite_remote(options) File "/usr/share/rhn/satellite_tools/rhn_satellite_activate.py", line 291, in activateSatellite_remote ret = s.satellite.deactivate_satellite(systemid, rhn_cert) File "/usr/lib/python2.4/site-packages/rhn/rpclib.py", line 603, in __call__ return self._send(self._name, args) File "/usr/lib/python2.4/site-packages/rhn/rpclib.py", line 326, in _request self._handler, request, verbose=self._verbose) File "/usr/lib/python2.4/site-packages/rhn/transports.py", line 171, in request headers, fd = req.send_http(host, handler) File "/usr/lib/python2.4/site-packages/rhn/transports.py", line 698, in send_http self._connection.connect() File "/usr/lib/python2.4/site-packages/rhn/connections.py", line 193, in connect sock.connect((self.host, self.port)) File "<string>", line 1, in connect socket.timeout: timed out
- Run the install script in disconnected mode, and skip the database installation which has already been done:
# ./install.pl --disconnected --skip-db-install
- Open
/etc/rhn/rhn.conf
with your preferred text editor, and add or modify the following line:server.satellite.rhn_parent = satellite.rhn.redhat.com
Remove the following line:disconnected=1
If you are using a proxy for the connection to Red Hat Network, you will also need to add or modify the following lines to reflect the proxy settings.server.satellite.http_proxy = <hostname>:<port> server.satellite.http_proxy_username = <username> server.satellite.http_proxy_password = <password>
- Re-activate the Satellite in connected mode, using the
rhn-satellite-activate
command as the root user, including the path and filename of the satellite certificate:# rhn-satellite-activate --rhn-cert=/path/to/file.cert
install.pl
script in connected mode, but with the --answer-file=answer file
option. Ensure the answer file has the HTTP proxy information specified as follows:
rhn-http-proxy = <hostname>:<port> rhn-http-proxy-username = <username> rhn-http-proxy-password = <password>
mount_point
configuration parameter in /etc/rhn/rhn.conf
does not point to a directory path, or the directory path it points to is not present or does not have permission to access the directory.
mount_point
configuration parameter in /etc/rhn/rhn.conf
. If it set to the default value of /var/satellite
, verify that the /var/satellite
and /var/satellite/redhat
directories exist. For all values, check that path to the file is accurate, and that the permissions are set correctly.
cobbler check
give an error saying that it needs a different version of yum-utils
?
cobbler check
command can give an error similar to the following:
# cobbler check The following potential problems were detected: #0: yum-utils need to be at least version 1.1.17 for reposync -l, current version is 1.1.16
reposync
package. The error is spurious and can be safely ignored. This error will be resolved in future versions of Red Hat Network Satellite.
ERROR: <Fault -2: 'unhandled internal exception: unsupported version: 96'>
RHN_PARENT: satellite.rhn.redhat.com Error reported from RHN: <Fault -2: 'unhandled internal exception: unsupported version: 115'> ERROR: unhandled XMLRPC fault upon remote activation: <Fault -2: 'unhandled internal exception: unsupported version: 115'> ERROR: <Fault -2: 'unhandled internal exception: unsupported version: 115'>
Invalid satellite certificate
'ascii' codec can't encode character u'\u2013'
- Ssh directly onto the Satellite server as the root user:
# ssh root@satellite.fqdn.com
- Find the kickstart profile that is causing the problem by looking at the dates of the files in
/var/lib/cobbler/config/profiles.d
and locating the one that was edited most recently:# ls -l /var/lib/cobbler/config/profiles.d/
- Open the profile in your preferred text editor, and locate the following text:
\u2013hostname
Change the entry to read:--hostname
- Save changes to the profile and close the file.
- Restart the Red Hat Network Satellite services to pick up the updated profile:
# rhn-satellite restart Shutting down rhn-satellite... Stopping RHN Taskomatic... Stopped RHN Taskomatic. Stopping cobbler daemon: [ OK ] Stopping rhn-search... Stopped rhn-search. Stopping MonitoringScout ... [ OK ] Stopping Monitoring ... [ OK ] Stopping httpd: [ OK ] Stopping tomcat5: [ OK ] Shutting down osa-dispatcher: [ OK ] Shutting down Oracle Net Listener ... [ OK ] Shutting down Oracle DB instance "rhnsat" ... [ OK ] Shutting down Jabber router: [ OK ] Done. Starting rhn-satellite... Starting Jabber services [ OK ] Starting Oracle Net Listener ... [ OK ] Starting Oracle DB instance "rhnsat" ... [ OK ] Starting osa-dispatcher: [ OK ] Starting tomcat5: [ OK ] Starting httpd: [ OK ] Starting Monitoring ... [ OK ] Starting MonitoringScout ... [ OK ] Starting rhn-search... Starting cobbler daemon: [ OK ] Starting RHN Taskomatic... Done.
- Return to the web interface. Note that interface can take some time to resolve the services, but should return to normal after a minute or so.
/etc/hosts
file. You may confirm this by examining /etc/nsswitch.conf
, which defines the methods and the order by which domain names are resolved. Usually, the /etc/hosts
file is checked first, followed by Network Information Service (NIS) if used, followed by DNS. One of these has to succeed for the Apache Web server to start and the Red Hat Network client applications to work.
/etc/hosts
file. It may look like this:
127.0.0.1 this_machine.example.com this_machine localhost.localdomain \ localhost
127.0.0.1 localhost.localdomain.com localhost
127.0.0.1 localhost.localdomain.com localhost
123.45.67.8 this_machine.example.com this_machine
satellite-sync
reports that the server is not activated as an Red Hat Network Satellite, it isn't subscribed to the respective Red Hat Network Satellite channel. If this is a newly installed system then the satellite certificate is possibly not activated on the system. If it was activited earlier, then it has become deactivated.
# yum repolist
# rhn-satellite-activate -vvv --rhn-cert=/path/to/certificate
Note
satellite-debug
. To use this tool, issue the command as root. You will see the pieces of information collected and the single tarball created, like so:
# satellite-debug Collecting and packaging relevant diagnostic information. Warning: this may take some time... * copying configuration information * copying logs * querying RPM database (versioning of RHN Satellite, etc.) * querying schema version and database character sets * get diskspace available * timestamping * creating tarball (may take some time): /tmp/satellite-debug.tar.bz2 * removing temporary debug tree Debug dump created, stored in /tmp/satellite-debug.tar.bz2 Deliver the generated tarball to your RHN contact or support channel.
/tmp/
directory to your Red Hat representative for immediate diagnosis.
Appendix A. Sample Red Hat Network Satellite Configuration File
/etc/rhn/rhn.conf
configuration file for the Red Hat Network Satellite provides a means for you to establish key settings. Be warned, however, that errors inserted into this file may cause Satellite failures. So make configuration changes with caution.
#/etc/rhn/rhn.conf example for an RHN Satellite #---------------------------------------------- # Destination of all tracebacks, such as crash information, etc. traceback_mail = test@pobox.com, test@redhat.com # Location of RPMs (Red Hat and custom) served by the RHN Satellite mount_point = /var/satellite # Corporate gateway (hostname:PORT): server.satellite.http_proxy = corporate_gateway.example.com:8080 server.satellite.http_proxy_username = server.satellite.http_proxy_password = # Database connection information username/password@SID default_db = test01/test01@test01 ### DON'T TOUCH ANY OF THE FOLLOWING ### web.satellite = 1 web.session_swap_secret_1 = ea6c79f71cfcf307d567fed583c393b9 web.session_swap_secret_2 = 01dee83a7b7f27157f5335744eb02327 web.session_swap_secret_3 = 4e89e7697ce663149ca9e498cbc08b4f web.session_swap_secret_4 = a0fed2d77a950fc9a800b450a45e89d2 web.session_secret_1 = 24bc562e04c9b93f5be94f793738e104 web.session_secret_2 = 7667a7c2db311b1ea04271ecc1b82314 web.session_secret_3 = 442e7dc4f06f63eba9a0408d499c6a8d web.session_secret_4 = 587a0db47856f685d989095629a9bd6f encrypted_passwords = 1 web.param_cleansers = RHN::Cleansers->cleanse web.base_acls = RHN::Access web.default_taskmaster_tasks = RHN::Task::SessionCleanup, RHN::Task::ErrataQueue, RHN::Task::ErrataEngine, RHN::Task::DailySummary, RHN::Task::SummaryPopulation, RHN::Task::RHNProc, RHN::Task::PackageCleanup web.rhn_gpg_backend_module = RHN::GPG::OpenPGP web.restrict_mail_domains =
Appendix B. Revision History
Revision History | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
Revision 3-18.401 | Thu Aug 20 2015 | Dan Macpherson | ||||||||
| ||||||||||
Revision 3-18.400 | 2013-10-31 | Rüdiger Landmann | ||||||||
| ||||||||||
Revision 3-18 | Thu Sept 27 2012 | Dan Macpherson | ||||||||
| ||||||||||
Revision 3-17 | Wed Sept 19 2012 | Dan Macpherson | ||||||||
| ||||||||||
Revision 3-16 | Thu Aug 22 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-15 | Thu Aug 22 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-14 | Wed Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-13 | Tue Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-12 | Tue Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-11 | Tue Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-10 | Tue Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-9 | Tue Aug 21 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-8 | Mon Aug 20 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-7 | Mon Aug 20 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-6 | Mon Aug 13 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-5 | Mon Aug 13 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-4 | Mon Aug 06 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-2 | Mon Aug 06 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-1 | Wed Jul 11 2012 | Daniel Macpherson | ||||||||
| ||||||||||
Revision 3-0 | Tue May 22 2012 | Athene Chan | ||||||||
| ||||||||||
Revision 2-8 | Wed Jan 4 2012 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-7 | Wed Jan 4 2012 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-6 | Wed Oct 26 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-5 | Mon Aug 15 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-4 | Wed Jul 6 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-3 | Wed Jun 22 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-2 | Wed Jun 15 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-1 | Fri May 27 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 2-0 | Fri May 6 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-36 | Tue May 3 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-35 | Wed April 27 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-34 | Wed April 13 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-33 | Tue Feb 8 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-32 | Mon Feb 7 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-31 | Mon Feb 7 2011 | Lana Brindley | ||||||||
| ||||||||||
Revision 1-30 | Mon Jan 31 2011 | Lana Brindley | ||||||||
|