Chapter 2. Red Hat Satellite and Solaris-specific Information
2.1. UNIX Support Guide
188.8.131.52. Supported UNIX Variants
Table 2.1. Supported Solaris Architectures and Versions
- Red Hat Satellite 5.0 or later
- A Satellite certificate with Management entitlements
- Management entitlements for each UNIX client
- Red Hat Network packages for UNIX including python, pyOpenSSL, and the Red Hat Network Client packages
- Sunfreeware packages that provide supporting libraries
NoteSome of these packages are available via the Red Hat Satellite. See Section 184.108.40.206, “Downloading and Installing Additional Packages” for the complete list.
220.127.116.11. Included Features
- The Red Hat Network Service Daemon (
rhnsd), which triggers
rhn_checkaccording to a configurable interval
- The Red Hat Network Configuration Client (
rhncfg-client), which executes all configuration actions scheduled from the Satellite
- The Red Hat Network Configuration Manager (
rhncfg-manager), which allows command line administration of Red Hat Network configuration channels
rhn_checkprogram, which checks in with the Satellite and performs any actions scheduled from the server
- All Management-level functionality, such as system grouping, package profile comparison, and use of the System Set Manager to administer multiple systems at once
- A Provisioning feature called Remote Command which enables users to schedule root-level commands on any managed client through the Satellite's website, if the client allows this action
18.104.22.168. Differences in Functionality
- The Red Hat Update Agent for UNIX offers a much smaller set of options than its Linux counterpart and relies upon the operating system's native toolset for package installation, rather than
rpm- See Section 22.214.171.124.4, “Updating From the Command Line” for the precise list of options.
- The Red Hat Network Push application has been similarly modified to upload native UNIX file types, including packages, patches, and patch clusters.Since Solaris package, patch and patch cluster files are different from RPM files, the channel upload mechanism is somewhat different.There are two applications in the
rhnpushpackage for Solaris:
- The first,
solaris2mpm, is an Red Hat Network utility that creates an MPM file for each Solaris package or patch. The neutral format of the MPM file allows the Satellite to understand and manage the uploaded files.
- The second,
rhnpush, has been extended so that it can handle MPM as well as RPM files. Otherwise, it operates identically to the Linux version of
- The Channels tab of the Red Hat Network website has been augmented to accommodate the storage and installation of native UNIX file types.
126.96.36.199. Excluded Features
- All Provisioning-level functionality, such as kickstarting and package rollback, with the exception of configuration file management
- All Errata-related options, since the concept of Errata Updates is not understood in UNIX
- Source files for packages
RHAT*.pkgfiles during installation is not supported.
2.1.2. Satellite Server Preparation/Configuration
- During the Satellite installation:Enable UNIX support on the Satellite by checking the "Enable Solaris Support" box during the installation process, as pictured:
Figure 2.1. Enabling UNIX Support During Satellite Installation
- After the Satellite has been installed:Enable UNIX support by configuring the Satellite after it has been installed. To do so, select Enable Solaris Support box, as pictured:in the top menu bar, then select in the left navigation bar. In the screen that follows, check the
Figure 2.2. Enabling UNIX Support After Satellite InstallationClick thebutton to confirm the change.
- Finally, create a base channel to which your client systems may subscribe. Red Hat Network does not provide UNIX content,
satellite-synccannot be used to create the channel.To create a Solaris channel, login to the web interface of the Satellite as either a Satellite Administrator or a certificate authority. Navigate to the Channel tab, followed by the Manage Software Channels from the left navigation bar. Click the create new channel link in the upper right of the resulting screen. Provide a name and label for your new channel, and select either SPARC Solaris or i386 Solaris as the architecture, depending on the architecture of the client.
2.1.3. Unix Client System Preparation
- Download and install
gzipand the required third-party libraries.
- Download the Red Hat Network application tarball from the Satellite to the client and install the contents.
- Next, deploy the SSL certificates required for a secure connection.
- Configure the client applications to connect to the Red Hat Satellite.
188.8.131.52. Downloading and Installing Additional Packages
up2date), which provides the link between your client systems and Red Hat Network. The UNIX-specific version of the Red Hat Update Agent is limited in functionality compared to its Linux counterpart but still enables system registration and facilitates package installs and patches. See Section 2.1.4, “Unix Client Registration and Updates” for a full description of the tool's options.
bashwhen first logging into the Solaris client. If the BASH shell is available, it will make the system's behavior as Linux-like as possible.
184.108.40.206.1. Install Third-Party Packages
gziputility is provided by the SUNW gzip package and may be downloaded from http://www.sunfreeware.com.
pkginfocommand. For example, to check for a package that contains "zlib" in the name, run the following command:
# pkginfo | grep zlib
libgcc<version>-sol<solaris-version>-sparc-local.gzbecomes SMClibgcc after installation
220.127.116.11.2. Configuring the Library Search Path
# crle -c /var/ld/ld.config
-loption resets the value, rather than appending it, so if there already were values set on your system, prepend them to the -l parameter.
# crle -c /var/ld/ld.config -l /other/existing/path:/lib:/usr/lib:/usr/local/lib
# crle -c /var/ld/ld.config -l /other/existing/path:/lib:/usr/lib:/usr/local/lib:/usr/sfw/lib
18.104.22.168.3. Downloading Red Hat Network Client Packages
/var/www/html/pub/directory of your Satellite. If you are able to use a GUI web browser like Mozilla, navigate to the
/pubdirectory of the Satellite and save the appropriate tarball to your client:
ftpto transfer the file from the Satellite to the client.
gzip, decompress the tarball. You should have the following packages:
SMCosslgmay also be included in the tarball.
22.214.171.124.4. Installing the Red Hat Network Packages
pkgaddcommand. Answer "yes" to any prompts during package install.
# pkgadd -d RHATpossl-0.6-1.p24.6.pkg all # pkgadd -d RHATpythn-2.4.1-2.rhn.4.sol9.pkg all # pkgadd -d RHATrhnl-1.8-7.p23.pkg all ...
pkgaddto run the command in non-interactive mode. However, this may cause the installation of some packages to fail silently on Solaris 10.
126.96.36.199.5. Including Red Hat Network Packages in the PATH
# PATH=$PATH:/opt/redhat/rhn/solaris/bin # PATH=$PATH:/opt/redhat/rhn/solaris/usr/bin # PATH=$PATH:/opt/redhat/rhn/solaris/usr/sbin # export PATH
# MANPATH=$MANPATH:/opt/redhat/rhn/solaris/man # export MANPATH
# man -M /opt/redhat/rhn/solaris/man <man page>
crle -c /var/ld/ld.config -l <current library paths>:/opt/redhat/rhn/solaris/lib
188.8.131.52. Deploying Client SSL Certificates
/pub/directory of the Satellite's Web server.
- Download the SSL certificate from the
/var/www/html/pub/directory of the Red Hat Satellite onto the client system. The certificate will be named something similar to
RHN-ORG-TRUSTED-SSL-CERT. It is accessible via the web at the following URL:
- Move the client SSL certificate to the Red Hat Network-specific directory for your UNIX variant. For Solaris, this can be accomplished with a command similar to:
mv /path/to/RHN-ORG-TRUSTED-SSL-CERT /opt/redhat/rhn/solaris/usr/share/rhn/
184.108.40.206. Configuring the clients
- As root, change to the Red Hat Network configuration directory for the system. For Solaris, the full path is
- Open the
up2dateconfiguration file in a text editor.
- Find the
serverURLentry and set its value to the fully qualified domain name (FQDN) of your Red Hat Satellite:
serverURL[comment]=Remote server URL serverURL=https://your-satellite.example.com/XMLRPC
- Ensure the application refers to the Red Hat Satellite even when SSL is turned off by also setting the
noSSLServerURLvalue to the Satellite:
noSSLServerURL[comment]=Remote server URL without SSL noSSLServerURL=http://your-satellite.example.com/XMLRPC
- With the
up2dateconfiguration file still open, find the
sslCACertentry and set its value to the name and location of the SSL certificate described in Section 220.127.116.11, “Deploying Client SSL Certificates”, for example:
sslCACert[comment]=The CA cert used to verify the ssl server sslCACert=/opt/redhat/rhn/solaris/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
2.1.4. Unix Client Registration and Updates
18.104.22.168. Registering Unix Systems
rhnreg_kscommand to accomplish this; the use of activation keys for registering your systems is optional. These keys allow you to predetermine settings within Red Hat Network, such as base channels and system groups, and to apply those automatically to systems during their registration.
- Log into the Satellite's web interface and click the Systems tab in the top navigation bar followed by Activation Keys in the left navigation bar. Then click the create new key link at the top-right corner of the page.
- On the following page, select the base channel you created at the end of Section 2.1.2, “Satellite Server Preparation/Configuration”.
- After creating the key, click its name in the Activation Keys list to enhance its Red Hat Network settings by associating software and configuration channels and system groups.
- Open a terminal on the client system to be registered and switch user to root.
rhnreg_ksalong with the
--activationkeyoption to register the client with the Satellite. The string of characters that make up the key may be copied directly from the Activation Keys list on the website. The resulting command will look something like the following:
- Go back to the website, click the name of the activation key, and ensure the new system appears within the Activated Systems tab.
22.214.171.124. Obtaining Updates
126.96.36.199.1. Uploading Packages to the Satellite
solaris2mpmto translate Solaris packages, patches, and patch clusters to a format that the Satellite can understand.
solaris2mpmis part of Red Hat Network Push for Solaris. The content that is pushed to a Solaris channel on the Satellite must first be in .mpm format.
/tmp/will be used for this purpose. However, the
--tempdiroption allows you to specify another directory if necessary.
# solaris2mpm RHATrpush-3.1.5-21.pkg RHATrpush-3.1.5-23.pkg Opening archive, this may take a while Writing out RHATrpush-3.1.5-21.sparc-solaris.mpm Opening archive, this may take a while Writing out RHATrpush-3.1.5-23.sparc-solaris.mpm
Table 2.2. solaris2mpm options
| || |
Displays the program's version number and exits
| || |
Displays this information and exits
| || |
Prints program usage information and exits
| || |
Temporary directory to work from
| || |
Selects the architecture (i386 or SPARC) for multi-arch packages.
rhnpush with .mpm Files
rhnpushworks like the standard utility, but with the added ability to handle .mpm files. Below is a usage example:
% rhnpush -v --server testbox.example.com --username myuser -c solaris-8 \ RHATrpush-3.1.5-*.mpm Red Hat Network password: Connecting to http://testbox.example.com/APP Uploading package RHATrpush-3.1.5-21.sparc-solaris.mpm Uploading package RHATrpush-3.1.5-23.sparc-solaris.mpm
188.8.131.52.2. Updating Through the Website
rhnsddaemon, which instructs the client system to check in with Red Hat Network, automatically starts at boot time. On Solaris systems,
rhnsddoes not start at boot time by default. It can be started from the command line in this way:
rhnsd --foreground --interval=240
/opt/redhat/rhn/solaris/usr/sbin/rhnsd. Below are the available options for
| || |
Run in foreground
| || |
Connect to Red Hat Network every MINS minutes
| || |
Log all actions to syslog
| || |
Give this help list
| || |
Give this help list
| || |
Print program version
184.108.40.206.4. Updating From the Command Line
up2datecommand. The most significant difference is the absence of all options regarding source files. See Table 2.4, “Update Agent Command Line Arguments” for the precise list of options available for UNIX systems.
Table 2.4. Update Agent Command Line Arguments
| ||Show program version information.|
| ||Show this help message and exit.|
| ||Show additional output.|
| ||List the latest versions of all packages installed.|
| ||Update packages associated with this System Profile.|
| ||Update this system's hardware profile on Red Hat Network.|
| ||List all packages available for download.|
| ||List all the packages available that are not currently installed.|
| ||List all the packages currently installed that are not in channels the system is subscribed to.|
| ||Show the channel names along with the package names where appropriate.|
| || Install all available packages. Use with |
| ||Specify which channels to update from using channel labels.|
| ||Fetch the package specified without resolving dependencies.|
2.1.5. Remote Commands
220.127.116.11. Enabling Commands
script, the file must be named
run, and both must be located in the
/etc/sysconfig/rhn/allowed-actions/directory specific to your UNIX variant.
mkdir -p /opt/redhat/rhn/solaris/etc/sysconfig/rhn/allowed-actions/script