Table of Contents
Advertisement
Note that this chapter provides an alternative to using RHN Bootstrap to generate the bootstrap script.
With these instructions, you should be able to create your own bootstrap script from scratch.
All of the initial techniques have shared a common theme: the deployment of necessary files in a
centralized location to be retrieved and installed using simple, scriptable commands run on each client.
In this chapter, we explore putting all of these pieces together to create a single script that can be
invoked by any system in your organization.
When we combine all of the commands from the previous chapters in the most sensible order, we get
the following script. Keep in mind,
later:
# First, install the latest client RPMs to the system.
rpm -Uvh \
http://your_proxy_or_sat.your_domain.com/pub/rhn_register-2.8.27-1.7.3.i386.rpm \
http://your_proxy_or_sat.your_domain.com/pub/rhn_register-gnome-2.8.27-1.7.3.i386.rpm \
http://your_proxy_or_sat.your_domain.com/pub/up2date-3.0.7-1.i386.rpm \
http://your_proxy_or_sat.your_domain.com/pub/up2date-gnome-3.0.7-1.i386.rpm
# Second, reconfigure the clients to talk to the correct server.
perl -p -i -e 's/s/www\.rhns\.redhat\.com/your_proxy_or_sat\.your_domain\.com/g' \
/etc/sysconfig/rhn/rhn_register \
/etc/sysconfig/rhn/up2date
# Third, install the SSL client certificate for your company's
# RHN Satellite Server or RHN Proxy Server.
rpm -Uvh http://proxy_or_sat.domain.com/pub/rhn-org-trusted-ssl-cert-*.noarch.rpm
# Fourth, reconfigure the clients to use the new SSL certificate.
perl -p -i -e 's/^sslCA/#sslCA/g;' \
/etc/sysconfig/rhn/up2date /etc/sysconfig/rhn/rhn_register
echo "sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT" \
>> /etc/sysconfig/rhn/up2date
echo "sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT" \
>> /etc/sysconfig/rhn/rhn_register
# Fifth, download the GPG key needed to validate custom packages.
wget -O- -q http://your_proxy_or_sat.your_domain.com/pub/YOUR-RPM-GPG-KEY
# Sixth, import that GPG key to your GPG keyring.
rpm --import /path/to/YOUR-RPM-GPG-KEY
Remember, the sixth step is documented here as it pertains to systems running Red Hat Linux 3 or
newer. For Red Hat Enterprise Linux 2.1, use the following command instead:
gpg $(up2date --gpg-flags) --import /path/to/YOUR-RPM-GPG-KEY
Together, this script comprises a clean and repeatable process that should fully configure any potential
Red Hat Network client in preparation for registration to an RHN Proxy Server or RHN Satellite
Server. Remember, key values, such as the URL of your RHN Server, its public directory, and your
actual GPG key will need to be inserted into the placeholders listed within the script. Also, depending
on your environment, additional modifications may be required. Although this script may work nearly
verbatim, it should be used as a guide.
Manually Scripting the Configuration
rhn_register
does not exist on Red Hat Enterprise Linux 3 or
Chapter 6.
Advertisement
Table of Contents
