Sample Bootstrap Script - Red Hat NETWORK SATELLITE 5.1.0 - CLIENT Configuration Manual

Appendix A. Sample Bootstrap
Script
The
/var/www/html/pub/bootstrap/bootstrap.sh
Server installation program provides the ability to reconfigure client systems to access your
RHN Server easily. It is available to both RHN Satellite Server and RHN Proxy Server
customers through the RHN Bootstrap tool. After modifying the script for your particular use, it
can be run on each client machine.
Review the sample and its comments, beginning with a hash mark (#), for additional details.
Follow the steps in Chapter 5, Using RHN Bootstrap
#!/bin/bash echo "RHN Server Client bootstrap script v3.6" # This file was
autogenerated. Minor manual editing of this script (and # possibly the
client-config-overrides.txt file) may be necessary to complete # the
bootstrap setup. Once customized, the bootstrap script can be triggered # in
one of two ways (the first is preferred): # # (1) centrally, from the RHN
Server via ssh (i.e., from the # RHN Server): # cd
/var/www/html/pub/bootstrap/ # cat bootstrap-<edited_name>.sh | ssh
root@<client-hostname> /bin/bash # # ...or... # # (2) in a decentralized
manner, executed on each client, via wget or curl: # wget -qO- #
https://<hostname>/pub/bootstrap/bootstrap-<edited_name>.sh \ # | /bin/bash
# ...or... # curl -Sks #
https://<hostname>/pub/bootstrap/bootstrap-<edited_name>.sh \ # | /bin/bash
# SECURITY NOTE: # Use of these scripts via the two methods discussed is the
most expedient # way to register machines to your RHN Server. Since "wget"
is used # throughout the script to download various files, a
"Man-in-the-middle" # attack is theoretically possible. # # The actual
registration process is performed securely via SSL, so the risk # is
minimized in a sense. This message merely serves as a warning. #
Administrators need to appropriately weigh their concern against the #
relative security of their internal network. # PROVISIONING/KICKSTART NOTE:
# If provisioning a client, ensure the proper CA SSL public certificate is #
configured properly in the post section of your kickstart profiles (the #
RHN Satellite or hosted web user interface). # UP2DATE/RHN_REGISTER
VERSIONING NOTE: # This script will not work with very old versions of
up2date and # rhn_register. echo echo echo "MINOR MANUAL EDITING OF THIS
FILE MAY BE REQUIRED!" echo echo "If this bootstrap script was created
during the initial installation" echo "of an RHN Satellite, the
ACTIVATION_KEYS, and ORG_GPG_KEY values will" echo "probably *not* be set
(see below). If this is the case, please do the" echo "following:" echo " -
copy this file to a name specific to its use." echo " (e.g., to
bootstrap-SOME_NAME.sh - like bootstrap-web-servers.sh.)" echo " - on the
website create an activation key or keys for the system(s) to" echo " be
registered." echo " - edit the values of the VARIABLES below (in this
script) as" echo " appropriate:" echo " - ACTIVATION_KEYS needs to reflect
the activation key(s) value(s)" echo " from the website. XKEY or XKEY,YKEY"
echo " - ORG_GPG_KEY needs to be set to the name of the corporate public"
echo " GPG key filename (residing in /var/www/html/pub) if appropriate."
echo echo "Verify that the script variable settings are correct:" echo " -
CLIENT_OVERRIDES should be only set differently if a customized" echo "
client-config-overrides-VER.txt file was created with a different" echo "
script generated by the RHN Satellite
to prepare the script for use.
35