Oracle Linux: Unbreakable Linux Network User's Guide

Oracle Linux
Unbreakable Linux Network User's Guide
E39381-05 July 2013
Oracle Linux: Unbreakable Linux Network User's Guide

Copyright 2013, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.
Abstract This manual provides information about using the Unbreakable Linux Network (ULN). Document generated on: 2013-07-04 (revision: 1081)
Table of Contents
Preface .............................................................................................................................................. v 1. The Unbreakable Linux Network ..................................................................................................... 1 1.1. About the Unbreakable Linux Network .................................................................................. 1 1.2. About ULN Channels ........................................................................................................... 1 1.3. About Software Errata ......................................................................................................... 3 1.4. Registering as a ULN User .................................................................................................. 3 1.5. Registering an Oracle Linux 6 System .................................................................................. 4 1.6. Registering an Oracle Linux 4 or Oracle Linux 5 System ....................................................... 4 1.7. Configuring an Oracle Linux 5 System to Use yum with ULN ................................................. 4 1.8. Disabling Package Updates ................................................................................................. 5 1.9. Subscribing Your System to ULN Channels .......................................................................... 5 1.10. Browsing and Downloading Errata Packages ...................................................................... 6 1.11. Downloading Available Errata for a System ......................................................................... 6 1.12. Updating System Details .................................................................................................... 7 1.13. Deleting a System ............................................................................................................. 7 1.14. About CSI Administration ................................................................................................... 7 1.14.1. Becoming a CSI Administrator ................................................................................. 9 1.14.2. Listing Active CSIs and Transferring Their Registered Servers ................................. 10 1.14.3. Listing Expired CSIs and Transferring Their Registered Servers ............................... 11 1.14.4. Removing a CSI Administrator ............................................................................... 12 1.15. Switching from RHN to ULN ............................................................................................. 12 1.16. For More Information About ULN ...................................................................................... 13 2. Yum ............................................................................................................................................. 15 2.1. About Yum ........................................................................................................................ 15 2.2. Yum Configuration ............................................................................................................. 15 2.2.1. Configuring Use of a Proxy Server ........................................................................... 16 2.2.2. Yum Repository Configuration ................................................................................. 17 2.3. Using Yum from the Command Line ................................................................................... 17 2.4. Downloading and Importing a GPG Key .............................................................................. 19 2.5. Yum Groups ...................................................................................................................... 19 2.6. Installing and Using the Yum Security Plugin ...................................................................... 19 2.7. Creating a Local Yum Server ............................................................................................. 21 2.7.1. Updating a Local Yum Server .................................................................................. 24 2.7.2. Configuring Yum Clients .......................................................................................... 24 2.8. For More Information About Yum ........................................................................................ 26 A. ULN Channels ............................................................................................................................. 27 A.1. Oracle Linux 5 Channels ................................................................................................... 27 A.2. Oracle Linux 6 Channels ................................................................................................... 28 A.3. Oracle VM 2.1 Channels ................................................................................................... 30 A.4. Oracle VM 2.2 Channels ................................................................................................... 30 A.5. Oracle VM 3 Channels ...................................................................................................... 31
iii
iv
Preface
The Oracle Linux Unbreakable Linux Network User's Guide provides information about how to register your systems with the Unbreakable Linux Network (ULN), and includes procedures for creating a local yum server as well as a guide to using the yum command itself.
Audience
This document is intended for administrators who want to use the Unbreakable Linux Network (ULN). It is assumed that readers are familiar with web technologies and have a general understanding of Linux system administration.
Document Organization
The document is organized as follows: Chapter 1, The Unbreakable Linux Network describes how to access and use the software channels that are available on the Unbreakable Linux Network (ULN). Chapter 2, Yum describes how to use the yum utility to install and upgrade software packages, and how to set up a local yum server. Appendix A, ULN Channels lists the main channels that are available for Oracle Linux 5 and Oracle Linux 6 on the supported platform architectures.
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup? ctx=acc&id=trs if you are hearing impaired.
Related Documents
The documentation for this product is available at: http://www.oracle.com/technetwork/server-storage/linux/documentation/index.html.
Conventions
The following text conventions are used in this document: Convention boldface italic monospace Meaning Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary. Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values. Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter.
vi
Chapter 1. The Unbreakable Linux Network

Table of Contents
1.1. About the Unbreakable Linux Network .......................................................................................... 1 1.2. About ULN Channels ................................................................................................................... 1 1.3. About Software Errata ................................................................................................................. 3 1.4. Registering as a ULN User .......................................................................................................... 3 1.5. Registering an Oracle Linux 6 System .......................................................................................... 4 1.6. Registering an Oracle Linux 4 or Oracle Linux 5 System ............................................................... 4 1.7. Configuring an Oracle Linux 5 System to Use yum with ULN ......................................................... 4 1.8. Disabling Package Updates ......................................................................................................... 5 1.9. Subscribing Your System to ULN Channels .................................................................................. 5 1.10. Browsing and Downloading Errata Packages .............................................................................. 6 1.11. Downloading Available Errata for a System ................................................................................. 6 1.12. Updating System Details ............................................................................................................ 7 1.13. Deleting a System ..................................................................................................................... 7 1.14. About CSI Administration ........................................................................................................... 7 1.14.1. Becoming a CSI Administrator ......................................................................................... 9 1.14.2. Listing Active CSIs and Transferring Their Registered Servers ......................................... 10 1.14.3. Listing Expired CSIs and Transferring Their Registered Servers ....................................... 11 1.14.4. Removing a CSI Administrator ....................................................................................... 12 1.15. Switching from RHN to ULN ..................................................................................................... 12 1.16. For More Information About ULN .............................................................................................. 13 This chapter describes how to access and use the software channels that are available on the Unbreakable Linux Network (ULN).
1.1. About the Unbreakable Linux Network

If you have a subscription to Oracle Unbreakable Linux support, you can use the comprehensive resources of the Unbreakable Linux Network (ULN). ULN offers software patches, updates, and fixes for Oracle Linux and Oracle VM, as well as information on yum, Ksplice, and support policies. You can also download useful packages that are not included in the original distribution. The ULN Alert Notification Tool periodically checks with ULN and alerts you when updates are available. You can access ULN at https://linux.oracle.com/, where you will also find instructions for registering with ULN, for creating local yum repositories, and for switching from the Red Hat Network (RHN) to ULN. If you want to use yum with ULN to manage your systems, you must register the systems with ULN and subscribe each system to one or more ULN channels. When you register a system with ULN, the channel that contains the latest version is chosen automatically according to the architecture and operating system revision of the system. When you run yum, it connects to the ULN server repository and downloads the latest software packages in RPM format onto your system. yum then presents you with a list of the available packages so that you can choose which ones you want to install.
1.2. About ULN Channels

ULN provides more than 100 unique channels, which support the i386, x86_64, and IA64 architectures, for releases of Oracle Linux 4 update 6 and later and Oracle VM 2.1 and later.
About ULN Channels
You can choose for your system to remain at a specific OS revision, or you can allow the system to be updated with packages from later revisions. You should subscribe to the channel that corresponds to the architecture of your system and the update level at which you want to maintain it. Patches and errata are available for specific revisions of Oracle Linux, but you do not need to upgrade from a given revision level to install these fixes. ULN channels also exist for MySQL, Oracle VM, Oracle Ksplice, OCFS2, RDS, and productivity applications. The following table describes the main channels that are available. Channel _latest Description Provides all the packages in a distribution, including any errata that are also provided in the patch channel. Unless you explicitly specify the version, any package that you download on this channel will be the most recent that is available. If no vulnerabilities have been found in a package, the package version might be the same as that included in the original distribution. For other packages, the version will be the same as that provided in the patch channel for the highest update level. For example, the ol6_arch_latest channel for Oracle Linux 6 Update 3 contains a combination of the ol6_u3_arch_base and ol6_u3_arch_patch channels. Provides the packages for each major version and minor update of Oracle Linux and Oracle VM. This channel corresponds to the released ISO media image. For example, there is a base channel for each of the updates to Oracle Linux 6 as well as for Oracle Linux 6. Oracle does not publish security errata and bugfixes on these channels. Provides only those packages that have changed since the initial release of a major or minor version of Oracle Linux or Oracle VM. The patch channel always provides the most recent version of a package, including all fixes that have been provided since the initial version was released. Provides packages that are not included in the base distribution, such as the package that you can use to create a yum repository on Oracle Linux 6. Provides freely downloadable RPMs from Oracle that you can install on Oracle Linux, such as ASMLib and Oracle Instant Client.
_base
_patch
_addons _oracle
Other channels may also be available, such as _beta channels for the beta versions of packages. As each new major version or minor update of Oracle Linux becomes available, Oracle creates new base and patch channels for each supported architecture to distribute the new packages. The existing base and patch channels for the previous versions or updates remain available and do not include the new packages. The _latest channel distributes the highest possible version of any package, and tracks the top of the development tree independently of the update level. You can maintain your system at a specific release level of Oracle Linux and selectively apply errata to that level. For example, if you want to maintain an Oracle Linux 6 system at the level of Update 1, but the system is currently subscribed to the ol6_x86_64_latest channel, you should subscribe the system to the ol6_u1_x86_64_base and ol6_u1_x86_64_patch channels and unsubscribe it from ol6_x86_64_latest. Caution Oracle recommends that your remain subscribed to the ol6_arch_latest channel. If you unsubscribe from the ol6_arch_latest channel, your machine might become vulnerable to security-related issues when a new update is released.
About Software Errata
1.3. About Software Errata

Oracle releases important changes to Oracle Linux and Oracle VM software as individual package updates known as errata, which are made available for download on ULN before they are gathered into a release or are distributed via the _patch channel. Errata packages can contain: Security advisories, which have names prefixed by ELSA-* (for Oracle Linux) and OVMSA-* (for Oracle VM). Bug fix advisories, which have names prefixed by ELBA-* and OVMBA-*. Feature enhancement advisories, which have names prefixed by ELEA-* and OVMEA-*. To be notified when new errata packages are released, you can subscribe to the Oracle Linux and Oracle VM errata mailing lists at https://oss.oracle.com/mailman/listinfo/el-errata and https://oss.oracle.com/ mailman/listinfo/oraclevm-errata. If you are logged into ULN, you can also subscribe to these mailing lists by following the Subscribe to Enterprise Linux Errata mailing list and Subscribe to Oracle VM Errata mailing list links that are provided on the Errata tab.
1.4. Registering as a ULN User

When you register a system with ULN, your Oracle Single Signon (SSO) user name is also registered as your ULN user name. If you want to use ULN without first registering a system, you can register as a ULN user provided that you have a valid customer support identifier (CSI) for Oracle Linux support or Oracle VM support. To purchase Oracle Linux or Oracle VM support, go to the online Oracle Linux Store or contact your sales representative. To register as a ULN user: 1. In a browser, go to https://linux.oracle.com/register. 2. If you do not have an SSO account, click Create New Single Signon Account and follow the onscreen instructions to create one. If you already have an SSO account, click Sign On. 3. Log in using your SSO user name and password. 4. On the Create New ULN User page, enter your CSI and click Create New User. Note If no administrator is currently assigned to manage the CSI, you are prompted to click Confirm to become the CSI administrator. If you click Cancel, you cannot access the CSI administration feature. See Section 1.14, About CSI Administration. If your user name already exists on the system, you are prompted to proceed to ULN by clicking the link Unbreakable Linux Network. If you enter a different CSI from your existing CSIs, your user name is associated with the new CSI in addition to your existing CSIs. 3
Registering an Oracle Linux 6 System
1.5. Registering an Oracle Linux 6 System

To register an Oracle Linux 6 system with ULN. 1. Run the uln_register command.
# uln_register
Alternatively, if you use the GNOME graphical user desktop, select System > Administration > ULN Registration. You can also register your system with ULN if you configure networking when installing Oracle Linux 6. 2. When prompted, enter your ULN user name, password, and customer support identifier (CSI). 3. Enter a name for the system that will allow you to identify it on ULN, and choose whether to upload hardware and software profile data that allows ULN to select the appropriate packages for the system. 4. If you have an Oracle Linux Premier Support account, you can choose to configure an Oracle Linux 6 system that is running a supported kernel to receive kernel updates from Oracle Ksplice. The yum-rhn-plugin is enabled and your system is subscribed to the appropriate software channels. If you use a proxy server for Internet access, see Section 2.2.1, Configuring Use of a Proxy Server. For information about registering to use Ksplice, see the Oracle Linux Ksplice User's Guide.
1.6. Registering an Oracle Linux 4 or Oracle Linux 5 System

To register an Oracle Linux 4 or Oracle Linux 5 system with ULN. 1. Import the RPM GPG key.
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY
2. Run the text-mode version of the up2date command.

# up2date-nox --register
3. When prompted, enter your ULN user name, password, and CSI. 4. Enter the name of the system that will be displayed on ULN, and choose whether to upload hardware and software profile data that will allow ULN to select the appropriate packages for your system. For information about registering to use Ksplice, see the Oracle Linux Ksplice User's Guide.
1.7. Configuring an Oracle Linux 5 System to Use yum with ULN

If your Oracle Linux 5 system is registered with ULN, you can use yum instead of up2date to download and install packages. If you have installed a full update since Oracle Linux 5.6 was released on January 20, 2010, your system should already be able to use yum with ULN. To enable yum support: 1. Install yum-rhn-plugin.
# up2date --install yum-rhn-plugin
2. If your organization uses a proxy server as an intermediary for Internet access, specify the enableProxy and httpProxy settings in /etc/sysconfig/rhn/up2date as shown in this example.
Disabling Package Updates
enableProxy=1 httpProxy=http://proxysvr.yourdom.com:3128
If the proxy server requires authentication, additionally specify the enableProxyAuth, proxyUser, and proxyPassword settings:
enableProxy=1 enableProxyAuth=1 httpProxy=http://proxysvr.yourdom.com:3128 proxyUser=yumacc proxyPassword=clydenw
Caution All yum users require read access to /etc/sysconfig/rhn/up2date. If this file must be world-readable, do not use a password that is the same as any user's login password, and especially not root's password. With the plugin installed and the proxy server (if any) specified, you can immediately start to use yum instead of up2date.
1.8. Disabling Package Updates

To disable package updates by ULN (for example, if you have deleted your system from ULN), edit the / etc/yum/pluginconf.d/rhnplugin.conf file, and change the value of enabled flag from 1 to 0 in the [main] section, for example:
[main] enabled = 0 gpgcheck = 1
To disable updates for particular packages, add an exclude statement to the [main] section of the / etc/yum.conf file. For example, to exclude updates for VirtualBox and kernel:
exclude=VirtualBox* kernel*
Note Excluding certain packages from being updated can cause dependency errors for other packages. Your machine might also become vulnerable to security-related issues if you do not install the latest updates.
1.9. Subscribing Your System to ULN Channels

If you have registered your system with ULN, you can subscribe the system to the channels that are available for the level of support associated with the CSI. To subscribe your system to ULN channels: 1. Log in to http://linux.oracle.com with your ULN user name and password. 2. On the Systems tab, click the link named for the system in the list of registered machines. 3. On the System Details page, click Manage Subscriptions. 4. On the System Summary page, select channels from the list of available or subscribed channels and click the arrows to move the channels between the lists.
Browsing and Downloading Errata Packages
5. When you have finished selecting channels, click Save Subscriptions.
1.10. Browsing and Downloading Errata Packages

You can browse the advisories that are available on ULN, and download the errata RPMs for the supported combinations of the software release and the system architecture. To browse the advisories and download errata RPMs: 1. Log in to http://linux.oracle.com with your ULN user name and password. 2. Select the Errata tab. The Errata page displays a table of the available errata for all releases that are available on ULN. 3. On the Errata page, you can perform the following actions on the displayed errata: To sort the table of available errata, click the title of the Type, Severity, Advisory, Systems Affected, or Release Date column. Click the title again to reverse the order of sorting. Note The Systems Affected column shows how many of your systems are potentially affected by an advisory. To display or hide advisories of different types, select or deselect the Bug, Enhancement, and Security check boxes and click Go. To display only advisories for a certain release of Oracle Linux or Oracle VM, select that release from the Release drop-down list and click Go. To search within the table, enter a string in the Search field and click Go. 4. To see more detail about an advisory and to download the RPMs: a. Click the link for the advisory. b. On the Errata Detail page for an advisory, you can download the RPMs for the supported releases and system architectures. The Superseded By Advisory column displays a link to the most recent advisory (if any) that replaces the advisory you are browsing.
1.11. Downloading Available Errata for a System

You can download a comma-separated values (CSV) report file of the errata that are available for your system and you can download errata RPMs . To download a CSV report or the errata RPMs: 1. Log in to http://linux.oracle.com with your ULN user name and password. 2. On the Systems tab, click the link named for the system in the list of registered machines. The System Details page lists the available errata for the system in the Available Errata table, which might be split over several pages. 3. To download the CSV report file, click the link Download All Available Errata for this System. 4. To see more detail about an advisory and to download the RPMs:
Updating System Details
a. Click the link for the advisory. b. On the System Errata Detail page for an advisory, you can download the RPMs for the affected releases and system architectures.
1.12. Updating System Details

If you have registered your system with ULN, you can update the details that ULN records for the system. To update the details for your system: 1. Log in to http://linux.oracle.com with your ULN user name and password. 2. On the Systems tab, click the link named for the system in the list of registered machines. 3. On the System Details page, click Edit. 4. On the Edit System Properties page, you can change the name associated with your system, register it as a local yum server for your site, or change the CSI with which it is registered. Note You cannot change the CSI of a system unless it is registered to your user name. 5. When you have finished making changes, click Apply Changes.
1.13. Deleting a System

To delete a system that is registered on ULN: 1. Log in to http://linux.oracle.com with your ULN user name and password. 2. On the Systems tab, click the link named for the system in the list of registered machines. 3. On the System Details page, click Delete. Note You cannot delete a system unless it is registered to your user name. 4. When prompted to confirm the deletion, click OK.
1.14. About CSI Administration

The CSI administration feature of ULN provides a unified view of all of your organization's CSIs and the systems that are registered with those CSIs. To be able to manage the registered systems, you must become an administrator for one or more of your organization's CSIs. To be able to view and change the details of any system that is not registered to your ULN user name, you must become an administrator for the CSI under which that system is registered. If you are registered as a CSI administrator, you can access the CSI Administration tab while logged in to ULN and perform the following tasks: Assign yourself as administrator of a CSI, or assign someone else as administrator of a CSI. See Section 1.14.1, Becoming a CSI Administrator.
About CSI Administration
List active CSIs, list the servers that are currently registered with an active CSI, and transfer those servers to another user or to another CSI. See Section 1.14.2, Listing Active CSIs and Transferring Their Registered Servers. List expired CSIs, list the servers that are currently registered with an expired CSI, and transfer those servers to another user or to another CSI. See Section 1.14.3, Listing Expired CSIs and Transferring Their Registered Servers. Remove yourself or someone else as administrator of a CSI. See Section 1.14.4, Removing a CSI Administrator. Figure 1.1 shows a representative example of an organization with three CSIs, only two of which have CSI administrators. Figure 1.1. Example of an Organization with three CSIs
CSI 1 has two registered users, Alice and Bob, who each have three systems registered to them. CSI 2 also has two registered users, Alice and Carol, who each have two systems registered to them. CSI 3 has one registered user, Dan, who has a single system registered to him. Alice is registered as an administrator for both CSI 1 and CSI 2. She can view the details of both CSIs, including all systems and users that are registered with those CSIs. She can move systems between CSI 1 and CSI 2, and reassign systems between users in both CSI 1 and CSI 2. She can also assign additional administrators to CSI 1 and CSI 2, or remove administrators from CSI 1 and CSI 2. She cannot see any details for CSI 3. Carol is registered as an administrator only for CSI 2. She can view the details of that CSI and of all systems and users that are registered with it, including Alice's systems. She can reassign systems between users in CSI 2, but she cannot move systems to the other CSIs. She can assign additional administrators to CSI 2, or remove administrators from CSI 2. She cannot see any details for CSI 1 or CSI 3. Bob can view only the details of the systems that are registered to him in CSI 1. He cannot see any details for Alice's systems in CSI 1. Dan is not registered as an administrator for CSI 3. He can view only the details of the system that is registered to him in CSI 3. Neither Bob nor Dan can perform CSI administration tasks. For example, they cannot move systems between CSIs nor can they reassign systems to other users. However, as CSI 3 does not currently have an
Becoming a CSI Administrator
administrator, Dan can choose to become its administrator. As CSI 1 already has Alice as its administrator, Bob cannot become an administrator unless Alice grants him that privilege. For Alice to become an administrator of CSI 3, Dan should register as the administrator of CSI 3 so that he can add Alice as an administrator.
1.14.1. Becoming a CSI Administrator

You can become an administrator of a CSI in one of the following ways: When you register with ULN, if no administrator is currently assigned to manage the CSI, you are prompted to click Confirm to become the CSI administrator. If you click Cancel, you cannot access the CSI administration feature. When logged into ULN, if you access the System tab and no administrator is currently assigned to manage one of the CSIs for which you are registered, you are prompted to choose whether to become the CSI administrator. To become a CSI administrator: 1. Click the red link labeled enter the CSI you would like to be the administrator for in this page. 2. On the Add CSI page, verify the CSI and click Confirm. Note On the Systems page, the CSIs of all systems that have no assigned administrator are also shown in red. If you are already an administrator of a CSI, you can add yourself as administrator of another CSI provided that you have registered either a server or your ULN user name with the other CSI. To assign yourself as administrator of an additional CSI: 1. Log in to ULN and select the CSI Administration tab. 2. On the Managed CSIs page, click Add CSI. 3. On the Assign Administrator page, enter the CSI, and click Add. 4. If there are existing administrators, the page lists these administrators and prompts you to click Confirm to confirm your request. Each administrator is sent an email to inform them that you have added yourself as an administrator of the CSI. An administrator for a CSI can add you as an administrator for the same CSI. To assign another administrator to a CSI: 1. Log in to ULN as administrator of the CSI, and select the CSI Administration tab. 2. On the Managed CSIs page, click List Administrators. 3. On the CSI Administrators page, click Assign Administrator. 4. On the Assign Administrator page in the Select New Administrator list, click the + icon that is next to the user name of the user that you want to add as an administrator. Their user name is added to the Administrator box. 9
Listing Active CSIs and Transferring Their Registered Servers
5. If you administer more than one CSI, select the CSI that the user will administer from the CSI drop down list. 6. Click Assign Administrator. Note If you want to become the administrator of a CSI but the person to whom it is registered is no longer with your organization, contact an Oracle support representative to request that you be made the administrator for the CSI.
1.14.2. Listing Active CSIs and Transferring Their Registered Servers

To list details of the active CSIs for which you are the administrator: 1. Log in to ULN as administrator of the CSI, and select the CSI Administration tab. 2. On the Managed CSIs page in the Select Managed CSI Services pane, select the Active link. The Managed Active CSI Services pane displays the service details for each active CSI that you administer. 3. Click the View # Server(s) link to display the details of the servers that are registered to an active CSI. 4. On the Registered Servers page, you can transfer one or more systems to another user or to another CSI that you administer. Note If you transfer a system to another user, at least one of the following conditions must be true: His or her user name must be registered to this CSI. One or more of the servers, for which they are the owner, must be registered to this CSI. He or she must be an administrator of at least one CSI for which you are also an administrator. To transfer systems to another user: a. Select the Transfer System check boxes for the systems that you want to transfer. b. Click Transfer Selected Systems to Another Owner. c. On the Transfer Registered System(s) - Owner page in the Transfer To column, click the red arrow icon that is next to the user name of the user to whom you want to transfer ownership. d. On the Confirm Transfer Profile - Owner page, click Apply Changes to confirm the transfer to the new owner. To transfer systems to another CSI: a. Select the Transfer System check boxes for the systems that you want to transfer. b. Click Transfer Selected Systems to Another CSI.
10
Listing Expired CSIs and Transferring Their Registered Servers
c. On the Transfer Registered System(s) - CSI page in the Transfer To column, click the red arrow icon that is next to the CSI to which you want to transfer the systems. d. On the Confirm Transfer Profile - CSI page, click Apply Changes to confirm the transfer to the new CSI.
1.14.3. Listing Expired CSIs and Transferring Their Registered Servers

To list details of the expired CSIs for which you are the administrator: 1. Log in to ULN as administrator of the CSI, and select the CSI Administration tab. 2. On the Managed CSIs page in the Select Managed CSI Services pane, select the Expired link. The Managed Expired CSI Services pane displays the service details for each expired CSI that you administer. 3. Click the View # Server(s) link to display the details of the servers that are registered to an expired CSI. 4. On the Registered Servers page, you can transfer one or more systems to another user or to another CSI that you administer. Note If you transfer a system to another user, at least one of the following conditions must be true: His or her user name must be registered to this CSI. One or more of the servers, for which they are the owner, must be registered to this CSI. He or she must be an administrator of at least one CSI for which you are also an administrator. To transfer systems to another user: a. Select the Transfer System check boxes for the systems that you want to transfer. b. Click Transfer Selected Systems to Another Owner. c. On the Transfer Registered System(s) - Owner page in the Transfer To column, click the red arrow icon that is next to the user name of the user to whom you want to transfer ownership. d. On the Confirm Transfer Profile - Owner page, click Apply Changes to confirm the transfer to the new owner. To transfer systems to another CSI: a. Select the Transfer System check boxes for the systems that you want to transfer. b. Click Transfer Selected Systems to Another CSI. c. On the Transfer Registered System(s) - CSI page in the Transfer To column, click the red arrow icon that is next to the CSI to which you want to transfer the systems.
11
Removing a CSI Administrator
d. On the Confirm Transfer Profile - CSI page, click Apply Changes to confirm the transfer to the new CSI.
1.14.4. Removing a CSI Administrator

To remove an administrator who is registered for a CSI: 1. Log in to ULN and select the CSI Administration tab. 2. On the Managed CSIs page, click List Administrators. 3. On the CSI Administrators page in the Delete? column, click the trash can icon that is next to the user name of the user that you want to remove as administrator for the CSI specified in the same row. 4. When prompted to confirm that you want to revoke administration privileges for the CSI from that user, click OK.
1.15. Switching from RHN to ULN

Note This procedure is for a Red Hat Enterprise Linux 6 system. For details of equivalent procedures for Red Hat Enterprise Linux 3, 4, and 5, see http://linux.oracle.com/ switch.html. If you have an Oracle Linux 6 system that is registered with the Red Hat Network (RHN), you can use the uln_register utility to register it as described in Section 1.5, Registering an Oracle Linux 6 System. You must have a ULN account before you can register a system with ULN. You can create a ULN account at http://linux.oracle.com/register. To register your system with ULN instead of RHN: 1. Download the uln_register.tgz package from http://linux-update.oracle.com/rpms to a temporary directory. If the rhn-setup-gnome package is already installed on your system, also download the uln_register-gnome.tgz from the same URL. 2. Extract the packages using the following command.
# tar -xzf uln_register.tgz
If the rhn-setup-gnome package is installed on your system, extract the packages from uln_register-gnome.tgz.
# tar -xzf uln_register-gnome.tgz
3. Change to the uln_migrate directory and install the registration packages.

# cd ./uln_migrate # rpm -Uvh *.rpm
4. Run the uln_register command.

# uln_register
12
For More Information About ULN
5. Follow the instructions on the screen to complete the registration. The uln_register utility collects information about your system and uploads it to Oracle.
1.16. For More Information About ULN

You can find out more information about ULN at https://linux.oracle.com/.
13
14
Chapter 2. Yum
Table of Contents
2.1. About Yum ................................................................................................................................ 2.2. Yum Configuration ..................................................................................................................... 2.2.1. Configuring Use of a Proxy Server ................................................................................... 2.2.2. Yum Repository Configuration ......................................................................................... 2.3. Using Yum from the Command Line ........................................................................................... 2.4. Downloading and Importing a GPG Key ...................................................................................... 2.5. Yum Groups .............................................................................................................................. 2.6. Installing and Using the Yum Security Plugin .............................................................................. 2.7. Creating a Local Yum Server ..................................................................................................... 2.7.1. Updating a Local Yum Server .......................................................................................... 2.7.2. Configuring Yum Clients .................................................................................................. 2.8. For More Information About Yum ............................................................................................... This chapter describes how you can use the yum utility to install and upgrade software packages. 15 15 16 17 17 19 19 19 21 24 24 26
2.1. About Yum

Oracle Linux provides the yum utility which you can use to install or upgrade RPM packages. The main benefit of using yum is that it also installs or upgrades any package dependencies. yum downloads the packages from repositories such as those that are available on the Unbreakable Linux Network (ULN) or the Oracle public yum server, but you can also set up your own repositories for use by systems that do not have Internet access. If you have registered your system with ULN, you can use yum with ULN channels to maintain the software on your system, as described in Chapter 1, The Unbreakable Linux Network.
2.2. Yum Configuration

The main configuration file for yum is /etc/yum.conf. The global definitions for yum are located under the [main] section heading of the yum configuration file. The following table lists the important directives. Directive cachedir debuglevel exactarch exclude gpgcheck Description Directory used to store downloaded packages. Logging level, from 0 (none) to 10 (all). If set to 1, only update packages for the correct architecture. A space separated list of packages to exclude from installs or updates, for example: exclude=VirtualBox-4.? kernel*. If set to 1, verify the authenticity of the packages by checking the GPG signatures. You might need to set gpgcheck to 0 if a package is unsigned, but you should be wary that the package could have been maliciously altered. Pathname of the GPG public key file. Maximum number of versions that can be installed of any one package. If set to 0, remove packages after installation.
gpgkey installonly_limit keepcache
15
Configuring Use of a Proxy Server
Directive logfile obsoletes plugins proxy proxy_password proxy_username reposdir
Description Pathname of the yum log file. If set to 1, replace obsolete packages during upgrades. If set to 1, enable plugins that extend the functionality of yum. URL of a proxy server including the port number. See Section 2.2.1, Configuring Use of a Proxy Server. Password for authentication with a proxy server. User name for authentication with a proxy server. Directories where yum should look for repository files with a .repo extension. The default directory is /etc/yum.repos.d.
See the yum.conf(5) manual page for more information. The following listing shows an example [main] section from the yum configuration file.
[main] cachedir=/var/cache/yum keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgkey=file://media/RPM-GPG-KEY gpgcheck=1 pligins=1 installonly_limit=3
It is possible to define repositories below the [main] section in /etc/yum.conf or in separate repository configuration files. By default, yum expects any repository configuration files to be located in the /etc/ yum.repos.d directory unless you use the reposdir directive to define alternate directories.
2.2.1. Configuring Use of a Proxy Server

If your organization uses a proxy server as an intermediary for Internet access, specify the proxy setting in /etc/yum.conf as shown in the following example.
proxy=http://proxysvr.yourdom.com:3128
If the proxy server requires authentication, additionally specify the proxy_username, and proxy_password settings.
proxy=http://proxysvr.yourdom.com:3128 proxy_username=yumacc proxy_password=clydenw
If you use the yum plugin (yum-rhn-plugin) to access the ULN, specify the enableProxy and httpProxy settings in /etc/sysconfig/rhn/up2date as shown in this example.
If the proxy server requires authentication, additionally specify the enableProxyAuth, proxyUser, and proxyPassword settings.
16
Yum Repository Configuration
enableProxyAuth=1 proxyUser=yumacc proxyPassword=clydenw
Caution All yum users require read access to /etc/yum.conf or /etc/sysconfig/rhn/ up2date. If these files must be world-readable, do not use a proxy password that is the same as any user's login password, and especially not root's password.
2.2.2. Yum Repository Configuration

The yum configuration file or yum repository configuration files can contain one or more sections that define repositories. The following table lists the basic directives for a repository. Directive baseurl enabled name Description Location of the repository channel (expressed as a file://, ftp://, or http:// address). This directive must be specified. If set to 1, permit yum to use the channel. Descriptive name for the repository channel. This directive must be specified.
Any other directive that appears in this section overrides the corresponding global definition in [main] section of the yum configuration file. See the yum.conf(5) manual page for more information. The following listing shows an example repository section from a configuration file.
[ol6_u2_base] name=Oracle Linux 6 U2 - $basearch - base baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/2/base/$basearch gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6 gpgcheck=1 enabled=1
In this example, the values of gpgkey and gpgcheck override any global setting. yum substitutes the name of the current system's architecture for the variable $basearch.
2.3. Using Yum from the Command Line

The following table shows some examples of common tasks that you can perform using yum. Command yum repolist yum list yum list installed yum list available yum search string yum provides feature Description Lists all enabled repositories. Lists all packages that are available in all enabled repositories and all packages that are installed on your system. Lists all packages that are installed on your system. Lists all packages that are available to be installed in all enabled repositories. Searches the package descriptions for the specified string. Finds the name of the package to which the specified file or feature belongs. For example:
17
Using Yum from the Command Line
Command yum info package
Description yum provides /etc/sysconfig/atd Displays detailed information about the specified package. For example: yum info bind
yum install package
Installs the specified package, including packages on which it depends. For example: yum install ocfs2-tools
yum check-update yum update package
Checks whether updates exist for packages that are already installed on your system. Updates the specified package, including packages on which it depends. For example: yum upgrade nfs-utils
yum update yum remove package
Updates all packages, including packages on which they depend. Removes the specified package. For example: yum erase nfs-utils
yum erase package yum update yum clean all
Removes the specified package. This command has the same effect as the yum remove command. Updates all packages, including packages on which they depend. Removes all cached package downloads and cached headers that contain information about remote packages. Running this command can help to clear problems that can result from unfinished transactions or out-of-date headers. Displays help about yum usage. Displays help about the specified yum command. For example: yum help upgrade
yum help yum help command
yum shell
Runs the yum interactive shell.
See the yum(8) manual page for more information. To list the files in a package, use the repoquery utility, which is included in the yum-utils package. For example, the following command lists the files that the btrfs-progs package provides.
# repoquery -l btrfs-progs /sbin/btrfs /sbin/btrfs-convert /sbin/btrfs-debug-tree . . .
Note yum makes no distinction between installing and upgrading a kernel package. yum always installs a new kernel regardless of whether you specify update or install.
18
Downloading and Importing a GPG Key
2.4. Downloading and Importing a GPG Key

Under some circumstances, such as when installing additional software in a virtual machine domain, you might need to download and import the GPG key to use with yum. To obtain a GPG key from the public yum repository and then import it, you can use the wget and rpm commands as shown in the following example:
# wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-el5 # rpm --import ./RPM-GPG-KEY-oracle-el5
2.5. Yum Groups

A set of packages can themselves be organized as a yum group. Examples include the groups for Eclipse, fonts, and system administration tools. The following table shows the yum commands that you can use to manage these groups. Command yum grouplist yum groupinfo groupname yum groupinstall groupname yum groupupdate groupname yum groupremove groupname Description Lists installed groups and groups that are available for installation. Displays detailed information about a group. Installs all the packages in a group. Updates all the packages in a group. Removes all the packages in a group.
2.6. Installing and Using the Yum Security Plugin

The yum-plugin-security package allows you to use yum to obtain a list of all of the errata that are available for your system, including security updates. You can also use Oracle Enterprise Manager 12c Cloud Control or management tools such as Katello, Pulp, Red Hat Satellite, Spacewalk, and SUSE Manager to extract and display information about errata. To install the yum-plugin-security package, enter the following command:
# yum install yum-plugin-security
To list the errata that are available for your system, enter:
# yum updateinfo list Loaded plugins: refresh-packagekit, rhnplugin, security ELBA-2012-1518 bugfix NetworkManager-1:0.8.1-34.el6_3.x86_64 ELBA-2012-1518 bugfix NetworkManager-glib-1:0.8.1-34.el6_3.x86_64 ELBA-2012-1518 bugfix NetworkManager-gnome-1:0.8.1-34.el6_3.x86_64 ELBA-2012-1457 bugfix ORBit2-2.14.17-3.2.el6_3.x86_64 ELBA-2012-1457 bugfix ORBit2-devel-2.14.17-3.2.el6_3.x86_64 ELSA-2013-0215 Important/Sec. abrt-2.0.8-6.0.1.el6_3.2.x86_64 ELSA-2013-0215 Important/Sec. abrt-addon-ccpp-2.0.8-6.0.1.el6_3.2.x86_64 ELSA-2013-0215 Important/Sec. abrt-addon-kerneloops-2.0.8-6.0.1.el6_3.2.x86_64 ELSA-2013-0215 Important/Sec. abrt-addon-python-2.0.8-6.0.1.el6_3.2.x86_64 ELSA-2013-0215 Important/Sec. abrt-cli-2.0.8-6.0.1.el6_3.2.x86_64 ELSA-2013-0215 Important/Sec. abrt-desktop-2.0.8-6.0.1.el6_3.2.x86_64 ...
The output from the command sorts the available errata in order of their IDs, and it also specifies whether each erratum is a security patch (severity/Sec.), a bug fix (bugfix), or a feature enhancement (enhancement). Security patches are listed by their severity: Important, Moderate, or Low.
19
Installing and Using the Yum Security Plugin
You can use the --sec-severity option to filter the security errata by severity, for example:
# yum updateinfo list --sec-severity=Moderate Loaded plugins: refresh-packagekit, rhnplugin, security ELSA-2013-0269 Moderate/Sec. axis-1.2.1-7.3.el6_3.noarch ELSA-2013-0668 Moderate/Sec. boost-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-date-time-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-devel-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-filesystem-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-graph-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-iostreams-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-program-options-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-python-1.41.0-15.el6_4.x86_64 ...
To list the security errata by their Common Vulnerabilities and Exposures (CVE) IDs instead of their errata IDs, specify the keyword cves as an argument:
# yum updateinfo list cves Loaded plugins: refresh-packagekit, rhnplugin, security CVE-2012-5659 Important/Sec. abrt-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5660 Important/Sec. abrt-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5659 Important/Sec. abrt-addon-ccpp-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5660 Important/Sec. abrt-addon-ccpp-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5659 Important/Sec. abrt-addon-kerneloops-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5660 Important/Sec. abrt-addon-kerneloops-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5659 Important/Sec. abrt-addon-python-2.0.8-6.0.1.el6_3.2.x86_64 CVE-2012-5660 Important/Sec. abrt-addon-python-2.0.8-6.0.1.el6_3.2.x86_64 ...
Similarly, the keywords bugfix, enhancement, and security filter the list for all bug fixes, enhancements, and security errata. You can use the --cve option to display the errata that correspond to a specified CVE, for example:
# yum updateinfo list --cve CVE-2012-2677 Loaded plugins: refresh-packagekit, rhnplugin, security ELSA-2013-0668 Moderate/Sec. boost-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-date-time-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-devel-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-filesystem-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-graph-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-iostreams-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-program-options-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-python-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-regex-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-serialization-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-signals-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-system-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-test-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-thread-1.41.0-15.el6_4.x86_64 ELSA-2013-0668 Moderate/Sec. boost-wave-1.41.0-15.el6_4.x86_64 updateinfo list done
To display more information, specify info instead of list, for example:

# yum updateinfo info --cve CVE-2012-2677 Loaded plugins: refresh-packagekit, rhnplugin, security =============================================================================== boost security update =============================================================================== Update ID : ELSA-2013-0668 Release : Oracle Linux 6 Type : security Status : final
20
Creating a Local Yum Server
Issued : 2013-03-21 CVEs : CVE-2012-2677 Description : [1.41.0-15] : - Add in explicit dependences between some boost : subpackages : : [1.41.0-14] : - Build with -fno-strict-aliasing : : [1.41.0-13] : - In Boost.Pool, be careful not to overflow : allocated chunk size (boost-1.41.0-pool.patch) : : [1.41.0-12] : - Add an upstream patch that fixes computation of : CRC in zlib streams. : - Resolves: #707624 Severity : Moderate updateinfo info done
To update all packages for which security-related errata are available to the latest versions of the packages, even if those packages include bug fixes or new features but not security errata, enter:
# yum --security update
To update all packages to the latest versions that contain security errata, ignoring any newer packages that do not contain security errata, enter:
# yum --security update-minimal
To update all kernel packages to the latest versions that contain security errata, enter:
# yum --security update-minimal kernel*
You can also update only those packages that correspond to a CVE or erratum, for example:
# yum update --cve CVE-2012-3954 # yum update --advisory ELSA-2012-1141
Note Some updates might require you to reboot the system. By default, the boot manager will automatically enable the most recent kernel version. For more information, see the yum-security(8) manual page.
2.7. Creating a Local Yum Server

The system that you want to set up as a local yum server must meet the following criteria: You must have registered the system with ULN. The system should also have enough disk space to store copies of the packages that it hosts. The following table shows the approximate space requirements for Oracle Linux channels: Channel [eo]l*_latest Space Required for Binaries Only Up to 10 GB 21 Space Required for Both Binaries and Source Up to 15 GB
Channel [eo]l*_addons [eo]l*_oracle [eo]l*_base [eo]l*_patch
Space Required for Binaries Only 600 MB 1 GB 3 GB 1 GB
Space Required for Both Binaries and Source 1 GB Not applicable 5.5 GB 2 GB
The next table shows the approximate space requirements for Oracle VM channels:
Channel ovm*_latest ovm*_base ovm*_patch
Space Required for Binaries Only 500 MB 400 MB 100 MB
Space Required for Both Binaries and Source 1 GB 800 MB 200 MB
To set up a local system as a local yum server: 1. Using a browser, log in at http://linux.oracle.com with the ULN user name and password that you used to register the system, and configure its properties on ULN as follows: a. On the Systems tab, click the link named for your system in the list of registered machines. b. On the System Details page, click Edit. c. On the Edit System Properties page, select the Yum Server check box and click Apply Changes. d. On the System Details page, click Manage Subscriptions. e. On the System Summary page, select channels from the list of available or subscribed channels and click the arrows to move the channels between the lists. Modify the subscribed channels to include the channels that you want to make available to local systems. For example, the following table shows some examples of the channels that are available for Oracle Linux 6 on the x86_64 architecture.
Channel ol6_x86_64_ksplice
Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. Note that access to this channel requires an Oracle Linux Premier Support account. All packages released for Oracle Linux 6 including the latest errata packages. Oracle Linux 6 add ons. All packages released for Oracle Linux 6 GA. This channel does not include errata. All packages released on the Oracle Linux 6 Update 4 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 4. 22
ol6_x86_64_latest ol6_x86_64_addons ol6_ga_x86_64_base ol6_u4_x86_64_base ol6_u4_x86_64_patch
If you have an Oracle Linux Premier Support account and you want the yum server to host Ksplice packages for local Ksplice offline clients, subscribe to the Ksplice for Oracle Linux channels for the architectures and Oracle Linux releases that you want to support. For more information about the available release channels, see Appendix A, ULN Channels. For a complete and up-to-date list, log on to ULN at http://linux.oracle.com. f. When you have finished selecting channels, click Save Subscriptions and log out of ULN.
2. On your server, create a base directory for the yum repository, for example /var/yum or /var/www/ html/yum.
# mkdir -p /var/yum
3. Download the 167283.sh script from http://www.oracle.com/ocom/groups/public/@otn/documents/ webcontent/167283.sh, and edit it to set the value of the REP_BASE variable to the base directory for the repository, for example:
REP_BASE=/var/yum
Note The name and location of this script might change over time. For the latest information, see http://www.oracle.com/technetwork/articles/servers-storageadmin/yum-repo-setup-1659167.html. 4. Run the 167283.sh script to create the yum repositories for the registered channels. To download only binary RPMs, enter:
# sh 167283.sh
To download both binary and source RPMs, enter:

# sh 167283.sh src
Note If you have not subscribed the system to the correct Oracle Linux Add ons channel for your system, the script fails with the error No package uln-yumproxy available. It takes several hours to download all the packages to the repositories. 5. Install the Apache HTTP server.
# yum install httpd
6. If you created a base directory for the yum repository that is not under /var/www/html and SELinux is enabled in enforcing mode on your system: a. Use the semanage command to define the default file type of the repository root directory hierarchy as httpd_sys_content_t:
# /usr/sbin/semanage fcontext -a -t httpd_sys_content_t "/var/yum(/.*)?"
b. Use the restorecon command to apply the file type to the entire repository.
# /sbin/restorecon -R -v /var/yum
23
Updating a Local Yum Server
7. If you created a base directory for the yum repository that is not under /var/www/html, create a symbolic link in /var/www/html that points to the repository, for example:
# ln -s /var/yum /var/www/html/yum
8. Edit the HTTP server configuration file, /etc/httpd/conf/httpd.conf, as follows: a. Specify the resolvable domain name of the server in the argument to ServerName.
ServerName server_addr:80
If the server does not have a resolvable domain name, enter its IP address instead. b. Verify that the setting of the Options directive in the <Directory "/var/www/html"> section specifies Indexes and FollowSymLinks to allow you to browse the directory hierarchy, for example:
Options Indexes FollowSymLinks
c. Save your changes to the file. 9. Start the Apache HTTP server, and configure it to start after a reboot.
# service httpd start # chkconfig httpd on
10. If you have enabled a firewall on your system, configure it to allow incoming HTTP connection requests on TCP port 80. For example, the following command configures iptables to allow incoming HTTP connection requests and saves the change to the firewall configuration:
# iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT # service iptables save
2.7.1. Updating a Local Yum Server

To update the repositories for the registered channels, run the 167283.sh script on the local yum server : To download only binary RPMs, enter:
# sh 167283.sh
To download both binary and source RPMs, enter:

# sh 167283.sh src
It is recommended that you set up a cron job to perform this task. For example, the following crontab entry for root runs the script twice per day at 6am and 6pm:
0 6,18 * * * sh /var/downloads/yum/167283.sh
This example assumes that the 167283.sh script is located in the /var/downloads directory.
2.7.2. Configuring Yum Clients

If you have set up a local yum server, you can configure your other systems to receive yum updates from that server. To configure a system as a yum client:
24
Configuring Yum Clients
1. In the /etc/yum.repos.d directory, edit the existing repository file, such as public-yumol6.repo or ULN-base.repo, and disable all entries by setting enabled=0. 2. In the /etc/yum.repos.d directory, create the file local-yum.repo, which contains entries such as the following for an Oracle Linux 6 client:
[ol6_latest] name=Oracle Linux $releasever - $basearch - latest baseurl=http://local_repository_server/yum/OracleLinux/OL6/latest/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=1 [ol6_addons] name=Oracle Linux $releasever - $basearch - addons baseurl=http://local_repository_server/yum/OracleLinux/OL6/addons/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_oracle] name=Oracle Linux $releasever - $basearch - oracle baseurl=http://local_repository_server/yum/OracleLinux/OL6/oracle/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_ga_base] name=Oracle Linux $releasever GA - $basearch - base baseurl=http://local_repository_server/yum/OracleLinux/OL6/0/base/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u1_base] name=Oracle Linux $releasever U1 - $basearch - base baseurl=http://local_repository_server/yum/OracleLinux/OL6/1/base/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u2_base] name=Oracle Linux $releasever U2 - $basearch - base baseurl=http://local_repository_server/yum/OracleLinux/OL6/2/base/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u3_base] name=Oracle Linux $releasever U3 - $basearch - base baseurl=http://local_repository_server/yum/OracleLinux/OL6/3/base/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u4_base] name=Oracle Linux $releasever U4 - $basearch - base baseurl=http://local_repository_server/yum/OracleLinux/OL6/4/base/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_ga_patch] name=Oracle Linux $releasever GA - $basearch - patch baseurl=http://local_repository_server/yum/OracleLinux/OL6/0/patch/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY
25
For More Information About Yum
gpgcheck=1 enabled=0 [ol6_u1_patch] name=Oracle Linux $releasever U1 - $basearch - patch baseurl=http://local_repository_server/yum/OracleLinux/OL6/1/patch/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u2_patch] name=Oracle Linux $releasever U2 - $basearch - patch baseurl=http://local_repository_server/yum/OracleLinux/OL6/2/patch/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u3_patch] name=Oracle Linux $releasever U3 - $basearch - patch baseurl=http://local_repository_server/yum/OracleLinux/OL6/3/patch/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0 [ol6_u4_patch] name=Oracle Linux $releasever U4 - $basearch - patch baseurl=http://local_repository_server/yum/OracleLinux/OL6/4/patch/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY gpgcheck=1 enabled=0
Replace local_repository_server with the IP address or resolvable host name of the local yum server. In the sample configuration, only the ol6_latest channel is enabled. Note As an alternative to specifying a gpgkey entry for each repository definition, you can use the following command to import the GPG key:
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY
Use yum repolist to verify the configuration. If yum cannot connect to the local yum server, check that the firewall settings on that server allow incoming TCP connections to port 80. You can run yum update to pick up new updates from the local yum repository.
2.8. For More Information About Yum

For more information about yum, see the yum(8) and yum.conf(5) manual pages and http:// yum.baseurl.org/.
26
Appendix A. ULN Channels

Table of Contents
A.1. A.2. A.3. A.4. A.5. Oracle Oracle Oracle Oracle Oracle Linux 5 Channels ........................................................................................................... Linux 6 Channels ........................................................................................................... VM 2.1 Channels ........................................................................................................... VM 2.2 Channels ........................................................................................................... VM 3 Channels .............................................................................................................. 27 28 30 30 31
The following sections detail some of the channels that are available on ULN for Oracle Linux 5, Oracle Linux 6, Oracle VM 2.1, Oracle VM 2.2, and Oracle VM 3 on the supported platform architectures. Log in to ULN at http://linux.oracle.com to view the full, up-to-date list of available channels.
A.1. Oracle Linux 5 Channels

The following table shows a selection of the channels that are available for Oracle Linux 5 on the i386 architecture. Channel ol5_i386_ksplice Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. Note that access to this channel requires an Oracle Linux Premier Support account. All packages released for Oracle Linux 5 including the latest errata packages. Oracle Linux 5 add ons. Oracle Software for Oracle Linux 5. All packages released for Oracle Linux 5 GA. This channel does not include errata. All packages released on the Oracle Linux 5 Update 6 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 6. All packages released on the Oracle Linux 5 Update 7 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 7. All packages released on the Oracle Linux 5 Update 8 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 8.
ol5_i386_latest el5_i386_addons el5_i386_oracle el5_ga_i386_base ol5_u6_i386_base ol5_u6_i386_patch ol5_u7_i386_base ol5_u7_i386_patch ol5_u8_i386_base ol5_u8_i386_patch
The following table shows a selection of the channels that are available for Oracle Linux 5 on the x86_64 architecture. Channel ol5_x86_64_ksplice Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. Note that access to this channel requires an Oracle Linux Premier Support account. All packages released for Oracle Linux 5 including the latest errata packages.
ol5_x86_64_latest
27
Oracle Linux 6 Channels
Channel el5_x86_64_addons el5_x86_64_oracle el5_ga_x86_64_base ol5_u6_x86_64_base ol5_u6_x86_64_patch ol5_u7_x86_64_base ol5_u7_x86_64_patch ol5_u8_x86_64_base ol5_u8_x86_64_patch
Description Oracle Linux 5 add ons. Oracle Software for Oracle Linux 5. All packages released for Oracle Linux 5 GA. This channel does not include errata. All packages released on the Oracle Linux 5 Update 6 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 6. All packages released on the Oracle Linux 5 Update 7 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 7. All packages released on the Oracle Linux 5 Update 8 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 8.
The following table shows a selection of the channels that are available for Oracle Linux 5 on the IA64 architecture.
Channel Not available for IA64. ol5_ia64_latest Not available for IA64. Not available for IA64. Not available for IA64. ol5_u6_ia64_base ol5_u6_ia64_patch ol5_u7_ia64_base ol5_u7_ia64_patch ol5_u8_ia64_base ol5_u8_ia64_patch
Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. All packages released for Oracle Linux 5 including the latest errata packages. Oracle Linux 5 add ons. Oracle Software for Oracle Linux 5. All packages released for Oracle Linux 5 GA. This channel does not include errata. All packages released on the Oracle Linux 5 Update 6 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 6. All packages released on the Oracle Linux 5 Update 7 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 7. All packages released on the Oracle Linux 5 Update 8 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 5 Update 8.
A.2. Oracle Linux 6 Channels

Note No IA64 channels are available for Oracle Linux 6. The following table shows a selection of the channels that are available for Oracle Linux 6 on the i386 architecture.
28
Oracle Linux 6 Channels
Channel ol6_i386_ksplice
Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. Note that access to this channel requires an Oracle Linux Premier Support account. All packages released for Oracle Linux 6 including the latest errata packages. Oracle Linux 6 add ons. Oracle Software for Oracle Linux 6. All packages released for Oracle Linux 6 GA. This channel does not include errata. All packages released on the Oracle Linux 6 Update 1 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 1. All packages released on the Oracle Linux 6 Update 2 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 2. All packages released on the Oracle Linux 6 Update 3 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 3. All packages released on the Oracle Linux 6 Update 4 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 4.
ol6_i386_latest ol6_i386_addons ol6_i386_oracle ol6_ga_i386_base ol6_u1_i386_base ol6_u1_i386_patch ol6_u2_i386_base ol6_u2_i386_patch ol6_u3_i386_base ol6_u3_i386_patch ol6_u4_i386_base ol6_u4_i386_patch
The following table shows a selection of the channels that are available for Oracle Linux 6 on the x86_64 architecture. Channel ol6_x86_64_ksplice Description Oracle Ksplice clients, updates, and dependencies for Oracle Linux 6. Note that access to this channel requires an Oracle Linux Premier Support account. All packages released for Oracle Linux 6 including the latest errata packages. Oracle Linux 6 add ons. Oracle Software for Oracle Linux 6. All packages released for Oracle Linux 6 GA. This channel does not include errata. All packages released on the Oracle Linux 6 Update 1 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 1. All packages released on the Oracle Linux 6 Update 2 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 2. All packages released on the Oracle Linux 6 Update 3 installation media. This channel does not contain updates.
ol6_x86_64_latest ol6_x86_64_addons ol6_x86_64_oracle ol6_ga_x86_64_base ol6_u1_x86_64_base ol6_u1_x86_64_patch ol6_u2_x86_64_base ol6_u2_x86_64_patch ol6_u3_x86_64_base
29
Oracle VM 2.1 Channels
Channel ol6_u3_x86_64_patch ol6_u4_x86_64_base ol6_u4_x86_64_patch
Description Updated packages published after release of Oracle Linux 6 Update 3. All packages released on the Oracle Linux 6 Update 4 installation media. This channel does not contain updates. Updated packages published after release of Oracle Linux 6 Update 4.
A.3. Oracle VM 2.1 Channels

The following table shows a selection of the channels that are available for Oracle VM 2.1 on the i386 architecture. Channel ovm2_i386_latest ovm2_2.1.0_i386_base ovm2_2.1.1_i386_base ovm2_2.1.2_i386_base ovm2_2.1.5_i386_base ovm2_2.1.0_i386_patch ovm2_2.1.1_i386_patch ovm2_2.1.2_i386_patch ovm2_2.1.5_i386_patch Description All packages released for Oracle VM 2, including the very latest updated packages. All packages released on the Oracle VM 2.1 Server installation media. All packages released on the Oracle VM 2.1.1 Server installation media. All packages released on the Oracle VM 2.1.2 Server installation media. All packages released on the Oracle VM 2.1.5 Server installation media. Updated packages published after Oracle VM 2.1.0 Server. Updated packages published after Oracle VM 2.1.1 Server. Updated packages published after Oracle VM 2.1.2 Server. Updated packages published after Oracle VM 2.1.5 Server.
A.4. Oracle VM 2.2 Channels

The following table shows a selection of the channels that are available for Oracle VM 2.2 on the i386 architecture. Channel ovm22_i386_latest ovm22_i386_oracle ovm22_2.2.0_i386_base ovm22_2.2.1_i386_base ovm22_2.2.2_i386_base ovm22_2.2.0_i386_patch ovm22_2.2.1_i386_patch ovm22_2.2.2_i386_patch Description All packages released for Oracle VM 2.2, including the very latest updated packages. Oracle Software for Oracle VM Server 2.2. All packages released on the Oracle VM 2.2.0 Server installation media. All packages released on the Oracle VM 2.2.1 Server installation media. All packages released on the Oracle VM 2.2.2 Server installation media. Updated packages published after Oracle VM 2.2.0 Server. Updated packages published after Oracle VM 2.2.1 Server. Updated packages published after Oracle VM 2.2.2 Server.
30
Oracle VM 3 Channels
A.5. Oracle VM 3 Channels

The following table shows a selection of the channels that are available for Oracle VM 3 on the x86_64 architecture. Channel ovm3_x86_64_latest ovm3_3.0_x86_64_base ovm3_3.0.2_x86_64_base ovm3_3.0.3_x86_64_base ovm3_3.1.1_x86_64_base ovm3_3.2.1_x86_64_base ovm3_3.0_x86_64_patch ovm3_3.0.3_x86_64_patch ovm3_3.1.1_x86_64_patch ovm3_3.2.1_x86_64_patch Description All packages released for Oracle VM 3, including the very latest updated packages. All packages released on the Oracle VM 3.0 Server installation media. All packages released on the Oracle VM 3.0.2 Server installation media. All packages released on the Oracle VM 3.0.3 Server installation media. All packages released on the Oracle VM 3.1.1 Server installation media. All packages released on the Oracle VM 3.2.1 Server installation media. Updated packages published after Oracle VM 3.0 Server Updated packages published after Oracle VM 3.0.3 Server. Updated packages published after Oracle VM 3.1.1 Server. Updated packages published after Oracle VM 3.2.1 Server.
31
32

Oracle Linux: Unbreakable Linux Network User's Guide

Uploaded by

Copyright:

Available Formats

Oracle Linux: Unbreakable Linux Network User's Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Oracle Linux: Unbreakable Linux Network User's Guide

Uploaded by

Copyright:

Available Formats

Oracle Linux

Unbreakable Linux Network User's Guide

E39381-05 July 2013

Oracle Linux: Unbreakable Linux Network User's Guide

Access to Oracle Support

Chapter 1. The Unbreakable Linux Network

1.1. About the Unbreakable Linux Network

1.2. About ULN Channels

About ULN Channels

About Software Errata

1.3. About Software Errata

1.4. Registering as a ULN User

Registering an Oracle Linux 6 System

1.5. Registering an Oracle Linux 6 System

1.6. Registering an Oracle Linux 4 or Oracle Linux 5 System

2. Run the text-mode version of the up2date command.

1.7. Configuring an Oracle Linux 5 System to Use yum with ULN

Disabling Package Updates

1.8. Disabling Package Updates

1.9. Subscribing Your System to ULN Channels

Browsing and Downloading Errata Packages

5. When you have finished selecting channels, click Save Subscriptions.

1.10. Browsing and Downloading Errata Packages

1.11. Downloading Available Errata for a System

Updating System Details

1.12. Updating System Details

1.13. Deleting a System

1.14. About CSI Administration

About CSI Administration

Becoming a CSI Administrator

1.14.1. Becoming a CSI Administrator

Listing Active CSIs and Transferring Their Registered Servers

1.14.2. Listing Active CSIs and Transferring Their Registered Servers

Listing Expired CSIs and Transferring Their Registered Servers

1.14.3. Listing Expired CSIs and Transferring Their Registered Servers

Removing a CSI Administrator

1.14.4. Removing a CSI Administrator

1.15. Switching from RHN to ULN

3. Change to the uln_migrate directory and install the registration packages.

4. Run the uln_register command.

For More Information About ULN

1.16. For More Information About ULN

2.1. About Yum

2.2. Yum Configuration

gpgkey installonly_limit keepcache

Configuring Use of a Proxy Server

Directive logfile obsoletes plugins proxy proxy_password proxy_username reposdir

2.2.1. Configuring Use of a Proxy Server

Yum Repository Configuration

enableProxyAuth=1 proxyUser=yumacc proxyPassword=clydenw

2.2.2. Yum Repository Configuration

2.3. Using Yum from the Command Line

Using Yum from the Command Line

Command yum info package

yum install package

yum check-update yum update package

yum update yum remove package

yum erase package yum update yum clean all

yum help yum help command

Channel [eo]l_addons [eo]l_oracle [eo]l_base [eo]l_patch

Channel ovm_latest ovm_base ovm*_patch