Utilizing yum to update rpms based on Linux Security Notices
Hello all.:)
I'm using RHEL 6.5 Workstation and have a single RHEL system connected to the internet do download rpms based on Security Notices from Red Hat. While on the RHEL system and internet I perform the below: yum install --downloadonly --resolve --downloaddir=<directory> <package> My goal is to ensure I capture any dependencies (which is a nightmare)and thus I use the --resolve. When I update my RHEL systems not connected to the internet I perform a yum update. For some yum updates it's goes pretty smooth but for others I'm constantly getting errors about conflicts or other similar errors. An example of when yum updates don't work can be seen below: Resolving Dependencies --> Running transaction check --> Processing Dependency: freetype = 2.3.11-5.el6 for package: freetype-devel-2.3.11-5.el6.x86_64 ---> Package freetype.x86_64 0:2.3.11-15.el6_6.1 set to be updated --> Finished Dependency Resolution Error: Package: freetype-devel-2.3.11-5.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201009221801.x86_64/6.0) Requires: freetype = 2.3.11-5.el6 Removing: freetype-2.3.11-5.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201009221801.x86_64/6.0) freetype = 2.3.11-5.el6 Updated By: freetype-2.3.11-15.el6_6.1.x86_64 (security) freetype = 2.3.11-15.el6_6.1 You could try using --skip-broken to work around the problem VRTSralus-14.1.1786-0.x86_64 has missing requires of libstdc++.so.5()(64bit) VRTSralus-14.1.1786-0.x86_64 has missing requires of libstdc++.so.5(CXXABI_1.2)(64bit) [root@system12 security]# yum update freetype-2.3.11-15.el6_6.1.x86_64.rpm Loaded plugins: refresh-packagekit, rhnplugin This system is not registered with RHN. RHN support will be disabled. Setting up Update Process Examining freetype-2.3.11-15.el6_6.1.x86_64.rpm: freetype-2.3.11-15.el6_6.1.x86_64 Marking freetype-2.3.11-15.el6_6.1.x86_64.rpm as an update to freetype-2.3.11-5.el6.x86_64 Resolving Dependencies --> Running transaction check --> Processing Dependency: freetype = 2.3.11-5.el6 for package: freetype-devel-2.3.11-5.el6.x86_64 ---> Package freetype.x86_64 0:2.3.11-15.el6_6.1 set to be updated --> Finished Dependency Resolution Error: Package: freetype-devel-2.3.11-5.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201009221801.x86_64/6.0) Requires: freetype = 2.3.11-5.el6 Removing: freetype-2.3.11-5.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201009221801.x86_64/6.0) freetype = 2.3.11-5.el6 Updated By: freetype-2.3.11-15.el6_6.1.x86_64 (/freetype-2.3.11-15.el6_6.1.x86_64) freetype = 2.3.11-15.el6_6.1 You could try using --skip-broken to work around the problem VRTSralus-14.1.1786-0.x86_64 has missing requires of libstdc++.so.5()(64bit) VRTSralus-14.1.1786-0.x86_64 has missing requires of libstdc++.so.5(CXXABI_1.2)(64bit) [root@system12 security]# Is there something I'm not doing correctly? Again some work and some do not, as seen above the example where it does not work. Is this a larger problem? Although I'm using RHEL 6.5 on the system where I obtain my security updates are my RHEL 6.5 systems which are not connected to the internet so different (in regards to what files are installed) that dependencies differ greatly and I'm not fully appreciating the environment for my off-line systems? A million thanks in advance, Johnny Mac |
On Fedora at least (Haven't tried it on RHEL) there's a 'yum update-local' or somesuch, which just gets their security updates. It's in the man page. Does that one not work for you?
|
I will try next week
business_kid,
I will try what you recommended next week. Just got slammed with some tasks. I was told as an option to load all the Major Releases into my repository and do a create repo. The version difference is I'm using 6.6 on the system located on the internet and 6.0 for the off-line systems. I'm not sure if I will have one large repository with all major releases or have a separate repository for each release, and run createrepo against the release folders until I get all that I need. My concern is will releases continue to have the same name so I'm wondering if having a separate folder for each release is wise. Will keep all posted. Take care, Johnny Mac |
have you contacted redhat tech support
that is WHY you ARE paying for redhat for that support from the errors it looks as if you are using the old out of date install dvd as a repo that WILL!! be in conflict with the updates and SECURITY backports to 6.5 with you locking your system at 6.5 ( 6.6 is current ) you really DO need to use the red hat support you are paying a lot of cash for |
Disk is cheap, spacewalk is simple.
Install spacewalk, you will be very very thankful you did in this situation. You can put your spacewalk box in a DMZ so it has internet access to automatically pull down new updates to your repos, create custom repos so only what packages you want are in them, it ties in to bugzilla and gets the red hat errata. Otherwise.. disk is cheap. Setup a box to use as your local repo mirror. It will need internet access. https://access.redhat.com/solutions/23016 FYI Spacewalk = RHN Satellite without the licensing/support. |
All times are GMT -5. The time now is 07:57 PM. |