LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Red hat Linux 5.1, need to patch esx4 server with vmware update (https://www.linuxquestions.org/questions/linux-newbie-8/red-hat-linux-5-1-need-to-patch-esx4-server-with-vmware-update-4175509129/)

Alan2k 06-25-2014 08:46 AM

Red hat Linux 5.1, need to patch esx4 server with vmware update
 
Never used linux for this situation (and i use linux about once a year for very basic stuff) & googlesearch is useless (offers me plenty of guides on how to install linux from a CD :()

In work we have an old set of linux servers with red hat 5.1 on it that work use to host vmware esx 4.0 servers.
I have been handed a request to patch vmware on the servers with a security update.

I can burn the update to a CD & put the CD in the server but how do I install the update on the server from CD ? (note there is no GUI so its commandline only :confused:)

Soadyheid 06-25-2014 09:10 AM

Welcome to Linux Questions!

Are you sure you can still get security updates for VMWare ESX 4.0? Check out here.

The relevant passage is
Quote:


The End of General Support Life date remains May 21, 2014. The end of Technical Guidance remains May 21, 2016. For information on what is provided during General Support and Technical Guidance, see the VMware support lifecycle policy.
Looks to me like updates have already ceased. If, however, you have the relevant update already I'd assume you could download the executable onto the VM host an run it there, no CD required.

I'm not an expert so could have missed the point, you know your set up. :)

I'm also not going to say anything about old OS versions as I know there are legacy applications out there which run on EOL versions of OS, etc, and can't be upgraded. The only way to mitigate the risk in these instances is to try and find some other, current, combination of software platform which would suit your purpose.

Play Bonny!

:hattip:

Alan2k 06-25-2014 10:01 AM

The update is from 2012 so is definately available, it had been assumed the esx servers were being patched but a healthcheck says otherwise... and i drew the short straw to sort it


http://www.vmware.com/security/advis...2012-0009.html

-----------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2012-0009
Synopsis: VMware Workstation, Player, ESXi and ESX patches address
critical security issues
Issue date: 2012-05-03
Updated on: 2012-05-03 (initial advisory)
CVE numbers: CVE-2012-1516, CVE-2012-1517, CVE-2012-2448, CVE-2012-2449,
CVE-2012-2450
-----------------------------------------------------------------------

So i can get the updates but how to apply them? thats the $64000 question... the servers are isolated away from the internet for security purposes.


The only instruction is 'Download the patch ZIP file from http://support.vmware.com/selfsupport/download/ and install the bulletin using esxupdate from the command line of the host.'

but i need to get the patches to the server to do this ?

kbnuts 06-25-2014 10:09 AM

if it's esxi4 then surely you can do it from the vmware client?

And what do you mean using redhat5.1 as a host? Are you saying you have ESX nested inside a KVM virtual machine?

i would have expected the machine to be bare metal ESX. Weird. ESX is an OS in its own right.

If it were me I'd use VUM but it looks like if you're cut off from the internet that might be difficult.

Anyway..

Redhat should automount the CD assuming autofs is up and running and usually at /media/name-of-cd

Alan2k 06-25-2014 10:34 AM

Quote:

Originally Posted by kbnuts (Post 5193741)
if it's esxi4 then surely you can do it from the vmware client?

I would love ESXi but it bare metal esx non-i 4.0 redhat 5.1 runs on them as a basic OS (i assume)
In the windows world, virtual servers are hosted on these servers & controlled by vSphere

Dont know how/why they were built this way but it does work...

kbnuts 06-25-2014 11:23 AM

What format are the files in on the CD?

Alan2k 06-26-2014 05:36 AM

zip files containing vib files (all downloaded direct from the vmware website)

I will be using the 'esxupdate' command but how to to either 'point' to the CD (may have to be pendrive as some of the updates are big) or copy the files from CD/pendrive to a location on the server ?

either I would be nearly ecstatic about...

notsure 06-26-2014 09:25 AM

...how does the ESX4 hypervisor run ontop of RHEL5.1?
ESX4 uses the RHEL boot loader.

What are the files on this CD they gave you?

--edit I see you answered that question already

Getting the files on the server should be easy to do with scp or rsync.

Alan2k 06-26-2014 10:12 AM

Able to report a partial success (my esx is ancient, v4.0.0 GA nearly every update)

I have burn the oldest 3 updates onto a dvd (files are all downloaded direct by me from the vmware support website)

put dvd in the drive
mount /dev/scd0 /mnt/cdrom

and it sees the zip files :)

but attempting to scan any of the updates produces an error with the metadata.xml

eg
esxupdate -m /mnt/cdrom/ESX400-200907001.zip scan

The error is:
Filename - /var/cache/esxupdate/metadata######/metadata.zip
Message -vmware.xml is missing
Errno - 5
Description - the format of the metadata is invalid

I have looked at the file on a windows PC,there is a vmware.xml file in the metadata zip ?

Can ignore this error & install the update anyway ?

# Update, Turns out that this Redhat Linux 5.1 kernel was installed part of the ESX4.0 software so i have logged a support call with them


All times are GMT -5. The time now is 09:15 PM.