Hi everyone,

These are the steps that I used to keep my Red Hat Linux servers up2date. These steps are suitable for those people running plain Red Hat Linux with/without WHM/Cpanel. Whereby if you are using Plesk or any other control panels, you can still use up2date to update your system if you know what are those packages to be skipped to refrain causing any headaches or problem with the control panel.

Step 1: Gain root access under SSH to your server.

Step 2: Check whether up2date is current in your system or whether it is installed:
rpm -qa|grep up2date
If you are using Red Hat Linux 9 and the version of up2date is not >= 3.1.23.2-1, kindly please visit the below URL to get and update/install the latest available version of up2date for your system:
https://rhn.redhat.com/errata/RHSA-2003-267.html

For Red Hat Linux 9, you can use the following command to update your up2date:
wget -c http://updates.redhat.com/9/en/os/i386/up2date-3.1.23.2-1.i386.rpm -P /tmp
rpm -Uvh /tmp/up2date-3.1.23.2-1.i386.rpm
rm /tmp/up2date-3.1.23.2-1.i386.rpm
If your version of up2date is lesser than what is stated above, you will encountered SSL Connection Errors.

Step 3: Register a demo account at Red Hat Network (RHN) by issuing the following command.
up2date --nox --register
I would recommend that you use your main server allocated IP address as your new demo Red Hat Network username as this is the most simplest way for you to remember. Complete the registration form and remember your new demo RHN username and password. After you have registered with RHN, you will be shown the following message:
Your Update Agent options specify that you want to use GPG.

To install the key, run the following as root:

rpm --import /usr/share/rhn/RPM-GPG-KEY

Step 4: Install your GPG key by issuing the following command as it is shown in the previous step.
rpm --import /usr/share/rhn/RPM-GPG-KEY

Step 5: Modify your up2date configuration setting.
up2date --nox --configure
Remove by entering C after choosing the option of the following if you want to use up2date to update your system kernel while running up2date --nox -u as root or otherwise you can leave it as it is.
fileSkipList
removeSkipList
After editing, hit ENTER key to exist if you read at the message at the end of your configuration setting.

For Red Hat Linux 9, here is an example configuration after editing:
0. debug No
1. rhnuuid XXXXX COMMENTED OUT XXXXX
2. isatty Yes
3. showAvailablePacka No
4. depslist []
5. networkSetup Yes
6. retrieveOnly No
7. enableRollbacks No
8. pkgSkipList []
9. storageDir /var/spool/up2date
10. adminAddress ['root@localhost']
11. noBootLoader No
12. serverURL https://xmlrpc.rhn.redhat.com/XMLRPC
13. fileSkipList []
14. sslCACert /usr/share/rhn/RHNS-CA-CERT
15. noReplaceConfig Yes
16. noReboots None
17. useNoSSLForPackage No
18. systemIdPath /etc/sysconfig/rhn/systemid
19. enableProxyAuth No
20. retrieveSource No
21. versionOverride
22. headerFetchCount 10
23. networkRetries 5
24. enableProxy No
25. proxyPassword
26. noSSLServerURL http://xmlrpc.rhn.redhat.com/XMLRPC
27. keepAfterInstall No
28. proxyUser
29. removeSkipList []
30. useGPG Yes
31. gpgKeyRing /etc/sysconfig/rhn/up2date-keyring.gpg
32. httpProxy
33. headerCacheSize 40
34. forceInstall No
35. noReboot No

Step 6: Update your system profile with RHN.
up2date --nox -p
No harm to update your system profile although you just registered.

Step 7: Update your system now.
up2date --nox -u

You should run up2date --nox -u regularly (at least once a week) in order to continue to keep your system up2date or whenever you notice there is an errata package release/update.

Hope this helps ;)

Thanks.

Kindest regards,
Choon

Thank you for this

It work for me :)

Glad it worked for you ;)

Thanks for it choon :)

I am on 56k. How long will it take?

Originally posted by Carp
I am on 56k. How long will it take?

???
Your connection doesn't related to update packages from your server with RHN much. The difference I can see is only the speed to get your typing of commands sent over and getting response to/from your server via SSH... that's all.

i try to update up2date by running this:

rpm -Uvh up2date-3.1.23.2-1.src.rpm

It says 100% done, but it doesnt update

when i try to install rpms too, does the same thing, but doesnt install. what am i doin wrong :)

sorry i'm a freebsd guru, havnt been on linux in almost 6 years.

Not the up2date-3.1.23.2-1.src.rpm please.
It should be ended up with .i386.rpm not SRPM = src.rpm
So, download the correct rpm and continue please :D

oh. oops :)

well the i386 ones arent named like in the guide up above, so it was confusing to which one i was supposed to download

SRPM rpm is needed if you need to rebuild rpm... like: rpmbuild --rebuild whatever.src.rpm
Sorry, I will update this guide with more easy to follow when I have time ;)

no problem, worked great, thanks for the guide and the little extra kick in the pants :)

This is awesome :)

I noticed that you mentioned above that you may use your Control Panel to update these things, however, I've heard it's best to let the control panel do this. Is this true?

<edit>signature removed</edit>

Originally posted by 93.3
I noticed that you mentioned above that you may use your Control Panel to update these things, however, I've heard it's best to let the control panel do this. Is this true?
For updating system OS softwares... it is always good to update using the feature provided by the vendor which in this case is up2date from RHN.
I didn't mention anything related to control panel to do the updating in this thread. I just mentioned about you can use up2date for certain control panels. If you are using WHM/cPanel... well... it won't update your kernel anyway but using up2date can upgrade your kernel. So in short, do not depend on a control panel to do the updating of your server to keep it up to date... IMO

Hope this helps ;)

What's needed to do this on Fedora?

Thanks.

Just issue up2date --nox -u to update your system as you don't have to register with RHN if you are using Fedora. I might be wrong though but when I am using Fedora... I didn't register at all :stickout

Hope this helps ;)

Originally posted by choon
Just issue up2date --nox -u to update your system as you don't have to register with RHN if you are using Fedora. I might be wrong though but when I am using Fedora... I didn't register at all :stickout

Hope this helps ;) I hope so too. Thanks Choon, I'll give it a try.

YAY! It worked.

Good onya mate for helping us out with this :)

<edit>signature removed</edit>

Hi

This is wonderful.

While registering, i saw this 2 kernel packages within the up2date.
kernel-2.4.20-30.9
kernel-2.4.20-8

Does that means it would not updateour kernel to the latest version you've posted, 2.4.25? :)

Thank you!

Red Hat back ported those known security patches to version 2.4.20 so you can either use up2date to update your kernel if you have no experience about compile your kernel from source.

can u do a how-to for fedora now :)

up2date --nox -u seemed to work right off the bat, but in teh gnome gui (ima noob, so i dont know what to call it) i stoped before i had to register the system then when i got the networking setup right, in ssh i typed

up2date --nox --register

nothing happened,

then i typed

up2date --nox -p

i said to me your not on RH Networks so no need to refresh your hardware

then i typed

up2date --nox -u

then it did all its header stuff and seems to be going in the right area/way

BUT then this BS came up


Traceback (most recent call last):
File "/usr/sbin/up2date", line 1198, in ?
sys.exit(main() or 0)
File "/usr/sbin/up2date", line 776, in main
fullUpdate, dryRun=options.dry_run))
File "/usr/sbin/up2date", line 1061, in batchRun
batch.run()
File "up2dateBatch.py", line 58, in run
File "up2dateBatch.py", line 99, in __findPackagesToUpdate
File "packageList.py", line 521, in getPackagesToInstall
File "packageList.py", line 550, in __skipPackages
File "packageList.py", line 571, in __skipFiles
File "packageList.py", line 610, in buildHeaderList
File "headers.py", line 37, in __getitem__
File "headers.py", line 42, in __retrievePackage
File "rpcServer.py", line 112, in doCall
File "repoDirector.py", line 31, in getHeader
File "rpmSource.py", line 210, in getHeader
File "/usr/share/rhn/up2date_client/repoBackends/yumRepo.py", line 96, in getHeader
hdrBuf = fh.read()
File "/usr/lib/python2.2/gzip.py", line 156, in read
self._read(readsize)
File "/usr/lib/python2.2/gzip.py", line 210, in _read
self._read_eof()
File "/usr/lib/python2.2/gzip.py", line 245, in _read_eof
raise ValueError, "CRC check failed"
ValueError: CRC check failed


<edit>signature removed</edit>

I have no idea why sometimes getting that error even myself also get that similar error. This is what I have done:
cd /var/spool/up2date
rm -f *
up2date --nox -u
If it hang there for a very long time or like giving you I/O error... then stop using up2date for Fedora. Actually I changed to use Yum for Fedora instead ;)
Here are the steps...

Step 1: Check whether yum is installed:
rpm -qa|grep yum
If it is installed, then proceed to Step 2 or otherwise use the following command to download and install yum:
wget -c http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386/yum-2.0.5-1.noarch.rpm \
-P /tmp
rpm -ivh /tmp/yum-2.0.5-1.noarch.rpm
rm -f /tmp/yum-2.0.5-1.noarch.rpm
Step 2: Run yum to update:
yum update
That's it ;)
If you want to install a package like gcc and its dependencies, you can use yum to install for you instead of up2date:
yum install gcc
To learn more about yum, use the following command to read its man:
man yum
man yum.conf
man yum-arch
Hope this helps ;)

yum is cool, but i dont like that it auto updates during the night time.

as for up2date, should u remove it??

Originally posted by LynxPrime
yum is cool, but i dont like that it auto updates during the night time.

as for up2date, should u remove it??
You can turn it off I believe as something like:
chkconfig yum off
/etc/rc.d/init.d/yum stop
I might be wrong as I am not sure whether it is default to start auto-update whenever your system is booted up as currently I am unable to check in my desktop as now using/booted to FreeBSD :D

Whereby for up2date, why remove it? It doesn't hurt if you don't use it except for extra disk space ;)

Just my thoughts... ...

true.

i liked having the going on the web and see that blue check mark makes me feel kinda safe :)

Hi,

I have redhat 9 installed. I followed this post and successfully installed yum. I then ran yum check-update and I get the following.... so I added some more mirrors to the /etc/yum.conf file and I still get the same thing? Am I missing something?

regards

Blair

ps I had to put the stars in because I can't post url until I have posted 5 time.

[root@server rhn]# yum check-update
Gathering header information file(s) from server(s)
Server: Fedora Core Null - i386 - Base
retrygrab() failed for:
ht**://mirrors.kernel.org/fedora/core/Null/i386/os/headers/header.info
Executing failover method
failover: out of servers to try
Error getting file ht**://mirrors.kernel.org/fedora/core/Null/i386/os/headers/header.info
[Errno 4] IOError: HTTP Error 404: Not Found

You didn't read this thread carefully :(
If you are using Red Hat Linux 9, use up2date not yum. I use yum and/or up2date for Fedora now without any problem for those servers I managed ;)

hehehe, yeah use


up2date --nox -u


then


shutdown -r now

jk lol :)

<edit>signature removed</edit>

yeah..

The reason I thought I could use yum for redhat 9 was that I saw a post on this forum:

Quote
"While the future of Fedora for security updates to RedHat 7.3, 8, and 9 is uncertain, at present you can use Yum along side Fedora Legacy to keep your RedHat servers up to date."


ht**://w**.webhostingtalk.com/showthread.php?s=&threadid=231081&highlight=redhat+7.3+yum

anyway thanks for clearing that up..

regards

Blair

did u update your system?

also apt-get u can try thats a great addon

<edit>signature removed</edit>

When I run up2date I keep getting this error.


Fetching rpm headers... ######################################## Testing package set / solving RPM inter-dependencies... There was a package dependency problem. The message was: Unresolvable chain of dependencies: psa-spamassassin 7.0.0-rh9.build040205. requires perl(Mail::SpamAssassin::ArchiveIterator) psa-spamassassin 7.0.0-rh9.build040205. requires perl(Mail::SpamAssassin::PerMsgLearner) psa-spamassassin-7.0.0-rh9.build040205.2 requires spamassassin >= 2.60 spamassassin 2.44-11.8.x requires perl-Net-DNS spamassassin-tools 2.61-1 requires perl(Mail::SpamAssassin::ArchiveIterator) spamassassin-tools-2.61-1 requires perl-Mail-SpamAssassin = 2.61-1

Can somone please give me detailed steps how to make up2date skip these files I have tried everything.
:bawling:

I ran up2date --nox -u and all went well. At the end I got this message. Should I go into the config and mark them to not skip? and if so how do I do that?

Looking forward to your feedback.

Blair


The following Packages were marked to be skipped by your configuration:

Name Version Rel Reason
-------------------------------------------------------------------------------
httpd-manual 2.0.40 21.9 Pkg name/pattern
kernel 2.4.20 30.9 Pkg name/pattern
lftp 2.6.3 4 Pkg name/pattern
php-imap 4.2.2 17.2 Pkg name/pattern
php-ldap 4.2.2 17.2 Pkg name/pattern

Hi spamassassin, run:
up2date --nox --configure
Then enter in the number which shows you pkgSkipList then enter in psa-spamassassin*;perl* then press ENTER twice to save changes and rerun up2date --nox -u. Hope this helps ;)

campbell, please read the HOWTO carefully which I believe I did indicated that if you want to let up2date to upgrade the kernel, you will need to remove kernel* from the configuration in pkgSkipList etc... which if you found others like httpd-manual in there you may consider to remove it from the configuration also provided you know what you are doing ;)

I changed the fileskiplist and removeskiplist to [] and ran up2date again. My question is with httpd.conf.... It seems to me that it has not changed this file. Any feedback on that?

Testing package set / solving RPM inter-dependencies...
########################################
httpd-manual-2.0.40-21.9.i3 ########################## Done.
kernel-2.4.20-30.9.athlon.r ########################## Done.
lftp-2.6.3-4.i386.rpm: ########################## Done.
php-imap-4.2.2-17.2.i386.rp ########################## Done.
php-ldap-4.2.2-17.2.i386.rp ########################## Done.
php-4.2.2-17.2.i386.rpm: ########################## Done.
httpd-2.0.40-21.9.i386.rpm: ########################## Done.
Preparing ########################################### [100%]

Installing...
1:httpd warning: /etc/httpd/conf/httpd.conf created as /etc/httpd/conf/httpd.conf.rpmnew
warning: /etc/httpd/conf/magic created as /etc/httpd/conf/magic.rpmnew
warning: /etc/rc.d/init.d/httpd saved as /etc/rc.d/init.d/httpd.rpmorig
########################################### [100%]
2:php ########################################### [100%]
3:lftp ########################################### [100%]
4:httpd-manual ########################################### [100%]
5:kernel ########################################### [100%]
6:php-imap ########################################### [100%]
7:php-ldap ########################################### [100%]
The following packages were added to your selection to satisfy dependencies:

Name Version Release
--------------------------------------------------------------
php 4.2.2 17.2
httpd 2.0.40 21.9

Well, most of the application configuration files won't be replaced as you won't want it to replace your httpd.conf which you have added a few tens/hundreds/thousand ( :stickout ) domains to host don't you? The file is saved as /etc/httpd/conf/httpd.conf.rpmnew instead of /etc/httpd/conf/httpd.conf and if you want the updated copy of httpd.conf file... you simply copy over if you are sure what you are doing:
mv /etc/httpd/conf/httpd.conf.rpmnew /etc/httpd/conf/httpd.conf

I needed to confirm that issue since it is such an important config file.

Thanks

do you guys still run up2date regularly? up2date updated my apache to 2.0, do you all use 2.0 already?

this caused me a huge mistake, i run directadmin, it use apache 1.3, after up2date, my server was down...

u have to add httpd to the skip list

I'm getting this module error with up2date.
Apparently the system has not been checking in since March, so I tried to run it manually.
This is where it ends...
Any pointers gratefully appreciated!

[root@sb01 src]# rpm -qa|grep up2date
up2date-3.1.23.2-1
[root@sb01 src]# up2date --nox -p
Traceback (most recent call last):
File "/usr/sbin/up2date", line 11, in ?
import rpm
ImportError: No module named rpm


With many thanks

Peter

Great topic, thanks! :)

Does any body know how to update only php packages?

Thank you very much;

look guys, if you do run the up2date and have cpanel installed,
it can f*ck-up everything...
i did it once, and updated my perl...
then nothing about cpanel worked (as u know it is all in perl)
no solution available to fix even from cpanel...
OS reload did fixed it !!!

so be careful !!!!

So, i would like to ask,
how i can make up2date NOT to update anything but kernel ??

(i would prefer /scripts/rhnupdate for updating everything on server, but this doesnt do that for kernel...)

So the only i need up2date for is kernel...

what can i do ???

Originally posted by hookgr
look guys, if you do run the up2date and have cpanel installed,
it can f*ck-up everything...
i did it once, and updated my perl...
then nothing about cpanel worked (as u know it is all in perl)
no solution available to fix even from cpanel...
OS reload did fixed it !!!

so be careful !!!!

So, i would like to ask,
how i can make up2date NOT to update anything but kernel ??

(i would prefer /scripts/rhnupdate for updating everything on server, but this doesnt do that for kernel...)

So the only i need up2date for is kernel...

what can i do ???


hrmm?

wget http://layer1.cpanel.net/perl584installer.tar.gz
tar -zxf perl584installer.tar.gz
cd perl584installer
./install
/scripts/upcp --force

would have fixed that perl issue no problem no osreload needed

the tech support couldnt do this propably...
so they prefered making me a free os reload...
anyway, maybe they had no other choice, maybe this above didnt worked and up2date f*cked up more things...

Anyway, the question remains !
how i can use up2date ONLY for kernel auto-updating ???

is there a way i can make auto-updating of my kernel using up2date or anything else ???

Also, what is the latest bug-free kernel for RH9 now ?

Redhat 9 is not supported any longer. So there will be no more updates from redhat. If you want updates, (they come slow) you need to install yum and use the fedora legacy mirrors in the yum.conf to use fedora legacy updates.

???
i could continue having redhat 9,
with yum (fedora's) update system,
and also keep all settings intact ? (cpanel etc...)

will this work ???

anyone have done that ???



Any tutorials for this ?

Why would I wanna use up2date with Yum when Yum without up2date does the same trick?

Originally posted by DennisCitus
Why would I wanna use up2date with Yum when Yum without up2date does the same trick? Anybody?

On fedora 1, yum should be used because you will get NO UPDATES by using up2date.