PDA

View Full Version : How to make a patch CD ?



nisuxservice
02-Oct-2014, 09:11
Hi friends,

I have a SLES 11 SP2 (x86_64) server, which is required for security reasons to never, never, never ever have network access to the internet. Therefore it is not possible to apply patches via YaST online update.

I have a support account, so I have access to the patches, but there are approx. 700 of 'em and it would be a deadly heap of work to d/l each of 'em manually - even when I use a d/l manager for each task. Unfortunately I havn't found a way to d/l all the patches in one piece to create a patch CD/DVD/BluRay for offline patching (even while YaST allows that way of patching).

I had an old HP-UX-machine in service where exactly that task was really simple:


run an assessment script
upload the resulting machine status file
gett all applicable patches displayed
choose which patches to d/l
d/l all the patches as bundle in a tar.gz file
expand that archive to disc, CD, netdir
run a simple shell command and wait till completed


Is there any way to d/l allcurrent patches for a given SLES release and burn them together on a CD for offline patching with YaST (or zypper) ??

mikewillis
02-Oct-2014, 12:45
Hi friends,

I have a SLES 11 SP2 (x86_64) server, which is required for security reasons to never, never, never ever have network access to the internet. Therefore it is not possible to apply patches via YaST online update.

I have a support account, so I have access to the patches, but there are approx. 700 of 'em and it would be a deadly heap of work to d/l each of 'em manually - even when I use a d/l manager for each task. Unfortunately I havn't found a way to d/l all the patches in one piece to create a patch CD/DVD/BluRay for offline patching (even while YaST allows that way of patching).

I had an old HP-UX-machine in service where exactly that task was really simple:
[cut]

Is there any way to d/l allcurrent patches for a given SLES release and burn them together on a CD for offline patching with YaST (or zypper) ??

Unless you have Long Term Service Pack Support, I don't think you'll have to worry about installing updates more than once. General Support for SLES 11 SP2 has ended so updates are no longer being released.


I'm curious about your mention of 'approx 700'. How are you determining that?

Do you have any other instances of SLES that do have Internet access? If so you could run https://www.suse.com/solutions/tools/smt.html on one to mirror updates locally then copy them over to the server you can't connect to the Internet, or configure that server to look at the SMT instance, assuming it has local network access.


This will crude and barely tested script will download all the rpms from the SLES11-SP2-Updates/sle-11-x86_64/ repo:


#!/bin/bash

USER=XXXXX
PASSWD=XXXXXX
BASEURL='https://nu.novell.com/repo/$RCE/SLES11-SP2-Updates/sle-11-x86_64/'

wget -qO- --user=${USER} --password=${PASSWD} "${BASEURL}repodata/primary.xml.gz" | gunzip | grep '<location' | cut -d '"' -f 2 | grep -v '^rpm/src/' | while read file;do wget "${BASEURL}${file}";done

USER and PASSWD are your mirror cedentials which you should find at
https://secure-www.novell.com/center/regadmin/jsps/mirrorcreds_app.jsp

nisuxservice
02-Oct-2014, 14:23
I'm curious about your mention of 'approx 700'. How are you determining that?

Gone to the Patch Finder, entered "SLES 11 SP2" and "x86_64" as filters and started the search. Brings 708 results (as of yestarday).

I'll have a look at the script. Thanks ...