PDA

View Full Version : SLES 12 SP1 Offline upgrade of SLES 12 SP1 to latest Patches?



Endeval
21-Aug-2017, 12:59
Hi folks.

I have 4 SLES 12 SP1 installations which do not have internet access.

I need to patch these to the latest Security Patches on a regular basis, also functional patches.
For example, security patches come out for September, I would patch them a week after the release.


I've tried to find information on how best to do this, but I haven't managed to find it.

So, right now I need to update these four servers from the Sp1 distro patch level, right up to the latest available patches.
From then on, it would be a monthly catch-up.


Would someone please advise what is the best way to do this please?


Thanks!
James

malcolmlewis
21-Aug-2017, 13:40
On Mon 21 Aug 2017 12:04:01 PM CDT, Endeval wrote:

Hi folks.

I have 4 SLES 12 SP1 installations which do not have internet access.

I need to patch these to the latest Security Patches on a regular basis,
also functional patches.
For example, security patches come out for September, I would patch them
a week after the release.


I've tried to find information on how best to do this, but I haven't
managed to find it.

So, right now I need to update these four servers from the Sp1 distro
patch level, right up to the latest available patches.
From then on, it would be a monthly catch-up.


Would someone please advise what is the best way to do this please?


Thanks!
James




Hi and welcome to the Forum :)

Many ways.... a few follow;

1. Manually download from patch finder:
https://download.suse.com/patch/finder/
Copy to a USB device and copy or setup as a local repository (plain rpm)

2. Set up SMT server on a laptop and mirror updates, then use the laptop
on the internal network temporarily.

3. Use the SMT server and create a patch CD/DVD/USB device to update
each machine.

4. Create a SLES 12 SP1 virtual machine and use zypper with the
download-only option to cache the updates and again copy to a USB
device to take to each machine.

5. If apache or such is available on the internal network you could
create a local repo for the machines to talk to (createrepo command).

So I guess what do you have in mind on how to update these systems?

--
Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.2|GNOME 3.20.2|4.4.79-18.26-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!

Endeval
01-Sep-2017, 11:49
Hi Malcolm,

Firstly thank you v much for your response!

With so little # systems to patch, I think it's manageable to go with either Step 1 or 5.

Few questions if that's OK
- Do you know how I would go about downloading only the latest patches from patchfinder in an automated way?
- On the patching side, on a second patch rollout, how would I tell the SUSE install to only install the patches that it now needs (or would it roll through all available patches again) ?

For Step 4 (zypper), is there an actual method to create a patch CD?

cheers!
James

malcolmlewis
01-Sep-2017, 12:17
Hi



On Fri 01 Sep 2017 10:54:02 AM CDT, Endeval wrote:

Hi Malcolm,

Firstly thank you v much for your response!

With so little # systems to patch, I think it's manageable to go with
either Step 1 or 5.

Few questions if that's OK
- Do you know how I would go about downloading only the latest patches
from patchfinder in an automated way?

Not that I'm aware of... :(



On Fri 01 Sep 2017 10:54:02 AM CDT, Endeval wrote:

- On the patching side, on a second patch rollout, how would I tell the
SUSE install to only install the patches that it now needs (or would it
roll through all available patches again) ?

It will only install patches that are needed and ignore older or
already installed patches.



On Fri 01 Sep 2017 10:54:02 AM CDT, Endeval wrote:

For Step 4 (zypper), is there an actual method to create a patch CD?

Yes, have a read of this blog;
https://www.suse.com/communities/blog/creating-add-products-yast/

--
Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.2|GNOME 3.20.2|4.4.79-18.26-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!