Contents
On the supported client systems various software management and package update tools are in use—not only GUI programs and desktop applets, but also command-line tools.
![]() | Updating SUSE Manager |
---|---|
For updating SUSE Manager server, additional steps might be required. Refer to Section “Updating SUSE Manager” (↑Installation Guide) for detailed instructions. |
YaST Online Update (yast2 online_update) is the desktop update application for SUSE Linux Enterprise. Using this tool, you can update packages and read details on the updated packages, such as bug fix information, security alerts, enhancements, and more. For more information, refer to Section 1.1.1, “Using YaST Online Update”.
Use zypper, if you want to manage software updates with command line tools. For more information, refer to Section 1.1.2, “Updating Packages from the Command Line with Zypper”.
For background information, see the SUSE Linux Enterprise Deployment Guide, Chapter 9.0 Installing or Removing Software (using desktop applets). SUSE Linux Enterprise Administration Guide, Chapter 1.0 YaST Online Update, and Chapter 4.0 Managing Software with Command Line Tools (zypper).
If you enable the Auto Patch Update.
, installing updates will take place automatically, pushed from SUSE Manager. For more information about this feature, refer toNovell offers a continuous stream of software security updates for your product. By default the update applet is used to keep your system up-to-date. This section covers the tool for updating software packages: YaST Online Update.
After activating the SUSE Linux Enterprise Server client system, SUSE Manager channels
are available as a spacewalk
repository
service (see Figure 1.1, “YaST Software Repositories”) and you
can use YaST to install software updates on the client system. For
more information about client activation, refer to Section “Client Setup” (, ↑Quick Start) and Section 3.4.6, “Activation Keys — [Mgmt]”.
Novell
provides updates with different relevance levels.
Security
updates fix severe security hazards and should
definitely be installed. Recommended
updates fix issues
that could compromise your computer, whereas Optional
updates fix non-security relevant issues or provide enhancements.
Procedure 1.1. Installing Patches with YaST Online Update
Run
+ in YaSTAll new patches (except the optional ones) that are currently available for your system are already marked for installation. Click
or to automatically install them.Confirm with
after the installation has completed. Your system is now up-to-date.The
window consists of four sections. The list of all patches available is on the left. Find the description of the selected patch displayed below the list of patches. The right column lists the packages included in the selected patch (a patch can consist of several packages) and below, a detailed description of the selected package.
The patch display lists the available patches for the client system. The
patches are sorted by security relevance (security
,
recommended
, and optional
). There
are three different views on patches. Use to toggle the views:
Non-installed patches that apply to packages installed on your system.
Patches that either apply to packages not installed on your system, or patches that have requirements which have already have been fulfilled (because the relevant packages have already been updated from another source).
All patches available for the client system.
A list entry consists of a symbol and the patch name. For a list of
possible symbols, press
Shift+F1.
Actions required by Security
and
Recommended
patches are automatically preset. These
actions are ,
and . Actions for
Optional
patches are not preset—right-click on a
patch and choose an action from the list.
If you install an up-to-date package from a repository other than the update repository, the requirements of a patch for this package may be fulfilled with this installation. In this case a check mark is displayed in front of the patch summary. The patch will be visible in the list until you mark it for installation. This will in fact not install the patch (because the package already is up-to-date), but mark the patch as having been installed.
Most patches include updates for several packages. If you want to change actions for single packages, right-click on a package in the package window and choose an action. Once you have marked all patches and packages as desired, proceed with
The
window consists of two main sections. The left pane lists all patches and provides different filters for the patch list. See the right pane for a list of changes that will carried out once you them.Patch List Filters
Non-installed patches that apply to packages installed on your system.
Patches that are already installed.
Patches that are either already installed or available.
Only show
, , or patches. By default, patches are shown.This filter lets you display the patches per repository.
Apply your custom filter here.
Click on a patch entry to open a row with detailed information about the patch in the bottom of the window. Here you can see a detailed patch description as well as the versions available. You can also choose to
optional patches—security and recommended patches are already preselected for installation.YaST also offers the possibility to set up an automatic update. Open
+ . Check and choose whether to update , , or . Some patches, such as kernel updates, require user interaction, which would cause the automatic update procedure to stop. Therefore you should check if you want the update procedure to proceed fully automatically. Having done so, you should run a manual from time to time in order to install patches that require interaction.Zypper is a command line package manager for installing, updating and removing packages as well as for managing repositories. It is especially useful for accomplishing remote software management tasks or managing software from shell scripts.
For more information on managing software from the command line, enter
zypper help or zypper help
command
or see the
zypper(8)
manpage. .
The general syntax of Zypper is:
zypper[global-options]
command
[command-options]
[arguments]
...
The components enclosed in brackets are not required. The simplest way to execute Zypper is to type its name, followed by a command. For example, to apply all needed patches to the system type:
zypper patch
Additionally, you can choose from one or more global options by typing
them just before the command. For example,
--non-interactive
means running the command without
asking anything (automatically applying the default answers):
zypper --non-interactive patch
To use the options specific to a particular command, type them right
after the command. For example,
--auto-agree-with-licenses
means applying all needed
patches to the system without asking to confirm any licenses (they will
automatically be accepted):
zypper patch --auto-agree-with-licenses
Some commands require one or more arguments. When using the install command, for example, you need to specify which package(s) to install:
zypper install mplayer
Some options also require an argument. The following command will list all known patterns:
zypper search -t pattern
You can combine all of the above. For example, the following command will
install mplayer
and
amarok
packages using the
factory
repository only, and be verbose:
zypper -v install --repo factory mplayer amarok
Most Zypper commands have a dry-run
option that does a
simulation of the given command. It can be used for test purposes.
zypper remove --dry-run MozillaFirefox
To install or remove packages use the following commands:
zypper installpackage
zypper removepackage
Zypper knows various ways to address packages for the install and remove commands:
zypper in MozillaFirefox
zypper in mozilla:MozillaFirefox
Where mozilla
is the alias of the repository from
which to install.
The following command will install all packages that have names starting with “Moz”. Use with care, especially when removing packages.
zypper in Moz*
If you, for example, would like to install a perl module without knowing the name of the package, capabilities come in handy:
zypper in 'perl(Time::ParseDate)'
Together with a capability you can specify an architecture (such as
i586
or x86_64
) and/or a
version. The version must be preceded by an operator:
<
(lesser than), <=
(lesser than or equal), =
(equal>,
>=
(greater than or equal),
>
(greater than).
zypper in 'firefox.x86_64' zypper in 'firefox>=3.5.3' zypper in 'firefox.x86_64>=3.5.3'
You can also specify a local or remote path to a package:
zypper in /tmp/install/MozillaFirefox.rpm zypper in http://download.opensuse.org/repositories/mozilla/SUSE_Factory/x86_64/MozillaFirefox-3.5.3-1.3.x86_64.rpm
To install and remove packages simultaneously use the
+/-
modifiers. To install
emacs
and remove vim
simultaneously, use:
zypper install emacs -vim
To remove emacs
and install
vim
simultaneously, use:
zypper remove emacs +vim
To prevent the package name starting with the -
being
interpreted as a command option, always use it as the second argument. If
this is not possible, precede it with --
:
zypper install -emacs +vim # Wrong zypper install vim -emacs # Correct zypper install -- -emacs +vim # same as above zypper remove emacs +vim # same as above
By default, Zypper asks for a confirmation before installing or removing
a selected package, or when a problem occurs. You can override this
behavior using the --non-interactive
option. This option
must be given before the actual command (install, remove, and patch) as
in the following:
zypper--non-interactive
installpackage_name
This option allows the use of Zypper in scripts and cron jobs.
![]() | Do not Remove Mandatory System Packages |
---|---|
Do not remove packages such as |
If you want to install the corresponding source package of a package, use:
zypper source-install package_name
That command will also install the build dependencies of the specified
package. If you do not want this, add the switch -D
.
To install only the build dependencies use -d
.
zypper source-install -Dpackage_name
# source package only zypper source-install -dpackage_name
# build dependencies only
Of course, this will only work if you have the repository with the source packages enabled in your repository list (it is added by default, but not enabled). See Section 1.1.2.4, “Managing Repositories with Zypper” for details on repository management.
A list of all source packages available in your repositories can be obtained with:
zypper search -t srcpackage
To verify whether all dependencies are still fulfilled and to repair missing dependencies, use:
zypper verify
In addition to dependencies that must be fulfilled, some packages “recommend” other packages. These recommended packages are only installed if actually available. In case recommended packages were made available after the recommending package has been installed (by adding additional packages), use the following command:
zypper install-new-recommends
There are three different ways to update software using Zypper: by installing patches, by installing a new version of a package or by updating the entire distribution. The latter is achieved with the zypper dist-upgrade command.
To install all officially released patches applying to your system, just run:
zypper patch
In this case, all patches available in your repositories are checked for relevance and installed, if necessary. After registering your SUSE Manager installation, an official update repository containing such patches will be added to your system. The above command is all you must enter in order to apply them when needed.
Zypper knows three different commands to query for the availability of patches:
Lists the number of needed patches (patches, that apply to your system but are not yet installed)
~ # zypper patch-check Loading repository data... Reading installed packages... 5 patches needed (1 security patch)
Lists all needed patches (patches, that apply to your system but are not yet installed)
~ # zypper list-updates Loading repository data... Reading installed packages... S | Repository | Name | Current | Available | Arch --+------------+-------------------------------+---------+------------+------- v | Updates | update-test-interactive | 0-2.35 | 0-9999.1.2 | noarch v | Updates | update-test-optional | 0-2.35 | 0-9999.1.2 | noarch v | Updates | update-test-reboot-needed | 0-2.35 | 0-9999.1.2 | noarch v | Updates | update-test-relogin-suggested | 0-2.35 | 0-9999.1.2 | noarch v | Updates | update-test-security | 0-2.35 | 0-9999.1.2 | noarch
Lists all patches available for SUSE Manager, regardless of whether they are already installed or apply to your installation.
It is also possible to list and install patches relevant to specific issues. To list specific patches, use the zypper list-patches command with the following options:
-b
Lists all needed patches for Bugzilla issues.
--bugzilla[=number
]
Lists needed patches for the Bugzilla issue with the specified number.
To install a patch for a specific issue, use command:
zypper patch --bugzilla=number
If a repository contains only new packages, but does not provide patches, zypper patch does not show any effect. To update all installed packages with newer available versions, use:
zypper update
To update individual packages, specify the package with either the update or install command:
zypper updatepackage
zypper installpackage
A list of all new packages available can be obtained with the command:
zypper list-updates
![]() | Differences between zypper update and zypper dist-upgrade | ||||
---|---|---|---|---|---|
Choose zypper update to update packages to newer versions available for your product version while maintaining system integrity. zypper update will honor the following rules:
To upgrade your installation to a new product version use zypper dist-upgrade with the required repositories (see Section 1.1.2.4, “Managing Repositories with Zypper” for details). This command ensures that all packages will be installed from the repositories currently enabled. This rule is enforced, so packages might change vendor or architecture or even might get downgraded. All packages that have unfulfilled dependencies after the upgrade will be uninstalled. |
All installation or patch commands of Zypper rely on a list of known repositories. To list all repositories known to the system, use the command:
zypper repos
The result will look similar to the following output:
# | Alias | Name | Enabled | Refresh --+-----------------------------------+-----------------------------------+---------+-------- 1 | SUSE-Linux-Enterprise-Server 11-0 | SUSE-Linux-Enterprise-Server 11-0 | Yes | No 2 | SLES-11-Updates | SLES 11 Online Updates | Yes | Yes 3 | broadcomdrv | Broadcom Drivers | Yes | No
When specifying repositories in various commands, an alias, URI or repository number from the zypper repos command output can be used. Note however that the numbers can change after modifying the list of repositories. The alias will never change by itself.
By default, details as the URI or the priority of the repository is not displayed. Use the following command to list all details:
To add a repository, run
zypper addrepoURI
Alias
URI
can either be an Internet repository, a
network resource, a directory or a CD or DVD (see
http://en.opensuse.org/Libzypp/URI for details). The
Alias
is a shorthand and unique identifier of
the repository. You can freely choose it, with the only exception that
is has to be unique. Zypper will issue a warning if you specify an alias
that is already in use. To make working with repositories more
convenient, use short and easy-to-remember aliases.
If you want to remove a repository from the list, use the command zypper removerepo together with the alias or number of the repository you want to delete. To remove the 3rd entry from the example, use the following command:
zypper removerepo 3
Enable or disable repositories with zypper modifyrepo. You can also alter the repository's properties (such as refreshing behavior, name or priority) with this command. The following command will enable the repository name “updates”, turn on auto-refresh and set it's priority to 20:
zypper mr -er -p 20 'updates'
Modifying repositories is not limited to a single repository—you can also operate on groups:
-a : all repositories |
-l : local repositories |
-t : remote repositories |
-m : repositories
of a certain type (TYPE can be one of the
following: http, https, ftp, cd, dvd, dir, file, cifs, smb, nfs, hd, iso) |
To rename a repository alias, use the renamerepo
command. The following example changes the alias from “Mozilla
Firefox” to just “firefox”:
zypper renamerepo 'Mozilla Firefox' firefox
Zypper offers various methods to query repositories or packages. To get lists of all products, patterns, packages or patches available, use the following commands:
zypper products zypper patterns zypper packages zypper patches
To query all repositories for certain packages, use
search
. It works on package names, capabilities or,
optionally, on package summaries and descriptions. Using the wildcards *
and ? with the search term is allowed. By default, the search is not
case-sensitive.
zypper se firefox # simple search for "firefox" zypper se *fire* # using wildcards zypper se -d fire # also search in package descriptions and summaries zypper se -u firefix # only display packages not already installed
To search for packages which provide a special capability, use the
command what-provides
. If you, for example, would like
to know which package provides the perl Module
SVN::Core
, use the following command:
zypper what-provides 'perl(SVN::Core)'
To query single packages, use info
with an exact
package name as an argument. It displays detailed information about a
package. Use the options --requires
and
--recommends
to also show what is required/recommended
by the package:
zypper info --requires MozillaFirefox
The what-provides
is similar to rpm -q --whatprovides
package
package
, but rpm is only able to
query the RPM database (that is the database of all installed packages).
Zypper, on the other hand, will tell you about providers of the
capability from any repository, not only those that are installed.
Depending on your version of Red Hat Enterprise Linux, systems registered with SUSE Manager can update client systems directly using various tools and applications installed on the system. For Red Hat Enterprise Linux 5, you can use the Package Updater (or pup) to keep systems updated.
The Package Updater (pup) is the desktop update application for Red Hat Enterprise Linux 5. Using this tool, you can update packages and read details on the updated packages, such as bug fix information, security alerts, enhancements, and more.
To start the Package Updater from the desktop, open (the main menu on the panel), then click → .
If you are at a shell prompt window, type pup to open the Package Updater.
If there are multiple package updates, they will be listed with checkmarks next to them so that you can choose which files to update. Some packages (for example, kernel packages) may have a circular arrow icon next to them, indicating that you are required to reboot your system after updating the package.
To view the update details of any package, highlight the package and click the arrow next to Update Details.
When you are ready to update the packages, click
. The Updater will resolve any dependencies, and notify you when a package must be installed to meet a dependency for an updated package.Click
to accept the dependency and resume the update.If this is the first time using the Package Updater, the program will prompt you to imort the Red Hat GPG security key that verifies that a package has been signed and is certified for Red Hat Enterprise Linux.
Click
to accept the Key and continue with the update.When the update completes, you may be prompted to reboot your system for the changes to take effect.
You can choose to reboot now or later, but it is recommended to click
to start using the updated packages.Red Hat Enterprise Linux 5 also features a a running program on the graphical desktop panel that periodically checks for updates from the SUSE Manager server and will alert users when a new update is available.
The Package Updater Applet stays in the notification tray of the desktop panel and checks for new updates periodically. The applet also allows you to perform a few package maintenance tasks from the applet by clicking the notification icon and choosing from the following actions:
Refresh — Check SUSE Manager for new updates
View Updates — launches the Package Updater application so that you can see any available updates in more detail and configure the updates to your specifications
Apply Updates — Download and Install all updated packages.
Quit — close the applet
The foundation of the Package Updater is the Yum package manager, developed by Duke University to improve the installation of RPMs. yum searches supported repositories for packages and their dependencies so they may be installed together in an effort to alleviate dependency issues. Red Hat Enterprise Linux 5 uses yum to fetch packages and install packages.
up2date is not available on Red Hat Enterprise Linux 5, which uses Yum (Yellowdog Updater Modified). The entire stack of tools that installs and updates software in Red Hat Enterprise Linux 5 is now based on Yum. This includes everything from the initial installation via Anaconda installation program to host software management tools like pirut.
yum commands are typically typed as the following:
yumcommand
[package_name
]
By default, Yum will automatically attempt to check all configured repositories to resolve all package dependencies during an installation or upgrade. The following is a list of the most commonly-used yum commands. For a complete list of available yum commands, refer to man yum.
package_name
Used to install the latest version of a package or group of packages. If no package matches the specified package name(s), they are assumed to be a shell wildcard, and any matches are then installed.
package_name
Used to update the specified packages to the latest available version. If no packages are specified, then yum will attempt to update all installed packages.
If the --obsoletes
option is used (i.e. yum
--obsoletes package_name
), yum
will process obsolete packages. As such, packages that are obsoleted
across updates will be removed and replaced accordingly.
This command allows you to determine whether any updates are available for your installed packages. yum returns a list of all package updates from all repositories if any are available.
package_name
Used to remove specified packages, along with any other packages dependent on the packages being removed.
package_name
Used to determine which packages provide a specific file or feature.
keyword
This command is used to find any packages containing the specified keyword in the description, summary, packager and package name fields of RPMs in all supported repositories.
absolute path to filename
Used when using yum to install a package located locally in the machine.
The Red Hat Update Agent is your connection to SUSE Manager on Red Hat Enterprise Linux 4. It enables you to register your systems, create System Profiles, and alter the settings by which your organization and SUSE Manager interact. Once registered, your systems can use the Red Hat Update Agent to retrieve the latest software packages. This tool allows you to always have the most up-to-date Red Hat Enterprise Linux systems with all security updates, bug fixes, and software package enhancements.
Remember, this tool must be run on the system you wish to update. You cannot use the Red Hat Update Agent on the system if it is not entitled to an SUSE Manager service offering.
![]() | |
Customers with Expanded Support using SUSE Manager must be entitled to retrieve updates to their Red Hat Enterprise Linux system via Novell Customer Center. Installing the Red Hat GPG key is also required. For more information, refer to Section 1.3.3.1, “Installing the Red Hat GPG key”. |
If you are not running the X Window System or prefer the command line version of the Red Hat Update Agent, skip to Section 1.3.3, “Command Line Version”.
You must be root to run the Red Hat Update Agent. If started as a standard user, Red Hat Update Agent prompts you to enter the root password before proceeding. The Red Hat Update Agent can be started as follows:
For Red Hat Enterprise Linux 5: At a shell prompt (for example, an xterm or gnome-terminal), type the command system-config-packages.
For Red Hat Enterprise Linux 4: At a shell prompt (for example, an xterm or gnome-terminal), type the command up2date.
If you start the application from a shell prompt, you can specify the options in Table 1.1, “Graphical Update Agent Options”. To view these options, type the command up2date --help. For example, use the following command to specify the directory in which to download the updated packages (temporarily overriding your saved configuration):
up2date --tmpdir=/tmp/up2date/
Table 1.1. Graphical Update Agent Options¶
Option | Description |
---|---|
--configure
| Configure Red Hat Update Agent options. Refer to Section 1.3.4, “Configuration” for detailed instructions. |
-d , --download
| Download packages only; do not install them. This argument temporarily overrides the configuration option Do not install packages after retrieval. Use this option if you prefer to install the packages manually. |
-f , --force
| Force package installation. This option temporarily overrides the file, package, and configuration skip lists. |
-i , --install
| Install packages after they are downloaded. This argument temporarily overrides the configuration option Do not install packages after retrieval. |
-k , --packagedir
| Specify a colon separated path of directories in which to look for packages before trying to download them. |
--nosig
| Do not use GPG to check package signatures. This option temporarily overrides the saved configuration option. |
--tmpdir=
| Temporarily override the configured package directory. The
default location is /var/spool/up2date . This
option is useful if you do not have enough space in the configured
location. |
--dbpath=
| Specify an alternate RPM database to use temporarily. |
The first time you run the Red Hat Update Agent, two dialog boxes appear that you will not see in subsequent startups: Configure Proxy Server and Install GPG Key.
The first dialog box to appear prompts you for HTTP Proxy Server
information. This is useful if your network connection requires you to
use a proxy server to make HTTP connections. To use this feature, select
the Enable HTTP Proxy checkbox and type your proxy
server in the text field with the format HOST:PORT, such as
squid.mysite.org:3128
. Additionally, if your proxy
server requires a username and password, select the Use
Authentication checkbox and enter your username and password
in the respective text fields.
An HTTP Proxy Server is not required by SUSE Manager. If you do not want to use this feature, click the
button without making any selections.The second dialog box to appear prompts you to install the Red Hat GPG key. This key is used to verify the packages you download for security purposes. Click
to install the key, and you will not see this message again.Before you begin using SUSE Manager, you must create a username, password, and System Profile. Upon launch, the Red Hat Update Agent senses whether these tasks have been accomplished. If not, it guides you through the registration process.
If you ever need to force the Red Hat Update Agent into registration mode, such as to re-register an existing system, you may do so by issuing the following command at a shell prompt:
up2date --register
![]() | |
If your username is part of a larger organizational account, you should take caution when registering systems. By default, all systems registered with the Red Hat Update Agent end up in the Ungrouped section of systems visible only to SUSE Manager Administrators. To ensure you retain management of these systems, your organization is recommended to create an activation key associated with a specific system group and grant you permissions to that group. You may then register your systems using that activation key and find those System Profiles within SUSE Manager immediately. Refer to Section 1.3.5, “Registering with Activation Keys” for instructions. |
After installing the Red Hat GPG Key, the Welcome screen appears. It appears each time you start the Red Hat Update Agent. Click
to continue.Red Hat Update Agent next displays all package channels to which you have access. The channels you select from this screen must match the base operating system of the system you are registering. if any child channels are available, you may select them as well. Additional information regarding the selected channel is displayed in the Channel Information pane. When finished, click to continue.
Red Hat Update Agent now compares the packages in your RPM database with those available from the Channel you selected. The progress bar is displayed during this process.
The next step in the initial update is the selection of files to be skipped. Any packages checked here will not be downloaded and updated by the Red Hat Update Agent. This screen is displayed whenever packages are available that are currently selected to be ignored.
Make your selections and click
to continue.The Red Hat Update Agent next displays all available updates except those you chose to skip in the previous screen. Select those you wish to download and click
to continue. To view the complete Patch (Errata) Advisory text for an update, highlight the relevant package and click the button. When finished, click .Select those you wish to download and click
to continue.The Red Hat Update Agent tests the packages you selected to be certain that the requirements of each RPM are met. If any additional packages are required, Red Hat Update Agent displays an error message. Click
to continue.
Once all dependencies are met, Red Hat Update Agent retrieves the
packages from SUSE Manager. As the packages are downloaded, they are
temporarily stored in /var/spool/up2date/
.
When all packages have been downloaded, click
to continue.The packages must be installed after downloading them via the Red Hat Update Agent. If you chose not to install the packages via the Red Hat Update Agent, skip to Section 1.3.3.2, “Manual Package Installation” for further instructions. If you configured the Red Hat Update Agent to install the packages (the default setting), the installation process begins. The progress of installing each package, as well as the total progress, is displayed. When the packages have been installed, click to continue.
Click Red Hat Update Agent.
to exit theIf you are not running X, you can still run the Red Hat Update Agent from a virtual console or remote terminal. If you are running X but want to use the command line version, you can force it not to display the graphical interface with the following command:
up2date --nox
The command line version of the Red Hat Update Agent allows you to perform advanced functions or to perform actions with little or no interaction. For example, the following command updates your system with no interaction. It downloads the newer packages and installs them if you configured it to do so.
up2date -u
The command line version of the Red Hat Update Agent accepts the following arguments:
Table 1.2. Update Agent Command Line Arguments
Option | Description |
---|---|
-? , --usage
| Briefly describe the available options. |
-h , --help
| List the available options and exit. |
--arch=
| Force up2date to
install this architecture of the package. Not
valid with --update ,
--list , or
--dry-run . |
--channel=
| Specify from which channels to update using channel labels. |
--configure
| Configure Red Hat Update Agent options. Refer to Section 1.3.4, “Configuration” for detailed instructions. |
-d , --download
| Download packages only; do not install them. This argument temporarily overrides the configuration option Do not install packages after retrieval. Use this option if you prefer to install the packages manually. |
--dbpath=
| Specify an alternate RPM database to use temporarily. |
--dry-run
| Do everything but download and install packages. This is useful in checking dependencies and other requirements prior to actual installation. |
-f , --force
| Force package installation. This option temporarily overrides the file, package, and configuration skip lists. |
--firstboot
| Pop up in the center of the screen for Firstboot. |
--get
| Fetch the package specified without resolving dependencies. |
--get-source
| Fetch the source package specified without resolving dependencies. |
--gpg-flags
| Show the flags with which GPG is invoked, such as the keyring. |
--hardware
| Update this system's hardware profile on SUSE Manager. |
-i , --install
| Install packages after they are downloaded. This argument temporarily overrides the configuration option Do not install packages after retrieval. |
--installall=
| Install all available packages from a given channel |
--justdb
| Only add packages to the database and do not install them. |
-k , --packagedir
| Specify a colon-separated path of directories in which to look for packages before trying to download them. |
-l , --list
| List packages relevant to the system. |
--list-rollbacks
| Show the package rollbacks available. |
--nodownload
| Do not download packages at all. This is useful in testing. |
--nosig
| Do not use GPG to check package signatures. This option temporarily overrides the saved configuration option. |
--nosrc
| Do not download source packages (SRPMs). |
--nox
| Do not attempt to run in X. This launches the command line version of the Red Hat Update Agent. |
-p , --packages
| Update packages associated with this System Profile. |
--proxy=
| Specify an HTTP proxy to use. |
--proxyPassword=
| Specify a password to use with an authenticated HTTP proxy. |
--proxyUser=
| Specify a username to use with an authenticated HTTP proxy. |
--register
| Register (or re-register) this system with SUSE Manager. Refer to Section 1.3.2, “Registration” for detailed instructions. |
--serverUrl=
| Specify an alternate server from which to retrieve packages. |
--showall
| List all packages available for download. |
--show-available
| List all packages available that are not currently installed. |
--show-channels
| Show the channel name associated with each package. |
--show-orphans
| List all packages currently installed that are not in channels to which the system is subscribed. |
--show-package-dialog
| Show the package installation dialog in GUI mode. |
--solvedeps=
| Find, download, and install the packages necessary to resolve dependencies. |
--src
| Download source packages, as well as binary RPMs. |
--tmpdir=
| Temporarily override the configured package
directory. The default location is /var/spool/up2date . This option
is useful if you do not have enough space in the
configured location. |
-u , --update
| Update system with all relevant packages. |
--undo
| Reverse the last package set update. |
--upgrade-to-release=
| Upgrade to the channel specified. |
--uuid=
| Pass in a Unique User ID generated by the Alert Notification tool. |
-v , --verbose
| Show additional output while updating. |
--version
| Show up2date version information. |
--whatprovides=
| Show the packages that resolve the comma-separated list of dependencies. |
![]() | |
The |
The first time you run the graphical version of the Red Hat Update Agent, it prompts you to install the Red Hat GPG key. This key is required to authenticate the packages downloaded from Red Hat Network. If you run the command line version the first time you start Red Hat Update Agent, you must install the Red Hat GPG key manually. If you do not have it installed, you will see the following message:
Your GPG keyring does not contain the Red Hat, Inc. public key. Without it, you will be unable to verify that packages Update Agent downloads are securely signed by Red Hat. [...]
![]() | |
GPG keys must be installed for each user. To install the key to use with SUSE Manager, import the key while logged in as root. |
Issue the following command at a shell prompt as root:
rpm --import /usr/share/rhn/RPM-GPG-KEY
If you chose to download, but not install, the software updates with the Red Hat Update Agent, you must install them manually using RPM.
To install them, change to the directory that contains the downloaded
packages. The default directory is
/var/spool/up2date
. Type the command rpm
-Uvh *.rpm. When the packages finish installing, you can
delete them if you wish. You do not need them anymore.
After installing the packages, you must update your System Profile so that you are not prompted to download them again. Refer to Section 1.3.3.3, “Synchronizing Your System Profile” for details.
If you configured the Red Hat Update Agent to install the latest packages, the System Profile stored by SUSE Manager is updated after the packages are installed. However, if you only download the latest RPM packages using the Red Hat Update Agent, download the RPM packages from the website, or upgrade/install/remove RPM packages yourself, your System Profile is not updated automatically. You must send your updated System Profile to the SUSE Manager server.
To synchronize the RPM package list on your local Red Hat Enterprise Linux 5 system and on Red Hat Network, run the command:
rhn-profile-sync
After running this command, your SUSE Manager System Profile reflects the latest software versions installed on your system.
For Red Hat Enterprise Linux 4 systems, use the following command to update the package list, run the command:
up2date -p
The Red Hat Update Agent keeps a log of all
the actions that it performs on your system in the file
/var/log/up2date
. It uses the standard rotating log
method. Thus, older logs are in /var/log/up2date.1
,
/var/log/up2date.2
, and
/var/log/up2date.3
. The log files store actions
performed by the Red Hat Update Agent such as
when your RPM database is opened, when it connects to SUSE Manager to
retrieve information from your System Profile, which packages are
downloaded, which packages are installed using the Red Hat
Update Agent, and which packages are deleted from your
system after installation. If you choose to install and delete packages
yourself, it is not logged in this file. It is recommended that you keep
a log of actions not performed with the Red Hat Update
Agent.
The Red Hat Update Agent offers various options to configure its settings.
If you are not running the X Window System or prefer the command line version, skip to Section 1.3.4.2, “Command Line Version”.
You must be root to run the Red Hat Update Agent Configuration Tool. If started by a user other than root, the Red Hat Update Agent prompts you for the root password. The Red Hat Update Agent Configuration Tool can be started by typing the command up2date --config at a shell prompt (for example, an xterm or a gnome-terminal).
The General tab allows you to enable an HTTP Proxy
Server. If your network connection requires you to use an HTTP Proxy
Server to make HTTP connections, select the Enable HTTP
Proxy option and type your proxy server in the text field
with the format http://HOST:PORT. For example, to use the proxy server
squid.mysite.org on port 3128, you would enter
squid.mysite.org:3128
in the text field.
Additionally, if your proxy server requires a username and password,
select the Use Authentication option and enter
your username and password in the respective text fields.
The Retrieval/Installation tab allows you to customize your software package retrieval and package installation preferences.
The following package retrieval options can be selected (see Figure 1.9, “Retrieval/Installation Settings”):
— download selected RPM packages to the desired directory and ignore the installation preferences
apache
or
squid
, do not attempt to upgrade it. This option
is useful if you are installing custom RPMs on your system and you do
not want them updated or reverted to the default Red Hat Enterprise
Linux packages.
*.src.rpm
) and the binary
(*.[architecture].rpm
) files
The following installation options are configurable (see Figure 1.9, “Retrieval/Installation Settings”):
— before installing packages, verify Red Hat's GPG signature (highly recommended for security reasons)
— save binary packages in the desired directory instead of deleting them after installation
The following additional options are configurable from this tab:
— override the Red Hat Linux version in your System Profile
/var/spool/up2date/
The Package Exceptions tab allows you to define which packages to exclude from the list of updated RPM packages according to the package name or file name (see Figure 1.10, “Package Exceptions Settings”).
To define a set of packages to be excluded according to the package name, enter a character string including wild cards (*) in the Add new text field under in the Package Names to Skip section heading. A wild card at the end of the character string indicates that all packages beginning with the character string are excluded from the list. A wild card at the beginning of the character string indicates that any packages that end with the character string are excluded from the list.
For example, if the string kernel*
is in the
Package Names to Skip section, the
Red Hat Update Agent will not display any
packages beginning with kernel.
To exclude packages by file name, apply the same rules to the field below File Names to Skip section heading.
The command line version of this tool performs the same function as the
graphical version. It allows you to configure the settings used by the
Red Hat Update Agent and store them in the
configuration file /etc/sysconfig/rhn/up2date
.
To run the command line version of the Red Hat Update Agent Configuration Tool, use the following command:
up2date --nox --configure
You are presented with a list of options and their current values:
0. adminAddress ['root@localhost'] 1. debug No 2. disallowConfChange ['noReboot', 'sslCACert', 'useNoSSLForPackages', 3. enableProxy No 4. enableProxyAuth No 5. enableRollbacks No 6. fileSkipList [] 7. forceInstall No 8. gpgKeyRing /etc/sysconfig/rhn/up2date-keyring.gpg 9. headerCacheSize 40 10. headerFetchCount 10 11. httpProxy 12. isatty Yes 13. keepAfterInstall No 14. networkRetries 5 15. noBootLoader No 16. noReboot No 17. noReplaceConfig Yes 18. noSSLServerURL http://xmlrpc.rhn.redhat.com/XMLRPC 19. pkgSkipList ['kernel*'] 20. pkgsToInstallNotUp ['kernel', 'kernel-modules', 'kernel-devel'] 21. proxyPassword 22. proxyUser 23. removeSkipList ['kernel*'] 24. retrieveOnly No 25. retrieveSource No 26. rhnuuid a8aea05c-f174-11df-af94-55bad1b1e05f 27. serverURL http://ix64ph001.example.com/XMLRPC 28. showAvailablePacka No 29. sslCACert /usr/share/rhn/RHNS-CA-CERT 30. storageDir /var/spool/up2date 31. systemIdPath /etc/sysconfig/rhn/systemid 32. updateUp2date Yes 33. useGPG Yes 34. useNoSSLForPackage No 35. useRhn Yes 36. versionOverride Enter number of item to edit <return to exit, q to quit without saving>:
Enter the number of the item to modify and enter a new value for the option. When you finish changing your configuration, press Enter to save your changes and exit. Press q and then Enter to quit without saving your changes.
![]() | |
Although this is not configurable, users should still make note that
the port used by the Red Hat Update Agent is
443 for SSL (HTTPS) and 80 for non-SSL (HTTP). By default,
|
In addition to the standard Red Hat Update Agent interface, up2date offers a utility aimed at batch processing system registrations: activation keys. Each unique key can be used to register Red Hat Enterprise Linux systems, entitle them to a SUSE Manager service level, and subscribe them to specific channels and system groups, all in one action.
Alternatively, both the Red Hat Network Registration Client and Red Hat Update Agent offer the activation keys utility rhnreg_ks as part of their packages.
Before using an activation key you must first generate one through the SUSE Manager website. Refer to Section 3.4.6, “Activation Keys — [Mgmt]” for precise steps.
To use an activation key, run the following command as root from a shell prompt on the system to be registered:
rhnreg_ks --activationkey=7202f3b7d218cf59b764f9f6e9fa281b
The precise value of the activation key varies.
In addition, Provisioning-entitled systems may use multiple activation keys at once, either at the command line or within kickstart profiles. This allows Administrators to include a variety of values without creating a special key for the desired results. To do this, specify the keys separated by commas, like this:
rhnreg_ks --activationkey=7202f3b7d218cf59b764f9f6e9fa281b,\
39f41081f0329c20798876f37cb9p6a3
![]() | |
The trailing backslash (\) in this command example is a continuation character; it may safely be omitted, if you write all keys in one line. |
Refer to Section 3.4.6.2, “Using Multiple Activation Keys at Once — [Prov]” to understand how differences in activation keys are handled.
The above command performs all the actions of the Registration Client and the registration function of the Red Hat Update Agent. Do not run either of these applications for registration after running rhnreg_ks.
A System Profile, including software and hardware information, is created for the system and sent to the SUSE Manager server along with the unique activation key. The system is registered with SUSE Manager under the account used to generate the key, entitled to an SUSE Manager service offering, and subscribed to the Novell channels and system groups selected during key generation. The system is not subscribed to channels that contain packages unsuitable for the system. For example, a Red Hat Enterprise Linux 4 system cannot be subscribed to the Red Hat Enterprise Linux 5 channel.
The unique Digital Certificate for the system is generated on the system
in the file /etc/sysconfig/rhn/systemid
.
When using activation keys to assign channels, consider these rules:
A key may specify either zero or one base channel. If specified, it must be a custom base channel. If not, the base channel corresponding to the system's Red Hat distribution is chosen. For instance, you may not subscribe a Red Hat Enterprise Linux 4 system to the Red Hat Enterprise Linux 5 channel.
A key may specify any number of child channels. For each child channel, subscription is attempted. If the child channel matches the system's base channel, subscription succeeds. If it does not, the subscription fails silently. Refer to Section 3.6, “Channels” for more information.
Keys may be modified by any user with the role of Activation Key Administrator or SUSE Manager Administrator (or both). These permissions are set through the Users tab of the SUSE Manager website. Refer to Section 3.9, “Users — [Mgmt]” for details.
Systems registered with activation keys are tied to the organization account in which the key was created, not the key itself. After registration, a key can be deleted safely without any effect on the systems it was used to register.
SUSE Manager supports the Organizations feature, which allows administrators to appropriate software and system entitlements across various organizations, as well as control an organization's access to systems management. Systems can now be registered directly with an organization.
To register a system with an organization on a SUSE Manager server, you can
use the username and password of an account that is created within that
organization. For example, if there is an organization called
Sales Team, with a username
salesadmin
and password
abc123
, using these credentials assures that a
system is registered with the proper organization.
For example:
rhnreg_ks --user=salesadmin --password=abc123
![]() | |
The |
For more information about the Organizations feature, refer to Section 3.11.1, “Admin+Organizations”.