Re: [Spacewalk-list] Spacewalk 2.9 and Ubuntu clients Part 2 of 2
On Tue, 29 Jan 2019 14:22:53 -0500, James Krych wrote >So if I understand this correctly, I already have the packages installed for the client in >question. Using this script will both install the packages and register the client? >Respectfully, >James As long as you have the packages where they're expected. Not a problem for the Ubuntu 16.04 packages since it can pick them up off the Internet repos. But since the Spacewalk client isn't in the Ubuntu 18.04 repos, it tries to download them from the spacewalk server (you need to edit the variable at the top of the script to be your server name). I kind of hacked our script a bit to replace the server name with the variable, so I admittedly haven't tested the modified script. You may need to correct some minor errors but it should get you started. And James earlier also wrote: >Since I have two types of clients, Ubuntu 16.04 and 18.04, do I need two different activation keys? I currently do have one setup. What do you have set up for the Base Channel for that activation key? I don't know/remember if the Spacewalk Default works for Ubuntu versions and CentOS like it does for Red Hat EL and Fedora. I doubt it since the support for Ubuntu is limited. "Choose 'Spacewalk Default' to allow systems to register to the default Red Hat provided channel that corresponds to their installed version of Red Hat Enterprise Linux. You may also choose particular Red Hat provided channels or custom base channels here, but please note if a system using this key is not compatible with the selected channel, it will fall back to its Red Hat default channel." We created 4 activation keys, 1 for CentOS 7 and one for each of the in-use LTS versions of Ubuntu. On the Child Channels tab of the activation key, we selected the child channels (i.e. xenial-spacewalk-client, xenial-universe, xenial-security, xenial-security-universe) that we want to be enabled on servers by default. When the server is registered, in most cases the server will only need to be added to a system group, unless it needs a special channel/repo for a PPA. The script also disables the corresponding main/universe Internet sources in /etc/sources.list. If you also have channels for multiverse, you would want to add a perl -pi line to comment out the multiverse sources. That appears to work for us, but you would need to figure out what your needs (and resource constraints) are and adjust accordingly. Cheers, Paul-Andre ___ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
Re: [Spacewalk-list] Spacewalk 2.9 and Ubuntu clients Part 2 of 2
So if I understand this correctly, I already have the packages installed
for the client in question. Using this script will both install the
packages and register the client?
Respectfully,
James
--
--
James W. Krych
CCNP, CCNA, Net+, Security+, A+, Linux+
Mobile: 843-847-1446
james.w.kr...@gmail.com
On Tue, Jan 29, 2019 at 2:07 PM Paul-Andre Panon <
paul-andre.pa...@avigilon.com> wrote:
> On Tue, 29 Jan 2019 13:22:30 -0500, James Krych
> wrote:
> >>For Ubuntu / Debian, these default bootstrap scripts do not work. You
> have to create your own."
>
> >Is there a source of these scripts for use with Debian clients?
>
> >Very respectfully,
>
> >James
>
> We use something like the script below. You will want to adjust it for
> your environment. It has the advantage that you can use it on CentOS or
> Ubuntu clients, so you can just put it in /var/www/html/pub/ on your
> spacewalk server and have people download and run it.
>
> You will need to customize it to use your activation key names (and set up
> the activation keys to add your preferred channels for each distribution).
> It also needs a few more files set up on the spacewalk server in the
> /var/www/html/pub directory: the packages for Ubuntu 18.04 (in
> pub/bionic-debs), and a stub configuration file for the
> https://bugzilla.redhat.com/show_bug.cgi?id=1187189 workaround. It might
> need a few more tweaks but it should be enough to get you started.
>
> #!/bin/bash
> #
> # Install the SpaceWalk client on three possible O/S targets, CentOS 7,
> Ubuntu 14.04, and Ubuntu 16.04
> # Register the client with the Avigilon Spacewalk server
> #
> spacewalkserver="yourspacewalkserver.yourdomain"
>
> install_centos7_client() {
> echo Installing Spacewalk client for CentOS 7.X
> rpm -Uvh
> http://yum.spacewalkproject.org/2.6-client/RHEL/7/x86_64/spacewalk-client-
> repo-2.6-0.el7.noarch.rpm
>
> wget https://muug.ca/mirror/fedora-epel/RPM-GPG-KEY-EPEL-7
> rpm --import ./RPM-GPG-KEY-EPEL-7
> BASEARCH=$(uname -i)
> rpm -Uvh
> http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
> yum -y install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto
> yum-rhn-plugin
> rpm -Uvh
> http://$spacewalkserver/pub/rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm
> rhnreg_ks --serverUrl=https://$spacewalkserver/XMLRPC
> --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> --activationkey=1-centos7-x86_64
> # enable osad
> yum install osad
> /bin/perl -pi -e "s/osa_ssl_cert =/osa_ssl_cert =
> \/usr\/share\/rhn\/RHN-ORG-TRUSTED-SSL-CERT/" /etc/sysconfig/rhn/osad.conf
> /bin/systemctl enable osad
> /bin/systemctl osad start
> # enable openscap
> yum install openscap-scanner spacewalk-oscap
> wget
> https://copr-be.cloud.fedoraproject.org/results/openscapmaint/openscap-lat
> est/epel-7-x86_64/00482175-scap-security-guide/scap-security-guide-0.1.31
> -2.el7.centos.noarch.rpm
>
> rpm -ivh scap-security-guide-0.1.31-2.el7.centos.noarch.rpm
> yum history sync
> }
>
> install_ubuntu14.04_client() {
> echo Installing Spacewalk client for Ubuntu 14.04
>
> if [ -n "`which rhnreg_ks`" ] ; then echo rhnreg_ks is already
> installed. Aborting; exit; fi
>
> # Install some pre-requisites before our packages
> apt-get -y install python-dbus python-newt python-dmidecode python-gudev
> python-dbus-dev python-support python-libxml2 python-gobject python-gi
> python-g object-2 python-ethtool python-jabber
> apt-get -y install apt-transport-spacewalk python-rhn rhn-client-tools
> rhnsd
> wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey;
> apt-key add spacewalk.gpg.pubkey
> # Now set up and register with our Spacewalk server
> mkdir /var/lock/subsys
> wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
> /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
> --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> --activationkey=1-avo-ubuntu-trusty-key
> # Take updates and security patches for main and universe from spacewalk
> echo "deb spacewalk://$spacewalkserver/XMLRPC channels: main
> trusty-updates trusty-backports trusty-security" >
> /etc/apt/sources.list.d/spacewalk.list
> cp /etc/apt/sources.list /etc/apt/sources.list.bak
> # and not from the standard repositories
> perl -pi -e 's/^deb([-src]*) (.*) trusty main/#deb$1 $2 trusty main/'
> /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-updates ([m|u][^u])/#deb$1 $2
> trusty-updates $3/' /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-security ([m|u][^u])/#deb$1 $2
> trusty-security $3/' /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-backports/#deb$1 $2
>
Re: [Spacewalk-list] Spacewalk 2.9 and Ubuntu clients Part 2 of 2
Thank you so very much!
Since I have two types of clients, Ubuntu 16.04 and 18.04, do I need two
different activation keys? I currently do have one setup.
Respectfully,
James
--
--
James W. Krych
CCNP, CCNA, Net+, Security+, A+, Linux+
Mobile: 843-847-1446
james.w.kr...@gmail.com
On Tue, Jan 29, 2019 at 2:07 PM Paul-Andre Panon <
paul-andre.pa...@avigilon.com> wrote:
> On Tue, 29 Jan 2019 13:22:30 -0500, James Krych
> wrote:
> >>For Ubuntu / Debian, these default bootstrap scripts do not work. You
> have to create your own."
>
> >Is there a source of these scripts for use with Debian clients?
>
> >Very respectfully,
>
> >James
>
> We use something like the script below. You will want to adjust it for
> your environment. It has the advantage that you can use it on CentOS or
> Ubuntu clients, so you can just put it in /var/www/html/pub/ on your
> spacewalk server and have people download and run it.
>
> You will need to customize it to use your activation key names (and set up
> the activation keys to add your preferred channels for each distribution).
> It also needs a few more files set up on the spacewalk server in the
> /var/www/html/pub directory: the packages for Ubuntu 18.04 (in
> pub/bionic-debs), and a stub configuration file for the
> https://bugzilla.redhat.com/show_bug.cgi?id=1187189 workaround. It might
> need a few more tweaks but it should be enough to get you started.
>
> #!/bin/bash
> #
> # Install the SpaceWalk client on three possible O/S targets, CentOS 7,
> Ubuntu 14.04, and Ubuntu 16.04
> # Register the client with the Avigilon Spacewalk server
> #
> spacewalkserver="yourspacewalkserver.yourdomain"
>
> install_centos7_client() {
> echo Installing Spacewalk client for CentOS 7.X
> rpm -Uvh
> http://yum.spacewalkproject.org/2.6-client/RHEL/7/x86_64/spacewalk-client-
> repo-2.6-0.el7.noarch.rpm
>
> wget https://muug.ca/mirror/fedora-epel/RPM-GPG-KEY-EPEL-7
> rpm --import ./RPM-GPG-KEY-EPEL-7
> BASEARCH=$(uname -i)
> rpm -Uvh
> http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
> yum -y install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto
> yum-rhn-plugin
> rpm -Uvh
> http://$spacewalkserver/pub/rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm
> rhnreg_ks --serverUrl=https://$spacewalkserver/XMLRPC
> --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> --activationkey=1-centos7-x86_64
> # enable osad
> yum install osad
> /bin/perl -pi -e "s/osa_ssl_cert =/osa_ssl_cert =
> \/usr\/share\/rhn\/RHN-ORG-TRUSTED-SSL-CERT/" /etc/sysconfig/rhn/osad.conf
> /bin/systemctl enable osad
> /bin/systemctl osad start
> # enable openscap
> yum install openscap-scanner spacewalk-oscap
> wget
> https://copr-be.cloud.fedoraproject.org/results/openscapmaint/openscap-lat
> est/epel-7-x86_64/00482175-scap-security-guide/scap-security-guide-0.1.31
> -2.el7.centos.noarch.rpm
>
> rpm -ivh scap-security-guide-0.1.31-2.el7.centos.noarch.rpm
> yum history sync
> }
>
> install_ubuntu14.04_client() {
> echo Installing Spacewalk client for Ubuntu 14.04
>
> if [ -n "`which rhnreg_ks`" ] ; then echo rhnreg_ks is already
> installed. Aborting; exit; fi
>
> # Install some pre-requisites before our packages
> apt-get -y install python-dbus python-newt python-dmidecode python-gudev
> python-dbus-dev python-support python-libxml2 python-gobject python-gi
> python-g object-2 python-ethtool python-jabber
> apt-get -y install apt-transport-spacewalk python-rhn rhn-client-tools
> rhnsd
> wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey;
> apt-key add spacewalk.gpg.pubkey
> # Now set up and register with our Spacewalk server
> mkdir /var/lock/subsys
> wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
> /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
> --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
> --activationkey=1-avo-ubuntu-trusty-key
> # Take updates and security patches for main and universe from spacewalk
> echo "deb spacewalk://$spacewalkserver/XMLRPC channels: main
> trusty-updates trusty-backports trusty-security" >
> /etc/apt/sources.list.d/spacewalk.list
> cp /etc/apt/sources.list /etc/apt/sources.list.bak
> # and not from the standard repositories
> perl -pi -e 's/^deb([-src]*) (.*) trusty main/#deb$1 $2 trusty main/'
> /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-updates ([m|u][^u])/#deb$1 $2
> trusty-updates $3/' /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-security ([m|u][^u])/#deb$1 $2
> trusty-security $3/' /etc/apt/sources.list
> perl -pi -e 's/^deb([-src]*) (.*) trusty-backports/#deb$1 $2
> trusty-backports/'
Re: [Spacewalk-list] Spacewalk 2.9 and Ubuntu clients Part 2 of 2
On Tue, 29 Jan 2019 13:22:30 -0500, James Krych
wrote:
>>For Ubuntu / Debian, these default bootstrap scripts do not work. You
have to create your own."
>Is there a source of these scripts for use with Debian clients?
>Very respectfully,
>James
We use something like the script below. You will want to adjust it for
your environment. It has the advantage that you can use it on CentOS or
Ubuntu clients, so you can just put it in /var/www/html/pub/ on your
spacewalk server and have people download and run it.
You will need to customize it to use your activation key names (and set up
the activation keys to add your preferred channels for each distribution).
It also needs a few more files set up on the spacewalk server in the
/var/www/html/pub directory: the packages for Ubuntu 18.04 (in
pub/bionic-debs), and a stub configuration file for the
https://bugzilla.redhat.com/show_bug.cgi?id=1187189 workaround. It might
need a few more tweaks but it should be enough to get you started.
#!/bin/bash
#
# Install the SpaceWalk client on three possible O/S targets, CentOS 7,
Ubuntu 14.04, and Ubuntu 16.04
# Register the client with the Avigilon Spacewalk server
#
spacewalkserver="yourspacewalkserver.yourdomain"
install_centos7_client() {
echo Installing Spacewalk client for CentOS 7.X
rpm -Uvh
http://yum.spacewalkproject.org/2.6-client/RHEL/7/x86_64/spacewalk-client-
repo-2.6-0.el7.noarch.rpm
wget https://muug.ca/mirror/fedora-epel/RPM-GPG-KEY-EPEL-7
rpm --import ./RPM-GPG-KEY-EPEL-7
BASEARCH=$(uname -i)
rpm -Uvh
http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto
yum-rhn-plugin
rpm -Uvh
http://$spacewalkserver/pub/rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm
rhnreg_ks --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-centos7-x86_64
# enable osad
yum install osad
/bin/perl -pi -e "s/osa_ssl_cert =/osa_ssl_cert =
\/usr\/share\/rhn\/RHN-ORG-TRUSTED-SSL-CERT/" /etc/sysconfig/rhn/osad.conf
/bin/systemctl enable osad
/bin/systemctl osad start
# enable openscap
yum install openscap-scanner spacewalk-oscap
wget
https://copr-be.cloud.fedoraproject.org/results/openscapmaint/openscap-lat
est/epel-7-x86_64/00482175-scap-security-guide/scap-security-guide-0.1.31
-2.el7.centos.noarch.rpm
rpm -ivh scap-security-guide-0.1.31-2.el7.centos.noarch.rpm
yum history sync
}
install_ubuntu14.04_client() {
echo Installing Spacewalk client for Ubuntu 14.04
if [ -n "`which rhnreg_ks`" ] ; then echo rhnreg_ks is already
installed. Aborting; exit; fi
# Install some pre-requisites before our packages
apt-get -y install python-dbus python-newt python-dmidecode python-gudev
python-dbus-dev python-support python-libxml2 python-gobject python-gi
python-g object-2 python-ethtool python-jabber
apt-get -y install apt-transport-spacewalk python-rhn rhn-client-tools
rhnsd
wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey;
apt-key add spacewalk.gpg.pubkey
# Now set up and register with our Spacewalk server
mkdir /var/lock/subsys
wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-avo-ubuntu-trusty-key
# Take updates and security patches for main and universe from spacewalk
echo "deb spacewalk://$spacewalkserver/XMLRPC channels: main
trusty-updates trusty-backports trusty-security" >
/etc/apt/sources.list.d/spacewalk.list
cp /etc/apt/sources.list /etc/apt/sources.list.bak
# and not from the standard repositories
perl -pi -e 's/^deb([-src]*) (.*) trusty main/#deb$1 $2 trusty main/'
/etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-updates ([m|u][^u])/#deb$1 $2
trusty-updates $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-security ([m|u][^u])/#deb$1 $2
trusty-security $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-backports/#deb$1 $2
trusty-backports/' /etc/apt/sources.list
# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1187189
wget https://$spacewalkserver/pub/49spacewalk-workaround -O
/etc/apt/apt-conf.d/49spacewalk-workaround
# clean up and test
popd
rm -Rf /tmp/trusty-debs
apt-get update
}
install_ubuntu16.04_client() {
echo Installing Spacewalk client for Ubuntu 16.04
apt-get -y install apt-transport-spacewalk python-rhn python-ethtool
rhnsd rhn-client-tools python-jabber
if [ `dpkg -l apt-transport-spacewalk | wc -l` -lt 6 ]; then
echo "Could not download necessary prerequisites. Aborting"
exit
fi
wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
