[WBEL-users] Updating rpms need headers?

Kirby C. Bohling kbohling@birddog.com
Tue, 19 Oct 2004 13:38:21 -0500 

On Tue, Oct 19, 2004 at 01:22:24PM -0500, King, John (Greg) (LMIT-HOU) wrote:
> I have a group of systems that I need to install patches on before they go
> live on the network. Before I do though I was curious if I can do upgrades
> without the need to go to a mirror site, download the headers and then the
> rpms.
> 
> The servers are in-between firewalls (each between a different set of
> firewalls) in which only very specific data is allowed to pass. Ftp, http
> and rsync to or from these servers falls under the blocked category.
> 
> So I have obtained another system using my same software load that is not
> production but can be used to validate and test updates. Once gpg checked
> and through the patch process checks I will be wanting to load these patches
> to the other systems. To do this I will sftp the rpms to the machines.
> 
> Once a copy of the updated rpms is pushed can I simply rpm -Uvh
> /path/to/rpmfiles/file.rpm?  Are the headers only for yum or is there
> something in the headers I will need?

The headers are created via yum-arch, and are not needed for
anything besides yum to the best of my knowledge.

You might try just building your own mirror locally between you and
the firewall.  That's what I've done.  Use rsync to mirror
everything (obviously, you'll have to do that outside the firewall).

Move that inside the firewall, and setup a <Directory> entry for
apache something similar to this:

----
Alias /whitebox "/mirrors/whitebox"
<Directory "/mirrors/whitebox">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
----

In my example, the rsync is written to the /mirrors/whitebox
directory.  http://machine/whitebox should give you the beginnings
of the path to your yum repository.

You might need to run yum-arch after rsync.  I finally started doing
it recently, after the mirrors seemed to be out of sync (the headers
directory wasn't in sync with the i386 directory).  I'm tired of
complaining about the mirrors being out of sync (after checking
three or four mirrors I give up).  It's seems to be a fairly common
problem when I go looking for new updates.

If you want to, you can just drop in all of the RPMs you want
distributed on your network and run your own YUM repository.  It's
much easier then moving rpm files around.

	Kirby