[Spacewalk-list] Spacewalk 2.7 && Ubuntu 15.04 && Debian 9 [ working solution ]

Fri Apr 20 13:20:59 UTC 2018

Hi Robert,

Just updated to spacewalk 2.8 and  some minor updates to secureApt.sh

cd $_PKG_MAIN
  /var/www/html/pub/spw_scripts/secureApt.sh  xenial xenial-main
cd $_PKG_SEC
  /var/www/html/pub/spw_scripts/secureApt.sh  xenial xenial-security

===========================================

DATE=`date "+%a, %d %b %Y %H:%M:%S *UTC*"`
GPG_PASS='bugsbunny'

HEADER="Origin: Ubuntu
Label: Ubuntu
Date: ${DATE}
Archive: $1
Version: 16.04
Architectures: amd64
Component: $2
MD5Sum:"
....

.....

echo $GPG_PASS | gpg --armor *--digest-algo SHA256* --detach-sign -o 
Release.gpg *--default-key 88B9763A* --batch --no-tty --passphrase-fd 0 
--sign Release

=============================================

Somehow if I have multiple keys defined to get the last one, have no 
idea how to automate this.

On 20.4.2018 06:39, Robert Paschedag wrote:
> Am 19. April 2018 15:08:05 MESZ schrieb Florin <portase.florin at medianetork.ro>:
>> So, finally after so much trial and error here is what I've done to
>> allow smooth integration of Debian 9 and Ubuntu 16.0 with spacewalk
>>
>> Just to keep it simple
>>
>> 1. create channels: xenial-main + xenial-updates, xenial-security,
>> xenial-universe
>>
>> 2. tricky part  syncing channels [ adding multi-arch header]:
>>
>> #!/bin/bash
>>
>> _BIN_PATH=/var/www/html/pub/spw_scripts
>> _URL_MAIN='http://de.archive.ubuntu.com/ubuntu/dists/xenial/main/binary-amd64'
>> _URL_SEC='http://us.archive.ubuntu.com/ubuntu/dists/xenial-security/main/binary-amd64'
>> _URL_UPD='http://de.archive.ubuntu.com/ubuntu/dists/xenial-updates/main/binary-amd64'
>> _URL_UNIV='http://de.archive.ubuntu.com/ubuntu/dists/xenial/universe/binary-amd64'
>> _PKG_MAIN=/var/cache/rhn/repodata/xenial-main
>> _PKG_SEC=/var/cache/rhn/repodata/xenial-security
>> _PKG_UPD=/var/cache/rhn/repodata/xenial-updates
>> _PKG_UNIV=/var/cache/rhn/repodata/xenial-universe
>> _USER=bugs
>> _PASS=bunny
>>
>> $_BIN_PATH/spacewalk-debian-sync.pl  --url $_URL_MAIN --channel
>> xenial-main        --username=$_USER  --password $_PASS
>> $_BIN_PATH/spacewalk-debian-sync.pl  --url $_URL_SEC  --channel
>> xenial-security     --username=$_USER  --password $_PASS
>> $_BIN_PATH/spacewalk-debian-sync.pl  --url $_URL_UPD  --channel
>> xenial-updates    --username=$_USER  --password $_PASS
>> $_BIN_PATH/spacewalk-debian-sync.pl  --url $_URL_UNIV  --channel
>> xenial-universe  --username=$_USER  --password $_PASS
>>
>> s=180
>> trap 'echo "Ctrl-C detected."' 2
>> for (( i=$s ; i>0; i--));
>>          do
>>                  echo -ne  "\rFinishing sync in: $i seconds\033[0K";
>> sleep 1
>>          done
>> echo -e "\nSync completed!"
>> trap 2
>> $_BIN_PATH/spacewalk-add-debian-multiarch-header.py
>> $_PKG_MAIN/Packages
>> /tmp/xenial-main
>> $_BIN_PATH/spacewalk-add-debian-multiarch-header.py
>> $_PKG_SEC/Packages    /tmp/xenial-security
>> $_BIN_PATH/spacewalk-add-debian-multiarch-header.py
>> $_PKG_UPD/Packages
>> /tmp/xenial-updates
>> $_BIN_PATH/spacewalk-add-debian-multiarch-header.py
>> $_PKG_UNIV/Packages
>> /tmp/xenial-universe
>>
>>                  /bin/mv $_PKG_MAIN/Packages.new $_PKG_MAIN/Packages
>>                  /bin/mv $_PKG_SEC/Packages.new $_PKG_SEC/Packages
>>                  /bin/mv $_PKG_UPD/Packages.new $_PKG_UPD/Packages
>>                  /bin/mv $_PKG_UNIV/Packages.new $_PKG_UNIV/Packages
>>
>>                  gzip < $_PKG_MAIN/Packages > $_PKG_MAIN/Packages.gz
>>                  gzip < $_PKG_SEC/Packages > $_PKG_SEC/Packages.gz
>>                  gzip < $_PKG_UPD/Packages > $_PKG_UPD/Packages.gz
>>                  gzip < $_PKG_UNIV/Packages > $_PKG_UNIV/Packages.gz
>>
>> 3. client side  [ ubuntu/debian clients]
>>
>> spw_srv=192.168.100.101
>>
>> cat >/etc/apt/apt.conf.d/50spacewalk<<FIX
>> #
>> # The configuration for apt-spacewalk
>> #
>> APT {
>>    Update {
>>          List-Refresh "true";
>>          Pre-Invoke {
>>              "/usr/lib/apt-spacewalk/pre_invoke.py";
>>          }
>>          Post-Invoke {
>>              "/bin/sed -rie 's/^Package:
>> (cpp|guile-2.0|python(2.7|3)?)$/\0\nMulti-Arch: allowed/'
>> /var/lib/apt/lists/${spw_srv}_dists_channels\:_xenial-main_binary-amd64_Packages";
>>          }
> You don't need this Post-Invoke hack as the python script adds the missing header.
>
>>    }
>> };
>> DPkg::Post-Invoke {
>>      "[ ! -e /usr/lib/apt-spacewalk/post_invoke.py ] ||
>> /usr/lib/apt-spacewalk/post_invoke.py";
>> };
>> FIX
>> sed  -i "s|'main'|'xenial-main'|g" /usr/lib/apt-spacewalk/pre_invoke.py
>> perl -pi -e "s/type='deb'/type='deb [trusted=yes] '/g"
>> /usr/lib/apt-spacewalk/pre_invoke.py
>>
>> 4. Now can perform apt-get update/upgrade w/o any issues after
>> disabling
>> /etc/apt/source.list
> One thing "missing". Secure the channels with @philicious "secureApt.sh" script. Find it at my fork  https://github.com/rpasche/spacewalk-scripts or "origin" https://github.com/philicious/spacewalk-scripts.
> Also have a look at PR #636 and #637 of the SW GitHub repo.
>
> You can then also try to import errata information for Ubuntu and Debian.
>
> Robert
>
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20180420/2572aeea/attachment.htm>