[Spacewalk-list] Spacewalk 2.9 and Ubuntu clients Part 2 of 2
Paul-Andre Panon
paul-andre.panon at avigilon.com
Tue Jan 29 19:07:11 UTC 2019
On Tue, 29 Jan 2019 13:22:30 -0500, James Krych <james.w.krych at gmail.com>
wrote:
>>For Ubuntu / Debian, these default bootstrap scripts do not work. You
have to create your own."
>Is there a source of these scripts for use with Debian clients?
>Very respectfully,
>James
We use something like the script below. You will want to adjust it for
your environment. It has the advantage that you can use it on CentOS or
Ubuntu clients, so you can just put it in /var/www/html/pub/ on your
spacewalk server and have people download and run it.
You will need to customize it to use your activation key names (and set up
the activation keys to add your preferred channels for each distribution).
It also needs a few more files set up on the spacewalk server in the
/var/www/html/pub directory: the packages for Ubuntu 18.04 (in
pub/bionic-debs), and a stub configuration file for the
https://bugzilla.redhat.com/show_bug.cgi?id=1187189 workaround. It might
need a few more tweaks but it should be enough to get you started.
#!/bin/bash
#
# Install the SpaceWalk client on three possible O/S targets, CentOS 7,
Ubuntu 14.04, and Ubuntu 16.04
# Register the client with the Avigilon Spacewalk server
#
spacewalkserver="yourspacewalkserver.yourdomain"
install_centos7_client() {
echo Installing Spacewalk client for CentOS 7.X
rpm -Uvh
http://yum.spacewalkproject.org/2.6-client/RHEL/7/x86_64/spacewalk-client-
repo-2.6-0.el7.noarch.rpm
wget https://muug.ca/mirror/fedora-epel/RPM-GPG-KEY-EPEL-7
rpm --import ./RPM-GPG-KEY-EPEL-7
BASEARCH=$(uname -i)
rpm -Uvh
http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto
yum-rhn-plugin
rpm -Uvh
http://$spacewalkserver/pub/rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm
rhnreg_ks --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-centos7-x86_64
# enable osad
yum install osad
/bin/perl -pi -e "s/osa_ssl_cert =/osa_ssl_cert =
\/usr\/share\/rhn\/RHN-ORG-TRUSTED-SSL-CERT/" /etc/sysconfig/rhn/osad.conf
/bin/systemctl enable osad
/bin/systemctl osad start
# enable openscap
yum install openscap-scanner spacewalk-oscap
wget
https://copr-be.cloud.fedoraproject.org/results/openscapmaint/openscap-lat
est/epel-7-x86_64/00482175-scap-security-guide/scap-security-guide-0.1.31
-2.el7.centos.noarch.rpm
rpm -ivh scap-security-guide-0.1.31-2.el7.centos.noarch.rpm
yum history sync
}
install_ubuntu14.04_client() {
echo Installing Spacewalk client for Ubuntu 14.04
if [ -n "`which rhnreg_ks`" ] ; then echo rhnreg_ks is already
installed. Aborting; exit; fi
# Install some pre-requisites before our packages
apt-get -y install python-dbus python-newt python-dmidecode python-gudev
python-dbus-dev python-support python-libxml2 python-gobject python-gi
python-g object-2 python-ethtool python-jabber
apt-get -y install apt-transport-spacewalk python-rhn rhn-client-tools
rhnsd
wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey"
apt-key add spacewalk.gpg.pubkey
# Now set up and register with our Spacewalk server
mkdir /var/lock/subsys
wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-avo-ubuntu-trusty-key
# Take updates and security patches for main and universe from spacewalk
echo "deb spacewalk://$spacewalkserver/XMLRPC channels: main
trusty-updates trusty-backports trusty-security" >
/etc/apt/sources.list.d/spacewalk.list
cp /etc/apt/sources.list /etc/apt/sources.list.bak
# and not from the standard repositories
perl -pi -e 's/^deb([-src]*) (.*) trusty main/#deb$1 $2 trusty main/'
/etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-updates ([m|u][^u])/#deb$1 $2
trusty-updates $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-security ([m|u][^u])/#deb$1 $2
trusty-security $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) trusty-backports/#deb$1 $2
trusty-backports/' /etc/apt/sources.list
# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1187189
wget https://$spacewalkserver/pub/49spacewalk-workaround -O
/etc/apt/apt-conf.d/49spacewalk-workaround
# clean up and test
popd
rm -Rf /tmp/trusty-debs
apt-get update
}
install_ubuntu16.04_client() {
echo Installing Spacewalk client for Ubuntu 16.04
apt-get -y install apt-transport-spacewalk python-rhn python-ethtool
rhnsd rhn-client-tools python-jabber
if [ `dpkg -l apt-transport-spacewalk | wc -l` -lt 6 ]; then
echo "Could not download necessary prerequisites. Aborting"
exit
fi
wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-avo-ubuntu-xenial-key
wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey"
apt-key add spacewalk.gpg.pubkey
# Take updates and security patches for main and universe from spacewalk
echo 'deb spacewalk://$spacewalkserver/XMLRPC channels: main
xenial-updates xenial-backports xenial-security' >
/etc/apt/sources.list.d/spacewalk.list
cp /etc/apt/sources.list /etc/apt/sources.list.bak
# and not from the standard repositories
perl -pi -e 's/^deb([-src]*) (.*) xenial main/#deb$1 $2 xenial main/'
/etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) xenial-updates ([m|u][^u])/#deb $2
xenial-updates $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) xenial-security ([m|u][^u])/#deb$1 $2
xenial-security $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) xenial-backports/#deb$1 $2
xenial-backports/' /etc/apt/sources.list
if [ ! -d /var/lib/up2date ]
then
mkdir /var/lib/up2date
fi
# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1187189
wget https://$spacewalkserver/pub/49spacewalk-workaround -O
/etc/apt/apt.conf.d/49spacewalk-workaround
# and test
apt-get update
}
install_ubuntu18.04_client() {
echo Installing Spacewalk client for Ubuntu 18.04
if [ -n "`which rhnreg_ks`" ] ; then echo rhnreg_ks is already
installed. Aborting; exit; fi
# Install some pre-requisites before our packages
apt-get -y install gir1.2-gudev-1.0 libgudev-1.0-0 python-dbus
python-newt python-dmidecode python-dbus-dev python-libxml2 python-gobject
python-gi python-gobject-2 python-ethtool python-jabber python-apt
python-openssl
apt-get -y -f install
# Download and install our spacewalk packages, which are newer than in
the default 18.04 repo
mkdir /tmp/bionic-debs
pushd /tmp/bionic-debs
wget
https://$spacewalkserver/pub/bionic-debs/apt-transport-spacewalk_1.0.7-1_a
ll.deb
wget
https://$spacewalkserver/pub/bionic-debs/python-gudev_147.2-3_amd64.deb
wget
https://$spacewalkserver/pub/bionic-debs/python-rhn_2.5.72-1_all.deb
wget
https://$spacewalkserver/pub/bionic-debs/rhn-client-tools_2.3.5-1_amd64.de
b
wget https://$spacewalkserver/pub/bionic-debs/rhnsd_5.0.4-3_amd64.deb
wget
https://$spacewalkserver/pub/bionic-debs/python-ethtool_0.12-1.1_amd64.deb
dpkg -i *.deb
apt-get -y -f install
wget "https://$spacewalkserver/pub/spacewalk.gpg.pubkey"
apt-key add spacewalk.gpg.pubkey
# Now set up and register with our Spacewalk server
mkdir /var/lock/subsys
wget https://$spacewalkserver/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
rhnreg_ks --force --serverUrl=https://$spacewalkserver/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-avo-ubuntu-bionic-key
# Take updates and security patches for main and universe from spacewalk
echo "deb spacewalk://$spacewalkserver/XMLRPC channels: main
bionic-updates bionic-backports bionic-security" >
/etc/apt/sources.list.d/spacewalk.list
cp /etc/apt/sources.list /etc/apt/sources.list.bak
# and not from the standard repositories
perl -pi -e 's/^deb([-src]*) (.*) bionic main/#deb$1 $2 bionic main/'
/etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) bionic-updates ([m|u][^u])/#deb$1 $2
bionic-updates $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) bionic-security ([m|u][^u])/#deb$1 $2
bionic-security $3/' /etc/apt/sources.list
perl -pi -e 's/^deb([-src]*) (.*) bionic-backports/#deb$1 $2
bionic-backports/' /etc/apt/sources.list
# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1187189
wget https://$spacewalkserver/pub/49spacewalk-workaround -O
/etc/apt/apt-conf.d/49spacewalk-workaround
# clean up and test
popd
rm -Rf /tmp/bionic-debs
apt-get update
}
if [ ! -d /usr/local/share/ca-certificates/york.lan ]
then
mkdir -p /usr/local/share/ca-certificates/york.lan
wget -P /usr/local/share/ca-certificates/york.lan
"https://$spacewalkserver/pub/cacerts/AVO-IssCA1.crt"
--no-check-certificate
wget -P /usr/local/share/ca-certificates/york.lan
"https://$spacewalkserver/pub/cacerts/AVO-IssCA2.crt"
--no-check-certificate
wget -P /usr/local/share/ca-certificates/york.lan
"https://$spacewalkserver/pub/cacerts/AVO-rootca.crt"
--no-check-certificate
sudo update-ca-certificates
fi
if [ -n "`which rhnreg_ks`" ]
then echo rhnreg_ks is already installed. Aborting
exit
fi
if [ -e /etc/centos-release ]
then
CENTOS_RELEASE=`cat /etc/centos-release`
if [ "`expr substr \"$CENTOS_RELEASE\" 1 23`" = "CentOS Linux release
7." ]
then install_centos7_client
fi
elif [ -e `which lsb_release` ]
then
OTHER_DISTRIB=`lsb_release -a | fgrep "Description:"`
if [ `expr match "$OTHER_DISTRIB" ".*Ubuntu.*"` -ge 6 ]
then
if [ `expr match "$OTHER_DISTRIB" ".*14\.04.*"` -ge 5 ]
then
install_ubuntu14.04_client
elif [ `expr match "$OTHER_DISTRIB" ".*16\.04.*"` -ge 5 ]
then
install_ubuntu16.04_client
elif [ `expr match "$OTHER_DISTRIB" ".*18\.04.*"` -ge 5 ]
then
install_ubuntu18.04_client
fi
fi
fi
More information about the Spacewalk-list
mailing list