How to patch using RHN Satellite 5.0

Create a roll back tag


1.Log into satellite
2.Click on Systems
a.Now select Systems Groups
b.Next to the group you wish to patch click on “Use in SSM”
c.Top right of screen click on Manage (you should see the number of machines for that group selected in brackets)
3.Under Provisioning
d.Click on snapshot rollback
e.Now click on “Tag systems” tab
f.Type in the name of the Tag as depending on the group ie (DEV1-Sept26-2013)
g.Click on Tag current snapshots (this will tag the whole group with a rollback tag, should you ever need to.
h.If you needed to roll back instead of “tagsystems” You would select the “Rollbback” tab
i.Now Click on Manage again top right
4.Under Channels
j.Click on Channel memberships
k.Now Select Base Channels
l.Change the i386 channel to the Latest i386 channel available and do the same x86_64, you may also notice there are RHN5 & RHN6 channels.
m.Click on confirm subscriptions
n.Then click on Alter subscriptions bottom right
o.Now select child channels and ensure any childs you need are subscribed as well (Ie Clustering storage, Network tools, Vmware etc.
5.Now click on Manage again, ensuring the correct number of servers is still being managed.
p.Click on Schedule errata updates
q.Scroll to bottom of screen and select all
r.Click on Apply Errata
s.And now Schedule Updates
6.If you click on Schedule on the top menu should show you all the updates running
7.Click on Systems
t.Click on System Groups
u.Select the group you wish to view
v.Click on the “systems” tab inside the systems group
w.Now if you click on “systems” tab periodically you should see the patching counting down to zero, any server that is not counting down has an issue and you will need to log in as root to figure out what is wrong. (Refer Common problems and fixes)


Troubleshooting Guide

Errata does not appear to be counting down in systems group

 Log into Culprit server
 confirm that enabled = 1 is set in the file, cat /etc/yum/pluginconf.d/rhnplugin.conf

type cat

If it isn’t set, the Satellite will try to use the local repos, and not the channels on the Satellite server

 If the above doesn’t work you may want to ensure the you can connect to the satellite server by running telnet to the satellite on the following ports
 telnet 80
 telnet 443
 telnet 5222
1.The response you for all of these should look like


Connected to

Escape character is ‘^]’.


 Next run Yum –y update, if you see any of the following errors
 A common error is “cpio: open failed – Permission denied cpio: open failed – Permission denied“ or something similar
2.This usually means you have a mount point that is read only
3.Type mount at the command prompt to see if that is the case.

[root@kam1odapp19<dev>:~]# mount

/dev/mapper/vg_local-root on / type ext3 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

/dev/mapper/vg_local-usr on /usr type ext3 (rw,nodev)

/dev/mapper/vg_local-tmp on /tmp type ext3 (rw,noexec,nosuid,nodev)

/dev/mapper/vg_local-home on /home type ext3 (rw,nodev)

 If you see (rw,nodev) on the /usr mount

(this mean you the partition is read only and yum can not write updates to the /usr directory)

 To fix type mount –o remount,rw /usr
 And yum –y update again.

 If this still fails then escalate to a Senior Linux System Administrator..hahaha, JUST JOKES 😛

 Upon reboot Server does not come backup
 This could be the result of many things, however the most common is grub failure, to correct this we need to re-install grub manually from a RHN boot CD
4.Mount the VM or Server to a redhat disk 1.img file and boot to the prompt
5.At the prompt type “Linux Rescue” and hit <enter>
6.Once you reach the boot prompt type “chroot /mnt/sysimage” (you should see a note telling you above the prompt on how to do it.
7.Now you want to view grub conf “cat /boot/grub/grub.conf” and write down the following lines somewhere in notepad as you will need them
 kernel /vmlinuz-2.6.18-348.6.1.el5 ro root=/dev/vg_local/root rhgb quiet audit=1
 initrd /initrd-2.6.18-348.6.1.el5.img cd into the /boot directory
9.type “grub” <enter> this will take you to the grub prompt
 now you need to tell grub to load the kernel & initrd manually indicated below
 grub> kernel /boot/ vmlinuz-2.6.18-348.6.1.el5

(result will look something like this)

[Linux-bzImage, setup=0x1400, size=0x15f464]

 grub> initrd /boot/ initrd-2.6.18-348.6.1.el5.img
 (result will look something like this )
 [Linux-initrd @ 0x376000, 0x79e3d bytes]
 If the initrd gives an error don’t worry, it does that sometimes, proceed to setting up the on boot partition anyway
 grub> setup (hd0)

(Result –should look like below)

Checking if “/boot/grub/stage1” exists… yes

Checking if “/boot/grub/stage2” exists… yes

Checking if “/boot/grub/e2fs_stage1_5” exists… yes

Running “embed /boot/grub/e2fs_stage1_5 (hd0)”… failed (this is not fatal)

Running “embed /boot/grub/e2fs_stage1_5 (hd0,2)”… failed (this is not fatal)

Running “install /boot/grub/stage1 (hd0) /boot/grub/stage2 p /boot/grub/menu.lst “… succeeded

 Reboot image

10.If that does not work escalate to Senior Systems Administrator


 File System Check Fails upon reboot
 If you see the following message after a reboot

Give root password for maintenance (or type Control-D to continue)

 You will need to boot into single user mode and run an fsck on the partition that is failing a file system check.
 To boot into single user mode you edit the boot instructions for the GRUB menu entry you wish to boot and add the kernel parameter/option single. Brief instructions for how to do this are below.
11.Select (highlight) the GRUB boot menu entry you wish to use.
12.Press e to edit the GRUB boot commands for the selected boot menu entry.
13.Look near the bottom of the list of commands for lines similar to

kernel /vmlinuz-2.6.18-348.12.1.el5PAE ro root=LABEL=/

14.You want to add “init=/bin/sh” to the end of the kernel line and then hit “B” to Boot
 It should look like so

kernel /vmlinuz-2.6.18-348.12.1.el5PAE ro root=LABEL=/ init=/bin/sh

15.Next you want to run fsck –y <whatever partition that needs to checked>
 You will run this on a unmounted partition, never run on a mounted partition as you can corrupt the data if you do.


RHN Satellite Package
upgrade and downgrade processes

Listing packages installed or available for upgrading on a host.

1.Click on systems
a.Next click on the target hostname
b.Now click on the software tab
 If you click on list/remove Installed packages this will show you the current listed packages for the target host, you can also search by the specific package in the search field above the listed packages
 If you click on upgrade packages, this will only list the current available packages the host system is currently subscribed to.

Note: just because you don’t see newer packages available does not mean they are not out there.


Package Search on all available channels


2.There are two ways you can do this
c.Method 1 – Click on Channels at the very top, then package search, next type in the package name
 Once you have found the package, click on the package name, and it will take you to a details screen, on that screen it will have available from: in that section it will list out the channels that are subscribed to satellite that have the package you are looking for available from.
d.Method 2 – This is the way I like to do it – Click on systems, then software tab, and then install new packages
 Next search for the package you wish to install, this will the latest available package from all channels available, and if you click on the package it will show the available channels for that specified package.


Upgrading packages

3.Click on systems, select the host, then software tab, and then upgrade
e.Search for the packages you wish to upgrade and select them by checking the box to to the left of it

Note: if you are going to do select all, I would recommend against this, as if you select this button, even its not listed on the page it will literally select all the packages available. So select them individually is the way to go.

f.Once completed check boxing scroll down to the bottom right and select upgrade packages, it will go to another confirmation screen, click on confirm.
g.This will then be queued.
h.If you click on Events, you should see it there and shortly within 5 min window it should disappear, if it does not then something is wrong, and you need to get a hold of satellite admin to investigate.


Downgrading packages

4.Click on systems, select the host, then software tab, and then profiles
i.Select the stored profile of the date/time that Under “Compare to Stored Profile” and hit compare.
j.You should see a list of packages that it is now going to synch back to, select sync package bottom right.
k.You should see it go the events page, after about 5 mins it should no longer be listed in events, which means the server picked up the process and should begin downgrading shortly.











Leave a Reply

Your email address will not be published. Required fields are marked *