首頁 探索 說明
註冊 登入
AFS
/
infrastructure-notes
2
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: f4a76e1e0c
分支列表 標籤列表
infrastructure-...
/
Reposerver Notes.md

Reposerver Notes.md 2.5 KB
文件歷史 原始文件

Reposerver Notes.md

How to add a new package to the reposerver (which we want to move to S3)

Conduct security checks on packages:

#GPGKey check can be two types of GPG keyrings used on RPM-based systems; RPM or YUM GPG keyring - we use RPM
#Import GPG Pub keys to verify signatures in lieu of SHA (if necessary): https://www.redhat.com/sysadmin/rpm-gpg-verify-packages

cd /var/www/html/redhat/msoc/Packages/

#example of upgrading Sensu
wget https://packagecloud.io/sensu/stable/gpgkey

# view hash of package
https://packagecloud.io/sensu/stable/packages/el/7/sensu-go-backend-6.3.0-4680.x86_64.rpm

#view public gpg key downloaded
cat 'name of key'

#import the gpgkey into the RPM database for use
rpm --import 'name of key'

#list the gpg key in the RPM database
rpm -qa 'name of key'*

#validate package signature with name of the package downloaded
rpm -K 'name of package'

#validate SHA256 integrity hash and match hash with vendor
sha256sum 'name of package'

#rename package with proper name from vendor
cp 'name of package' 'new name of package to match vendor with .rpm'

#cleanup old GPGKey associated with package after SHA256 passed and old package
rm -rf 'name of key' && rm -rf 'name of package'

msoc-repo

Drop the package(s) that need upgraded into /var/www/html/redhat/msoc/Packages and ensure they're owned by apache

#Multiple Lines
sudo -u apache /bin/bash
cd /var/www/html/redhat && createrepo msoc
exit
restorecon -R /var/www/html/redhat/

#Oneliner
chown -R apache:apache /var/www/html/redhat/msoc/Packages/ && cd /var/www/html/redhat/ && sudo -u apache createrepo msoc && restorecon -R /var/www/html/redhat/


#From target server; clean out the cache
yum clean all

#From target server; view the available packages
yum --disablerepo="*" --enablerepo="msoc-repo" list available

#From target server
yum install 'name of package'

splunk repo

05/06/2020

Defined in salt/fileroots/splunk/new_install.sls /etc/yum.repos.d/splunk.repo http://reposerver.msoc.defpoint.local/splunk

New Splunk Version Splunk 7.2 needs to be created for PROD moose

cd /var/www/html/splunk
mkdir 7.2
chown -R apache: .
cd 7.2
createrepo `pwd`
wget -O splunk-7.2.5.1-962d9a8e1586-linux-2.6-x86_64.rpm 'https://www.splunk.com/page/download_track?file=7.2.5.1/linux/splunk-7.2.5.1-962d9a8e1586-linux-2.6-x86_64.rpm&ac=&wget=true&name=wget&platform=Linux&architecture=x86_64&version=7.2.5.1&product=splunk&typed=release'
chown -R apache: .
cd /var/www/html/splunk/7.2
createrepo `pwd`
restorecon -R /var/www/html/splunk