Softpanorama

Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
May the source be with you, but remember the KISS principle ;-)
Skepticism and critical thinking is not panacea, but can help to understand the world better

RHEL6 registration in RHN ("Red Hat Classic") on proxy protected network

News Red Hat vs Solaris Recommended Books Recommended Links Installation CheckList Oracle Linux Registration Administration Red Hat Certification Program
Redhat Networking bash NTP configuration on RHEL Sendmail on RHEL How to change IP address in RHEL LVM Humor Etc

Red Hat Enterprise Linux 6 uses for registration utility  rhn_register, The same as RHEL5. This application works with the yum-based RHN Hosted and RHN Satellite client called Package Updater (or pup) that replaced up2date

1. Before starting:

  1. Set system proxy and check Internet access to redhat.com (or oracle.com) using firefox
  2. Set proxy in /etc/sysconfig/rhn/up2date
  3. If possible make access to redhat.com passwordless in your proxy configuration.

For example:

enableProxy[comment]=Use a HTTP Proxy
	enableProxy=1 
httpProxy[comment]=HTTP proxy in host:port format, e.g. squid.redhat.com:3128 
	httpProxy=www-proxy.your-corp.com:8081

After that you can run rhn_register (Oracle Linux users should run up2date -- register instead, Oracle Linux Registration). You can execute the command rhn_register  from the command line as root.

2. Use GUI version not text version of rhn_register. For example:

export DISPLAY=10.194.154.73:0
rhn_register &

Use your main Red Hat network ID, not email address. Provide password.

TIPS:

 If you have never registered, you can start rhn_register by selecting Applications (the main menu on the panel) ⇒ System Tools ⇒ Package Updater. (You will be asked to enter the root password.) The Package Updater, when run on a system that has not yet been registered, triggers rhn_register if there is no /etc/sysconfig/rhn/systemid file on the system.

If you are moving from RHEL 5 to RHEL 6 by reinstallation you can reuse files sych as up2date (with proxy configuration, if you use proxy). Just delete /etc/sysconfig/rhn/systemid file

If you have already registered before and /etc/sysconfig/rhn/systemid exists on the system, rhn_register first asks if you are sure that you would like to register again. Doing so may create a duplicate system profile in RHN Satellite. Consider using rhnreg_ks and activation keys to re-register a system without creating a duplicate entry.

Command-line version of rhn_register

There is also a command-line version of rhn_register that allows you to register your system for access to RHN or Satellite without a graphical desktop environment.  I do not recommend to use it unless you have no other options.

Type rhn_register at a shell prompt. If you are on shell terminal window and want to run the non-graphical version, you must type rhn_register --nox to prevent opening the graphical client.


Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

Old News ;-)

rhn-troubleshooting

When a RHEL system is not getting updated:

0) If you get "Not Checking In" notices, that means RHN knows
about it so it must have had steps 1-4 done correctly at one
time.


1) Make sure you've added the recommended changes (or add if not there)
to /etc/sysconfig/rhn/up2date:

Change sslCACert=/usr/share/rhn/RHNS-CA-CERT
to sslCACert=/usr/share/rhn/RHNS-CORP-CA-CERT

Change serverURL=http://xmlrpc.rhn.redhat.com/XMLRPC
to serverURL=http://rhn.nacs.uci.edu/XMLRPC

Change serverURL=https://xmlrpc.rhn.redhat.com/XMLRPC
to serverURL=https://rhn.nacs.uci.edu/XMLRPC

2) Make sure you're system is registered
If a registration page keeps coming up, the registration
process failed. You should have seen an error message while
running update_up2date.

or, when you try to do an up2date, you get some text output
that looks like this:

34. httpProxy
35. headerCacheSize 40
36. noReboot No
Enter number of item to edit <return to exit, q to quit without saving>:

* Try registering again manually using:
/usr/sbin/rhnreg_ks --activationkey=

Watch for errors that indicate things like there are no more
available licenses.


3) If you get 'already registered' errors, use --force with rhnreg_ks
or rm /etc/sysconfig/rhn/systemid


4) Apply the following patches (i386 only - these are beta
release only - no patches for other platforms yet):

* save your /etc/sysconfig/rhn/up2date
* rpm -e --nodeps up2date up2date-gnome (this should save the above
file, but just in case)
* rpm -ivh http://rhn.nacs.uci.edu/pub/up2date-4.3.14-1.i386.rpm
* rpm -ivh http://rhn.nacs.uci.edu/pub/up2date-gnome-4.3.14-1.i386.rpm


5) Make sure rhnsd is running properly:
* chkconfig --level 345 rhnsd on
* service rhnsd start


6) If an update will modify a configuration file, up2date will
download the update but not apply it.
Config option is: noReplaceConfig

An example is httpd--the httpd.conf file would get moved aside
and replaced by one devoid of the system specific mods you
made.


7) Have your NACS RHN contact (Minh, Con, or me) make sure that
the host entry on rhn.redhat.com, under properties, is
checked to allow automatic updates.

8) If you get problems like this:

"The following packages on this system are out-of-date and
may be upgraded."

Filter by Latest Package:
1 - 3 of 3 (0 selected)
Select Latest Package Installed Package Related Errata
jaf-1.0.2-3jpp_2rh:0 jaf-20030319-1
javamail-1.3.1-1jpp_3rh:1 javamail-20031006-1
junit-3.8.1-3jpp_2rh:0 junit-3.8.1-1


halfdome-root) up2date --update --nox

Fetching Obsoletes list for channel: rhel-i386-as-3...

Fetching Obsoletes list for channel: rhel-i386-as-3-extras...

Fetching Obsoletes list for channel: rhel-i386-as-3-devsuite...

Fetching Obsoletes list for channel: rhel-3-as-i386-rhaps-beta...

Fetching rpm headers...

Name Version Rel
----------------------------------------------------------

All packages are currently up to date

Try this solution:
halfdome-root) rpm --rebuilddb
halfdome-root) up2date -p

If that doesn't work, try:
Delete the system registered on rhn.redhat.com
Delete /etc/sysconfig/rhn/systemid
Run the command: rhnreg_ks --activationkeys=KEY
where KEY is the activation key from NACS

9) Error message:
Unresolvable chain of dependencies:
samba 3.0.4-6.3E requires libpam.so.0

System had two versions of samba installed: i386 and x86_64


Fix (be careful about conf files--back them up):
rpm -e --nodeps --allmatches CONFLICTING-PACKAGE
up2date CONFLICTING-PACKAGE

(Submitted by Tri)


*************************** OTHER THINGS ***************************
To convert from md5 to unix crypt password hashes:

Edit /etc/pam.d/system-auth and remove md5 from line:
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5

Then convert all passwords from md5 to crypt--might be easiest to
just issue new ones since you md5 is a one-way algorithm.

----------------------------------------------------------------------
Building a kernel
http://dcs.nac.uci.edu/~strombrg/RHEL-kernel-build.html
(Submitted by Dan)

----------------------------------------------------------------------
Configuring software RAID
http://dcs.nac.uci.edu/~strombrg/RHEL-software-RAID.html
(Submitted by Dan)

----------------------------------------------------------------------
If a package was updated accidently or the package update
is broken, it is possible to roll back the update. You can
only rollback all rollbacks listed, though, so it should
probably be done soon after a broken package is found. A
subsequent

up2date --update

will re-install the most recent version again.

up2date --list-rollbacks # Show the rpm rollbacks available
up2date --undo # undo the last package set update

(can install a single package using rpm --nodigest --nosignature -i /var/spool/repackage/<package.rpm>)

An alternative to using up2date rollback is to manually remove the
new package and install the previous one:

rpm -e quota-3.10-4
rpm -i --nodigest --nosignature /var/spool/repackage/quota-3.09-1.x86_64.rpm


----------------------------------------------------------------------

Error:
rpmdb: Program version 4.2 doesn't match environment version
error: db4 error(22) from dbenv->open: Invalid argument
error: cannot open Packages index using db3 - Invalid argument (22)
error: cannot open Packages database in /var/lib/rpm
[...'


The fix is to run the following commands:
\rm /var/lib/rpm/__*
rpm --rebuilddb

----------------------------------------------------------------------

Error:
SSL.Error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]

Try one of the following:

Fix 1:
Make sure there are enough licenses available
(check with Con, Minh, or Duncan)

Fix 2:
Make sure you have the current cert by removing old one and
installing new one:
rpm -e rhns-ca-cert-1.0-1
rpm -i http://rhn.nacs.uci.edu/pub/curcert.rpm

----------------------------------------------------------------------

Error: up2date is downloading packages then starts repeating a package
name, followed by a message like:
Server error, partial package content

Fix: cd /var/spool/up2date and rm <pkg-name>* then retry
(removes the rpm and .hdr file)

----------------------------------------------------------------------

Error: while up2dating you get an error regarding an rpm package that
looks like this:

kdelibs-3.3.1-3.3.i386.rpm: ########################## Done.
########################## Done.
The package kdelibs-3.3.1-3.3 does not have a valid GPG signature.
It has been tampered with or corrupted. Aborting...

************ GPG VERIFICATION ERROR ****************
The package kdelibs-3.3.1-3.3 failed its gpg signature verification. This
means the package is corrupt.
****************************************************


Fix:
1) rm /var/spool/up2date/*
2) rerun /usr/sbin/up2date -u (or -uf)

----------------------------------------------------------------------

During an up2date, you get the following message:
Testing package set / solving RPM inter-dependencies...
Segmentation fault

Try this fix:

\rm /var/spool/up2date/*
\rm /var/lib/rpm/__*
rpm --rebuilddb

then re-run up2date

----------------------------------------------------------------------

When trying to update, get this error:

error: Can't create transaction lock

Try this:

rmdir /var/lock/rpm/transaction

----------------------------------------------------------------------

Error:
There was a fatal RPM install error. The message was:
There was a rpm unpack error installing the package: httpd-2.0.46-46.2.ent


Problem could be with links versus directories. To get more info,
rpm the package manually using:

rpm -Uvh /var/spool/up2date/<package-name>.rpm

Error messages should help resolve the problem.
----------------------------------------------------------------------

Problem with corrupt packages cached on client or proxy server
On client:
\rm /var/spool/up2date/*
\rm /var/lib/rpm/__*
rpm --rebuilddb

Then re-run up2date. If it fails, try below and then repeat
client steps


On RHN Proxy server:
A complete rebuild of squid cache will be necessary.

service rhn-proxy stop
rm -fr /var/spool/squid
mkdir /var/spool/squid
chown squid /var/spool/squid
squid -z
service rhn-proxy start

----------------------------------------------------------------------
Problem is packages won't install.

Error messages:
rpm -Uvh httpd-2.0.52-12.2.ent.i386.rpm --nodeps
Preparing... ########################################### [100%]
error: %pre(httpd-2.0.52-12.2.ent.i386) scriptlet failed, exit status 255
error: install: %pre scriptlet failed (2), skipping httpd-2.0.52-12.2.ent


Solution, edit /etc/selinux/config and set

SELINUX=disabled

permissive is not good enough, despite what the docs say


----------------------------------------------------------------------
Problem: can't update packages because system is confused about library
versions.

Testing package set / solving RPM inter-dependencies...
There was a package dependency problem. The message was:

Unresolvable chain of dependencies:
openldap 2.0.27-20 requires libsasl.so.7

[root@bgcluster01 root]# rpm -qa | grep openldap
openldap-2.0.27-17
openldap-2.0.27-17
openldap-devel-2.0.27-17
openldap-clients-2.0.27-17

Cause is usually i386 and x86_64 channels were both used to install
package but not all libs so the i386 libs appear missing when up2date
is trying to update the two versions.


Fix:
rpm -e openldap-* --nodeps
/usr/sbin/up2date --install openldap


Then run up2date -uf again.


----------------------------------------------------------------------
Problem:
up2date says updates needed but won't install because already installed.
Error messages:
RPM package conflict error. The message was:
Test install failed because of package conflicts:
package seamonkey-1.0.2-0.1.0.EL3 is already installed

Cause:
RHEL gets confused when there are 32- and 64-bit versions needed.

Solution:
1) see what is currently installed:
rpm -q --queryformat="%{n}-%{v}-%{r}.%{arch}\n" seamonkey

seamonkey-1.0.2-0.1.0.EL3.x86_64

2) Install the other version:
/usr/sbin/up2date -u seamonkey --arch=i386


----------------------------------------------------------------------
Problem:
/usr/sbin/up2date --list
Traceback (most recent call last):
File "/usr/sbin/up2date", line 11, in ?
import rpm
ImportError: libelf.so.1: cannot open shared object file: No such file
or directory

Solution:
Download to /tmp: http://rhn.nacs.uci.edu/rhn/elfutils-libelf-686.tgz
unzip and untar and copy /tmp/usr/lib/* /usr/lib
----------------------------------------------------------------------
Problem:
/usr/sbin/up2date --list
RPM error. The message was:
Could not determine what version of Red Hat Linux you are running.
If you get this error, try running

rpm --rebuilddb

Solution:
You will need to either download the redhat-release package for your
system from the Red Hat Network (RHN) or if the RPM package is
available install it from the /var/spool/up2date directory with the
command:

# rpm -Uvh /var/spool/up2date/redhat-release*.rpm

If you have rollbacks, you can try:
rpm --nodeps --nomd5 --nodigest --nosignature -Uvh /var/spool/repackage/redhat-release-4AS-4.1.i386.rpm


----------------------------------------------------------------------
PROBLEM: 404 Error when trying to update packages on RHEL 5

ERROR:

Error Downloading Packages: <package>:failed to retrieve getPackage/<package> rom rhel-x86_64-server-5
error was [Errno 14] HTTP Error 404: Not Found

SOLUTION:

# rm -rf /var/cache/yum/*

----------------------------------------------------------------------
PROBLEM: up2date cert conflicts with rhn cert
or: rhn-ca-cert conflicts with up2date cert

SOLUTION:
cd /usr/share/rhn
cp RHNS-CA-CERT RHNS-CA-CERT.up2date
rpm -Uvh --force http://rhn.nacs.uci.edu/pub/curcert.rpm
mv RHNS-CA-CERT RHNS-UCI-CA-CERT
mv RHNS-CA-CERT.up2date RHNS-CA-CERT
vi /etc/sysconfig/rhn/up2date
change RHNS-CA-CERT to RHNS-UCI-CA-CERT

Recommended Links

Red Hat Network - About RHN - Client Configuration

Configuration



Etc

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright 1996-2018 by Dr. Nikolai Bezroukov. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) in the author free time and without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019