Differences

This shows you the differences between two versions of the page.

--- spacewalk_centos6 [2015/03/05 09:44] – created herwarth
+++ spacewalk_centos6 [2015/03/05 10:05] (current) – herwarth
@@ Line 1: / Line 1: @@
+======Spacewalk server with own default organization on CentOS 6======
+=====Installation=====
+====Repositories====
+  rpm -Uvh http://yum.spacewalkproject.org/2.2/RHEL/6/x86_64/spacewalk-repo-2.2-1.el6.noarch.rpm
+  rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
+<code - /etc/yum.repos.d/jpackage-generic.repo>
+[jpackage-generic]
+name=JPackage generic
+#baseurl=http://mirrors.dotsrc.org/pub/jpackage/5.0/generic/free/
+mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=5.0
+enabled=1
+gpgcheck=1
+gpgkey=http://www.jpackage.org/jpackage.asc
+</code>
+====Installation of the packages====
+<code>
+yum install spacewalk-setup-embedded-postgresql
+yum install spacewalk-postgresql
+yum install perl-TermReadKey
+</code>
+=====Configuration=====
+====Iptables====
+<code - /etc/sysconfig/iptables>
+.
+.
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 69 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 5222 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 25150 -j ACCEPT
+-A INPUT -m state --state NEW -m udp -p udp --dport 25150 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT
+.
+.
+</code>
+  service iptables restart
+====GPG====
+  gpg --gen-key
+  gpg --list-keys
+<code>
+/root/.gnupg/pubring.gpg
+------------------------
+pub   2048R/B06EB1AF 2013-04-22
+uid                  Helux <info@helux.nl>
+sub   2048R/B8F3F932 2013-04-22
+</code>
+  gpg --list-secret-keys
+<code>
+/root/.gnupg/secring.gpg
+------------------------
+sec   2048R/B06EB1AF 2013-04-22
+uid                  Helux <info@helux.nl>
+ssb   2048R/B8F3F932 2013-04-22
+</code>
+  gpg --export -a B06EB1AF > /var/tmp/heluxkey.gpg
+  gpg --export-secret-keys -a B06EB1AF > /var/tmp/heluxsecretkey.gpg
+Only when the keys are not on the system anymore
+  gpg --import /var/tmp/heluxkey.gpg
+  gpg --allow-secret-key-import --import /var/tmp/heluxsecretkey.gpg
+Change organization name
+  vi /usr/share/spacewalk/setup/spacewalk-public.cert
+====First setup run====
+  spacewalk-setup --disconnected
+You will get the following error:
+<code>
+.
+.
+There was a problem activating the satellite: Could not parse certificate file.
+</code>
+====Create a new certificate signed by our own key====
+  gpg --list-keys
+<code>
+/root/.gnupg/pubring.gpg
+------------------------
+pub   2048R/B06EB1AF 2013-04-22
+uid                  Helux <info@helux.nl>
+sub   2048R/B8F3F932 2013-04-22
+pub   1024D/F24F1B08 2002-04-23 [expired: 2004-04-22]
+uid                  Red Hat, Inc (Red Hat Network) <rhn-feedback@redhat.com>
+</code>
+Download the magic script {{:gen-oss-sat-cert.pl.gz|}}. Unpack it.
+  ./gen-oss-sat-cert.pl --signer B06EB1AF --resign /usr/share/spacewalk/setup/spacewalk-public.cert
+====Second setup run====
+  spacewalk-setup --disconnected --skip-db-install
+====PAM authentication====
+<code - /etc/pam.d/rhn-satellite>
+#%PAM-1.0
+auth		required	/lib64/security/pam_env.so
+auth		sufficient	/lib64/security/pam_ldap.so no_user_check
+auth		required	/lib64/security/pam_deny.so
+account		required	/lib64/security/pam_ldap.so no_user_check
+</code>
+<code - /etc/rhn/rhn.conf>
+pam_auth_service = rhn-satellite
+</code>
+====Cobbler/TFTP====
+  cobbler get-loaders
+  cd /var/lib/cobbler/loaders
+  cp * /var/lib/tftpboot/
 {{tag>centos}}

User Tools

Site Tools

Differences

Page Tools