To install and update software, the pkg client must be able to contact a package repository.
If you are using Ops Center, see Configuring Publishers in Oracle Enterprise Manager Ops Center.
Use the pkg publisher command to display information about package publishers configured for this image. The publishers are listed in the order in which they are searched to find packages when the publisher is not specified in the package FMRI.
By default, the solaris publisher is configured on a newly installed Oracle Solaris 11 system. Use the pkg publisher command to check the origins of your publishers.
$ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ isvpub (non-sticky) origin online F file:///var/share/pkgrepos/isvrepo/ devtool (disabled) origin online F http://pkg.example1.com/
The TYPE column indicates whether the LOCATION value is an origin or a mirror. See Repository Origins and Mirrors for descriptions.
Between the STATUS and LOCATION columns, the P column specifies whether the location is proxied. Values in this column are true (T) or false (F). File repositories are not proxied. HTTP repositories with the value T are proxied using the proxy specified with the --proxy option when the origin was added with the pkg set-publisher command. When you specify the -F tsv option to pkg publisher, the PROXY column displays any proxy that is set for that location.
$ pkg publisher -F tsv PUBLISHER STICKY SYSPUB ENABLED TYPE STATUS URI PROXY solaris true false true origin online http://pkg.oracle.com/solaris/release/ - isvpub false false true origin online file:///var/share/pkgrepos/isvrepo/ - devtool true false false origin online http://pkg.example1.com/ -
An F in the P column or - in the PROXY column indicates that the location was not proxied by using the pkg set-publisher command. If the location is proxied by setting an http_proxy environment variable, the pkg publisher output still shows F or -. See Specifying a Proxy for information about different ways to set a proxy.
Specify publishers by name to display detailed configuration for those publishers.
$ pkg publisher solaris Publisher: solaris Alias: Origin URI: http://pkg.oracle.com/solaris/release/ SSL Key: None SSL Cert: None Client UUID: e15e3228-eada-11df-80ab-8023183d954b Catalog Updated: March 4, 2014 11:48:02 PM Enabled: Yes Properties: proxied-urls = []
The Client UUID is the Universally Unique Identifier for this image.
Use the -P option to display only the first publisher in the publisher search order.
$ pkg publisher -P PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/
Use the -n option to display only enabled publishers.
$ pkg publisher -n PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ isvpub (non-sticky) origin online F file:///var/share/pkgrepos/isvrepo/
Use the pkg set-publisher command to perform the following operations:
Configure a new publisher
Set publisher origins and mirrors
Set publisher stickiness
Set publisher search order
Set and unset a publisher property, and add and remove a publisher property value
Specify SSL keys and certificates for a publisher
Set a publisher proxy
Enable or disable a publisher
Remove a publisher
The pkg set-publisher command has two forms. See the pkg(1) man page for details.
In one form, the name of the publisher is a required operand.
In the other form, a repository URI is provided as the argument to the -p option, and publisher information is retrieved from that specified repository. The publisher name is an optional operand so that you can configure only the named publisher if multiple publishers publish packages to that repository.
The examples below show both methods for adding a publisher.
Example 20 Specify a New PublisherThe following command adds a new publisher named devtool with an origin URI specified with the -g option and sets this publisher to be first in the search order. Use the -P option or the --search-first option to set the specified publisher first in the search order.
$ pkg set-publisher -P -g http://pkg.example1.com/release/ devtoolExample 21 Import Publisher Configuration
Use the -p option to retrieve publisher configuration information from the specified repository URI. If a publisher is specified, then only the matching publisher is added or updated. If no publisher is specified, all publishers are added or updated as appropriate.
$ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ $ pkg set-publisher -p /var/share/pkgrepos/myrepo $ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ site origin online F file:///var/share/pkgrepos/myrepo/
The following commands show adding an origin to the solaris publisher. If multiple origins are configured for a given publisher in an image, the IPS client attempts to choose the best origin from which to retrieve package data. If you use the same set of origins for a publisher for systems in different geographic locations, for example, IPS clients will attempt to choose the best origin for each different system at that particular time.
$ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ $ pkg set-publisher -g /var/share/pkgrepos/solaris solaris $ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F http://pkg.oracle.com/solaris/release/ solaris origin online F file:///var/share/pkgrepos/solaris/
Use the -G option to remove a URI as an origin for the specified publisher.
To change an origin URI for a publisher, add the new URI and remove the old URI.
$ pkg set-publisher -G '*' -g file:///var/share/pkgrepos/isvrepo/ isvpub
Use the -m option to add a URI as a mirror for the specified publisher. See Repository Origins and Mirrors for an explanation of the difference between an origin and a mirror. You cannot access the content in a mirror repository unless the same version of the same package also exists in an origin repository for that same publisher.
$ pkg set-publisher -m http://pkg.example3.com/ devtool $ pkg publisher PUBLISHER TYPE STATUS P LOCATION devtool origin online F http://pkg.example1.com/ devtool mirror online F http://pkg.example3.com/
Use the -M option to remove a URI as a mirror for the specified publisher.
To change a mirror URI for a publisher, add the new URI and remove the old URI.
A newly added publisher is sticky by default. If a publisher is non-sticky, then a package that was installed from this publisher could be updated from another publisher. Use the --sticky and --non-sticky options to set publisher stickiness.
A newly added publisher is last in the search order by default. The publisher search order is used to find packages to install. The publisher search order is used to find packages to update if the publisher that the package was originally installed from is non-sticky. Use the --search-before, --search-after, and --search-first options for changing publisher search. The -P option is a synonym for the --search-first option.
The first publisher that provides a matching package is used as the installation source. If that publisher does not provide a version of the package that can be installed in this image, then the installation operation fails. To install from a publisher further down the search order, provide more information in the package FMRI, such as the publisher name or the package version string.
Use the following options to set and unset publisher properties and to add and remove values of publisher properties:
--set-property property=value
--add-property-value property=value
--remove-property-value property=value
--unset-property property
The publisher-search-order and signature-required-names properties can take multiple values.
See the pkg set-publisher examples in Configuring Package Signature Properties.
Use the -k option to specify the client SSL key. Use the -c option to specify the client SSL certificate. The hashes of the key and certificate are listed in the output of the pkg publisher command for this publisher. See Displaying Publisher Information and SSL Certificate Problem.
$ pkg set-publisher -k /tmp/keyfile -c /tmp/certfile publisher-name
Each publisher can have only one key and certificate specified. If a publisher has multiple secure origins configured, all secure origins share the one key and certificate.
Example 23 Revoke a Publisher Key and CertificateUse the --revoke-ca-cert option to treat the specified certificate as revoked. The hashes of the user-revoked CA certificates are listed in the output of the pkg publisher command for this publisher.
Use the --unset-ca-cert option to remove the specified certificate from the list of approved certificates and from the list of revoked certificates.
Use the --proxy option to specify a persistent proxy URI from which to retrieve content for the specified origin or mirror. The value of the proxy is protocol://host-name[:port], where protocol is http or https and :port is optional. See Specifying a Proxy for information about different ways to set a proxy.
A newly added publisher is enabled by default. A disabled publisher is not used when populating the package list or in install, uninstall, or update package operations. The properties for a disabled publisher can still be set and viewed. If only one publisher is enabled, that publisher cannot be disabled.
The following command enables the isvpub publisher and sets it ahead of the devtool publisher in the search order.
$ pkg set-publisher --enable --search-before devtool isvpub
Use the --disable option to disable a publisher. You might want to disable a publisher if the publisher origin is temporarily unreachable, for example. If any publisher is unreachable, package installation and update operations fail.
Use the pkg unset-publisher command to remove a publisher.
$ pkg unset-publisher devtool
The methods for setting a proxy have different effects and advantages. For example, the pkg set-publisher command stores the proxy as part of the publisher configuration, while the http_proxy environment variables enable you to set authenticated proxies.
The --proxy option of the pkg set-publisher command sets a persistent proxy URI for the specified publisher origin and mirror URIs. The proxy value is stored as part of the publisher configuration. Storing the proxy value as part of the publisher configuration automatically updates the system repository that is used by child images. Storing the proxy value as part of the publisher configuration also means you could use different proxies for different publishers.
In the following example, the value of proxyURI is the following, where protocol is http or https and :port is optional:
protocol://host-name[:port]
The --proxy option cannot be used to set an authenticated proxy. The following form for the value of proxyURI is not supported:
protocol://user:password@host
$ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F file:///var/share/pkgrepos/solaris/ $ pkg publisher -F tsv PUBLISHER STICKY SYSPUB ENABLED TYPE STATUS URI PROXY solaris true false true origin online file:///var/share/pkgrepos/solaris/ - $ pkg set-publisher -g http://pkg.oracle.com/solaris/release/ --proxy proxyURI solaris $ pkg publisher solaris Publisher: solaris Alias: Origin URI: file:///var/share/pkgrepos/solaris/ SSL Key: None SSL Cert: None Origin URI: http://pkg.oracle.com/solaris/release/ Proxy: proxyURI SSL Key: None SSL Cert: None Client UUID: e15e3228-eada-11df-80ab-8023183d954b Catalog Updated: July 11, 2013 11:32:46 PM Enabled: Yes Properties: proxied-urls = [] $ pkg publisher PUBLISHER TYPE STATUS P LOCATION solaris origin online F file:///var/share/pkgrepos/solaris/ solaris origin online T http://pkg.oracle.com/solaris/release/ $ pkg publisher -F tsv PUBLISHER STICKY SYSPUB ENABLED TYPE STATUS URI PROXY solaris true false true origin online file:///var/share/pkgrepos/solaris/ - solaris true false true origin online http://pkg.oracle.com/solaris/release/ proxyURI
If this image has non-global zones, the system repository is automatically updated with this proxy information; you do not need to set properties in the system-repository service. If you examine the publisher proxy in the non-global zone, you do not see the same proxy URI that you see in the global zone. In the global zone, the system repository uses the proxy URI. In the non-global zone, the system repository acts as a proxy itself, enabling the non-global zone to communicate with the system repository in the global zone. Relationship Between Global and Non-Global Zones shows an example of what the system repository publisher looks like in the non-global zone.
Proxy environment variable values apply to all URIs of that protocol. At runtime, values of http_proxy environment variables override values set with the --proxy option of the pkg set-publisher command. See the ENVIRONMENT section of the curl(1) man page for additional information about proxy environment variables and the list of accepted environment variable names.
In the following example, the value of proxyURI is the following:
[http://|https://](host-name|ipv4_address|[ipv6_address])[:port]
The scheme can be http:// or https://. If the scheme is not specified, http:// is assumed.
The proxy must contain the host name or dotted numerical IP address.
A numerical IPv6 address must be written within brackets: [].
To specify the port number, append :port to the end of the host name. If not specified, the default port is 1080.
If you set http_proxy environment variables in an image that has non-global zones, then in the global zone, set the proxy properties in the svc:/application/pkg/system-repository SMF service to these same values and refresh the service.
If you change the value of an http_proxy environment variable, be sure to update the system-repository service properties and refresh the service.
$ svccfg -s system-repository:default setprop config/http_proxy = astring: proxyURI $ svccfg -s system-repository:default listprop config/*proxy config/https_proxy astring config/http_proxy astring proxyURI $ svcprop system-repository:default | grep proxy config/https_proxy astring "" config/http_proxy astring "" $ svcadm refresh system-repository:default $ svcprop system-repository:default | grep proxy config/https_proxy astring "" config/http_proxy astring proxyURI
The pkg publisher command does not show proxies that were set by setting environment variables or SMF service properties.
If you change the value of an http_proxy environment variable, be sure to update the system-repository service properties and refresh the service.