1. Ksplice User's Guide
  2. Using the Ksplice Enhanced Client
  3. Configuring the Ksplice Enhanced Client for Offline Mode

Configuring the Ksplice Enhanced Client for Offline Mode

Before configuring an offline client, you must set up a local ULN mirror that can act as a Ksplice mirror. See Configuring a Local Ksplice Mirror for the Offline Client for more information.

The offline version of the Ksplice Enhanced Client removes the requirement that a server on an intranet has a direct connection to the Oracle Uptrack server or ULN. For more information about running Ksplice offline, see About Ksplice Offline Mode.

The following procedure describes how to configure the Ksplice Enhanced Client for offline mode.

Note:

This procedure uses the dnf command to describe many package management actions. On releases earlier than Oracle Linux 8, substitute the commands with the appropriate yum commands.
  1. Import the GPG key. 
    sudo rpm --import /usr/share/rhn/RPM-GPG-KEY
  2. Disable existing yum repositories in /etc/yum.repos.d.

    You can either edit any existing repository files and disable all the entries by setting enabled=0; or, you can use dnf config-manager, for example: 

    sudo dnf config-manager --disable \*

    Or, you can rename any of the files in this directory so that they don't use the .repo suffix. This change causes the dnf command to ignore these entries, as shown in the following example: 

    cd /etc/yum.repos.d
for i in *.repo; do mv $i $i.disabled; done
  3. Create a local-yum.repo configuration for the system to use the local ULN mirror.

    In the /etc/yum.repos.d directory, create the local-yum.repo file, which contains entries such as the following for an Oracle Linux 9 yum client: 

    [local_ol9_x86_64_ksplice]
name=Ksplice for Oracle Linux $releasever - $basearch
baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/ksplice/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[local_ol9_x86_64_ksplice_userspace]
name=Ksplice aware userspace packages for Oracle Linux $releasever - $basearch
baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/userspace/ksplice/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[local_ol9_baseos_latest]
name=Oracle Linux 9 BaseOS Latest ($basearch)  
baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/baseos/latest/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[local_ol9_appstream]
name=Oracle Linux 9 Application Stream Packages ($basearch) 
baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/appstream/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

[local_ol9_addons]
name=Oracle Linux $releasever - $basearch - addons
baseurl=http://local_uln_mirror/yum/OracleLinux/OL9/addons/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1

    • Replace local_uln_mirror with the IP address or resolvable host name of the local ULN mirror.

    • To distinguish the local repositories from the ULN repositories, optionally prefix the labels for each entry with a string such as local_. Note that you must also edit the uptrack configuration, described later in this procedure.

    • The example configuration enables the local_ol9_x86_64_ksplice, local_ol9_x86_64_ksplice_userspace, local_ol9_baseos_latest, local_ol9_appstream, and local_ol9_addons channels.

  4. Test the configuration.

    1. Clear the yum metadata cache. 

      sudo dnf clean metadata

    2. Verify the configuration. 

      sudo dnf repolist

      If the dnf commands can't connect to the local ULN mirror, check that the firewall settings on the local ULN mirror server allow incoming TCP connections to the HTTP port (port 80).

  5. Remove prelink.

    If prelink is installed, revert all the prelinked binaries and dependent libraries to the original states and then remove the prelink package as follows: 

    prelink -au
sudo dnf remove prelink

    The prelink package is installed and enabled by default on Oracle Linux 6, but not on Oracle Linux 7, Oracle Linux 8 or Oracle Linux 9.

  6. Install the offline version of the enhanced client package. 
    sudo dnf install ksplice-offline
  7. Update the Uptrack configuration in /etc/uptrack/uptrack.conf for channel prefixes.

    Add a configuration directive to the /etc/uptrack/uptrack.conf file to provide the enhanced client with the label of the local, user space channel in the local ULN mirror yum repository.

    Note:

    You can skip this step if you didn't use the local_ prefix for the channel label, and this label is an exact match of the label that's used on ULN. If you used the local_ prefix or labeled this channel differently, add the following lines, but instead of local_ol9_x86_64_ksplice_userspace, specify the same label that you used for the Ksplice user space channel, for example: 

    [User]
yum_userspace_ksplice_repo_name = local_ol9_x86_64_ksplice_userspace
  8. Install packages for offline updates.

    To install offline update packages, install the relevant packages, for example: 

    sudo dnf install ksplice-updates-glibc ksplice-updates-openssl

    If you're installing the offline updates package for the Xen hypervisor, specify the release in the command, for example: 

    sudo yum install ksplice-updates-xen-$RELEASE

    For the previous command, $RELEASE is the update package that corresponds to the version of the hypervisor that's currently running, as shown in this example: 

    sudo yum install ksplice-updates-xen-4.4.4-196.0.10.el6

    After you have installed these packages, the offline version of the enhanced client behaves the same way as the online version.

  9. Update the system.

    Update the system to install the Ksplice-aware versions of the user space libraries: 

    sudo dnf update

    To install only the libraries and not any other packages, limit the update to the Ksplice user space channel, for example, ol9_x86_64_userspace_ksplice channel: 

    sudo dnf --disablerepo=* --enablerepo=ol9_x86_64_userspace_ksplice update

    Or, you can use the following command: 

    sudo dnf update *glibc *openssl*

    You might also use this client to perform kernel updates in the same way that you can use the standard uptrack client: 

    sudo dnf install uptrack-updates-$(uname -r)
  10. (Optional) Enable automatic installation of updates.

    To enable the automatic installation of updates, change the entry in /etc/uptrack/uptrack.conf from no to yes, as shown in the following example: 

    autoinstall = yes
  11. Reboot the system.

    Reboot the system for the changes to take effect. 

    sudo systemctl reboot

    For Oracle Linux 6, use the following command: 

    sudo reboot

    Note:

    If you installed updates for the Xen hypervisor, no special configuration is required, and you don't need to reboot the system for the updates to be applied.