Katello 3.14 --- CentOS errata

hi all,

I am new to foreman/katello…

  • Deployed foreman 1.24.2, katello 3.14, pulp 2.21 on a CentOS7.7
  • Configured product CentOS 7
  • Added repos: base | extras | update | epel
  • Deployed test client VM CentOS7.5 and registered to foreman

Goal (test): Push only ‘security’ updates to client machine

For some reason I cannot pull the CentOS erratas.

I have looked into some web links and tried the suggestions, but still cannot make it to work.




https://www.lisenet.com/2018/katello-import-centos-errata-into-pulp/

Examples of what I have tried:
$ hammer repository synchronize --product 'CentOS 7' --name 'extras_x86_64' --skip-metadata-check true --organization "Organisation Lab"
$ perl ./errata_import.pl --errata=errata.latest.xml --include-repo=e311f136-e25d-421f-828a-e7b80459bbde

But I always get…

NOTICE: Skipping errata CESA-2020:0339 (Important CentOS kernel Update) -- No packages found

I was wondering which logs I should look into to help with the tshoot process and/or there is something I am missing on my environment configuration.

I would really appreciate comments/suggestions as to how to tshoot this issue.

Thanks in advance

Hi,

I do that : scripts.tar (10 KB)

One script which updates all repositories from my 2 products centOS (6 and 7) : MAJ_liste_errata_CentOS.sh

One script which install servers errata security (it updates RHEL servers too), servers which belongs to a host collection (I created it before) : MAJ-errata-security-env-test.sh

For unique install on a host, I execute this script with the fqdn server to update in parameter : install_errata_security_host.sh

NB : I have an other sciprt for test environment, juste ths host collection change

Sorry for commentaries, they are in french :wink:

TCK

@roth-adm Pulp looks in the repo to verify that the packages from the errata are in it. Is that skipped errata meant to find packages in the extras repo? Can you try in the updates repo?

@tck-lt thanks for sharing your custom script!

For some reason by doing:
$ perl ./errata_import.pl --errata=errata.latest.xml --debug --include-repo <<<repo_id>>>
then Adv Sync >>> Complete

I was able to get erratas for the repos:
base
updates

However repo:
extras

I still do not get the erratas…

@Justin_Sherrill any ideas here?

Wait a second… Unless I’m misreading Steve Meier’s [highly appreciated] CentOS errata file, CESA-2020:0339 only contains EL8 RPMs, This errata should not be applicable to products or repositories for CentOS 7.

Is there a better way of doing this in Katello 3.16?