02 February, 2011

Update offline CentOS/RHEL server

Sometimes you have a RHEL/CentOS server which is not connected to the Internet. But you should also install security update to prevent local hackers to mess up your system.

I was not able to find some nice description how to do it. Some people are using proxies - but then you still need some connection to the proxy - which can not be the case.

Here is my way how I did it....

Let's say there is a server which is offline and doesn't have any connection to the Internet.
Then we need station (or laptop / virtual machine), which has the same OS as server and is connected to the Internet.

Copy the /var/lib/rpm to the station (you can use USB/CD...)
scp -r /var/lib/rpm root@station:/tmp/

Install the download only plugin for yum:
yum install yum-downloadonly

Backup the original rpm directory on the station and replace it with the rpm directory from the server:
mv -v /var/lib/rpm /var/lib/rpm.orig
mv -v /tmp/rpm /var/lib/

Download updates to /tmp/rpm_updates and return back the /var/lib/rpm
mkdir -v /tmp/rpm_updates
yum update --downloadonly --downloaddir /tmp/rpm_updates
rm -rvf /var/lib/rpm 
mv -v /var/lib/rpm.orig /var/lib/rpm

Transfer the downloaded rpms to the server and update:
scp -r /tmp/rpm_updates root@server:/tmp/
ssh root@server
rpm -Uvh /tmp/rpm_updates/*

...and the server is updated ;-)
This is probably not the best way how to do it, but it's working for me.

1 comment:

  1. In my case, I need to run 'yum clean all' first before 'yum update --downloadonly --downloaddir /tmp/rpm_updates'

    ReplyDelete

Note: only a member of this blog may post a comment.