CentOS 6 Spacewalk 1.5 (RHN Satellite) With PostgreSQL - Quick & Dirty

This paper is an overview of the commands needed to setup a working spacewalk (satellite) server on CentOS 6. SELinux with the current version on CentOS seems to have some problems during installation which can be fixed by installing the src RPM's as described.

I'm not going into much detail on how to use the Satellite server once it is installed, though I have left some notes for different configurations in the 'Links & Notes' section.

  • Edit /etc/hosts and add your Spacewalk server % vi /etc/hosts spacewalk.localdomain.com spacewalk
  • Add the following ports to /etc/sysconfig/iptables % vi /etc/sysconfig/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 69 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 5222 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 25150 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 25150 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT % service iptables restart
  • Install and add the Spacewalk, JPackage, and EPEL repos respectively. % rpm -Uvh http://spacewalk.redhat.com/yum/1.5/RHEL/6/i386/\ spacewalk-repo-1.5-1.el6.noarch.rpm % vi /etc/yum.repos.d/jpackage-generic.repo [jpackage-generic] name=JPackage generic baseurl=http://mirrors.dotsrc.org/jpackage/5.0/generic/free/ enabled=1 gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc % rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/i386/\ epel-release-6-5.noarch.rpm
  • Normally at this point you could: yum install spacewalk-postgresql; however doing so now will cause the following error during installation on CentOS 6. Error: Package: spacewalk-common-1.5.1-1.el6.noarch (spacewalk) Requires: selinux-policy-base >= 3.7.19-93 Installed: selinux-policy-targeted-3.7.19-54.el6.noarch \ (@anaconda-centos-201106051823.i386/6.0) selinux-policy-base = 3.7.19-54.el6 Available: selinux-policy-minimum-3.7.19-54.el6.noarch (localrepo) selinux-policy-base = 3.7.19-54.el6 Available: selinux-policy-mls-3.7.19-54.el6.noarch (localrepo) selinux-policy-base = 3.7.19-54.el6 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest To fix this you need to download the source RPM's for selinux and compile them as shown below.
  • Install tools for compiling and installing the selinux src.rpm, compile from the .spec file. Install the PostgreSQL database. Install Spacewalk with PostgreSQL. % yum install policycoreutils-python gcc gcc-c++ rpmdevtools postgresql-* % rpm -ivh ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/\ SRPMS/selinux-policy-3.7.19-93.el6.src.rpm % cd rpmbuild/SPECS % rpmbuild -ba selinux-policy.spec % cd rpmbuild/RPMS/noarch % yum localinstall * --nogpgcheck % yum install spacewalk-postgresql % chkconfig postgresql on % service postgresql initdb % service postgresql start
  • Configure PostgreSQL and create the database. % su - postgres $ psql template1 template1=# CREATE LANGUAGE plpgsql; template1=# CREATE DATABASE spacewalk; template1=# \q % vi /var/lib/pgsql/data/pg_hba.conf append: host all all trust (substitute your network for % vi /var/lib/pgsql/data/postgresql.conf change: listen_addresses = 'localhost' to listen_addresses = '*' % service postgresql restart
  • Setup the Spacewalk database connection. % spacewalk-setup ** Database: Setting up database connection for PostgreSQL backend. Hostname (leave empty for local)? Port [5432]? Database? spacewalk Username? postgres Password? <root password> ** Database: Populating database. *** Progress: #### * Setting up users and groups. ** GPG: Initializing GPG and importing key. ** GPG: Creating /root/.gnupg directory
  • Your Spacewalk server should now be accessible at: % https://spacewalk.localdomain.com
  • Links & Notes

  • Spacewalk Installation Instructions
  • Spacewalk CentOS Wiki
  • Post-Installation Guides
  • RHN Satellite Server Installation Program
  • Log file location. /var/log/rhn/
  • Setting selinux for a new Spacewalk repo RPM location. % semanage fcontext -a -t spacewalk_data_t "/rpm(/.*)?" % restorecon -R -v /rpm
  • Client Install notes. Temporarily enable the EPEL repo % vi /etc/yum.repos.d/epel.repo [epel] name=Extra Packages for Enterprise Linux 5 - $basearch #baseurl=http://download.fedora.redhat.com/pub/epel/5/$basearch mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=\ $basearch failovermethod=priority gpgkey=http://download.fedora.redhat.com/pub/epel/RPM-GPG-KEY-EPEL gpgcheck=1 enabled=1 Install the Spacewalk repo. % rpm -Uvh http://spacewalk.redhat.com/yum/1.5/RHEL/6/i386/\ spacewalk-client-repo-1.5-1.el6.noarch.rpm Install the client packages. % yum install rhn-setup yum-rhn-plugin python-dmidecode Register the client to the server. % rhnreg_ks --serverUrl=http://spacewalk.example.com/XMLRPC\ --activationkey=<default-activation-key> After the client has been connected to the Spacewalk server disable the repos in /etc/yum.repos.d/ by changing enabled=1 to enabled=0 in the repo files. ERRORS Like the following with yum installation. warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID\ c105b9de: NOKEY Solution: Disable GPG checks on the client. % vi /etc/yum/pluginconf.d/rhnplugin.conf gpgcheck = 0
  • Kickstart Notes Spacewalk server must have a valid DNS name and be resolvable. /etc/dhcpd.conf must have the below entries. allow booting; allow bootp; filename "pxelinux.0"; next-server <spacewalk server IP address>; Download the pxlinux.0 boot file. % cobbler get-loaders Check for errors with cobbler. % cobbler check tftp directory is: /var/lib/tftpboot cobbler directory is: /var/lib/cobbler Mount the distribution ISO to an html accessible location: % mount -o loop /mnt/CentOS-6.0-i386-bin-DVD.iso /var/www/html/distros/\ CentOS_6_i386 % service xinetd start % cobbler get-loaders % cd /var/lib/cobbler/loaders % cp * /var/lib/tftpboot/ Channels -> Manage Software Channels -> Create New Channel Create a new Channel named CentOS 6 Base - i386 Systems -> Kickstart -> Distributions -> Create New Distribution Create a new kickstart distro with the tree path as: /var/www/html/distros/\ CentOS_6_i386 Base Channel: CentOS 6 Base - i386 Systems -> Kickstart -> Profiles -> Create New Kickstart Profile Channels -> Manage Software Channels -> Manage Repositories -> Create New Repository Create a new spacewalk client repository, point the Repository URL to: http://spacewalk.redhat.com/yum/1.5-client/RHEL/6/i386/ Channels -> Manage Software Channels -> Create New Channel Create a new Spacewalk Client channel (child channel) with a parent channel of CentOS 6 Base. Click repositories and 'check' the spacewalk client then sync the repository.