"Turn" Linux's self-built Yum repository

Original link: http://www.live-in.org/archives/1410.html

Usually use the Yum method to install the update software, you can build a Yum source, synchronize the official update source, so that if there is a local machine to upgrade, you can directly use the local update source. The system here is CentOS 6.2.

First, the service side
1, installation needs of the environment
Self-built Yum local Update source can use HTTP service or FTP service, because FTP server to consider firewall configuration, active, passive connection mode, here use HTTP service.

Install Apache:

Yum Install httpd

Configure the Apache process to skip over.

2. Install the Createrepo package

Yum Install Createrepo

3. Set up Storage Package directory

Mkdir-p/home/yum/centos/6/
Chown-r apache:apache/home/yum/

4. Apache Create virtual directory

Vim/etc/httpd/conf/httpd.conf

In the end, add:

Namevirtualhost *:80
< VirtualHost *:80>
Documentroot/home/yum
ServerName XXX.XXX.XXX #填写绑定的域名
<directory "/home/yum" >
Options Indexes FollowSymLinks
</directory>
</virtualhost>

5. Put the RPM package into the/home/yum/centos/6/directory

6, the implementation of Createrepo

Createrepo/home/yum/centos/6

In the/HOME/YUM/CENTOS/6 directory will be automatically generated Repodata directory, Repodata directory is a database, where the file is mainly in XML format, describes a RPM package details, such as dependencies, including files, checksum code information.

Second, the client
1. Create Yum client repo file

Vim/etc/yum.repos.d/test.repo

With. Repo as the suffix, here the name is test.

Add to:

[Test]
Name=yum Test
Baseurl=http://xxx.xxx.xxx/centos/6
Enabled=1
Gpgcheck=1
Gpgkey=http://xxx.xxx.xxx/centos/rpm-gpg-key-testrepo

Description
[Test]: is the repo ID.
Name: Description of the warehouse.
BaseURL: The location of the warehouse.
Enabled: Whether to enable this warehouse, 1 for use, 0 for disabled.
Gpgcheck: Whether to check GPG signature, 1 for check, 0 for not check.
(XXX.XXX.XXX is the domain name of the binding)

PS: If it is used internally, Gpgcheck can be set to 0 (at the same time Gpgkey not set), if the update source on the public network, or need to check the GPG signature, to ensure that the client to obtain the source of reliability.

2. View Yum Update source list

Yum Repolist

Whether it is known as the source of Yum Test appears.

Third, (optional) service side use GPG key to sign the RPM package
1. Create GPG key
GPG key is also based on an asymmetric encryption algorithm that generates the public and private keys.

Perform:

CD ~
GPG--gen-key

To create a process:

Select encryption algorithm, encryption strength, whether to set expiration date

Set name and mailbox


Enter Protection password

Generate public and private key files under the/ROOT/.GNUPG directory. It is observed that PUBRING.GPG is the public key and SECRING.GPG is the private key.

2. View Public key

GPG--list-key

Shown below:

/ROOT/.GNUPG/PUBRING.GPG------------------------Pub   2048r/ef9632f2 2012-07-21uid                  test Repo <[email Protected]>sub   2048R/C17A35BC 2012-07-21

3. Set up your home directory. Rpmmacros file

CD ~
Vim. Rpmmacros

Add to:

%_signature GPG
%_gpg_name test Repo <[email protected]>

%_gpg_name back to fill in the GPG--list-key command display UID, specify this set of keys to sign.

4. Sign the RPM package
Take the mtree-2.7-1.el6.rf.i686.rpm package as an example.

Cd/home/yum/centos/6
RPM--resign mtree-2.7-1.el6.rf.i686.rpm

You will then need to enter a protection password.

5. Export the public key to a text file

CD ~
GPG--export-a "test repo <[email protected]>" >rpm-gpg-key-testrepo

6. Verify that the signature is successful
To view the public key in the RPM database:

Rpm-q Gpg-pubkey

Gpg-pubkey-c105b9de-4e0fd3a3

To import the public key:

RPM--import Rpm-gpg-key-testrepo


Rpm-q Gpg-pubkey

Gpg-pubkey-c105b9de-4e0fd3a3
Gpg-pubkey-ef9632f2-500a6e55

A set of public keys has been added.

Check RPM Packages:

Cd/home/yum/centos/6
Rpm-k mtree-2.7-1.el6.rf.i686.rpm

Mtree-2.7-1.el6.rf.i686.rpm:rsa SHA1 (MD5) PGP MD5 OK

7. Place the public key on the Web server

CP ~/rpm-gpg-key-testrepo/home/yum/centos/

8, the service side update warehouse information

Createrepo--UPDATE/HOME/YUM/CENTOS/6

The main is to update the data in the Repodata directory.

Iv. (optional) Client import public key

RPM--import Http://XXX.XXX.XXX/centos/RPM-GPG-KEY-TESTREPO

(XXX.XXX.XXX is the domain name of the binding)

Test installation:

Yum Install Mtree

Source: <centos Linux self-built yum source | Angel sheep bobo shining light >

From for notes (Wiz)