Original link: http://www.live-in.org/archives/1410.html
Usually use the Yum method to install the update software, you can build a Yum source, synchronize the official update source, so that if there is a local machine to upgrade, you can directly use the local update source. The system here is CentOS 6.2.
First, the service side
1, installation needs of the environment
Self-built Yum local Update source can use HTTP service or FTP service, because FTP server to consider firewall configuration, active, passive connection mode, here use HTTP service.
Install Apache:
Yum Install httpd
Configure the Apache process to skip over.
2. Install the Createrepo package
Yum Install Createrepo
3. Set up Storage Package directory
Mkdir-p/home/yum/centos/6/
Chown-r apache:apache/home/yum/
4. Apache Create virtual directory
Vim/etc/httpd/conf/httpd.conf
In the end, add:
Namevirtualhost *:80
< VirtualHost *:80>
Documentroot/home/yum
ServerName XXX.XXX.XXX #填写绑定的域名
<directory "/home/yum" >
Options Indexes FollowSymLinks
</directory>
</virtualhost>
5. Put the RPM package into the/home/yum/centos/6/directory
6, the implementation of Createrepo
Createrepo/home/yum/centos/6
In the/HOME/YUM/CENTOS/6 directory will be automatically generated Repodata directory, Repodata directory is a database, where the file is mainly in XML format, describes a RPM package details, such as dependencies, including files, checksum code information.
Second, the client
1. Create Yum client repo file
Vim/etc/yum.repos.d/test.repo
With. Repo as the suffix, here the name is test.
Add to:
[Test]
Name=yum Test
Baseurl=http://xxx.xxx.xxx/centos/6
Enabled=1
Gpgcheck=1
Gpgkey=http://xxx.xxx.xxx/centos/rpm-gpg-key-testrepo
Description
[Test]: is the repo ID.
Name: Description of the warehouse.
BaseURL: The location of the warehouse.
Enabled: Whether to enable this warehouse, 1 for use, 0 for disabled.
Gpgcheck: Whether to check GPG signature, 1 for check, 0 for not check.
(XXX.XXX.XXX is the domain name of the binding)
PS: If it is used internally, Gpgcheck can be set to 0 (at the same time Gpgkey not set), if the update source on the public network, or need to check the GPG signature, to ensure that the client to obtain the source of reliability.
2. View Yum Update source list
Yum Repolist
Whether it is known as the source of Yum Test appears.
Third, (optional) service side use GPG key to sign the RPM package
1. Create GPG key
GPG key is also based on an asymmetric encryption algorithm that generates the public and private keys.
Perform:
CD ~
GPG--gen-key
To create a process:
Select encryption algorithm, encryption strength, whether to set expiration date
Set name and mailbox
Enter Protection password
Generate public and private key files under the/ROOT/.GNUPG directory. It is observed that PUBRING.GPG is the public key and SECRING.GPG is the private key.
2. View Public key
GPG--list-key
Shown below:
/ROOT/.GNUPG/PUBRING.GPG------------------------Pub 2048r/ef9632f2 2012-07-21uid test Repo <[email Protected]>sub 2048R/C17A35BC 2012-07-21
3. Set up your home directory. Rpmmacros file
CD ~
Vim. Rpmmacros
Add to:
%_signature GPG
%_gpg_name test Repo <[email protected]>
%_gpg_name back to fill in the GPG--list-key command display UID, specify this set of keys to sign.
4. Sign the RPM package
Take the mtree-2.7-1.el6.rf.i686.rpm package as an example.
Cd/home/yum/centos/6
RPM--resign mtree-2.7-1.el6.rf.i686.rpm
You will then need to enter a protection password.
5. Export the public key to a text file
CD ~
GPG--export-a "test repo <[email protected]>" >rpm-gpg-key-testrepo
6. Verify that the signature is successful
To view the public key in the RPM database:
Rpm-q Gpg-pubkey
Gpg-pubkey-c105b9de-4e0fd3a3
To import the public key:
RPM--import Rpm-gpg-key-testrepo
Rpm-q Gpg-pubkey
Gpg-pubkey-c105b9de-4e0fd3a3
Gpg-pubkey-ef9632f2-500a6e55
A set of public keys has been added.
Check RPM Packages:
Cd/home/yum/centos/6
Rpm-k mtree-2.7-1.el6.rf.i686.rpm
Mtree-2.7-1.el6.rf.i686.rpm:rsa SHA1 (MD5) PGP MD5 OK
7. Place the public key on the Web server
CP ~/rpm-gpg-key-testrepo/home/yum/centos/
8, the service side update warehouse information
Createrepo--UPDATE/HOME/YUM/CENTOS/6
The main is to update the data in the Repodata directory.
Iv. (optional) Client import public key
RPM--import Http://XXX.XXX.XXX/centos/RPM-GPG-KEY-TESTREPO
(XXX.XXX.XXX is the domain name of the binding)
Test installation:
Yum Install Mtree
Source: <centos Linux self-built yum source | Angel sheep bobo shining light >
From for notes (Wiz)