使用yum更新Redhat ES 4
Wednesday, 4. April 2007, 10:44:14
参考:使用yum自動更新RedHat AS 4
用Nessus扫描出一台rhel es 4服务器有很多(多达147个)漏洞,老板要求让我第一时间把High级别的漏洞解决。
查看了一下一百多页的扫描报告,这台机器大部分的漏洞都是说软件包的漏洞,Redhat官方网站都有说明的,升级版本就可以了。但是那么多软件包一个一个来找更新岂不太麻烦?何况还会有包依赖问题,会牵连出更多更多的包要更新````
于是计划使用apt或yum。
搜索了一下,如果用Yum来更新Fedora,那是方便至极,yum资源站点很多而且很新。但正统Redhat Linux的资源就少了,一般有更新到最高版本Redhat Linux 9,企业版rhel真是难觅。以前找到的Redhat官方的下载资源也丢了````
后来搜索到如上文章,用Centos的资源来更新rhel。Centos改自rhel,应该是差不多的,于是一试```
首先用http://rpm.pbone.net/搜了一个yum-2.9.4-74.el4.at.i386.rpm ,安装时显示:
# rpm -ivh yum-2.9.4-74.el4.at.i386.rpm
warning: yum-2.9.4-74.el4.at.i386.rpm: V3 DSA signature: NOKEY, key ID 66534c2b
error: Failed dependencies:
/usr/lib/python2.3/site-packages/elementtree is needed by yum-2.9.4-74.el4.at.i386
/usr/lib/python2.3/site-packages/rpm is needed by yum-2.9.4-74.el4.at.i386
/usr/lib/python2.3/site-packages/sqlite is needed by yum-2.9.4-74.el4.at.i386
/usr/lib/python2.3/site-packages/sqlitecachec.py is needed by yum-2.9.4-74.el4.at.i386
/usr/lib/python2.3/site-packages/urlgrabber is needed by yum-2.9.4-74.el4.at.i386
python(abi) = 2.3 is needed by yum-2.9.4-74.el4.at.i386
Suggested resolutions:
yum-2.1.11-3.noarch.rpm
后来找到似乎是yum的官方站点——Yellow dog Updater, Modified,哈哈,很多版本````
上面提示建议安装yum-2.1.11-3.noarch.rpm,那就下载了个yum-2.1.11-1.noarch.rpm 。安装OK:
# rpm -ivh yum-2.1.11-1.noarch.rpm warning: yum-2.1.11-1.noarch.rpm: V3 DSA signature: NOKEY, key ID 69886cc7 Preparing... ########################################### [100%] 1:yum ########################################### [100%]
下面开始配置yum:
# vi /etc/yum.conf [base] name=CentOS 4.4 for RHEL4 - Base baseurl=http://mirror.be10.com/centos/4/os/i386/ #因为我的系统是rhel es 4(没有update的) [updates] name=CentOS 4.4 for RHEL4 - Updates baseurl=http://mirror.be10.com/centos/4/updates/i386/
下面来更新```
首先有个漏洞是关于vim的,先来查查vim:
# yum list |less ... vim-common.i386 1:6.3.035-3 installed vim-enhanced.i386 1:6.3.035-3 installed vim-minimal.i386 1:6.3.035-3 installed ...
更新一下试试:
# yum update vim-common Setting up Update Process Setting up Repo: base repomd.xml 100% |=========================| 1.1 kB 00:00 Setting up Repo: updates repomd.xml 100% |=========================| 951 B 00:00 Reading repository metadata in from local files base : ################################################## 1499/1499 updates : ################################################## 346/346 Resolving Dependencies --> Populating transaction set with selected packages. Please wait. ---> Downloading header for vim-common to pack into transaction set. vim-common-6.3.046-0.40E. 100% |=========================| 116 kB 00:00 ---> Package vim-common.i386 1:6.3.046-0.40E.7 set to be updated --> Running transaction check --> Processing Dependency: vim-common= 1:6.3.035-3 for package: vim-enhanced --> Restarting Dependency Resolution with new changes. --> Populating transaction set with selected packages. Please wait. ---> Downloading header for vim-enhanced to pack into transaction set. vim-enhanced-6.3.046-0.40 100% |=========================| 7.2 kB 00:00 ---> Package vim-enhanced.i386 1:6.3.046-0.40E.7 set to be updated --> Running transaction check Dependencies Resolved Transaction Listing: Update: vim-common.i386 1:6.3.046-0.40E.7 Performing the following to resolve dependencies: Update: vim-enhanced.i386 1:6.3.046-0.40E.7 Is this ok [y/N]: y Downloading Packages: vim-common-6.3.046-0.40E. 100% |=========================| 3.4 MB 00:03 vim-enhanced-6.3.046-0.40 100% |=========================| 956 kB 00:01 Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Updating: vim-common 100 % done 1/4 Updating: vim-enhanced 100 % done 2/4 Completing update for vim-common - 3/4 Completing update for vim-enhanced - 4/4 Updated: vim-common.i386 1:6.3.046-0.40E.7 Dependency Updated: vim-enhanced.i386 1:6.3.046-0.40E.7 Complete!
看,自动解决包依赖关系,自动 下载更新,爽````!
![pic6652q274[1].jpg](http://files.myopera.com/sealinger/albums/196589/thumbs/pic6652q274%5B1%5D.jpg_thumb.jpg)
WIDGETIZE
How to use Quote function: