Dec 172011
 

Update: Post updated to allow for generation of multiple mirrors of varying versions of RHEL as shown at http://brandonhutchinson.com/mrepo_configuration.html.

The latest version of mrepo available in EPEL (mrepo-0.8.7-2.el6.noarch.rpm at the time of this writing) won’t allow you to mirror RHN without some slight modifications. This is a brief howto that will highlight exactly what is needed to allow mrepo to mirror RHN on RHEL6.

NOTE: This howto is loosely based on the RHEL5 mrepo howto available at http://ln-s.net/9SlN.

You will need to install the following packages:

pyOpenSSL
rhn-client-tools
rhpl
mrepo

Next, you need to setup mrepo.conf with your RHN login credentials by adding the following to the [main] section:

rhnlogin = <username>:<password>

Set a silly default for up2date

echo "up2date default" > /etc/sysconfig/rhn/sources

Set your machine’s UUID

UUID=$(uuidgen) ; /bin/echo -e "uuid[comment]=Universally Unique ID for this server\nrhnuuid=$UUID" \
 > /etc/sysconfig/rhn/up2date-uuid

Set up additional repositories (RHEL5 in this case). Note that the path will differ depending on your srcdir as specified in mrepo.conf.

gensystemid -u RHN_username -p RHN_password --release=5Server --arch=x86_64 /srv/mrepo/src/5Server-x86_64/

Make sure the proper certificate is in use

cp `cat /etc/sysconfig/rhn/up2date|grep ^sslCACert=|cut -d= -f2` /usr/share/rhn/RHNS-CA-CERT

Add your RHEL6 (and any additional platforms) mrepo configuration (e.g.):
/etc/mrepo.conf.d/6Server.conf

### Name: Red Hat Enterprise Server v6
### URL: http://www.redhat.com/

[6Server]
name = Red Hat Enterprise Server $release ($arch)
release = 6
arch = x86_64
metadata = yum repomd

### RHEL6 repositories
updates = rhns://<your satellite server>/rhel-$arch-server-$release
optional = rhns://<your satellite server>/rhel-$arch-server-optional-$release
rhn-tools = rhns://<your satellite server>/$repo-rhel-$arch-server-$release
supplementary = rhns://<your satellite server>/rhel-$arch-server-$repo-$release

/etc/mrepo.conf.d/5Server.conf

### Name: Red Hat Enterprise Server v5
### URL: http://www.redhat.com/

[5Server]
name = Red Hat Enterprise Server $release ($arch)
release = 5
arch = x86_64
metadata = repomd

### RHEL5 repositories
updates = rhns://<your satellite server>/rhel-$arch-server-$release
vt = rhns://<your satellite server>/rhel-$arch-server-$repo-$release
supplementary = rhns://<your satellite server>/rhel-$arch-server-$repo-$release
fastrack = rhns://<your satellite server>/rhel-$arch-server-$repo-$release
hts = rhns://<your satellite server>/rhel-$arch-server-$repo-$release
rhn-tools = rhns://<your satellite server>/$repo-rhel-$arch-server-$release

Lastly, you need to fix a couple bugs in the current mrepo release so that it will run successfully on RHEL6. The first file to change is /usr/share/mrepo/up2date_client/up2dateUtils.py:

--- /usr/share/mrepo/up2date_client/up2dateUtils.py     2008-08-14 19:14:47.000000000 -0500
+++ /var/lib/bcfg2/Cfg/usr/share/mrepo/up2date_client/up2dateUtils.py/up2dateUtils.py   2011-12-02 09:27:07.500138609 -0600
@@ -13,7 +13,7 @@
 import time
 import rpm
 import string
-import md5
+import hashlib

 sys.path.insert(0, "/usr/share/rhn/")
 sys.path.insert(1,"/usr/share/rhn/up2date_client")
@@ -158,7 +158,7 @@

 def md5sum(fileName):
-    hashvalue = md5.new()
+    hashvalue = hashlib.md5()

     try:
         f = open(fileName, "r")

The second file to change is /usr/share/mrepo/rhn/transports.py

--- /usr/share/mrepo/rhn/transports.py  2008-08-14 19:14:47.000000000 -0500
+++ /var/lib/bcfg2/Cfg/usr/share/mrepo/rhn/transports.py/transports.py  2011-12-13 15:04:19.236104253 -0600
@@ -33,6 +33,7 @@

 class Transport(xmlrpclib.Transport):
     user_agent = "rhn.rpclib.py/%s" % __version__
+    _use_datetime = False

     def __init__(self, transfer=0, encoding=0, refreshCallback=None,
             progressCallback=None):

That should do it. You should then be able to run mrepo -ugv and update your local mrepo mirror with the latest from RHN.

 Posted by at 21:57

  4 Responses to “Mirroring RHN with mrepo on RHEL6”

  1. Thanks for the post…
    Have you ever encountered the error from mrepo: “OpenSSL.SSL.Error: [(‘SSL routines’, ‘SSL3_GET_SERVER_CERTIFICATE’, ‘certificate verify failed’)]”?

    I haven’t been able to download package updates from the satellite server since I’ve seen the error.
    Thanks.

    • That error indicates that you are likely not using the right CA certificate. Check that /usr/share/rhn/RHNS-CA-CERT is the right certificate for your satellite server.

  2. I wanted to post a quick thank you for this article. It was exactly what I needed to move our mrepo server from RHEL 5 to RHEL 6.

    Many thanks!

    Justin

Leave a Reply to Ray Finkle Cancel reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*