[LON-CAPA-admin] checkrpms no longer working

Martin Siegert siegert at sfu.ca
Thu Jul 15 15:39:58 EDT 2004 

Hi all,

On Thu, Jul 15, 2004 at 08:57:31AM -0500, Nathan Schoenack wrote:
> Hello,
> 
> Since our upgrade to 1.1.99.2, Checkrpms stopped working...any suggestions?
> 
> THIS SCRIPT IS NOW PROBING SEVERAL FTP SERVERS....
> PLEASE BE PATIENT, THIS MAY TAKE A FEW MINUTES.
> Trying install.lon-capa.org...
> ...cannot find ftpmirror:loncapa at install.lon-capa.org on the network
> Trying mirror.pa.msu.edu...
> ...cannot find mirror.pa.msu.edu on the network
> Trying distro.ibiblio.org...
> distro.ibiblio.org found...
> perl /usr/local/loncapa/bin/check-rpms -nk  --rpmuser www -ftp
> distro.ibiblio.org/pub/linux/distributions/redhat/updates/7.3/en/os
> **** WARNING **** You need to update at least 10 RPMS shown in
> the list below.  THIS IS IMPORTANT FOR SECURITY.
> ncftpls: Could not change directory: server said: 7.3: No such file or
> directory
> ncftpls failed with status 5.
> ncftpls: Could not change directory: server said: 7.3: No such file or
> directory
> ncftpls failed with status 5.
> ncftpls: Could not change directory: server said: 7.3: No such file or
> directory
> ncftpls failed with status 5.
> ncftpls: Could not change directory: server said: 7.3: No such file or
> directory
> ncftpls failed with status 5.
> ncftpls: Could not change directory: server said: 7.3: No such file or
> directory
> ncftpls failed with status 5.

Ok. Let's solve this once and for all :-)
The following applies mostly for RH7.3, RH9.0 systems.
(check-rpms also works for Fedora and SuSE, but for those systems
you can use yum (Fedora) or you (SuSE))

1) comment out (or delete) the line

10 3 * * 1,4,7    www    /usr/local/loncapa/bin/CHECKRPMS --cronmail

from /etc/cron.d/loncapa

2) go to the check-rpms home page
http://www.sfu.ca/acs/security/linux/check-rpms.html
and download the latest check-rpms rpm 
(currently check-rpms-3.0.1-1.noarch.rpm)
and install it with "rpm -Uvh check-rpms-3.0.1-1.noarch.rpm".
check-rpms comes with a man page, you may want to read it:
man check-rpms

3) edit the configuration file /usr/local/etc/check-rpms.conf and
set your favorite ftp server (in particular use one that works):

$FTP = 1;
$FTPSERVER = "ftp.sfu.ca";
$FTPUPDATES = "pub/linux/7.3/RPMS";

(this will use the SFU RedHat 7.3 updates - we do not support RH9)
To use fedoralegacy you would use one of their mirror sites, e.g.,

$FTP = 1;
$FTPSERVER = "ftp.gtlib.cc.gatech.edu";
$FTPUPDATES = "pub/fedoralegacy/redhat/7.3/updates/i386";

4) create the file /etc/cron.d/checkrpms and put the following lines into it:
MAILTO=<your email address>

# Check whether the RPMS are up-to-date and e-mail the system admins.
# (It is very important to keep a loncapa system running with all applicable
#  security patches.)
10 3 * * 1,4,7    www    /usr/local/bin/check-rpms

This procedure will completely decouple the checking of rpms from loncapa.

(in order to make this decoupling complete we need to get rid of the
CHECKRPMS line in /etc/cron.d/loncapa and the /usr/local/loncapa/bin/CHECKRPMS
script in future loncapa releases).

Cheers,
Martin

-- 
Martin Siegert
Head, HPC at SFU
WestGrid Site Manager
Academic Computing Services                        phone: (604) 291-4691
Simon Fraser University                            fax:   (604) 291-4242
Burnaby, British Columbia                          email: siegert at sfu.ca
Canada  V5A 1S6

More information about the LON-CAPA-admin mailing list