[LON-CAPA-users] RPM update

Lars Jensen lon-capa-users@mail.lon-capa.org
Thu, 30 May 2002 11:41:44 -0700 (PDT)


Thanks for the detailed explanations. One question I have before I do an
check-rpms -v -r --update -ftp : What ftp server should I use for the
packages? I am only aware of the
http://install.lon-capa.org/3.1/latestRPMS/ link. No link is listed on
the web site for downloading rpms.

Another question is whether I should do the kernel update considering that an
6.2-to-7.3 CDROM  upgrade apparently is going to be available. This
would presumably update the kernel to version 2.4 anyway, wouldn't it?

Thanks,
Lars.

On Thu, 30 May 2002, Martin Siegert wrote:

> Hi Lars,
> 
> On Thu, May 30, 2002 at 12:30:24AM -0700, Lars Jensen wrote:
> > When I do a CHECKRPMS, I get a message that I need to install at least
> > 75 RPM's. Some of these seem to me not to matter that much,
> 
> I believe they do matter. Note that check-rpms does not list packages
> that should be installed but packages that need to be upgraded.
>                ---------                              --------
> I.e., all the packages that were listed by check-rpms are already
> installed on your system! Check-rpms lists them because there is a
> newer version available. At this point you have serveral choices:
> 1) uninstall the old version of the packages, if you do not need it.
> 2) upgrade the packages (e.g., check-rpms -v -r --update ...)
> 3) do nothing. Note, however, that most updates released by RedHat are
>    security updates. Thus, by doing nothing you leave a package installed
>    on your system that has a security hole. When choosing 3) you must be
>    able to decide whether you are vulnereable to that security hole or not.
> 
> My advice is: choose 1), if possible, otherwise choose 2). I recommend
> to run check-rpms -v at least once a week.
> 
> > but I was
> > wondering if I should do the kernel upgrade from the present 2.2.14 to
> > the recommended 2.2.19 ?
> 
> You should. All kernels before that 2.2.19-6.2.16 release are vulnerable to
> a (local) root exploit that is trivial to exploit (scripts are published
> on mailing lists).
> 
> > Should I anticipate any problems with the
> > upgrade? Do I need to restart anything after the kernel upgrade? How
> > about dependencies? Will they be satisfied if I just upgrade these
> > files:
> > 
> > (1) kernel-2.2.19-6.2.16.i686.rpm
> > (2) kernel-headers-2.2.19-6.2.16.i386.rpm
> > (3) kernel-pcmcia-cs-2.2.19-6.2.16.i386.rpm
> > (4) kernel-smp-2.2.19-6.2.16.i686.rpm
> > (5) kernel-utils-2.2.19-6.2.16.i386.rpm
> > 
> > I'm upgrading out Dell dual processormachine, so I assume that I don't
> > need (3) and only one of (1) and (4) (in our case it would be (4)). Is
> > this correct?
> 
> Correct: you do not need (1) nor (3). Thus, you should unistall (rpm -e ...)
> (1) and (3) first.
> 
> With respect to dependencies:
> run "check-rpms -v -r --update ..." first. check-rpms updates all packages
> at once (with the exception of the kernel). By doing so all dependencies
> should be resolved. The assumption is that the old packages that are
> installed on your system have the same dependencies as the new packages.
> This would be true, if updates of packages do not introduce dependencies
> that did not exist between the old packages. This is the sane way of doing
> things and almost always correct. Unfortunately RedHat has introduced
> a few "insane" updates that do introduce dependencies that did not exist
> before. Sigh. If there are such packages with new dependencies that cannot be
> resolved within the packages that check-rpms lists for upgrading, then
> check-rpms will fail (without doing any damage). In those cases you have
> to do the upgrades that involve those packages by hand. It would be nice,
> if check-rpms could handle those cases as well and I spent quite a bit
> of time investigating this problem before I discarded it as beeing not
> feasible. It basically cannot be done without downloading the whole
> update directory tree to your machine.
> 
> Thus: try "check-rpms -v -r --update ..." if it does not fail - fine.
> If it does, send me an email with the output of check-rpms and I'll try to
> help you to figure out what's wrong. 
> 
> Now the kernel upgrade: check-rpms refuses to do kernel upgrades. This
> is something you always have to do by hand. A kernel upgrade under RH6.2
> includes modifying /etc/lilo.conf and a reboot. If you have not done
> a kernel upgrade before: There are an few pointers in the corresponding
> message from my linux-security mailing list at
> 
> http://www.sfu.ca/~siegert/linux-security/msg00078.html
> 
> Otherwise detailed explanations can be found at
> 
> http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html
> 
> I hope this helps.
> 
> Cheers,
> Martin
> 
> ========================================================================
> Dr. Martin Siegert
> Academic Computing Services                        phone: (604) 291-4691
> Simon Fraser University                            fax:   (604) 291-4242
> Burnaby, British Columbia                          email: siegert@sfu.ca
> Canada  V5A 1S6
> ========================================================================
> _______________________________________________
> LON-CAPA-users mailing list
> LON-CAPA-users@mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-users
> 

--
Lars Jensen, TMCC/Vista B200, 7000 Dandini Blvd, Reno NV 89512-3999. 
Internet: <jensen@physics.unr.edu>, http://www.scsr.nevada.edu/~jensen
Tel: 775.673.7113  FAX: 775.674.7592