Repo for https://wyen.me, Github.io page, Resume, Projects Website, Etc.

View My GitHub Profile

Linux Server Deploy Guide

SpaceWalk: Home

post-os install


Allow PGSQL-SERVER to connect on port 5432 (this is the default port, configure as you see fit) for PostgreSQL

firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address=""
  port protocol="tcp" port="5432" accept'

Once all rules have been added

Check the zone file later to inspect the XML configuration

[root@SPACEWALK-SERVER ~]# cat /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
  <service name="ssh"/>
  <service name="dhcpv6-client"/>
  <service name="http"/>
  <service name="https"/>
  <port protocol="tcp" port="5222"/>
  <port protocol="tcp" port="69"/>
  <port protocol="tcp" port="5269"/>
  <rule family="ipv4">
    <source address=""/>
    <port protocol="tcp" port="5432"/>

Reload the firewall

[root@SPACEWALK-SERVER ~]# firewall-cmd --reload

Check the open ports

Deploy SpaceWalk Client

Note: This will replace mose of the below with autoconfiguration in coming releases

RHEL / CentOS 7 clients

We need to add with official client repositories for RHEL 7 based clients too.

# https://copr-be.cloud.fedoraproject.org/results/%40spacewalkproject/spacewalk-2.8-client/epel-7-x86_64/00742644-spacewalk-repo/spacewalk-client-repo-2.8-11.el7.centos.noarch.rpm
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Step 2

In the /etc/yum/pluginconf.d/rhnplugin.conf file simply create a section corresposnding to the channel name for which you want to disable checks.

Most likely you only need to change gpgcheck for [main]

[root@EXAMPLE-CENTOS7-CLIENTSERVER pluginconf.d]# cat rhnplugin.conf
enabled = 1
gpgcheck = 0
timeout = 120

# You can specify options per channel, e.g.:
#enabled = 1
#gpgcheck = 0


Install support program packages for spacewalk clients.

# yum install rhn-client-tools rhn-check rhn-setup rhnsd m2crypto yum-rhn-plugin -y
sudo rhnreg_ks --serverUrl=https://SPACEWALK-SERVER.EXAMPLEDOMAIN.TLD/XMLRPC --sslCACert=/<-LOCATION HERE-> --activationkey=<-KEY HERE->


Find the gateway/route

ip r


netstat -r -n

Check the resolv.conf file for DNS

cat /etc/resolv.conf

Setup network on CentOS 7 minimal

First, type “nmcli d” command in your terminal for quick list ethernet card installed on your machine:

nmcli d

Type “nmtui” command in your terminal to open Network manager. After opening Network manager chose “Edit connection” and press Enter (Use TAB button for choosing options):

sudo nmtui

Change the Hostname

For SpaceWalk the hostname must be in lowercase

Display the current hostname information


Set a static Hostname

hostnamectl set-hostname your-new-hostname --static

Common errors

/usr/bin/applydeltarpm not installed.

You don’t need to do something, but you can, especially if you have a slow internet connection. If you install deltarpm support:

yum install deltarpm

you will download only the differences with older versions of already installed packages. This is done at the cost of increased processing time.

Install Open VM Tools (VMWare Tools)

sudo yum install open-vm-tools -y

Wait for install to complete and reboot

sudo shutdown --reboot now

Monitor Repo Sync status

The Boring Method

As long as you have not exited the window you can click the big blue button that takes you to an output log file via HTTP

This requres manaual refresh and works poorly

The Much Better Method

From CLI:

This uses the log file I set up for the base CentOS7 Channel as an example

tail -f /var/log/rhn/reposync/centos7-base.log

Install the SSL Cert to a client machine

Centos7 / RedHat7

curl --insecure -O https://SPACEWALK-SERVER.EXAMPLEDOMAIN.TLD/pub/rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm