Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / Registering CentOS Linux 7 with SUSE Liberty Linux Lite / RMT registration script for SUSE Liberty Linux Lite
Applies to SUSE Liberty Linux Lite

A RMT registration script for SUSE Liberty Linux Lite

  

Sometimes a new registration script is available for SUSE Liberty Linux Lite, but is not yet available from the RMT server because of different release cycles. In this case, the new registration script is shown here. Save this script as rmt-client-setup-res. 

#!/bin/sh

SUSECONNECT=/usr/bin/SUSEConnect
RPM=/usr/bin/rpm
DNF=/usr/bin/dnf
CURL=/usr/bin/curl
YUM=/usr/bin/yum
YUM_CONFIG_MGR=/usr/bin/yum-config-manager

TEMPFILE="/etc/pki/ca-trust/source/anchors/rmt.crt"
UPDATE_CA_TRUST=/usr/bin/update-ca-trust
RPM_GPG_KEY_LOCATION="/etc/pki/rpm-gpg"

PARAMS=$@
YES_PARAM=""

import_rpm_signing_keys() {
    $RPM --import ${RPM_GPG_KEY_LOCATION}/*
}

usage() {
    cat << EOT >&2

   $1

   $0 script installs SUSEConnect and its dependencies and calls rmt-client-setup script that registers to rmt

  Usage: $0 <registration URL> [--regcert <url>] [--regdata <filename>] [--de-register] [--yes]
  Usage: $0 --host <hostname of the RMT server> [--regcert <url>] [--regdata <filename>] [--de-register] [--yes]
  Usage: $0 --host <hostname of the RMT server> [--fingerprint <fingerprint of server cert>] [--regdata <filename>] [--de-register] [--yes]
         configures a SLE client to register against a different registration server

  Example: $0 https://rmt.example.com/
  Example: $0 --host rmt.example.com --regcert http://rmt.example.com/certs/rmt.crt --yes

EOT

    exit 1
}

# We need only REGURL and RMTNAME, all other parameters are just passed to rmt-client-setup script
REGURL=""
RMTNAME=""

while true; do
    case "$1" in
        --fingerprint | --regcert | --regdata)
             test -z "$2" && usage "Option $1 needs an argument"
             shift
             ;;
        --host)
             test -z "$2" && usage "Option $1 needs an argument"
             RMTNAME="$2"
             REGURL="http://${RMTNAME}"
             shift
             ;;
        --de-register)
             DE_REGISTER="Y"
             ;;
        --yes)
             YES_PARAM="--yes"
             ;;
        "")
             break
             ;;
        -h|--help)
             usage
             ;;
        https://*)
             RMTNAME="${1:8}"
             REGURL="$1"
             ;;
        http://*)
             REGURL="$1"
             RMTNAME="${REGURL:7}"
             ;;
        *)
             usage "Unknown option $1"
             ;;
    esac
    shift
done

if [ "$(id -u)" != "0" ]; then
    echo "You must be root. Abort."
    exit 1
fi

if [ -z "$REGURL" ]; then
    echo "Missing registration URL. Abort."
    exit 1
fi

if [ ! -x $RPM ]; then
    echo "rpm command not found. Abort."
    exit 1
fi

if [ ! -x $CURL ]; then
    echo "curl command not found. Abort."
    exit 1
fi

if [ ! -e /etc/os-release ]; then
    echo "/etc/os-release file not found. Couldn't determine OS. Abort."
    exit 1
fi

# Import Self-signed CERT as Trusted
if [ -z "$REGCERT" ]; then
    CERTURL=$(echo "$REGURL" | awk -F/ '{print "https://" $3 "/rmt.crt"}')
else
    CERTURL="$REGCERT"
fi

$CURL --tlsv1.2 --silent --insecure --connect-timeout 10 --output $TEMPFILE $CERTURL
if [ $? -ne 0 ]; then
    echo "Download failed. Abort."
    exit 1
fi

if [ -x $UPDATE_CA_TRUST ]; then
    $UPDATE_CA_TRUST enable
    $UPDATE_CA_TRUST extract
fi

SLL_version=$(grep "VERSION_ID" /etc/os-release | cut -d\" -f2 | cut -d\. -f1)
SLL_name=$(grep "^ID=" /etc/os-release | cut -d\" -f2 | cut -d\. -f1)
if [[ ${SLL_version} -gt 8 ]]; then
   SLL_name="SLL"
   SLL_release_package="sll-release"
elif [[ ${SLL_version} -eq 7 ]]; then
   # if RES7 is present we always assume customer has bought LTSS, if he does not, script fails
   # so no LTSS customers have to edit the script manually
   if [ "${SLL_name}" = "ol" ]; then
      SLL_name="RES-OL-LTSS"
      SLL_version="7"
      SLL_release_package="sles_es-release-server-ol"
   else
      SLL_name="RES-LTSS"
      SLL_version="7"
      SLL_release_package="sles_es-release-server"
   fi
   # stop when HA, because HA is not supported within LTSS for SLL7
   if [ -f /etc/product.d/RES-HA.prod ]; then
        usage "HA product is not supported in RES7 LTSS, please remove the product"
   fi
elif [[ ${SLL_version} -eq 8 ]]; then
    SLL_name="RES"
    SLL_release_package="sles_es-release"
else
   echo "Unsupported or unknown base version. Abort"
   exit 1
fi

echo "Detected ${SLL_name} version: ${SLL_version}"

echo "Importing repomd.xml.key"
if [[ ${SLL_version} -eq 7 ]]; then
  $CURL --silent --show-error --insecure ${REGURL}/repo/SUSE/Updates/${SLL_name%%-LTSS}/${SLL_version}-LTSS/x86_64/update/repodata/repomd.xml.key --output repomd.xml.key
else
  $CURL --silent --show-error --insecure ${REGURL}/repo/SUSE/Updates/${SLL_name}/${SLL_version}/x86_64/update/repodata/repomd.xml.key --output repomd.xml.key
fi
$RPM --import repomd.xml.key

if [ ! -x $SUSECONNECT ]; then
    echo "Downloading SUSEConnect"
if [[ ${SLL_version} -gt 7 ]]; then

    if [ ! -x $DNF ]; then
        echo "dnf command not found. Abort."
        exit 1
    fi

    echo "Disabling all repositories"
    $DNF config-manager --disable $(dnf repolist -q | awk '{ print $1 }' | grep -v repo)
    # sed -i 's/^enabled=1/enabled=0/' /etc/yum.repos.d/*
    # on RHEL9 (not RHEL8) redhat-release is protected and cannot be updated to sll-release
    if [ -f /etc/dnf/protected.d/redhat-release.conf ]; then
       rm -f /etc/dnf/protected.d/redhat-release.conf
    fi

    $DNF config-manager --add-repo ${REGURL}/repo/SUSE/Updates/${SLL_name}/${SLL_version}/x86_64/update
    $DNF config-manager --add-repo ${REGURL}/repo/SUSE/Updates/${SLL_name}-AS/${SLL_version}/x86_64/update
    $DNF install -y --allowerasing ${SLL_release_package}

    # For RHEL8/CentOS8, remove all old signing keys and import SUSE keys installed with sles_es-release package
    if [[ ${SLL_version} -eq 8 ]]; then
        import_rpm_signing_keys
    fi

    $DNF install SUSEConnect librepo
    $DNF config-manager --set-disabled "${RMTNAME}_repo_SUSE_Updates_${SLL_name}_${SLL_version}_x86_64_update"
    $DNF config-manager --set-disabled "${RMTNAME}_repo_SUSE_Updates_${SLL_name}-AS_${SLL_version}_x86_64_update"

elif [[ ${SLL_version} -eq 7 ]]; then
    # For SLL7 we need to have yum, yum_config_mgr, sles_os-release-server, etc..
    if [ ! -x "$YUM_CONFIG_MGR" ]; then
        echo "YUM config manager is not installed. Please install yum-config-manager and retry. Abort."
        exit 1
    fi

    echo "Disabling all repositories"
    $YUM_CONFIG_MGR --disable \* > /dev/null

    # on Centos /usr/share/redhat-release is a file, on RHEL and RES it is a directory
    # so this is CentOS only workaround (on some system it is a normal file, on some systems a symlink)
    if [ -f /usr/share/redhat-release ] || [ -h /usr/share/redhat-release ]; then
       rm -f /usr/share/redhat-release
    fi

    $YUM_CONFIG_MGR --add-repo ${REGURL}/repo/SUSE/Updates/${SLL_name%%-LTSS}/${SLL_version}-LTSS/x86_64/update
    if [ ${SLL_name} = "RES-OL-LTSS" ]; then
    	$YUM_CONFIG_MGR --add-repo ${REGURL}/repo/SUSE/Updates/RES-BASE/${SLL_version}/x86_64/update
    fi
    $YUM_CONFIG_MGR --enable *suse.* > /dev/null

    $YUM install -y ${SLL_release_package} suseconnect-ng librepo
    $YUM update -y yum
    $YUM_CONFIG_MGR --disable \* > /dev/null
fi
elif [[ ${SLL_version} -eq 8 ]]; then
    # For SLL8, the release package is already installed, just import the keys
    import_rpm_signing_keys
fi

$CURL --silent --show-error --insecure $REGURL/tools/rmt-client-setup --output rmt-client-setup
echo "Running rmt-client-setup $PARAMS"
if [ -n "$YES_PARAM" ]; then
    PARAMS=$(echo $PARAMS | sed 's/--yes//')
    yes | sh rmt-client-setup $PARAMS
else
    sh rmt-client-setup $PARAMS
fi

if [[ ${SLL_version} -gt 8 ]]; then
    systemctl start suseconnect-keepalive.timer
    systemctl enable suseconnect-keepalive.timer
fi