penguin

Using Apt-Rpm For Complete Package Management on a LAN


Contents


Introduction

Most systems are built by installing a base distribution and then customizing the installation with additional software packages not included in the distribution. You can use one of several tools to keep the system updated and resolve package dependancies. The drawback is that software you install which is not included in the archives used for updating has to be updated manually in the same way you installed it. This How-To describes how to set up an APT repository on your local LAN to hold all of your "locally installed" software packages. By adding this repository to the sources.list file on your client workstations on the LAN, APT and Synaptic then become a complete package management solution encompassing all of the software installed on a client machine.
The system architecture used in this example is a RedHat 8.0 machine used as a file/print/fax server on the LAN to which we will add the apt repository. The LAN is a private class-C network with network number 192.168.1.0 behind a firewall/gateway connection to the internet. Clients are a mix of RedHat 8.0 and 9 machines.
APT (Advanced Package Tool) is a dependency tool, well known to Debian users since it is used by default with their dpkg packages. It automatically determines and fetches the dependances of a package eliminating the "dependancy hell" problem associated with rpm-based systems. APT has been ported to work with rpm packages too, by Conectiva who has now used it for some time in their GNU/Linux distribution. The good news is that apt for rpm may be used with any other rpm-based distribution. All you need is the tool compiled for your version of rpm and at least a repository where rpm packages and their apt metadata can be downloaded from. More information on APT and Synaptic (GUI front-end for APT) as well as ready to install packages can be found at FreshRPMs. Here is a screenshot of Synaptic in action.
An APT repository can be accessed by a number of methods, including http, ftp and nfs. In this example we have chosen to use an http server as it simplifies the client setup. Both ftp and nfs require user accounts on the server and ftp requires a login. Nfs also requires creating a mount point on the client. While these things would be little trouble on a LAN with few clients, on a larger LAN it would be considerably more tedious to set up and maintain.

Why do this?

The intent of setting this up is to obtain a solution to managing, updating or reinstalling all of the software packages on a system, whether obtained from a public repository source or from our local repository. This offers a couple of nice options for the system administrator, be it a large or small LAN:

  • Install new systems on the LAN with a ready reference for all of the software desired.
  • Ease the process of disaster recovery on LAN client machines in the same manner.
  • By adding some form of automatic updating to the packages in the local repository, keeping the clients up-to-date becomes as easy as it is with the base OS packages. This will be explored in a later document.

Example: suppose we have downloaded a third party rpm package we wish to install on our machine. With the usual manual methods we will install it using "rpm -ivh" and it will inform us that we need a software package not on our system. So we go find that package and try to install it and it informs us we need yet another package. By adding the package we wish to install to our local rpm repository and installing it with Synaptic, that dependant library we need is probably in the base distribution archive we use and so Synaptic/APT automatically fetches and installs it also. If not we find it and add it to the local repository. Either way, when we want to do this again or on another computer it's all there ready to go.

Install the httpd daemon on the server

Install the web server from the standard RedHat distribution. This will create the standard document root directory /var/www/html. Since there is no good reason to be root in order to add packages to our repository or run the script to create the meta-data, change the ownership of the web server document root to your normal user ID.

As root:
# chown joeuser.joeuser /var/www/html
Note: the above suggestion should never be implemented on a publicly accessible server as it would represent a large security risk. The suggestion is made here in the context of a private LAN separated from the public network by a firewall as a tradeoff for ease of use and to lower the risks associated by performing actions "as root" by less technically inclined users.

Start the web server and set it to start on boot either by using the Services Control Panel or at a command prompt (as root):
# /etc/init.d/httpd start
# chkconfig -add httpd
As your normal user create the following repository directory structure inside of /var/www/html:
apt - redhat -+- 8.0
              |
              + - 9
Then create the following directories inside each of /var/www/html/apt/redhat/8.0 and /var/www/html/apt/redhat/9:
+- base
|
+- RPMS.myrpms
|
+- SRPMS.myrpms

Note: the "myrpms" module name can be anything you wish and you may set up multiple modules as well by adding the additional directories and modifying the instructions below everywhere that "myrpms" is referenced. Typical public repositories for distribution packages usually have an "os" and an "updates" module containing the original base distribution and distributor published updates. It is also possible to create your own distribution modules but that seems redundant to this author since they are available on public repositories.
If you haven't done so previously, install the appropriate apt rpm package from apt.freshrpms.net.

Create the script to generate the apt meta-data

Create the following shell script gen-apt on the server and make it executable:

#!/bin/sh
#
# create base dir and new package indexes
genbasedir --flat --bloat --bz2only --partial --progress /var/www/html/apt/redhat/8.0 myrpms
genbasedir --flat --bloat --bz2only --partial --progress /var/www/html/apt/redhat/9 myrpms

The output will look something like this:

[sbarn@backup sbarn]$ ./gen-apt
Components: myrpms
Processing pkglists... myrpms0027/0027 [done]
Processing srclists... myrpms [done]
Creating component releases... [done]
Partially updating global release file... [done]
Appending MD5Sum... myrpms [done]
All your base are belong to us!!!
Components: myrpms
Processing pkglists... myrpms0023/0023 [done]
Processing srclists... myrpms [done]
Creating component releases... [done]
Partially updating global release file... [done]
Appending MD5Sum... myrpms [done]
All your base are belong to us!!!
[sbarn@backup sbarn]$

Create and install the release files

Using a text editor create a release file for each base directory in the repository. Below is a sample release file release.myrpms for the .../redhat/8.0/base directory in our example:

Archive: Red Hat rpms
Component: myrpms
Version: 8.0
Origin: localhost
Label: Red Hat Linux 8.0 Myrpms
Architecture: i386
NotAutomatic: false

Edit the Version: and Label: lines for the redhat/9/base directory.

Load the RPMs and run the script to create the repository

Now add your rpm packages to the RPMS.myrpms and SRPMS.myrpms directories and run the gen-apt script to generate the repository structure. Run the script to update the repository each time your change or add packages. Your apt repository is now ready for use by clients on the LAN.

Configure apt on the clients to use the repository

Add the IP address of your server to the /etc/hosts file on the client machine. In our example the server is named backup.localdomain and has IP address 192.168.1.1, so we add the line:

192.168.1.1 backup.localdomain backup

You can now test your repository with the url http://backup/apt/ in your browser.

Add the following lines to your /etc/apt/sources.list file:

rpm http://backup apt/redhat/9 myrpms
rpm-src http://backup apt/redhat/9 myrpms

That's it, you are ready to source your local repository along with the others you use. When you update the packages in your repository and run the gen-apt script the updates are available to the entire LAN. For more information on using apt for rpm see FreshRPMs, The APT-HOWTO, Conectiva's apt+rpm HOWTO, or The apt4rpm Project.
 

Copyright © 2003 D. Scott Barninger [barninger at fairfieldcomputers dot com]
Inspiration and critique graciously provided by Kern Sibbald, author of Bacula backup software.