Offline upgrade of SLES 12 SP1 to latest Patches?

SUSE Linux Enterprise Server SLES Updates
1

Hi folks.

I have 4 SLES 12 SP1 installations which do not have internet access.

I need to patch these to the latest Security Patches on a regular basis, also functional patches.
For example, security patches come out for September, I would patch them a week after the release.

I’ve tried to find information on how best to do this, but I haven’t managed to find it.

So, right now I need to update these four servers from the Sp1 distro patch level, right up to the latest available patches.
From then on, it would be a monthly catch-up.

Would someone please advise what is the best way to do this please?

Thanks!
James

2

Hi and welcome to the Forum :slight_smile:

Many ways… a few follow;

  1. Manually download from patch finder:
    https://download.suse.com/patch/finder/
    Copy to a USB device and copy or setup as a local repository (plain rpm)

  2. Set up SMT server on a laptop and mirror updates, then use the laptop
    on the internal network temporarily.

  3. Use the SMT server and create a patch CD/DVD/USB device to update
    each machine.

  4. Create a SLES 12 SP1 virtual machine and use zypper with the
    download-only option to cache the updates and again copy to a USB
    device to take to each machine.

  5. If apache or such is available on the internal network you could
    create a local repo for the machines to talk to (createrepo command).

So I guess what do you have in mind on how to update these systems?


Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.2|GNOME 3.20.2|4.4.79-18.26-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!

3

Hi Malcolm,

Firstly thank you v much for your response!

With so little # systems to patch, I think it’s manageable to go with either Step 1 or 5.

Few questions if that’s OK

  • Do you know how I would go about downloading only the latest patches from patchfinder in an automated way?
  • On the patching side, on a second patch rollout, how would I tell the SUSE install to only install the patches that it now needs (or would it roll through all available patches again) ?

For Step 4 (zypper), is there an actual method to create a patch CD?

cheers!
James

4

Hi

Not that I’m aware of… :frowning:

It will only install patches that are needed and ignore older or
already installed patches.

Yes, have a read of this blog;
https://www.suse.com/communities/blog/creating-add-products-yast/


Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE Leap 42.2|GNOME 3.20.2|4.4.79-18.26-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!