Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- Deploying RPM packages
- Overview
- SA RPM repository
- Restricting access to RPM folders
- Installing and updating RPM packages using a software policy
- Using the native YUM to remediate RPM packages
- Using the native Zypper to remediate RPM packages
- Install and uninstall package flags
- RPM rollback
- Automatically updating RPMs in a software policy
- Upgrade options for an RPM
- Uninstalling RPM packages
Restricting access to RPM folders
In SA, you can ensure that your Linux managed servers only have access to the set of RPMs in the SA Library that apply to each server. You simply specify in a custom attribute the folders in the SA Library that the server has access to. All other folders will be inaccessible to the server. This section describes how to set up these restrictions.
With this new mechanism, you can mimic the common Red Hat systems administration paradigm of having multiple, distinct yum (Yellowdog Updater, Modified) repositories. This gives you folder-level control over which versions of RPMs can be applied to a given server, allowing you to precisely manage platform update versions, for example Red Hat Advanced Server AS4 Update 5 versus Update 6.
This is not intended as a user-level access control mechanism, but rather to restrict the library and folder view of a managed server from access to the full set of RPMs in the SA Library. For information on user level folder access controls and folder permissions in the SA Library, see the SA 10.50 Administration Guide.
How the RPM folder restrictions work
During remediation, if a server has one or more of these custom attributes defined, SA reads the custom attribute values and only allows the managed server access to the RPMs in the SA Library folders specified in the custom attributes and their subfolders. Subfolders of all the specified folders are recursively searched for RPMs. All other folders are not accessible to the server.
Enabling RPM folder restrictions
To restrict a server or group of servers to a subset of RPMs in the SA Library, set a custom attribute in the format described below on your managed server or at a location that will be inherited by the server such as a device group, a software policy, a customer, a facility and so forth.
These custom attributes follow the custom attribute inheritance rules. For example, if you set a custom attribute at the facility level, the servers in that facility will inherit the custom attributes.
SA does not validate the SA Library folder paths you specify in these custom attributes so make sure the folder paths you specify are correct.
For instructions on how to manage custom attributes in software policies or managed servers, see Adding custom attributes to a software policy and Adding custom attributes to servers.
Custom attribute format
The custom attributes that restrict access to RPMs must be in the following format:
repo.restrict.<name>
where <name> is any user-defined alphanumeric string.
Specify a <name> that is descriptive and helps you remember the purpose of the custom attribute. You can define multiple custom attributes as long as each <name> is unique.
The following defines custom attributes that grant access only to the SA Library directories/Redhat/AS4/en/x86_64/U5 and /Oracle/10/AS4/x86_64:
repo.restrict.as4u5=/Redhat/AS4/en/x86_64/U5
repo.restrict.oracle_updates=/Oracle/10/AS4/x86_64
The custom attribute value can be multiple lines. The following defines custom attributes that grant access only to the SA Library directories listed:
repo.restrict.as4u5=/Redhat/AS4/en/x86_64/U5
/Redhat/AS4/en/x86_64/U5-extras
repo.restrict.s5u3=/Redhat/5Server/en/x86_64/U3
/Redhat/5Server/en/x86_64/U3-extras
/Redhat/5Server/en/x86_64/U3-VT
/Redhat/5Server/en/x86_64/U3-Cluster
Troubleshooting errors
If you attempt to remediate a software policy that contains RPMs that are not accessible to the server, the following error message will be given:
The metadata needed to install this package is missing.
This indicates that SA was unable to access the RPM because the server does not have access to the RPM in the SA Library. To resolve this error, check the folder locations you have set in your custom attributes to ensure they are correct.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to hpe_sa_docs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: