Unbreakable Linux Network - FAQ (Last Updated Oct 12, 2023)

▶ I cannot find a specific older version of a package in the Latest channel for Oracle Linux. Where can I find it?

The Latest channel for each Oracle Linux release contains only the set of packages from the most recent release as distributed on the installation media for that release (available on Oracle Software Delivery Cloud) together with all updated packages (errata) following that release. All packages that do not match these criteria are moved to the Archive channel. As such, when a new minor release of Oracle Linux becomes available, the Latest channel is brought up to date with the set of packages that ship on its installation media.

To install a version of a package no longer available in the Latest channel, enable the Archive channel corresponding to your Oracle Linux release and use yum to install the package. For example, for Oracle Linux 7:

• Log in to https://linux.oracle.com with your ULN user name and password.
• On the Systems tab, click the link named for the system in the list of registered machines
• On the System Details page, click Manage Subscriptions
• On the System Summary page, select channels from the list of available or subscribed channels and click the arrows to move the Oracle Linux 7 Archive (x86_64) to the Subscribed Channels list
• Click Save Subscriptions

▶ What are the steps to update ULN-CA-CERT?

Oracle is replacing Symantec-branded certificates with Digicert-branded certificates across all of its infrastructure to prevent trust warnings from Chrome and Firefox.

Due to the nature of how Oracle Linux systems connect to Unbreakable Linux Network (ULN), this change requires that client certificates on all Oracle Linux systems receiving updates from ULN be updated. The change in server certificates on ULN will occur on October 9, 2018. After that time, Oracle Linux systems will only be able to connect to ULN with an updated client certificate.

Please make sure to have following or later version of the packages installed on all the systems that are registered directly to ULN before October 9, 2018:

Note: newer Oracle Linux 8 and 9 are not affected by this issue.


Oracle Linux 7

          rhn-client-tools-2.0.2-21.0.9.el7.noarch.rpm
          rhn-setup-2.0.2-21.0.9.el7.noarch.rpm
          rhn-check-2.0.2-21.0.9.el7.noarch.rpm
          rhn-setup-gnome-2.0.2-21.0.9.el7.noarch.rpm (if the older version of this package is installed)
        

Oracle Linux 6

          rhn-setup-1.0.0.1-45.0.3.el6.noarch.rpm
          rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm
          rhn-check-1.0.0.1-45.0.3.el6.noarch.rpm
          rhn-setup-gnome-1.0.0.1-45.0.3.el6.noarch.rpm (if the older version of this package is installed)
      

Oracle Linux 5

          x86_64:
          up2date-5.10.1-41.30.el5.x86_64.rpm
          up2date-gnome-5.10.1-41.30.el5.x86_64.rpm (if the older version of this package is installed)

          i386:
          up2date-5.10.1-41.30.el5.i386.rpm
          up2date-gnome-5.10.1-41.30.el5.i386.rpm (if the older version of this package is installed)

          ia64:
          up2date-5.10.1-41.30.el5.ia64.rpm
          up2date-gnome-5.10.1-41.30.el5.ia64.rpm (if the older version of this package is installed)
      

If the above packages are not installed on your registered system before October 9, 2018, you will be unable to connect to ULN and will receive one of the following errors:

      The certificate /usr/share/rhn/ULN-CA-CERT is expired. Please ensure you 
      have the correct certificate and your system time is correct. 
     

OR

 
      There was an SSL error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]
      A common cause of this error is the system time being incorrect. Verify that the time on this system is correct.
     

After October 9, 2018 client SSL certificate need to be replaced manually. To manually replace the client SSL certificate on an Oracle Linux machine, run the following steps as root on each server:

        # cp /usr/share/rhn/ULN-CA-CERT /usr/share/rhn/ULN-CA-CERT.old
        # wget https://linux-update.oracle.com/rpms/ULN-CA-CERT.sha2
        # cp ULN-CA-CERT.sha2 /usr/share/rhn/ULN-CA-CERT
     

After this file has been updated you can continue using ULN as normal. After making this manual replacement, connectivity to ULN should be restored. The packages above should then be updated as part of your standard patching cycle. If you have any questions about this update please see the "How can I get help?" section of this document.

▶ How do I obtain a login for Unbreakable Linux Network (ULN)?

You may register for a ULN account via linux.oracle.com/register You will need the following:

1. An Oracle.com Single Sign on account. If you don't have one already, the link above will guide you through the steps to create one
2. A valid Oracle Linux support or Oracle VM support CSI (customer support identifier). You may purchase Oracle Linux or Oracle VM support online via the Oracle Linux Store or via your sales representative.

▶ How do I register a machine with Unbreakable Linux Network (ULN)?

If you are currently running Red Hat Enterprise Linux Server, follow these steps. If you are running Oracle Linux, use the following steps:

1. Ensure you have a valid CSI by purchasing Oracle Linux support online via the Oracle Linux Store.
2. Ensure you have an account on ULN. You may register for a new account via linux.oracle.com/register
3. Execute the command uln_register as the root user and follow the directions on the screen.

▶ How do I become a CSI Administrator?

See this section of the ULN documenation:Becoming a CSI Administrator.

▶ How do I transfer servers registered to one user to another user?

See this section of the ULN documentation: Listing Active CSIs and Transferring Their Registered Servers.

▶ How do I transfer servers registered to one CSI to another CSI??

See this section of the ULN documentation: Listing Expired CSIs and Transferring Their Registered Servers.

▶ I'm having trouble with my Single Sign On (SSO) account. What do I do?

For help with your SSO account, please see:

1. Help with your Oracle Account
2. Log in to ULN using a web browser

▶ How do I know whether my machine is registered?

To confirm whether your machine is registered, you can use the following command:

On Oracle Linux 6 and Oracle Linux 7 systems:

# yum repolist

You should see output similar to the following:

          repo id                       repo name                                   status
          ol6_x86_64_latest             Oracle Linux 6 Latest (x86_64)              8,029
  

On Oracle Linux 8 and Oracle Linux 9 systems:

# dnf repolist

You should see output similar to the following:

          repo id                       repo name                                   status
          ol8_x86_64_latest             Oracle Linux 8 Latest (x86_64)              12,041
  

▶ I only see one channel after I have registered my system, how can I subscribe to additional channels?

When you register a server, it will be subscribed to a channel that has the latest Oracle Linux packages for the appropriate architecture. To subscribe to additional channels, log in to linux.oracle.com after you register your system. Click on the Systems tab to manage subscriptions for each subscribed server.

▶ When I attempt to update my system, I get unresolved package errors, what can I do about this?

This could be caused by any number of issues in the communication between your machine and the ULN servers. One of the main causes could be some stale headers in your machine's up2date cache. This can be accomplished with the following command:

On Oracle Linux 6 and Oracle Linux 7 systems:

# yum clean all

On Oracle Linux 8 and Oracle Linux 9 systems:

# dnf clean all

▶ How do I configure yum to use a proxy server?

If you're using a graphical desktop environment:

At the time of registering the system to ULN using uln_register, press the Advanced Network Configuration button after prviding the account information on Account Information screen. In the next window, use the appropriate fields for your HTTP proxy; if your proxy requires authentication, enter the username and password here. When finished, press the Close button to continue the registration process.

If you're in text mode:

At the time of registering the system to ULN using uln_register, use --proxy option specify http proxy to use

              
     # uln_register --proxy=proxy_hostname:port_number
  

if your proxy requires authentication use additional options --proxyUser and --proxyPassword to specify username and password

     # uln_register --proxy=proxy_hostname:port_number --proxyUser=username --proxyPassword=password
  

▶ How can I get help?

You can get help in the following ways:

• If you have purchased Basic or Premier support, you may use My Oracle Support for technical assistance
• If you have purchased Network support, you may discuss technical issues on the Oracle Infrastructure Forum or file bug reports using Oracle Linux GitHub's repository

▶ How do I update a specific package?

After registering and subscribing to required channels, run the following command:

On Oracle Linux 6 and Oracle Linux 7 systems:

# yum update <package_name>

On Oracle Linux 8 and Oracle Linux 9 systems:

# dnf update <package_name>

▶ I have Oracle Linux 4 under Lifetime Support, how do install packages and updates?

Oracle Linux 4 customers have access to all previously released errata and updates, as part of Lifetime support. Oracle Linux 4 doesn't support SHA-2 and can no longer communicate with ULN. To download packages and updates for Oracle Linux 4, use the Oracle Linux yum server . For more information please refer to this page http://yum.oracle.com/getting-started.html

▶ How do I enable system-wide cryptographic policies (like FUTURE) to work with ULN on Oracle Linux 8 or Oracle Linux 9?

Below are the steps to enable system-wide cryptographic policies (like FUTURE) to work with ULN on Oracle Linux 8 or Oracle Linux 9.

• Please make sure to have following or later version of the packages installed on the system
  
  Oracle Linux 8

            rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            python3-rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
            python3-rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            python3-rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
            python3-rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
            python3-rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
          

  Oracle Linux 9

            rhn-check-2.8.16-13.0.8.el9_0.x86_64.rpm
            rhn-setup-2.8.16-13.0.8.el9_0.x86_64.rpm
            rhn-client-tools-2.8.16-13.0.8.el9_0.x86_64.rpm
            python3-rhn-setup-gnome-2.8.16-13.0.8.el9_0.x86_64.rpm
            rhnlib-2.8.6-8.0.2.el9.noarch.rpm
            python3-rhn-client-tools-2.8.16-13.0.8.el9_0.x86_64.rpm
            rhn-setup-gnome-2.8.16-13.0.8.el9_0.x86_64.rpm
            python3-rhnlib-2.8.6-8.0.2.el9.noarch.rpm
            python3-rhn-setup-2.8.16-13.0.8.el9_0.x86_64.rpm
            python3-rhn-check-2.8.16-13.0.8.el9_0.x86_64.rpm
          

• Replace “linux-update.oracle.com” with “linux-update-4k.oracle.com” in /etc/sysconfig/rhn/up2date file
• You may want to enable “update-crypto-policies --set FUTURE” and then register to ULN