2.4. Configuration

The Red Hat Update Agent offers various options to configure its settings.

If you are not running the X Window System or prefer the command line version, skip to Section 2.4.2 Command Line Version.

2.4.1. Using the Red Hat Update Agent Configuration Tool

You must be root to run the Red Hat Update Agent Configuration Tool. If started by a user other than root, the Red Hat Update Agent prompts you for the root password. The Red Hat Update Agent Configuration Tool can be started by typing the command up2date --config at a shell prompt (for example, an xterm or a gnome-terminal). General Settings

The General tab allows you to enable an HTTP Proxy Server. If your network connection requires you to use an HTTP Proxy Server to make HTTP connections, select the Enable HTTP Proxy option and type your proxy server in the text field with the format http://HOST:PORT. For example, to use the proxy server squid.mysite.org on port 3128, you would enter squid.mysite.org:3128 in the text field. Additionally, if your proxy server requires a username and password, select the Use Authentication option and enter your username and password in the respective text fields.

Figure 2-16. General Settings

In addition, RHN Proxy and Satellite customers have the option of selecting Red Hat Network Servers here. These customers should refer to the RHN Client Configuration Guide for detailed instructions. Retrieval/Installation Settings

The Retrieval/Installation tab allows you to customize your software package retrieval and package installation preferences.


You must use Red Hat Update Agent Version 2.5.4 or higher to upgrade your kernel automatically. Red Hat Update Agent will install the updated kernel and configure LILO or GRUB to boot the new kernel the next time the system is rebooted.

Figure 2-17. Retrieval/Installation Settings

The following package retrieval options can be selected (see Figure 2-17):

  • Do not install packages after retrieval — download selected RPM packages to the desired directory and ignore the installation preferences

  • Do not upgrade packages when local configuration file has been modified — if the configuration file has been modified for a package such as apache or squid, do not attempt to upgrade it. This option is useful if you are installing custom RPMs on your system and you do not want them updated or reverted to the default Red Hat Enterprise Linux packages.

  • Retrieve source RPM along with binary package — download both the source (*.src.rpm) and the binary (*.[architecture].rpm) files

The following installation options are configurable (see Figure 2-17):

  • Use GPG to verify package integrity — before installing packages, verify Red Hat's GPG signature (highly recommended for security reasons)

  • After installation, keep binary packages on disk — save binary packages in the desired directory instead of deleting them after installation

The following additional options are configurable from this tab:

  • Override version stored in System Profile — override the Red Hat Linux version in your System Profile

  • Package storage directory — change the directory where packages are downloaded; the default location is /var/spool/up2date/ Package Exceptions Settings

The Package Exceptions tab allows you to define which packages to exclude from the list of updated RPM packages according to the package name or file name (see Figure 2-18).

To define a set of packages to be excluded according to the package name, enter a character string including wild cards (*) in the Add new text field under in the Package Names to Skip section heading. A wild card at the end of the character string indicates that all packages beginning with the character string are excluded from the list. A wild card at the beginning of the character string indicates that any packages that end with the character string are excluded from the list.

For example, if the string kernel* is in the Package Names to Skip section, the Red Hat Update Agent will not display any packages beginning with kernel.

To exclude packages by file name, apply the same rules to the field below File Names to Skip section heading.

Figure 2-18. Package Exceptions Settings

2.4.2. Command Line Version

The command line version of this tool performs the same function as the graphical version. It allows you to configure the settings used by the Red Hat Update Agent and store them in the configuration file /etc/sysconfig/rhn/up2date.

To run the command line version of the Red Hat Update Agent Configuration Tool, use the following command:

up2date --nox --configure

You are presented with a list of options and their current values:

0.  debug              No
1.  isatty             Yes
2.  depslist           []
3.  networkSetup       Yes
4.  retrieveOnly       No
5.  enableRollbacks    No
6.  pkgSkipList        ['kernel*']
7.  storageDir         /var/spool/up2date
8.  adminAddress       ['[email protected]']
9.  noBootLoader       No
10. serverURL          https://xmlrpc.rhn.redhat.com/XMLRPC
11. fileSkipList       []
12. sslCACert          /usr/share/rhn/RHNS-CA-CERT
13. noReplaceConfig    Yes
14. useNoSSLForPackage No
15. systemIdPath       /etc/sysconfig/rhn/systemid
16. enableProxyAuth    No
17. retrieveSource     No
18. versionOverride
19. headerFetchCount   10
20. networkRetries     5
21. enableProxy        No
22. proxyPassword
23. noSSLServerURL     http://xmlrpc.rhn.redhat.com/XMLRPC
24. keepAfterInstall   No
25. proxyUser
26. removeSkipList     ['kernel*']
27. useGPG             Yes
28. gpgKeyRing         /etc/sysconfig/rhn/up2date-keyring.gpg
29. httpProxy
30. headerCacheSize    40
31. forceInstall       No

Enter number of item to edit <return to exit, q to quit without saving>: 

Enter the number of the item to modify and enter a new value for the option. When you finish changing your configuration, press [Enter] to save your changes and exit. Press [q] and then [Enter] to quit without saving your changes.


Although this is not configurable, users should still make note that the port used by the Red Hat Update Agent is 443 for SSL (HTTPS) and 80 for non-SSL (HTTP). By default, up2date uses SSL only. For this reason, users should ensure that their firewalls allow connections over port 443. To bypass SSL, change the protocol for serverURL from https to http in the /etc/sysconfig/rhn/up2date configuration file.