If you work on the air gapped systems like I do, here are the steps to follow to download, transfer the updates to the air gapped systems and update.
On the Red Hat system with internet access
Set up a Red Hat Satellite server or use Red Hat CDN to download the necessary updates and create a local repository.
To download necessary updates and create a local repository, you can use the ‘reposync‘ and ‘createrepo‘ utilities. Here are the steps you can follow:
Install the ‘yum-utils‘ package which provides the ‘reposync’ utility
sudo yum install yum-utils
Create a directory where you want to store the repository files.
sudo mkdir -p /opt/local-repo
Use the reposync command to download the necessary updates and store them in the directory you created in step 2.
sudo reposync --gpgcheck -r <repository-id> -p /opt/local-repo/
or
reposync --repoid=rhel-8-for-x86_64-baseos-rpms --download-path=/opt/local-repo/
Replace with the ID of the repository you want to download updates for, such as rhel-8-for-x86_64-baseos-rpms or rhel-8-for-x86_64-appstream-rpms.This command downloads the updates for the Red Hat 8 BaseOS repository and stores them in the /opt/local-repo/ directory. You can repeat this step for other repositories as needed.
Use the createrepo command to create a repository metadata in the directory where you stored the updates.
sudo createrepo /opt/local-repo/
Set the correct ownership and permissions on the repository files using the following commands:
sudo chown -R root:root /opt/local-repo
sudo chmod -R 755 /opt/local-repo
If you plan to export the repository to a portable media, create a tarball of the repository files using the following command:
sudo tar -czvf /opt/local-repo.tar.gz /opt/local-repo/
This command creates a compressed tarball of the repository files in the /opt/ directory.
Once the updates are downloaded, created a tarball of the repository, export to a portable media such as USB drive or DVD.
On the air-gapped Red Hat System:
Insert the portable media and copy the repository to a local directory.
cp -r /media/usb/repo /opt/local-repo/
Replace /media/usb/repo with the path to the directory containing the repository on the portable media, and /opt/local-repo/ with the directory where you want to store the repository on the air-gapped system.
Create a new repository file in the /etc/yum.repos.d/ directory using your preferred text editor.
sudo vi /etc/yum.repos.d/local. Repo
Add the following lines to the file:
[local]
name=Local Repository
baseurl=file:///opt/local-repo
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Note that baseurl should point to the directory where you copied the repository in step 1.
Save and close the repository file.
Import the Red Hat GPG key using the following command:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Verify that the repository is accessbible by running the following command:
yum check-update
If the command returns a list of available updates, you can install the using the following command:
yum update
If you wan tot install a specific package, you can use the following command:
yum install <package-name>
That’s it! You’ve successfully patched an air-gapped Red Hat 8 system.
Sync only the recent updates
To sync only the recent updates for a Red Hat repository, you can use the reposync utility with the –newest-only option. This option downloads only the most recent version of each package in the repository, rather than downloading all available versions.
sudo reposync --gpgcheck -r <repository-id> -p /opt/local-repo/ --newest-only
Replace <repository-id> with the ID of the repository you want to sync. You can repeat this command for multiple repositories to download only the most recent updates for all of them.
After the updates have been downloaded, you can create a local repository using the createrepo command, as described in my previous response.
By using the –newest-only option, you can reduce the amount of data that needs to be downloaded and save time and bandwidth when syncing repositories in air-gapped environments.
