Spacewalk client configuration files

Quick round up of the Spacewalk client configuration files :

The main configuration file is : /etc/sysconfig/rhn/rhncfg-client.conf

This file makes use of variables whose values are located in /etc/sysconfig/rhn/up2date

The server identity in Spacewalk is located in the XML file /etc/sysconfig/rhn/systemid


Getting more details about Red Hat Security Advisories and related CVEs

Two links for an in-depth explanation regarding Red Hat backporting security fixes process as well as compatibility between Red Hat security advisories and Mitre CVEs.

Backporting Security Fixes

Red Hat and CVE compatibility

Red Hat provides free access to two databases for errata and for CVE referenced in Red Hat products :

Red Hat Product Errata database

Red Hat CVE Database

Possible missing firmwares for module i915

The warning message below has been displayed after upgrading Debian testing :

W: Possible missing firmware /lib/firmware/i915/kbl_guc_ver9_14.bin for module i915
W: Possible missing firmware /lib/firmware/i915/bxt_guc_ver8_7.bin for module i915

This issue has been referenced in the Debian bug tracking system : #857997
For now, this package does not provide the latest version of Kabylake GuC (9.14) and Broxton GuC (8.7) firmwares.
To remove this warning message, as a workaround, just download them and copy the blob files into the directory /lib/firmware/i915.
Finally, rebuild your initramfs :

update-initramfs -k `uname -r`-u

Upgrade a rpm package on a couple of servers with a quick one-liner in Ansible

Upgrade a rpm package on a couple of servers with a quick one-liner in Ansible :

export ANSIBLE_INVENTORY=servers_list
ansible all -b --ask-become-pass -m yum "name=bash state=latest"

servers_list is the text file listing your servers.
Using the ANSIBLE_INVENTORY variable overrides the use of a generate inventory.
This one-liner makes use of the yum Ansible module.
Running sudo commands is possible with these options -b and –ask-become-pass