Spacewalk FeaturesSpacewalk is an open source Linux systems management solution rich with different functions, that include installing and upgrading software, OS, making security check and more. In our previous articles we have created a basic spacewalk environment – we’ve installed the server, configured some channels and added clients to the server. Now we can make magic with software – install or delete it, check if it is up to date or not. But there is much more Spacewalk features that we can set up and use for our management tasks, an here in this article we will get through them.

Part One – How to install Spacewalk

Part Two – How to configure channels in Spacewalk

Part Three – How to install and register clients with Spacewalk

Part four – Spacewalk Features

Part Five – Spacewalk kickstart

CentOS 7 Spacewalk Features – Remote Commands

Now that is a very useful feature! It’s not installed by default, you need to install additional package to use this feature, if you haven’t installed it before – rhncfg-actions.

Next, we must enable remote commands:

Client configuration is over. Now navigate to Spacewalk -> Systems and choose a system you want to send a remote command to. Navigate to Details -> Remote Command:

Spacewalk Features -1

 

 

 

 

 

 

Here you can edit your script and schedule it for execution. For testing purposes, I’ve entered hostname command and click Schedule. Now to be sure, that job is completed, navigate to: Schedule -> Completed Actions:

Spacewalk features 2

Here you can see, that the task is completed, and if you click on the Action link and click Details, you can see action details:

Spacewalk features 3

CentOS 7 Spacewalk Features – Software Crashes

Spacewalk can monitor crashes of the software installed on your systems. But, again, we need to install another package for monitoring crashes – spacewalk-abrt

Now navigate to Systems, and click on the system you want to view. Next, navigate to Software -> Software crashes. As we can see, there is nothing here. Let’s emulate a software crash. On the chosen client, run:

Refresh the page. You will see your crash in a similar way like this:

Spacewalk features 4

And if you click on it, you will see more detailed crash report:

Spacewalk features 5

CentOS 7 Spacewalk Features – Security Audit

If you navigate to – Systems – [your-chosen-system] -> Audit – you will see, thar you can perform security scanning and audit. This is rather complicated feature, but we will walk through it. Let’s begin with installation of packages that we need:

Now some words about what we are going to do. We will use Open-SCAP Scanner for our audit task. There is a bunch of products on the official site, but we need two of them – the scanner itself and a security guide. Spacewalk uses the tool – Scanner – to make a check of rule set compliance – and the rule set is taken from security guide. So for successful completion of this task we must choose a security profile, that we will run a scanning against. Some profiles like Standard and Common can be found on official site either. And here is a command to view your currently installed profiles:

We need to take two things from it – Path to XCCDF document – /usr/share/xml/scap/ssg/content/ + name of the file, and because we are running CentOS 7, it must be ssg-centos7-xccdf.xml. And now we can view profiles from this document with the command –

There we can find profile names. No we need all the information to run the Audit. Navigate to Systems – [your-chosen-system] -> Audit -> Schedule, and enter –profile common as a command-line argument, and the path to XCCDF document – that is /usr/share/xml/scap/ssg/content/ssg-centos7-xccdf.xml And click Shedule

Now navigate to – List Scans to view the results:

Spacewalk features 6

As you can see, my system is not secure at all. And if you click on this report, you will see the details:

Spacewalk features 7

CentOS 7 Spacewalk Features – Errata

Let’s begin with the bad news – There is no errata for CentOS 7. But there is a good news – there is a free script, that Makes errata for CentOS 7 from e-mails about new versions, bugfixes etc. So to have errata, we need to work out. First, install packages thap script needs to run:

Next, create a folder, download the script and unpack it there:

This command will create a folder named spacewalk_scrips-master, we will need a script called centos-clone-errata-full.sh

Edit this script wi the vi command to enter credentials of your server:

Now we need to add information about the channel for our errata to import:

Finally, run the script to import Errata:

Run this script periodically or add to cron to schedule it – and you will have the Errata imported:

Spacewalk features 7

CentOS 7 Spacewalk Features – Manage configuration files

The last thin to tell in this article is how to manage configuration files. That is as simple, as create a software channel, and much similar. First, you need to create a configuration channel. Navigate to Configuration -> Configuration Channels -> Create Config Channel. No specific information is required, just a name, a label and a description.

Spacewalk Features 7

To add files to the channel, you can – upload, import or create it in the Add Files pane:

Spacewalk Features 8

File payload is configured, now we need to pick up systems for deployment, so click on Systems pane. Here we can see – Systems that already subscribed to the channel and Target systems, that can be subscribed:

Spacewalk Features 9

Finally, on the Deploy Files tab, we can deploy our files to the subscribed computers!

Now we have described almost every useful feature of Spacewalk. The last article about Spacewalk will be dedicated to the powerful feature of Remote System installation, that in Spacewalk and Linux is called Kickstart. Stay tuned!