Difference between revisions of "OS4X update"
Line 68: | Line 68: | ||
notAfter='''Jun 15 18:18:53 2032 GMT''' | notAfter='''Jun 15 18:18:53 2032 GMT''' | ||
This means the software update support certificate is valid until June 15th 2032. | This means the software update support certificate is valid until June 15th 2032. | ||
+ | |||
+ | == Post work to be done == | ||
+ | Starting with OS4X release 2014-09-23, a [[OS4X_Core_configuration#OS4X_automatic_update_post_event|configurable post event]] can be defined which will be run after an updated was executed. You can implement any functionality in this process, i.e. cleanup, system information, backup or other tasks. The parameters of this event are documented [[OS4X_Core_event_scripts#OS4X_automatic_update_post_event|here]]. |
Revision as of 20:16, 23 September 2014
Requirements
If you have a software support bought with your software distribution, you may receive updates from time to time via several media. These media can be:
- Download links in the internet
- Files via OFTP, received via
- ISDN
- ENX
- Internet
- etc.
Run update automatically
These update files, if received via OFTP, have always the virtual filename
OS4X_UPDATE
When this flag is set, your OS4X installation tries to check the integrity and signature of this package internally. For this purpose, an event binary (configured here) is started. This event binary (default:
/opt/os4x/bin/os4xupdate
is started with the parameter "-f
". It checks the signature of the file and if valid, it extracts the update procedure program and executes it in an OS4X shell. The update process searches for the OS4X environment variables and uses them to change and update the installation.
Run update semi-automatically (1)
If you have received such a signed update file manually or you have disabled this feature and downloaded an automatic update file (with the file suffix ".sh.signed
"), you are able to re-start the event program manually. For this (in a standard environment), call the update program with appropriate parameters. They are documented here.
Example:
/opt/os4x/bin/os4xupdate -f /tmp/os4x3_full_pe_Linux-x86.sh.signed
Run update semi-automatically (2)
You may have received a file which is a verified and extracted version of the "OS4X_UPDATE
" file. They have normally a file extension of ".sh
". This file is a complete OS4X installation package, which checks if it's running inside OS4X. In order to do this manually, use the OS4X shell "shox
".
Example:
/opt/os4x/bin/shox -e /tmp/os4x_update_linux_x86_he.sh
Beware: The process started via "shox" is using a user configured in "Configuration" -> "Daemon" -> "running OS4X programs as user". This user may not have sufficient permissions to write files in required directories.
Run update manually (1)
You receive a gzipped TAR file which contains all files in this structure. You may exchange the binaries, scripts, programs, webinterfaces. You should do this in the following order:
- make a backup of everything
- run the OS4X database schema updater "
os4x_dbupdate
" - copy all binaries to the target directory
- if swapping the whole directory, don't forget to copy the license file into the new directory!
- check if the configuration file has changed it's schema ("
/etc/os4x.conf
") - copy the webinterface for administration to it's destination
- check the file "
database.inc.php
"
- check the file "
- if OS4X Enteprise is installed:
- copy the OS4X web access client to it's target destination
- check the file "
database.inc.php
" in the OS4X web access directory - copy all plugins
- have a look at the configuration page of OS4X (administrative web interface)
- restart the wanted daemons ("
os4xrd
", "os4xsqd
", "os4xdebugd
", "os4xclientd
")
Run update manually (2)
In some cases, you just receive single files, fixing a specific small problem. In this case, refer to the above method (Run update manually (1))
Troubleshooting automatic updates
In case of the following error in the system log (temporary and update package filenames will vary)
OS4X update: error verifying update file '/tmp/os4x2_core_he_20100607_linux.sh.signed': command: $OPENSSL_BIN smime -verify -in '/tmp/os4x2_core_he_20100607_linux.sh.signed' -out /opt/os4x/tmp/os4x.vrqilO -inform DER -CAfile $OS4X_BIN_DIR/../c-works.softwareupdate.pub.cer 2>&1 Output: Verification failure 4403:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:343:Verify error:self signed certificate
your local software certificate is not the actual one. You will have to download the actual file at http://www.os4x.com/c-works.softwareupdate.pub.cer and copy the file to your base installation of your OS4X installation (mostly at "/opt/os4x
"):
/opt/os4x/c-works.softwareupdate.pub.cer
Check that the file has read-permissions for everyone (444
, "-r--r--r--
").
To verify the software certificate validity timeframe, you can use the following command:
os4xbox:/opt/os4x# openssl x509 -in /opt/os4x/c-works.softwareupdate.pub.cer -noout -enddate notAfter=Jun 15 18:18:53 2032 GMT
This means the software update support certificate is valid until June 15th 2032.
Post work to be done
Starting with OS4X release 2014-09-23, a configurable post event can be defined which will be run after an updated was executed. You can implement any functionality in this process, i.e. cleanup, system information, backup or other tasks. The parameters of this event are documented here.