Install software
Additional software can be installed on a Swisscom RHEL VM. You can install software from the preconfigured Red Hat repositories or from your own configured repositories. The Temp Admin state allows you to install and configure software with root privileges.
Configured repositories
All Swisscom RHEL VMs are registered to a Red Hat Satellite server. The Red Hat Satellite provides packages from Red Hat repositories, EPEL packages and agents which are necessary for Managed RHEL. Additional information about EPEL packages can be found here.
The following Red Hat repositories are available on all Swisscom RHEL 8 VMs:
| Repository name | Repository ID |
|---|---|
| Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs) | rhel-8-for-x86_64-baseos-rpms |
| Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs) | rhel-8-for-x86_64-appstream-rpms |
| Red Hat CodeReady Linux Builder for RHEL 8 x86_64 (RPMs) | codeready-builder-for-rhel-8-x86_64-rpms |
| Extra Packages for Enterprise Linux 8 | sc-managed-os_epel_rhel8 |
| Managed OS Agents RHEL 8 | sc-managed-os_esc_managed_os_tools_rhel8 |
The following Red Hat repositories are available on all Swisscom RHEL 9 VMs:
| Repository name | Repository ID |
|---|---|
| Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) | rhel-9-for-x86_64-baseos-rpms |
| Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) | rhel-9-for-x86_64-appstream-rpms |
| Red Hat CodeReady Linux Builder for RHEL 9 x86_64 (RPMs) | codeready-builder-for-rhel-9-x86_64-rpms |
| Extra Packages for Enterprise Linux 9 | sc-managed-os_epel_rhel9 |
| Managed OS Agents RHEL 9 | sc-managed-os_esc_managed_os_tools_rhel9 |
Configure additional repositories
If you want to install software from another repository, you have to configure the repository in /etc/yum.repos.d yourself. Make sure you have connectivity to the repository. If you need to configure a proxy to reach your repository, configure the proxy in your repository configuration file in /etc/yum.repos.d and not in /etc/yum.conf. Be aware that if you install packages from your own repositories, you will have to take care of the patching by yourself.
Install software on Managed RHEL
- Change to the Temp Admin state, for installing and configuring software.
- If not done during the VM provisioning, add another disk for the software installation according to these instructions and restrictions.
- In the Temp Admin state, it is possible to login with an ssh client and the custadm user. Use the
sudoframework for executing commands. - Install the application
- On a Swisscom RHEL 8 VM, a host-based firewall (iptables) is running. Configure iptables to allow access to the service from other servers according to these instructions.
- On a Swisscom RHEL 9 VM, a host-based firewall (nftables) is running. Configure nftables to allow access to the service from other servers according to these instructions.
- Change the state of the VM back to the Full Managed state.
Guidelines
Please note the following restrictions. Otherwise, the compliance check will fail and the Temp Admin state cannot be left.
- It is allowed to install a RPM from the Red Hat repositories which are attached to each VM. All other software must be installed on a partition which does not belong to the Operating System file system.
- All logfiles or variable data must be written on a partition which does not belong to the Operating System file system. Especially check if you write into a
/var/log/*directory, which then must be on a separate partition. - It's not allowed to configure sudo rules with root privileges.
- It's not allowed to create cronjobs for the user root.
- It's allowed to configure a YUM repository in
/etc/yum.repos.d/for 3rd party software installation. - If you need the yum infrastructure for 3rd party software installation, you mustn't set a proxy in
/etc/yum.conf. Instead, place your proxy in your alternative repository under/etc/yum.repos.d/. - Check all other restrictions from the compliance checks in the Technical Description.