Lenovo Linux YUM Repository
|Lenovo Linux YUM Repository Design
Lenovo provides customers with easy and quick access to supported Linux Server Server drivers. Customers can depend on Lenovo to maintain this repository with all the qualified drivers with links to firmware and utilities qualified in conjunction with these drivers.
Primary Linux Bundle features
- Partitioned mini-bundles for each Lenovo ThinkSystem/SystemX Server and Red Hat Enterprise Linux/SuSE Enterprise Linux distros
out of box drivers for each supported devices on each server. In cases where Lenovo fully supports the driver provided within the Linux Distro image,
InBox support is indicated.
- Bundle portability. A single tgz file contains the entire bundle's file structure; enables customer to create a replicated copy of the bundle on a locally hosted file server or USB key.
- GPG signature files to confirm file integrity and Lenovo Authenticity
- JSON based metadata files that can be used by customers to further automate server updates or deployment image creation.
- The bundle's root directory index html page provides a map to what Lenovo servers and Linux Distro versions are supported.
- The bundle's root directory also provides a TGZed
portable bundle version
- Selecting a Linux distro within the table of supported Lenovo Servers/Linux versions displays a listing of that server's supported devices. Each device will include information/links to available drivers, required device firmware and suggested utilities. In situations where multiple drivers are required, please ensure ALL the drivers are installed to the operating system.
|Confirming Integrity and Authenticity of Repository Downloads|
Each download from this Repository provides a GPG signature file to confirm the download's integrity and Lenovo's Authenticity.
- Obtain Open Source GnuPG tool. This tool is included on almost all Linux installations.
- Download and import the Lenovo Data Center Group Public key into the GPG checking workstation or server. Each download within a single repository bundle uses the same Public Key. Lenovo changes the Public Key on a yearly basis.
- The URL to download Public Side required to confirm the bundle's downloads is provided here.
- Import the Public Key into your workstation or server's key repository.
> gpg --import public_key.txt
- Confirm Public Key fingerprint
> gpg --list-keys --fingerprint
The 40-digit hexadecimal number provided should exactly match fingerprint provided on Public Key download page noted above.
- Mark the key as verified
> gpg --edit-key
Key uid should now have [ultimate] prefix
fingerprint of key
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
>gpg --list-keys --fingerprint
- Verification of download
- Download bundle file
- Download bundle's
Lenovo Authenticity Signature file
- Verify download
>gpg --verify bundle_signature_file bundle_file
The gpg tool replying with
Good Signature indicates that tested file downloaded without error is authentictly provided by Lenovo.
Return to Instructions
|Configuring and updating server - using Lenovo's configration and update assistant|
Using bundled updates is Lenovo's preferred approach to ensure servers represent configurations tested and certified by Lenovo Product Assurance organization.
Lenovo provides a tool (yum_bundle_install.sh) to assist in the configuration of the Red Hat's yum or SuSE's zypper tools. Download the tool here.
The command line syntax is as follows:
# yum_bundle_install.sh [-b --bundle <downloaded bundle tgz> |
-u --uri <uri of your Lenovo repositiory> |
-l --lenovo <latest | release_date>]
-k --keyfile Public Keyfile (default: Keyfile stored in bundle)
-a --allpackages Installs all packages qualified for server vs
just packages for devices installed on server
-y --assumeyes Answers yes to yum/zypper install/update questions
-h --help Show this screen
-V --version Show version
-K --keepconfig Keeps lenovo.repo config file.
default for -u or -l install method
-d --deleteconfig Delete lenovo.repo config file.
default for -b install method
- Required parameter - Bundle Source
The requires the location of the update bundle. Three locations are allowed:
- -b or --bundle: provide tool the previously downloaded bundle (tgz file). Download available at the bottom of the bundle release's home page
- -u or --uri: provide tool the uri of the update bundle. Typically used when a local repication of the bundle is available on a local intranet file server
- -l or --lenovo: Uses Lenovo's host version of the bundle.
- -k or --keyfile: Specifies authenticity keyfile to used. Default is use keyfile embedded in the bundle. Higher level of authenticity is achieved by manually downloading and specificing keyfile from Lenovo.com
- -a or --allpackages: By default, the tool queries the targeted system and installs/updates only drivers/utilties actually used by installed devices. This flag disables the device query and installs/updates all the packages tested on the targeted system
- -y or --assumeyes: Assumes yes for all yum/zypper questions
- -h or --help:
- -K or --keepconfig: Keeps the yum/zypper conf file after the executation of the install/update. This makes available future updates from this bundle. This is the default when specifying a uri or lenovo.com for the target's source.
- -d or --deleteconfig: Deletes the yum/zypper conf file after the executation of the install/update.
Return to Instructions