Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 6. Patching Your Systems

To patch your systems through Satellite Server, you need to register your systems first, and then choose to install Katello agent or use remote execution. Remote execution is enabled by default. This chapter covers both methods. Choose the option that suits your environment

Note that the Katello agent is deprecated and will be removed in a future Satellite version. Migrate your workloads to use the remote execution feature to update clients remotely. For more information, see Host Management Without Goferd and Katello Agent in the Managing Hosts Guide.

6.1. Registering Existing Hosts
Copy link

This section explains how to register Red Hat Enterprise Linux Hosts and Atomic Hosts.

  1. On the host, clear any old data to ensure updated data is uploaded correctly. 

    # subscription-manager clean
    Copy to Clipboard Toggle word wrap

  2. Install the katello-ca-consumer-latest RPM. 

    # rpm -Uvh http://satellite.example.com/pub/katello-ca-consumer-latest.noarch.rpm
    Copy to Clipboard Toggle word wrap

    This installs the proper certificates which allow communication between the client and the Satellite Server.

  3. Register the host. 

    # subscription-manager register --org="Default_Organization" \
--activationkey=ak-Reg_To_Dev_EL7
    Copy to Clipboard Toggle word wrap

6.1.2. Registering an Atomic Host
Copy link

The following procedure explains how to register an Atomic Host with Subscription Manager.

  1. Retrieve katello-rhsm-consumer from the Satellite Server: 

    [root@atomic_client ~]# wget http://satellite.example.com/pub/katello-rhsm-consumer
    Copy to Clipboard Toggle word wrap

  2. Change the mode of katello-rhsm-consumer in order to make it executable: 

    [root@atomic_client ~]# chmod +x katello-rhsm-consumer
    Copy to Clipboard Toggle word wrap

  3. Run katello-rhsm-consumer: 

    [root@atomic_client ~]# ./katello-rhsm-consumer
    Copy to Clipboard Toggle word wrap

  4. Register with Red Hat Subscription Manager: 

    [root@atomic_client ~]# subscription-manager register
    Copy to Clipboard Toggle word wrap
Note

Because Atomic is functionally an appliance, we do not recommend that you try to install katello-agent on it.

6.2. Patching Your System Using Katello Agent
Copy link

6.2.1. Installing Katello Agent
Copy link

Note that the Katello agent is deprecated and will be removed in a future Satellite version. Migrate your workloads to use the remote execution feature to update clients remotely. For more information, see Host Management Without Goferd and Katello Agent in the Managing Hosts Guide.

On the content host, install the katello-agent RPM package. 

# yum install katello-agent
Copy to Clipboard Toggle word wrap

The goferd service must be running so that the Red Hat Satellite Server or Capsule Server can provide information about errata that are applicable for content hosts.

Ensure goferd is running:

  • On Red Hat Enterprise Linux 6, run the following command: 

    # service goferd start
    Copy to Clipboard Toggle word wrap

  • On Red Hat Enterprise Linux 7, run the following command: 

    # systemctl start goferd
    Copy to Clipboard Toggle word wrap

6.2.2. Applying Errata to Content Hosts
Copy link

Applying Errata to Content Hosts Using the Web UI

  1. Go to Hosts Content Hosts and click on auth01.example.com.
  2. Select the Errata tab to view the list of errata applicable to the content host.
  3. From the list, select an errata.
  4. Click Apply Selected.
  5. A confirmation message appears. Click Apply.

  6. Verify that the errata has been applied to the client. 

    [root@client ~]# yum list-sec
    Copy to Clipboard Toggle word wrap

6.3. Patching Your System Using Remote Execution
Copy link

6.3.1. Enabling Remote Execution on a Host
Copy link

During Satellite Server installation, an internal Capsule Server is automatically installed along with a public SSH key. The internal Capsule Server loads the SSH key from /usr/share/foreman-proxy/.ssh/id_rsa_foreman_proxy. You can enable remote execution by distributing the public SSH key to a host.

On the Satellite Server, distribute the key to the host. 

 # ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub root@auth01.example.com
Copy to Clipboard Toggle word wrap

6.3.2. Installing Errata on Your Host
Copy link

Satellite provides default job templates for executing remote jobs, one of which is for installing errata.

  1. Go to Hosts All hosts and click the check box next to the host’s name.
  2. Click Select Action and select Schedule Remote Job from the drop-down menu.
  3. In the Job category drop-down menu, select Katello.
  4. In the Job template drop-down menu, select Install Errata-Katello SSH Default.
  5. In the errata field, enter the errata ID.
  6. Select Execute now and click Submit.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat