As discussed in Chapter 6, "Configuring a yum Client," yum is built on the Python programming language, which is a building block for the Red Hat/Fedora distributions. While current support is limited to the Red Hat/Fedora/Yellow Dog/Mandriva/Asp distributions, per the latest available Netcraft survey (http://news.netcraft.com/archives/2005/03/index.html), that's over half the Linux market. If you want to learn patch management for Linux, you need to know how to use yum and configure, or "yummify," associated repositories.
The simplest way to configure a yum repository is to mirror one that already exists. Most Fedora repositories already support yum. But you do not have to mirror the entire repository, because much of it is built from installation CDs. In addition, as packages change, or if you combine packages from different mirrors, you may prefer to create yum headers on your own system rather than download them from a remote mirror.
We've divided this chapter into several major sections. You can take most of the packages for a repository from the installation CDs. You'll need to manage headers for those repositories. You'll need to configure sharing of that repository with other computers on your network. You'll need to download other repositories associated with updates, developmental packages, and those created by third parties. Finally, you'll need to keep these repositories up to date.
When configured, you'll be able to update your computers from local repositories, minimizing the loads on your Internet connections, giving you more control over what is installed on your systems. You can focus on making sure that critical packages, including those related to security, are up to date. That is the essence of good patch management.
At the end of this chapter, we'll show you how you can create a yum repository for Red Hat Enterprise Linux (RHEL) 4 clients with an authorized subscription to the Red Hat Network. If you have valid subscriptions, this is a viable alternative to the Red Hat Network Proxy Server described in Chapter 2, "Consolidating Patches on a Red Hat/Fedora Network."