Solved

packages not available in repositories

Posted on 2011-10-01
11
767 Views
Last Modified: 2012-05-12
I'm doing a mock-up test on a Red Hat linux server.  Trying to install the ipsec-tools package (racoon).  When I went to the repositories via yum update, I didn't see the package as one of the ones listed.  Then doing a yum update ipsec-tools or a yum update racoon, I get nothing.  Is it possible the repositories don't have this package??
So if this doesn't work this way, then I need instructions on how to manually download and install it.  I'm doing this from a remote login.
0
Comment
Question by:mrkent
  • 5
  • 4
  • 2
11 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 400 total points
ID: 36897478
Find the appropriate RPM for your distro at http://rpm.pbone.net/index.php3/stat/3/limit/1/srodzaj/1/dl/40/search/ipsec-tools/field%5B%5D/1/field%5B%5D/2

Then, if for example you downloaded the RHEL5 RPM:
yum install ipsec-tools-0.7.3-1.el5.pp.x86_64.rpm

Open in new window


That should take care of any dependencies that yum can access via it's configured repos.  If yum still complains about missing dependencies such as libracoon.so.0, then go back to that webpage and find it under the "Requires" section.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 400 total points
ID: 36897498
Use 'wget' to download the file by giving it the complete URL.

BTW I did a bit more research and it looks like the only other dependency you will need is ipsec-tools-libs

Using the RHEL5 example above, you can find it at http://rpm.pbone.net/index.php3/stat/3/srodzaj/1/search/ipsec-tools-libs

Also 0.7.3-1 isn't the most current version, was just used as an example.
0
 

Author Comment

by:mrkent
ID: 36898248
My version is Red Hat Enterprise Linux Server release 6.1 (Santiago)
The location you gave me was for RHEL 5.  Is that OK to download the file from there?

Also I'm having trouble with the syntax.  What would be my exact wget command to download the ipsec-tools-0.8.0-2.fc16.i686.rpm package at that url?  (I don't THINK my machine is a 64 bit, how do I find out?)
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:mrkent
ID: 36898269
Actually I think now it is...
# uname -r
2.6.32-131.4.1.el6.x86_64
So does that mean I should be downloading ipsec-tools-0.8.0-1.el5.pp.x86_64.rpm? (Instead of the ipsec-tools-0.8.0-1.el5.pp.i386.rpm which is what I was first looking at?  [typo in my last update])
So again what is my correct wget syntax to download that?
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 400 total points
ID: 36898418
You are asking for trouble by installing a RHEL 5 package on RHEL 6 -- not advised.

It turns out that there is a reason that you can't find ipsec-tools in the repositories -- it has been deprecated in RHEL 6 in favor of openswan.

Is there a specific reason you need ipsec-tools?
[root@broken ~]# yum info openswan
Loaded plugins: fastestmirror, presto, priorities
<snip>
Available Packages
Name       : openswan
Arch       : x86_64
Version    : 2.6.24
Release    : 8.el6_0.1
Size       : 838 k
Repo       : updates
Summary    : IPSEC implementation with IKEv1 and IKEv2 keying protocols
URL        : http://www.openswan.org/
License    : GPLv2+
Description: Openswan is a free implementation of IPsec & IKE for Linux.  IPsec is
           : the Internet Protocol Security and uses strong cryptography to provide
           : both authentication and encryption services.  These services allow you
           : to build secure tunnels through untrusted networks.  Everything passing
           : through the untrusted net is encrypted by the ipsec gateway machine and
           : decrypted by the gateway at the other end of the tunnel.  The resulting
           : tunnel is a virtual private network or VPN.
           :
           : This package contains the daemons and userland tools for setting up
           : Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists
           : in the default Linux kernel.
           :
           : Openswan 2.6.x also supports IKEv2 (RFC4306)

Open in new window

0
 

Author Comment

by:mrkent
ID: 36899466
Only because I have never used Openswan before.  Only Ipsec-tools.
So I do have another server I may get my hand on, a RHEL 5.6 (Tikanga).  I can either use that if I get it, or learn Openswan.

What is the downside of loading a RHEL 5 package on a RHEL 6?   Would it affect the whole system?  Or just the RHEL 5 package?
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 400 total points
ID: 36900779
What is the downside of loading a RHEL 5 package on a RHEL 6?   Would it affect the whole system?  Or just the RHEL 5 package?

That all depends.  The short answer here is that a RHEL 5 RPM is built against a RHEL 5 system, therefore is configured and expecting to be ran on RHEL 5.
0
 
LVL 40

Expert Comment

by:noci
ID: 36913730
The best that can happen is that the software cant work.
The worst is that it installs an old library wrecking your system or part of it.
0
 

Author Comment

by:mrkent
ID: 36936858
OK , one last thing before I move on to the next item.
How do I know that my linux distribution supports NAT Traversal (NAT-T).  I know there are components of the ipsec-tools and openswan ipsec packages that do NAT-T, but how do I know the the kernel itself can process NAT-T.  I saw somewhere that you can look in the kernel tree and look at the net/key/af_key.c file. I think I looked in the right place but maybe not and I can't find it.  How do I find it, and once I do find it, what do I look for in it?

0
 
LVL 40

Assisted Solution

by:noci
noci earned 100 total points
ID: 36936969
The kernel can handle since after 2.6.6 (and in general a lot of networking bugs did exist until & including 2.6.17)

Since 2.6.6 there is a natt field in the network xfrm modules & data structures.
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.6 - should mention this
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.8 - refers to a patch in AH processing for ipsec.
 (kernel.org is currently down)
0
 

Author Closing Comment

by:mrkent
ID: 36937147
Thank you
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In order for businesses to be compliant with certain information security laws in some countries, you need to be able to prove that a user (which user it was becomes important to the business to take action against the user after an event has occurr…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question