You might need to use this method in one of the following situations:
- The HTTP file upload, Windows Shared Folder, or NFS share is not stable for uploading patches.
- CD/DVD is not an option because the system is in a remote location.
- To limit the time, it takes to apply patches by staging the patch files on the Authentication Manager local file system.
To complete the patch process, follow the steps below:
- Go to the RSA Authentication Manager download page.
- Click the link for the version of Authentication Manager that is deployed in your environment. For versions lower than Authentication Manager 8.4, please go to the RSA Authentication Manager product version page and select the correct version.
- Download the am-update-<patch version> *.zip file (for example, am-update-8.4.0.6.zip) from RSA Link.
- Extract the *.zip file contents and move the am-update-<patch version>.iso to the /tmp/ directory on the Authentication Manager primary using WinSCP or a similar tool.
- Login to the Authentication Manager primary via SSH, vSphere, or direct connection.
- Change to root using the following command.
sudo su -
- Change the permissions of the patch ISO file to 777:
chmod 777 /tmp/patchfilename.iso
- Ensure that the directory /media is not missing:
ls -l /media
- If missing then, create a new directory as below.
cd
mkdir /media
10.Make sure it has full permissions:
chmod 777 /media
11. From /opt/rsa/am/utils/bin/appliance, copy manageMount.sh to manageMount.sh.orig: and cacheDVDUpdate.sh to cacheDVDUpdate.sh.orig
cp /opt/rsa/am/utils/bin/appliance/manageMount.sh /opt/rsa/am/utils/bin/appliance/manageMount.sh.orig
cp /opt/rsa/am/utils/bin/appliance/cacheDVDUpdate.sh /opt/rsa/am/utils/bin/appliance/cacheDVDUpdate.sh.orig
- Open manageMount.sh in a text edit, such a vi.
- Press i to enter Insert mode.
- Edit the file to comment out the original mount_cdrom function by adding :<<'END_COMMENT' before the function and END_COMMENT after the function.
:<<'END_COMMENT'
mount_cdrom(){
umount_cdrom > /dev/null 2>&1
for i in `seq 0 9`
do
if [ -b "/dev/sr$i" ]; then
mount -t auto -r "/dev/sr$i" /media
if [ "$?" = "0" ]; then
return 0
fi
fi
done
return 1
}
END_COMMENT
- Add the following new function for mount_cdrom.
mount_cdrom () {
umount_cdrom > /dev/null 2>&1
mount -t iso9660 -r /dev/cdrom_am /media
}
- Exit Insert mode by pressing Escape.
- Type :wq! to save a copy of the updated file.
- The file is overwritten during the patch process. This saves a step for next time.
cp /opt/rsa/am/utils/bin/appliance/manageMount.sh /opt/rsa/am/utils/bin/appliance/manageMount.sh_hdd
- Create a symbolic link for /dev/cdrom to the patch location:
ln -s /tmp/patchfilename.iso /dev/cdrom_am
- Changed /opt/rsa/am/utils/bin/appliance/cacheDVDUpdate.sh as below.
cd /opt/rsa/am/utils/bin/appliance/
cp cacheDVDUpdate.sh cacheDVDUpdate.sh.hdd
vi cacheDVDUpdate.sh
CHANGE.....
#!/bin/sh
dd if=/dev/cdrom "of=$1"
TO....
#!/bin/sh
dd if=/dev/cdrom_am "of=$1"
and save it by pressing
a) ESC
b) :wq! - Login to the Operations Console and select Maintenance > Update & Rollback.
- Click Configure Update Source, select Use DVD/CD as the update source and click Save.
- Click Scan for Updates and Authentication Manager should be able to detect the patch and the option to Apply Update will come up.
Changes made to the /opt/rsa/am/utils/bin/appliance/ManageMount.sh do not survive the patching process. To patch again from the hard drive, copy the manageMount.sh_hdd file from Step 13 above back to the original filename:
cp /opt/rsa/am/utils/bin/appliance/manageMount.sh_hdd /opt/rsa/am/utils/bin/appliance/manageMount.sh
To remove the symbolic link, run the command below:
rm /dev/cdrom_am
