ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How to create a local mirror of Endpoint Protection Linux repository

book

Article ID: 228295

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

How to create a local mirror of the Symantec Endpoint Protection (SEP) Linux repository

Cause

A local mirror of the SEP Linux repository may be desired when installing and updating SEP Linux Agent on machines that do not have connections to the internet.

Environment

SEP 14.3 RU1 and newer on Linux

Resolution

Mirroring the repository

All you need is a Linux shell command line (bash, et al) connected to internet. This could be a physical Linux machine or VM (e.g. Windows Subsystem for Linux), or in the simplest case: the Cygwin Terminal for windows. The two lines of shell script below will mirror the entire 14.3RU3 repository into a "sep_linux" folder in current working directory. 

repo=https://linux-repo.us.securitycloud.symantec.com/sep_linux/14.3RU3
wget -q -x -N -nH -i $repo/latest.txt

Note that /sep_linux/14.3RU3 is used in the examples on this page - be sure to adjust for the desired version. The repo branches are named as follows:

/sep_linux/14.3RU1/
/sep_linux/14.3RU2/
/sep_linux/14.3RU3/

... and starting in RU4:
/SAL/1.0/

To mirror the repo structure only for rhel8:

repo=https://linux-repo.us.securitycloud.symantec.com/sep_linux/14.3RU3
wget -q -x -N -nH $(printf "$repo/%s\n" `curl -s $repo/latest.txt | grep rhel8`)

The currently supported Linux identifiers are:

amazonlinux
amazonlinux2
debian9
debian9
rhel6
rhel7
rhel8
sles11
sles12
sles15
ubuntu14
ubuntu16
ubuntu18
ubuntu20

This repository mirror can be copied/shared as a file folder or via local ftp/web server. How-to is left as an exercise for the customer. For more extended instructions that include an example of setting up a web server and using cron to keep the mirror up-to-date, see Create Local Linux Repository on CentOS/RHEL 7 and 8.

IMPORTANT: If you plan on using the Local Repo for installing for Cloud managed systems on Ubuntu or Debian, you need to run the following command to make the metadata available:

find /path/to/sep_linux/* -type d -name sep_linux | xargs -i{} ln -sf "{}" "{}_cdm"

If using Cygwin, the Windows CYGWIN environment variable should be set to winsymlinks:nativestrict for the link command above to create proper NTFS symlinks.

 

Just the packages, please

If you want only the packages downloaded to the current working directory and you don't need to duplicate the repo structure for *.rpm packages:

repo=https://linux-repo.us.securitycloud.symantec.com/sep_linux/14.3RU3
wget -q $(printf "$repo/%s\n" `curl -s $repo/latest.txt | grep rhel8.*rpm`)

... or for *.deb packages, e.g. Ubuntu18:

repo=https://linux-repo.us.securitycloud.symantec.com/sep_linux/14.3RU3
wget -q $(printf "$repo/%s\n" `curl -s $repo/latest.txt | grep ubuntu18.*deb`)

The packages for a particular Linux version can be manually combined with the unzipped LinuxInstaller stub to create an offline installer as described in Creating an offline installation package for the Endpoint Protection Linux Agent.

 

Using the SEP LinuxInstaller command with a local repository

Use the -h (--local-repo) option. 

To install SEP Linux Agent and configure it to use a local repository mirror in a local folder or file share: 

./LinuxInstaller -- -h file:///path/to/sep_linux/14.3RU3

For mirror shared by a https web server:

./LinuxInstaller -- -h https://path/to/sep_linux/14.3RU3

NOTE the repository folder version referenced (14.3RU3 in examples above) must also match the version of LinuxInstaller otherwise it will return "No packages found that need update" - i.e. if LinuxInstaller version is 14.3RU2, then use 14.3RU2 in repository URL.