verinice.PRO is delivered in multiple RPM packages for Red Hat Enterprise Linux (RHEL) and CentOS. On RHEL and CentOS RPM packages are installed, updated or deleted with the package management system YUM. When a new version of verinice.PRO is published, the new RPM packages are ready in the verinice.PRO repository: update.verinice.com.
The verinice.PRO database ha to be saved before starting the update. If PostgreSQL is used, the following command has to be called:
pg_dump -U <DB_USER> <DB_NAME> > /path/to/file.sql
The verinice.PRO packages are now ready to be updated. You can either update all RPMs on the server or only the verinice packages. It is recommended to update all packages. All packages will be updated with:
The following command updates the verinice.PRO packages only:
yum update verinicepro verinicepro-catalogs verinicepro-clients \
It may happen that yum does not find the new verinice packages. If no new packages are found, although a new version is ready, the following command must be entered before the update:
yum clean all
Please note first should be customized the property files (please see the "Adjusting the configuration" chapter) and then must be the Tomcat Application Server restarted. Only after a restart the changes are activated:
After updating the packages the verinice configuration must be checked. Each update of the RPM packages can cause conflicts with the configuration files. If a regular file changes in a new version, it is overwritten by the package manager for the update. Configuration files can not be treated like regular files since they are usually changed after the first installation.
If a configuration file has been changed by the user and is changed in a new verinice version, the file cannot be overwritten when updating. There are two options how the package manager computes this issue:
The file of the user is not changed, the new version of the file is installed with the suffix .rpmnew. The files must be compared after the update and possible changes from conf-datei.properties.rpmnew must be transfered to konf-datei.properties.
The new version of the file is installed. The file of the user is saved with the suffix .rpmsave. The files must be compared after the update and if necessary settings from conf-datei.properties.rpmsave must be transfered to konf-datei.properties
Depending on the content of the verinice configuration files will be treated in accordance with option 1 or 2.
The file is not overwritten during the update. If necessary, a new version of the file is created with the name veriniceserver-plain.properties.rpmnew. In this case new options from veriniceserver-plain.properties.rpmnew must be taken over into veriniceserver-plain.properties.
The file is not overwritten during the update. If necessary, a new version of the file is created with the name verinice-ldap.properties.rpmnew. In this case new options from verinice-ldap.properties.rpmnew need to be transferred to verinice-ldap.properties.properties.
This file is not overwritten during the update. If necessary, a new version of the file is created with the name SNCA.xml.rpmnew. In this case new options from SNCA.xml.rpmnew need to be transferred to SNCA.xml.
This file will be overwritten during the update. If the file was changed beforehand, the changed version will be saved as web.xml.rpmsave. After the update the changes in web.xml.rpmsave must be transfered to the new version.
This file contains the configuration of the authorization profiles. The authorization profiles are typically configured with the verinice.PRO client. The file shouldn't be edited directly on the server. The file is not overwritten when updating verinice.PRO. If necessary, a new version of the file is created as verinice-auth.xml.rpmnew. In this case, changes from verinice-auth.xml.rpmnew must be included in verinice-auth.xml.
All other configuration files contain technical configuration and normally do not need to be adjusted. When updating these files will be overwritten. If one of the files was however changed previously, the changed old version of the file is saved under the name file.properties.rpmsave . After the update, the changes from the old modified file datei.properties.rpmsave must be included in the new version.
To integrate the new IT Baseline Protection Catalog in verinice.PRO right from the start, the application server cache should be emptied. Proceed as follows: