User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. Artifact Server
  3. Configuring the Package Manager

Configuring yum

How to configure the RPM package manager

PreviousConfiguring yarnNextClearing the Cache

Last updated 2 months ago

This page explains how to configure yum to pull packages from the Seal artifact server based on your existing setup.

Make sure you have the access token for the server ready.

Pull directly from the artifact server

Yum's configuration is saved in the yum.repos.d directory.

Our goal is to add as a remote repository.

  1. Run:

vim /etc/yum.repos.d/.repo

  1. We want the .repofile to look like this:

[seal]
name=seal
baseurl=https://rpm.sealsecurity.io/centos/$releasever/updates/$basearch/
username=$PROJECT_ID
password=$TOKEN
enabled=1
gpgcheck=0

  1. In the $PROJECT_ID put the name of your project. This value will later be used in the reporting to indicate which project pulled which vulnerable package.

  2. In the $TOKEN put the access token to the Seal artifact server.

https://rpm.sealsecurity.io/