Fixlet Exclusions

(imported topic written by cstoneba)

We need a way to exclude a MS patch fixlet from a single endpoint. I know there is the option to duplicate the fixlet and then modify the relevancy, but then the new fixlet will be out of sync with the source fixlet if it ever gets modified.

What would be great is if all fixlets had a relevancy line that could be used to check the lines of an Exclusion File on an endpoint, and that exclusion file would contain “KB12345”.

But what can I do in the short term to get this to work? I can’t be the only person out there with this big problem, can I ?

(imported comment written by cstoneba)


(imported comment written by manonstreet91)

cstoneba: You are not the only person. I second this request and will add to it. I require the ability to exclude patches (and wildcard matching) on a per host basis, mimicking the functionality of adding exclude=kernel* to /etc/yum.conf (as an example).

As mentioned, this functionality is natively supported in Linux on rpm and deb based systems.