Oracle Linux BigFix Patching

Usage and Config Patch
1

Just curious how other BigFixers are using BigFix to manage and patch Oracle Linux. I have setup a mirror server and deployed repo files to all my endpoints to help with patching. BigFix doesn’t appear to go out to the https://yum.oracle.com site to pull update, never did figure that out, but uses the local repo file to get packages. What I find interesting is some of these relevant fixlets are showing packages from development repos and I am not sure why. I would like to just leverage BigFix because I have never had a maintenance window where I deployed the fixlets and not had some issue where the package that was being requested was in a repo that I didn’t have configured. It really would be nice if BigFix would use the https://yum.oracle.com to pull the packages and I could quit maintaining local repo files AND when a package was needed BigFix could/would just download and install it. A download plugin would be nice too.

Anyways, how are other Oracle Linux BigFix users benefiting from BigFix patching? I am trying to figure out how I can improve my environment or learn something that will help me when it comes to patching both Oracle Linux 7 and Oracle Linux 8 servers.

2

Hi Jason,

the reason why BigFix does not include a download plugin for Oracle Linux is that a limitation to download patches on behalf of the customer was defined in the Terms & Conditions at the time we started the support for Oracle Linux. I am investigating if this limitation is still valid, if it refers only to the ULN or also to the YUM repository. If this is no longer a restriction, there are good chances that the download plugin will be added in the Product roadmap.

3

Any update on this?

I’m having an issue where all my Oracle Linux 8 clients have a ton of security fixlets reported as relevant in the console, reported relevant in the log initially and then reported non-relevant in the log (as usual), exits with an exit code=1, but the patch actions status is reported as Failed. This is happening to 8 Oracle Linux Servers.

Here’s the Log from the client (/var/opt/BESClient/__BESData/__Global/Logs/YYYMMDD.log):

Successful Synchronization with site ‘actionsite’ (version 554) - 'http://myservername:52311/cgi-bin/bfgather.exe/actionsite
Successful Synchronization with site ‘mailboxsite’ (version 9) - ‘http://myservername:52311/cgi-bin/bfgather.exe/mailboxsite1619820185
[ThreadTime:23:56:22] SetupListener success: IPV4/6
Encryption: optional encryption with no certificate; reports in cleartext
Report posted successfully
At 23:56:58 -0400 -
GatherHashMV command received.
At 23:56:59 -0400 - mailboxsite (http://myservername:52311/cgi-bin/bfgather.exe/mailboxsite1619820185)
Downloaded ‘http://myservername:52311/mailbox/files/da/d5/dad5a7a3091c31d5397fbcb20044f282d5e78ad4’ as 'Action 1433.fxf’
Gather::SyncSiteByFile adding files - count: 1
At 23:56:59 -0400 -
Successful Synchronization with site ‘mailboxsite’ (version 10) - 'http://myservername:52311/cgi-bin/bfgather.exe/mailboxsite1619820185
Processing action site.
At 23:56:59 -0400 - mailboxsite (http://myservername:52311/cgi-bin/bfgather.exe/mailboxsite1619820185)
Relevant - ELSA-2020-4670 - Oracle Linux idm:DL1 and idm:client security, bug fix, and enhancement update - Oracle Linux 8 x86_64 (fixlet:1433)
At 23:57:00 -0400 -
ActionLogMessage: (action:1433) Action signature verified for Execution
ActionLogMessage: (action:1433) starting action
At 23:57:00 -0400 - actionsite (http://myservername:52311/cgi-bin/bfgather.exe/actionsite)
Command succeeded parameter “sitefolder” = “/var/opt/BESClient/__BESData/Patches for Oracle Linux 8” (action:1433)
Command succeeded parameter “EDR_DeployDataDir” = “/var/opt/BESClient/EDRDeployData/” (action:1433)
Command succeeded parameter “cwd” = “/var/opt/BESClient/EDRDeployData/” (action:1433)
Command succeeded parameter “fixletid” = “20467001” (action:1433)
Command succeeded parameter “t0” = “” (action:1433)
Command succeeded parameter “t1” = “” (action:1433)
Command succeeded parameter “t2” = “” (action:1433)
Command succeeded parameter “t3” = “” (action:1433)
Command succeeded parameter “t4” = “” (action:1433)
Command succeeded parameter “t5” = “” (action:1433)
Command succeeded parameter “t6” = “” (action:1433)
Command succeeded parameter “t7” = “” (action:1433)
Command succeeded parameter “t8” = “” (action:1433)
Command succeeded parameter “t9” = “” (action:1433)
Command succeeded parameter “t10” = “” (action:1433)
Command succeeded parameter “t11” = “” (action:1433)
Command succeeded parameter “t12” = “” (action:1433)
Command succeeded parameter “t13” = “” (action:1433)
Command succeeded parameter “t14” = “” (action:1433)
Command succeeded parameter “t15” = “” (action:1433)
Command succeeded parameter “t16” = “” (action:1433)
Command succeeded parameter “t17” = “” (action:1433)
Command succeeded parameter “t18” = “” (action:1433)
Command succeeded parameter “t19” = “” (action:1433)
Command succeeded parameter “t20” = “” (action:1433)
Command succeeded parameter “t21” = “” (action:1433)
Command succeeded parameter “t22” = “” (action:1433)
Command succeeded parameter “t23” = “” (action:1433)
Command succeeded parameter “t24” = “python3-qrcode-core-5.1-12.module+el8.3.0+7868+2151076c.noarch” (action:1433)
Command succeeded parameter “t25” = “” (action:1433)
Command succeeded parameter “t26” = “” (action:1433)
Command succeeded parameter “t27” = “” (action:1433)
Command succeeded parameter “t28” = “” (action:1433)
Command succeeded parameter “packages” = " python3-qrcode-core-5.1-12.module+el8.3.0+7868+2151076c.noarch " (action:1433)
Command started - wait /bin/bash “/var/opt/BESClient/__BESData/Patches for Oracle Linux 8/InstallPackages.sh” -f “20467001” -l “/var/opt/BESClient/EDRDeployData/” python3-qrcode-core-5.1-12.module+el8.3.0+7868+2151076c.noarch (action:1433)
At 23:57:02 -0400 - actionsite (http://myservername:52311/cgi-bin/bfgather.exe/actionsite)
Command succeeded (Exit Code=1) wait /bin/bash “/var/opt/BESClient/__BESData/Patches for Oracle Linux 8/InstallPackages.sh” -f “20467001” -l “/var/opt/BESClient/EDRDeployData/” python3-qrcode-core-5.1-12.module+el8.3.0+7868+2151076c.noarch (action:1433)
At 23:57:02 -0400 -
ActionLogMessage: (action:1433) ending action
At 23:57:02 -0400 - mailboxsite (http://myservername:52311/cgi-bin/bfgather.exe/mailboxsite1619820185)
Not Relevant - ELSA-2020-4670 - Oracle Linux idm:DL1 and idm:client security, bug fix, and enhancement update - Oracle Linux 8 x86_64 (fixlet:1433)