Patching CentOS 6 and 7 Servers in BF

Attempted to install BF patches on Linux Servers and was not successful. The patches were part of a Baseline and the Multiple-Packages Baseline installation - CentOS 7 was the trailing task and the Enable the Multiple-Package Baseline feature - CentOS 7 was the leading task. Reviewing the action logs shows that the installs were completed on the individual servers. IN my case there were 2 6 & 2 7 servers. What could I have possibly let out in the patching process. Thank you

If you send a single patch, without the multipkg feature, does it work?

Could be that the CentosPluginR2 download plug-in is not configured, or you need to run the task to trust the GPG key for CentOS?

/var/opt/BESClient/EDR_DeployData holds some logs used by the plugin that may be useful.

Did you run Task ID: 301 to import the RPM GPG Key?

1 Like

Thank you Matt. I had not run this task. Appreciate it

1 Like

Ran the task and than deployed a baseline. The patches were not deployed after server was rebooted. Applied a separate patch and received Download error “The download plugin exited unexpectedly”. This is on a newly created server in my environment.

  • The Install bzip2 fixlet indicates that my test server is applicable however take action is not available to initiate.

The following tasks have not been run on the test server

  • Task 18: Install packages by using yum hasn’t been deployed

  • Task 39: YUM: Check Available Package Updates

  • Task 51: Enable custom repository support - CentOS

  • Task 200: Delete CentOS 7 Package List File for Multiple-Package Baseline Installation- is required in baselines?

  • Task 301: Import RPM-GPG-KEY-centos-release - CentOS 7

  • Task 401: Yum command with CentOS download plugin - CentOS 7 - x86_64

  • Are there any other tasks/fixlets that are required to distribute Linux patches that I may have missed. Thanks

Just checking, have you installed the CentosR2Plugin from the “Manage Download Plug-ins” Dashboard?

yes I have as well as enable content sites for Patches for CentOS(6&7) Plugin R2, registered and configured the CentOS Plug-in on the server, configured extended repositories and registered repositories to my endpoints. I haven’t done it my latest test server though and doing that now

In registering repositories to my endpoints, are there any other entries that I should consider in my working environment besides the one shown.

Attempted to run Task 18: Install packages by using yum and it failed with the following message
Failed wait /bin/bash “{client folder of site whose (name of it as lowercase starts with “patching support”)}/InstallPackages.sh” -p yum -l “{parameter “Log_Dir”}” -f {parameter “Fixlet_ID”} {parameter “PackageNames”}
continue if {exit code of action = 0}
Is this task required to Patch Linux Servers by BF?

Greetings.

When enabling custom repository support, you essentially tell the endpoints to use their locally configured repos instead of the Download Plugin to download metadata and packages.

I’d suggest that you run TaskID: 52 - Disable custom repository support - CentOS and then try to deploy an individual fixlet to an endpoint.

If you require further assistance, send me a DM and I can assist with pointing you in the right direction.

-Matt

I have not run Enable custom repository support task 51 on the endpoint. Task 52 is not applicable to any of my endpoints. What is DM?

This is what I’ve done so far

  1. Enabled Patches for CentOS (6&7) Plug-in R2
  2. Registered and configured the CentOS Plug-in R2 on my BF Server in Manage Download Plug-ins dashboard
  3. Created extended repositories and registered endpoints to the repositories on the CentOS Custom Repository Management dashboard
  4. Applied Fixlet 1: Install bzip2 to test servers
  5. Applied Task 39: Install packages by using yum to test servers and received a failed status for the last action on each endpoint (will send in separate document).
  6. Applied Task 301: Import RPM-GPG-KEY-centos-release-CentOS 6 & 7 on test servers
  7. Created a baseline to deploy multiple packages and it ran but did not install the patches
  8. Identified several tasks/fixlets that have not been applied to endpoints
    a. Task 51: Enable custom repository support – CentOS
    b. Task 401: Yum command with CentOS download plugin - CentOS 7 - x86_64
    When I ran Task 39: Install packages by using YUM I received this error message

I sent you a direct message (DM) with some information.

-Matt