Patching Scientific Linux

MagLev · February 21, 2017, 1:52pm

I am trying to patch a Scientific Linux box (we have about 20 of them floating around). I have created a custom site and have the box showing up in there. I have also taken the RHEL 7 Fixlets and imported them into this custom site. The issue I am running into now is with the relevance. I know that for this to work I am going to need to tweak the relevance of the Fixlet and then possibly the action script as well. Below is what I have adjusted in my relevance (swapped Scientific Linux release 7.3 for the RHEL 7 info) but the patch is still not showing as applicable for the box.

Relevance 1:
(version of client >= “8.2”) AND (name of operating system starts with “Linux Red Hat”) AND ((it = “x86_64”) of architecture of operating system) AND (exists file “/etc/redhat-release” whose (exists line whose (exists match (regex “Scientific Linux release 7.3”) of it) of it) AND NOT exists file “/etc/vmware-release” whose (exists line whose (it contains “VMware ESX”) of it) AND NOT exists file “/etc/enterprise-release” whose (exists line whose (it contains “Enterprise Linux Enterprise Linux”) of it)) AND (if exists property “in proxy agent context” then (not in proxy agent context) else true) AND (if exists property “android” of type “operating system” then (not android of operating system) else true)

Relevance 2:
(architecture of operating system = “x86_64”)

Relevance 3:
((exists package “firefox” whose (rpm version record of it < rpm package version record “45.7.0-1.el7_3” AND architecture of it = “i686”) of it AND (not exists package “firefox” whose (rpm version record of it >= rpm package version record “45.7.0-1.el7_3” AND architecture of it = “i686”) of it)) OR (exists package “firefox” whose (rpm version record of it < rpm package version record “45.7.0-1.el7_3” AND architecture of it = “x86_64”) of it AND (not exists package “firefox” whose (rpm version record of it >= rpm package version record “45.7.0-1.el7_3” AND architecture of it = “x86_64”) of it)) ) of rpm

Relevance 4:
exists file “/etc/redhat-release” whose (exists line whose (exists match (regex “Scientific Linux release 7.3”) of it) of it)

I’d also be interested to hear from others who might be patching Scientific Linux and if this is the preferred method or if there are any other ideas.

MagLev · February 22, 2017, 10:40am

Resolved a couple of things already. Scientific Linux is configured for autoupdates so the patches might not have shown relevant on my test box due to the updates already having been installed. Upon disabling autoupdates, I noticed that the OS that reports back from Scientific Linux is Linux kernel and not Linux Red Hat so I changed the first line of Relevance 1:

(version of client >= “8.2”) AND (name of operating system starts with “Linux Red Hat”)

After rolling back the autoupdates, I was able to get a Fixlet to show as applicable for my test box.

RNJ · March 18, 2017, 1:13am

Any update on this ? We are having some issues with Scientific as well.
Please let me know if you came up with anything…
Thanks

AlanM · March 20, 2017, 3:43pm

Not all distros are supported as they may have different patches etc. Your mileage may vary here but be aware of that kind of issue.