Pending Restart Behavior?

(imported topic written by ken@gracenote91)

I am really trying to completely understand BigFix’s behavior around Pending restarts. It seems to be somewhat non-deterministic … different times, it acts different ways.

Latest case in point…

I had a VM that I pushed Project 2007 upgrade to.

After the update, everything is fine. In the “Fixlets” tab there are

no

“Restart Needed” fixlets showing.

However, In Action history, there is a “Pending Restart” on an old Multi-action that I had previously applied. Now, I am a little surprised to see this since I had since rebooted my VM.

In any event, I say, no problem, let me shoot the “Restart Computers” to it. It just sits there “Not Reported” when I look at the Action . I give it a few minutes, hit refresh a few times. Nothing. I confirm that there are firewall exceptions. Still nothing.

So I say, “screw it”, and I go into my VM and manually reboot it.

It comes back up and BigFix sees it. It reports “Pending Message”. I go to the VM and there is the message that I had set on the “Restart Computer” task. It asks me to reboot… even though I just rebooted.

I reboot it (via the fixlet) and after the reboot all is good. No more reboot requests, no Pending Restart in Action History. nothing in Fixlets for my VM.

Why I am so fixated on understanding this is that I am getting a lot of grief from my endusers. Many of them complain that they get prompted to reboot multiple times within a short period of time.

So I guess one question is: Does one actual reboot clear multiple pending “Reboot Needed/Pending Reboot” messages?

Another question: Why didn’t I get a “Restart Needed” message in the Relevant Fixlet tab?

Actually, I just checked my Analysis: Pending Restart.,… and see that most of the computers it reports as it being relevant for do not show the Restart Needed fixlet as relevant. They do, however have old expired Action histories showing as “Pending Restart”.

Can someone (Ben?) “lay down some truth” that will allow me to fully comprehend how Restart Needed/Pending Restart works (including how they are cleared and their impact on sequential processing of other fixlets - either in a baseline or not in a baseline).

Thanks

Ken

(imported comment written by ken@gracenote91)

The fun continues…

(BTW… client/console/server are all latest rev 7.2.5.22)

I put together a Baseline called “Project 2007 Upgrade”

In one action group I have all of the following Tasks:

  1. “Save and Close Open Documents”

  2. Software Distribution - Deploy: Project 2007 Upgrade

  3. Software Distribution - Deploy: Project 2007 SP2

  4. Software Distribution - Deploy: Project 2007 Hotfix

  5. Software Distribution - Another required bit of software via an msi

  6. “Restart Computer”

(When I was building the baseline, I could have sworn that I configured action settings that should have displayed a message before it ran. However, when I ran it, that pre-execution message did not run)

I ran the Baseline against my XP VM.

It sat there for a long time and did not do anything

I rebooted the VM and then the it started evaluating/running. However, the first task (Save and Close Open Documents with action 2 - restart) did not cause the VM to restart. On the console, it showed as “Failed” for that action.

After a while the actions 2-5 ran properly.

However, Action 6 never caused the VM to restart.

I finally manually rebooted it.

After it came up (and after a few forced refreshes), Action History showed the action as “Pending Restart” and on the Fixlet tab, it showed both the “Restart Needed” and the “Restart Needed - not caused by BES action” fixlets as relevant.

After a while, (without any more rebooting) the Action History status changed to “Failed” - although the Relevant Fixlets still show both “Restart needed” fixlets. The VM DOES NOT show up in the Pending Restart Analysis.

On the Actions tab, the action shows up as 0% complete… even though the VM is now in a state where it has the complete upgrade applied and the “BigFix support center” on that VM shows the action as complete.

A final manual reboot of the VM causes the Restart Needed fixlets to go away.

I did notice that on the VM, Windows updates says I need to install “Malicious Software Removal tool” and “Office 2007 Oct 2009”… but the Bigfix console is not showing any of these as being relevant .

Rather it is showing a single relevant fixlet “973472: Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution”. When I check the MSFt documentation, it says that they released a fix for this (Office2003-KB947319-FullFile-enu ) but the only action on this fixlet is to disable Web Components via ActiveX Killbits. This is not an acceptable solution for us as we need the Web componants for the Project 2007 web access to work properly. But the question is: why doesn’t BigFix prompt me for deploying the fix that MSFT released for this?

Ah well, lots of stuff here… I guess for the push tomorrow, I the main thing I need to know is what am I doing wrong on the Baseline whereby the first and last action (both restart actions) don’t get executed.

(imported comment written by BenKus)

Some questions answered here: http://forum.bigfix.com/viewtopic.php?id=4079

More notes:

  • It seems like your actions are stopped/expired (so the status won’t be updated)…
  • Restarts will clear all restart flags (with the exception noted above).
  • It sounds like your agent in the VM isn’t responding quickly (you shouldn’t have to restart or force refresh)… is it behind a NAT?
  • I don’t know why your baseline failed… if you click on the failed status, does it tell you why/where it failed?

Ben