I am preparing my site for patching Linux Servers. I have followed the Patch for CentOS Linux User’s Guide along with help from the Forum. To date, the extended repositories have been registered in the CentOS Custom Repository Management Dashboard, registered live endpoints and added the {add gpgcheck=0}, verified receiving patches from the Patches for CentOS 6 & 7 custom sites, activated several analyses to include “YUM Transaction History”, “YUM Logs”. One question that I have is when I apply “task 18 Install packages by using yum”, are the patches automatically deployed to endpoints upon activation? Not sure how it works before activating. Have I missed steps for preparing my environment to patch Linux Servers? Thanks in advance
Greetings!
A few things of note. When you add an extended repo, it gives you the ability to install packages from said repo. There is no Fixlet content provided by BigFix for extended repositories out of the box. If you do require Fixlet content, you can engage the services team for this.
There are two separate tasks that you can use to install packages from extended repos:
Task 18 ‘Install packages by using yum’: When you take action on this task, you are prompted to enter the name/s of the package/s you want to install. If left blank, it will update all packages on the endpoint targeted. This task will utilize the locally configured repos on the endpoint, and not the ones configured with the DownloadPlugin.
Task 401 ‘Yum command with CentOS download plugin - CentOS 7 -x86_64’: When you take action on this task, it will also prompt you for input. In this case you can pass yum commands (install, update, etc). As an example, if you wanted to install bind-utils, you would enter: update bind-utils
This task will utilize the CentOS Download Plugin and the repos you have configured through BigFix.
Hopefully this answers your questions.
-Matt
1 Like
Thank you for that clarification. So I believe I need to install bzip2 on CentOS 7 servers in order to apply patches from Patches for CentOS 7 site. Now currently I see fixlets from Patches for CentOS(6&7) Plugin R2. So when I run Task 18 is it these fixlets (packages that it looks to run?
I will not see packages from extended sites but running task 401 while entering {update bind-utils) will retrieve these packages from extended sites that I’ve verified as success with the -allrepos command?