RHEL packages Separation based on Patch level

Hello All,

I need help in identifying how to separate RHEL packages based on their OS patch level, i-e RHEL 6.7, 6.8, 6.9, 6.10 or 7.1, 7.2, 7.3 , 7.4 or 7.5.
Can this be achieved by custom Filter ?

Manish Singh

Any Update on the above query please

Red Hat usually doesn’t separate packages based on the minor version unless there is a specific patch targeting it. For example, in this bulletin https://access.redhat.com/errata/RHSA-2018:0516 notice how it says it applies to RHEL 6 and not a specific 6.x minor version, but in here https://access.redhat.com/errata/RHSA-2018:2224 it applies to RHEL 6.7 specifically.

The BigFix RHEL content follows the same model, except BigFix doesn’t support EUS updates so everything applies to the major OS version. There is no metadata in the Fixlets that specify which minor version it targets as Fixlets are generated based on waht the bulletin says.

For you to do what you want, you’ll need to do it yourself by building a mapping of packages to whatever minor version and tie it with the BigFix content.

1 Like

So, if we don’t want to upgrade our os level from (example 6.8 to 6.9) then what all patches should be removed from the rhel patching baseline because from fixlet name it is quite difficult to identify which rhel patch will upgrade the os level

As mentioned previously, RHEL generally doesn’t split packages based on minor version unless you’re on the EUS channel. Since BigFix doesn’t support EUS, it means the Fixlets target all RHEL versions and there is no way to distinguish which package belongs with which minor version because RHEL doesn’t make that distinction as well.

The closest to what you want will be the “release notes” bulletins such as https://access.redhat.com/errata/RHBA-2016:0983, which usually bumps up the minor version. But if you look at the affected products, it targets all RHEL versions and not a specific minor version. This means that you can install the base version of RHEL 6, run that bulletin, and the machine will now be RHEL 6.8 even if all other packages are from the base install.