I’m attempting to run {yum update -y} from BF on a Linux server. This is the action script command
wait /bin/sh -c yum update -y and here is the entry on the endpoint client log
At 14:52:51 -0500 - mailboxsite ()
Relevant - Yum update remotely (fixlet:4060)
At 14:52:51 -0500 -
ActionLogMessage: (action:4060) Action signature verified for Execution
ActionLogMessage: (action:4060) starting action
At 14:52:51 -0500 - actionsite ()
Command started - wait /bin/sh -c yum update -y (action:4060)
At 14:52:52 -0500 -
Report posted successfully
At 14:52:52 -0500 - actionsite ()
Command succeeded (Exit Code=1) wait /bin/sh -c yum update -y (action:4060)
At 14:52:52 -0500 -
ActionLogMessage: (action:4060) ending action
At 14:52:52 -0500 - mailboxsite ()
Not Relevant - Yum update remotely (fixlet:4060)
However when I go to the endpoint and run the yum check update command, I receive
Loaded plugins: fastestmirror, rhnplugin
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
puppet-agent.x86_64 5.5.17-1.el7 puppet-agent-7
What is missing from my command to execute this on the endpoint?
I’ve discovered the location of the repositories folders. Even when I substitute its location, the fixlet will not evoke the yum update -y command on the server. What am I missing in order to remotely run this command on my Linux servers?
To be clear, this is a custom task and not our in-box content that uses the RHSMPlugin, right?
Does the endpoint have access to the repo, have you configured Yum to use it, have you imported the GPG keys for the repo? What is the actionscript you are using now, and does the Yum command work correctly for you when you run it outside of BigFix?
When I’m logged in locally the yum command works. This is a custom task that I’m creating. The endopoint has been configured to receive the updates from extended repos. The basic actionscript I’m attempting to use is simply
wait cd /var/cache/yum -c yum checki-updates
wait cd /etc/yum -c yum update -y
I receive completed as status and in the client logs I get
Command started - wait cd /etc/yum -c yum update -y (action:4061)
At 09:09:23 -0500 -
Report posted successfully
At 09:09:23 -0500 - actionsite ()
Command succeeded (Exit Code=0) wait cd /etc/yum -c yum update -y (action:4061)
At 09:09:23 -0500 -
ActionLogMessage: (action:4061) ending action
At 09:09:23 -0500 - mailboxsite ()
Not Relevant - Yum update remotely (fixlet:4061)
That shouldn’t work on the command line either - each of those lines should be two separate commands.
Why are you trying to cd to /etc/yum?
Try something along the lines of
wait /bin/sh -c "/bin/yum update -y"
(But I’m not sure whether yum is at /bin, /usr/bin, or some other path for your distro; check for the path and substitute that in)
I don’t think BigFix is the issue here, you need to be sure you have a good working set of Linux commands first.
Get the exact sequence of Linux command lines first and post those here, and we can help with the ActionScript. I haven’t seen your Linux commands yet…
I’ll try this. Basically what I’m trying to accomplish is this, I’ve loaded the extended repos to the BF server to retrieve patches that are generated from these sites. My intentions are to run this command yum update -y to go the locations where the downloaded patches are located and install them with the command. Since I will not know the exact time when the patches are downloaded, during our patching process, let’s say biweekly, I want to create a fixlet or task that can be included in a baseline of patches that will install these patches if they are available. If not, I may have to check periodically with a yum check-updates task to verify if there are patches available. I want to do this remotely versus logging onto each server to verify or install these patches.
There are a couple of different ways this can be done - are you using extended repos with the RHSMPlugin, or with the ‘Native Tools’?
If you are using the RHSMPlugin, there’s already a task in the RHEL sites for ‘Run YUM command’, you’d just use that task with ‘update -y’ as the task parameter.
If you’re using ‘Native’ repos, that should be fine if you are getting the native ‘yum’ commands to work interactively - but we still need a list of those commands if we are to help with the ActionScript. And be aware that if you’re storing the repo on the BES Server, your clients may need direct access - when running with just the ‘yum’ commands, I don’t think the relay hierarchy will do the downloads for you.
I used the CentOS Plugin R2 for my extended repos which deliver the patches directly to the endpoints. I did not have success with the ID 401. I will try with that as a parameter. Thanks