Patch Management for Red Hat

This page has not been liked. Updated 8/28/14 6:17 AM by KarenKueTags: None

Overview

The following Redhat content sites are obsolete and should not be subscribed to and used anymore:

 

Documentation

 

Patching Red Hat with Dependency Resolution

There are two methods that can be used to deploy Redhat patches with dependency package resolution: The "Minimum Package Lists" method and the "Endpoint Dependency Resolution" method, here are the requirements for each:

 

Dependency Resolution Deployment Method

Platforms Supported

Content Sites Required

Dashboards Used

Required Analyses to Activate

"Minimum Package Lists" Method

RHEL 3,4,5

  • Linux RPM Patching
  • Patches for RHEL 3
  • Patches for RHEL 4
  • Patches for RHEL 5
  • Linux RPM Patching: Create Preference List - Red Hat
  • Linux RPM Patching: Create Minimum Package List - Red Hat
  • Linux RPM Patching: Create Custom Fixlet - Red Hat
  • Linux RPM Patching: Deploy Custom Fixlet - Red Hat
  • Installed RPM Package List - Red Hat Enterprise Linux
  • Bootable Kernel Status - Red Hat Enterprise Linux
         

"Endpoint Dependency Resolution" Method

*(Preferred Method)

RHEL 5,6

  • Linux RPM Patching
  • Patches for RHEL 5 - Dependency Resolution
  • Patches for RHEL 6 - Dependency Resolution
  • Endpoint Dependency Resolution - Preference Lists
  • Installed RPM Package List - Red Hat Enterprise Linux
  • Bootable Kernel Status - Red Hat Enterprise Linux
  • Endpoint Dependency Resolution - Deployment Results
  • Endpoint Dependency Resolution - Preference Lists
  • Endpoint Dependency Resolution - Missing Prerequisite Packages
  • Endpoing Dependency Resolution - Unsupported Packages

 

Implementing the patching solution using the "Endpoint Dependency Resolution" method

The Endpoint Dependency Resolution method is the current way of deploying Red Hat patches with dependency resolution for RHEL 5 and RHEL 6 endpoints. Needed dependencies are calculated "on the fly" on the endpoint during the patching process.

 

Implementation Steps:

1. Subscribe to the required content sites

2. Activate the required analyses

3. Register the download cacher plugin:

Task # 20 - BES Relay/Server: Register Download Plug-in for Red Hat Enterprise Linux (Linux RPM Patching site)

4. Deploy preference lists (this is optional):

Dashboards > "Endpoint Dependency Resolution - Preference Lists"

5. Take action to deploy the patches.

 

 

Implementing the patching solution using the "Minimum Package Lists" method

The Minimum Package Lists method is the prior way (which is still supported) of deploying Red Hat patches with dependency resolution for RHEL 3, RHEL 4, and RHEL 5 endpoints. Needed dependencies are calculated from the other Fixlet content in the site and a minimum package list is created and used during patching. This is a less accurate method of performing dependency resolution because it makes general assumptions of the specific endpoints.

 

Implementation Steps:

1. Subscribe to the required content sites

2. Activate the required analyses

3. Register the download cacher plugin:

Task # 20 - BES Relay/Server: Register Download Plug-in for Red Hat Enterprise Linux (Linux RPM Patching site)

4. Deploy preference lists (this is optional):

Dashboards > Linux RPM Patching: Create Preference List - Red Hat

5. Build the minimum package list for the patches:

Dashboards > Linux RPM Patching: Create Minimum Package List - Red Hat

6. Take action to deploy the patches.

 

Troubleshooting

Logs:

/var/opt/BESClient/__BESData/<site name>/EDR_PluginError.log

/var/opt/__BESClient/EDRDeploymentResults.txt

/var/opt/BESClient/EDRUnsupported/EDR_UnsupportedPackages.txt

 

Error Messages:

Client Log:



Hard failure exit code 'execute prefetch plug-in' "{download path "RedHatEDRPlugin-x64"}" --mode "pre_resolve" --compdepgraph "{download path (parameter "depfile")}" --outpath "{client folder of current site}" --prefpath "{client folder of current site}/../../EDRPreferenceLists" --unsuppath "{client folder of current site}/../../EDRUnsupported" {parameter "args"} (action 72603) Exited with exit code of 1

ActionLogMessage: (action 72552) Execute prefetch plug-in returned non-zero exit code.