Thanks for sharing!
Client management is managing the deletion of patches by itself. It will depend on the number of reboots occurring after the patch installations.
It is not a good way to remove patches because they can be used by Shavlik after reboot to finalize the installation.
The policy of patch deletion is complex as we have to wait 3 reboots after a patch installation to be sure it cannot be needed by Shavlik for post-installation operations.
Nevertheless, we have identified some cases when patches are not deleted whereas they should be. A fix has been done in order to delete patches as soon as it is possible. It is available in versions: 12.7.00.006, 12.8.00.004, 12.9.00.001
Can you tell me if you are using one of these versions? If no, an upgrade should improve the situation. If yes, a look into your client sqlite is needed to understand why patches are still present.
Great answer Ted! I REALLY appreciate the "detailed" responses that you provide. There are times where a device may be removed from a Patch Job/Deployment and it has appeared that some folders with LOTS of patches are "just taking up space".
Can you provide any guidance as to when it is safe to delete any of these folders? After 6 months? If no longer a member of a specific job or deployment? Some customers need to free up space on end points and sometimes resort to deleting some of these folders.
Thanks again for providing your level of knowledge with the group!
Maybe we should have quarterly Webinars called "Ask the Experts" and we can all benefit and use BCM more effectively!
Hi Steve Gibbs
It is not a matter of times but of reboots. After 3 reboots a patch is considered as not needed anymore on the drive and can be deleted. We have a counter in the sqlite for each patch to evaluate that.
If you use or upgrade to one of the following versions 12.7.00.006, 12.8.00.004, 12.9.00.001, after the first reboot following a patch installation, a cleanup should delete the patches that are not required anymore by Client Management. You will find this log message and the detail of what is done.
Log: Clean up for patch groups folders
For each patch group folder on the drive
- Log: Removed folder xxx as it is not referenced in sqlite. OR
- Log: Folder is kept as Patch group xxx is still referenced in sqlite.
If folder is still present after that check, each patch in the folder is verified.
- Log: Removed file (zzz) as it is not referenced in Patch group xxx. OR
- Log: File (zzz) is kept on hard drive as it is referenced in Patch group xxx.
Same steps for patch jobs...
If you are in a Client Management version that includes the fix and still have not needed patches in your folders after the process described above, an analyze of the sqlite will be required to understand why they are not removed.
I can now confirm that there were patches deleted in:
C:\Program Files\BMC Software\Client Management\Client\data\PatchManagementPremium\Patches\Jobs\1013\
C:\Program Files\BMC Software\Client Management\Client\data\PatchManagementPremium\Patches\Jobs\1013\Base\Patches
but there are still a lot of old patches in:
C:\Program Files\BMC Software\Client Management\Client\data\PatchManagementPremium\Patches\Download\English
C:\Program Files\BMC Software\Client Management\Client\data\PatchManagementPremium\Patches\Download\German
Your confirmation means patches are correctly removed on client side.
data\PatchManagementPremium\Patches\Download... is the place where patch manager is downloading patches not client.
To make them deleted, a parameter exists: StoragePatchOption in PatchManagementPremium.ini PatchDownload section.
Value can be:
- 0: Default value. Delete downloaded patches once packages are published
- 1: Always keep downloaded patches in their download path
- 2: Move downloaded patches to local patch repository once packages are published.
Can you check the value of this parameter is 0. If not, change it to 0 and next downloaded patches will be removed once published on the master. This behavior is the same if patch manager is the master.