3 Replies Latest reply on Jul 27, 2011 8:33 PM by Bill Robinson

    Redhat Patching-Smartgroups Setup

      Hi,

       

      I have setup an offline linux patching for Redhat 5 (X86_86), the patch catalog is created successfully.I can run PAJ on a target which does the analysis and returns the missing RPM.

       

      I wanted to know how I can set smartgroups in the newly created patch catalog i.e. smartgroups for critical and non critical patches, so that I can run PAJ against each smartgroups. This is straightforard to setup in Windows patch catlog but with linux I am bit confused how this needs to be set, what are the conditions I have to provide in the smartgroups.

       

      I am not a linux expert and not done much on linux patching before, so your guidance and help will be most appreciated.

       

      Regards

       

      Santosh

        • 1. Re: Redhat Patching-Smartgroups Setup
          Bill Robinson

          you need to look at the meta-data available on the linux patches and determine how they are classified, and which ones you want.  then create groups to match those conditions.  you may want to review the classifications on rhn as the vendor has their own classification system that is different that microsoft.

          1 of 1 people found this helpful
          • 2. Re: Redhat Patching-Smartgroups Setup

            Hi Bill,

             

            I downloaded the Linux patches for RedHat5 x86_64 offline through download utility and my XML file is as below, after the download I updated the Patch Catalog which was successfull.

             

            <redhat-downloader-config>

                <config>

                   <!--<proxy-settings>

                          <port>80</port>

                          <host></host>

                          <username></username>

                          <password></password>

                          <domain-name></domain-name>

                          <proxy-type></proxy-type>

                   </proxy-settings>-->

                   <temporary-location>C:\tmp</temporary-location>

                   <payload-repository-location>D:\Linux_Patch</payload-repository-location>

                   <download-request-retries>10</download-request-retries>

                   <download-request-timeout>180000</download-request-timeout>

                   <downloader-parallel-threads>20</downloader-parallel-threads>

                </config>

                <subscription>

                        <errata-type-filter>

                              <os>RHES5</os>

                              <arch>x86_64</arch>

                              <channel-label>rhel-x86_64-server</channel-label>

                              <errata-severity>

                                    <critical>true</critical>

                                    <high>true</high>

                                    <moderate>true</moderate>

                                    <low>true</low>

                              </errata-severity>

                              <errata-type>

                                    <security>true</security>

                                    <bugfix>true</bugfix>

                                    <enhancement>true</enhancement>

                              </errata-type>

                             </errata-type-filter>

                  </subscription>

            </redhat-downloader-config>

             

             

            Once the catalog was updated successfuly, I created a master patch analysis job and added the RPM's andf ERRATA smartgroup in the include list and executed it against a target and Patch analysis was successfull it showed me the missing RPM and Errata

             

            for testing I created two smart groups under the catalog as following

             

            CRITICAL Smart group

             

            Any Redhat Errata where ERRATA_TYPE* equals Security Advisory

             

            NON_CRITICAL Smart group

             

            Any Redhat Errata where ERRATA_TYPE* does not equals Security Advisory

             

            Then I created a seperate Patch Analysis job for each smartgroup and execcuted them, the number of missing RPM's and Errata's combined on both these Patch analysis job was equal to missing RPM's and Errata's on the master patch analysis job which I run against all the RPM's and ERRATA's smartgroups.

             

            Sorry for this detail explaination but I wanted to know whether I am doing the right thing with smartgroups for Linux Patching. Please le me know whether this can be done in a better way.

             

            Regards

             

            Santosh

            • 3. Re: Redhat Patching-Smartgroups Setup
              Bill Robinson

              yes - that should be fine.