2 Replies Latest reply on Jul 11, 2012 9:26 AM by Bill Robinson

    patching the Linux (red-hat) environment

    Erez Frenkel



      I have a customer who installed lately BSA 8.2,

      I would like to hear any recommendation regarding patching the Linux (red-hat) environment,

      Please notice that the customer have also red hat satellite… so do we have any advantage?


      Also the customer would like to know: If it possible to perform a rollback after security patch been deploy?

      And in case he upgrade a Linux Kernel using BL, Is it possible to rollback to previous kernel?



        • 1. Re: patching the Linux (red-hat) environment

          The advantages of BSA over Satellite are many, a few of them

          1. Ability to run other BSA jobs which provide functionality like Bare metal provisioning, and script based jobs to do a lot of checks and even take snapshot of important configuration files before patching
          2. No need to pay the extra license of Red hat satellite, you only pay for RH subscriptions and can use of all the updates and channels to do patching and updating
          3. You can automate FULL STACK one click provisioning of a server, with patching integrated
          4. No need to open other channels and firewalls to enable satellite, RSCD is the secure way used for all patch deployments.
          5. Advanced deployment technology from advanced repeater functions, easy deployments across WAN
          6. One interface for all patching solutions, the person deploying does not need to be an expert with Satellite or yum or pathing,



          It depends upon what the envrionment is

          What is the patching cycle and stratgey they use, How often they patch and  upgrade

          Do they require secure offline patching or online patching

          In any case, you can use the Catalog based Patching solutiions provided by BSA

          what version you are at ?



          Rollback of redhat patches is tricky and not even completed done by native tools like yum and rpm

          For kernel updates, we recommed using install mode to make sure you have the previous version availble

          • 2. Re: patching the Linux (red-hat) environment
            Bill Robinson

            Kernels should be installed even when run w/ the ‘update’ mode of the patching job as the yum.conf we use will flag the kernel packages as ‘installonly’

            1 of 1 people found this helpful