Managing Patch Jobs for Linux Assets

Patch Management allows you to deploy patch jobs on Linux assets for RHEL version 6 and 7. You can use a single job to deploy a single patch on multiple assets, multiple patches on a single asset, and multiple patches on multiple assets. You cannot target Windows and Linux assets in a single job.

Consider this!

 - Currently, you cannot scan for missing and installed patches for Linux assets.

 - On the Assets tab for Linux, you cannot view the agent scan status.

 - You cannot create widgets that show Linux patches or assets data for Unified Dashboards.

 - Superseded patches are not applicable for Linux.

 - You cannot enable the opportunistic patch download to allow the Cloud Agent for Linux to download the required patches before a scheduled job run begins. The patches must be stored in a repository at a predefined location which is accessible to each asset.

 - You can only create deployment jobs for Linux assets. Uninstall jobs are not applicable for Linux assets.

 - While creating a Linux deployment job, if you select an asset tag that includes Windows and Linux assets, only Linux assets will be added for the job.

 - Job title for each job must be unique. You cannot have the same job title as a Windows job. For example, if a Windows job titled Security Patches is created, you cannot have a Linux job titled as Security Patches.

 - The patches that are applicable only for a specific OS package will be skipped if included for other OS package. For example,

- A job that has a mixed set of patches i.e. both RHEL 6 and RHEL 7, but only RHEL6 assets, in this case, the status for RHEL 7 patches will be displayed as Skipped.

- A job that has RHEL 6 patches and also has RHEL 7 assets, in this case, no manifest will be sent and status for asset will be shown as Not Applicable.

Prerequisite

- You must install the Cloud Agent for Linux on each of your Linux assets before you can deploy patch jobs.

- Ensure that the patches that you want to install are available in the agent-side repository during the job schedule.

Creating Patch Job for Linux Assets

1. Navigate to Jobs  > Linux and then click  Create Jobs.

2. On the Basic Information page, enter a job title and description and then click Next.

Basic Information

3. Select assets or asset tags on which you want to apply patches and click Next.

Select Assets

4. (Optional) If you want to exclude the assets with All and Any tags from the deployment job, select the Add Exclusion Asset Tags check box and then select one of the following options and click Next.

- Any – to include assets that have any of the selected tags
- All – to include only those assets that have all the selected tags 
Note: Patches are deployed on the selected tags only for assets that are contained in the user's scope.

5. On the Select Patches page, click Take me to patch selector.

6. Select one or more patches, click Add to Job and then click Close.
Note: You can only add 2000 patches to a single job.

7. On the Select Patches page, click Next.
Note: Ensure that the selected patches are available in the agent-side repository during the job schedule.

Select Patches

8. On the Schedule Deployment page, select one of the following options and click Next:

 - On Demand – to install the patches immediately once the job is created and enabled.
- Schedule – to install the patches at a specified time, set the start date and start time. You can schedule a job to recur daily, weekly, or monthly. For more information, see Scheduling Jobs.

Schedule Deployment

9. Set your Reboot Communication options and click Next.

The Continue patching even after a package fails to install for a patch option ensures that if one of the packages for the patch fails to install, an attempt to install other packages is made.

Reboot Options

10. On the Job Access page add the co-author who can edit the job and click Next.

Job Access

11. On the Confirmation page, review the settings and click Save to create the job or click Save and Enable to deploy the job immediately.

Confirmation Screen

Scheduling Jobs

Enabling or Disabling Jobs