|
|
Toll Free: (866) 407-5279 Direct: (651) 407-5279 |
|
|
|
Toll Free: (866) 407-5279 Direct: (651) 407-5279 |
|
Patching RedHat Linux and Solaris targets is similar to, but slightly different, than patching Windows targets. For example:
Unix targets are "discovered" with IP Scan (instead of Enumerate)
You must specify a path on the Unix target where files will be pushed (not required for Windows).
To query and patch a Unix machine, UpdateEXPERT must connect (login) to the target with either Telnet or SSH (secure shell), and if connecting with Telnet, must be able to FTP files to the target so that patches can be installed.
You must have a license that supports Unix (Unix is enabled on all new live trial serial numbers; to enable a production serial number please contact Sales at 1-800-782-3762 to discuss the Unix option).
You must know Unix administratively, or work with someone who DOES know Unix (strongly recommended if new to Unix)
Now use "Add Machine" (right-click "UNIX" network tree object) and/or Network > IP Scan to populate the "UNIX" network tree by hostname or IP address. (Enumeration is for Windows).
Then select one or more machines under "UNIX" and do "Machine Settings" (right-click) to enter a valid path for storing UpdateEXPERT patch management files on each Solaris or Redhat target machine. You MUST set this path before you can query or patch (This is for Unix only, and doesn't apply to Windows).
Then select one or more machines and do "Set Credentials" and specify a telnet or ssh connection for the target. You can also "su" to an administrative account for patch execution. You MUST "Set Credentials" before you can query or patch.
Now try to Query, and investigate patches. In the UpdateEXPERT User Web frame, you will now hyperlink to Microsoft, Sun, or Redhat articles depending on the target machine you are working with. Query Errors? ... see:
Here is a narrative of what happens "under the hood", when you first query and deploy patches to Unix targets. This presents details that can be very helpful for troubleshooting, as explained in the articles below.
Download interesting patches. Note: The same download repository is used for all patches regardless of platform.
Deploy Patches ... A word of caution to those familiar with UpdateEXPERT and Windows patching, but not with RedHat Linux patching. A couple of new checkbox options will show up in the patch install wizard.
Leaf-Agents are not used for Sun Solaris & Redhat Linux patching. Instead, an SSH connection is supported for secure, encrypted communication to Solaris/RedHat targets. Also, the Custom-Fix feature is not supported for Unix at this time.
Solaris and RedHat targets will display either patches (for Solaris) or packages (for RedHat) under a tab called "ALL". You will not see "application" tabs as you do with Windows targets. Note that when deploying a RedHat package, you will either update the existing software on the target resulting in an updated version, or if the package is not currently installed, you will in effect be installing new software. This is different from Windows and Solaris where a patch is a fix to an existing file and requires the basic installation to already exist. Also, a red check-mark in the category column simply means "recommended fix", as specified by Sun or RedHat.
Validation functionality is supported
for Solaris & RedHat. Solaris will initially have a complete set of
validation data. For RedHat, some validation data will ship with the initial
release, and more will be added with time. File attributes checked during
validation for both Solaris and RedHat include size, checksum, user, group,
permissions and TLM (time last modified).
Note: File > Agent > Settings > Validation applies
to Windows targets only at this time, ie., Solaris & RedHat validation
are not yet configurable.
Solaris/RedHat and Windows targets will generally be included in the current set of reports, ie., there is no need for two separate sets of reports.
Groups and Profiles can be created for Solaris & RedHat machines. "IP Scan" can also be used to setup groups based on subnet address ranges.
In Research View, Solaris & RedHat patches are now included. Required Updates are set on a "per OS" basis, meaning that RedHat 8.x required updates only apply to RedHat 8.x targets, not 7.x or 9.x.
