Patch management dilemma

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Patch management dilemma
# 1  
Old 09-04-2009
Question Patch management dilemma

I've inherited about 10 RHEL 3 boxes that are located in Europe behind a corporate firewall with no access to rhn.redhat.com

I've been tasked with patching all of these systems but I ask, Does redhat issue patch bundles? In AIX, there are maintenance levels and Sun has patch clusters available for download. This doesn't appear to be the case with Redhat. I'm looking to just perform one download all of the updated rpms and have them applied to the system, but without a connection to the internet, I don't see how that's possible.

Anybody have any insight on how to overcome this hurdle without spending hours downloading individual rpms?
# 2  
Old 09-04-2009
RHEL may be updated via RPMs, of course, but honestly, I don't know how to get those RPMs off the RHN. Ask Red Hat support maybe ? I have about 10 RHELs as well, but those are 4 and 5, and I update them via rhn.redhat.com, all the time. I need user and pass for those as well.
OK, update. I just logged in. It seems that you can download the individual RPMs, but not bundles ... So, your choice is (I think) : login via web, download all RPMs manually, and then distribute them to all machines, or just talk to the network admins to allow access to rhn.redhat.com. HTH.
# 3  
Old 09-05-2009
That's what I was afraid of. Unfortunately, getting 1 machine
into an internet facing situation is extremely difficult in the corporate world.
At least, that's how it is in my shop, I guess my only option is as you said.

*long sigh*

Thanks sysgate.
# 4  
Old 09-11-2009
yes, if ur server do not connect to internet, then u need to install it manually and apply it to ur servers.. its really bothering me as well, but if it's possible try to open the access-list from your router to allow it download from the redhat networks for a while then close it again. actually there is no use to patch the server when the server is not connected to internet. it only will bring an disaster and screw the systems of your server which is currently working fine. stupid auditors or security team makes this thing happened.
# 5  
Old 09-11-2009
If you can get them to buy an RHN Satellite server license and they have access to your location, while it will be slow, it will be automated.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Patch management (Solaris, AIX , Linux )

Hi Guys, I am doing L1 Level support for Solaris Platform. Eg. User Management, File system , Print management and Job monitoring. I recently completer my IBM Aix 7 Administration certification. Issue is that my manager is asking me do full time unix / linux patch management work for new... (5 Replies)
Discussion started by: Nats
5 Replies

2. HP-UX

Patch Management

HI all, As per the audit policy, patch has to be apply periodically, but in my scenerio, it has been applied lastly in the year 2010. Using HP UX 11.11, 11.21 and 11.31 I would like to know, how to identify the patches which are need to update, what will be the procedure to update, how to... (5 Replies)
Discussion started by: selvaforum
5 Replies

3. UNIX for Advanced & Expert Users

Multi-platform Centralized Patch Management

We have a mix of AIX, HP-UX, Linux (RHEL and SLES), and Solaris in our environment. Currently we have seperate patch management systems for each platform (NIM, SD, Spacewalk, etc), but have started looking for a centralized patch management solution that would work for most, if not all, of our... (0 Replies)
Discussion started by: kknigga
0 Replies

4. Solaris

Help needed regarding Solaris 10 patch Management

Hello Friends.. I have not tried anything related to Solaris patch and wish to learn more about it. I just wanted to try the patchadd and patchrm commands and how they work, just for educational purpose. I tried to download Solaris 10 patches, it asked me to register at sunsolve.com and i... (5 Replies)
Discussion started by: saagar
5 Replies

5. UNIX for Advanced & Expert Users

Patch Management over mixed unix platforms

Does anyone know of any tools that manage the rollout of patches across multiple types of Unix platform ( eg Solaris, Aix etc ). I am looking for something that does a similiar job to SMS or WSUS in the Windows world (3 Replies)
Discussion started by: jimthompson
3 Replies

6. Linux

Apache in enterprise, patch management

I was wondering how everyone else manages patching/upgrades for apache. Latest doesnt mean greatest, we typically dont install the newest patches for our OS's. We typically run 3-6 months behind, to let fixes get fixed before installing them. Does anyone here have a written detailed plan... (0 Replies)
Discussion started by: Ikon
0 Replies

7. Linux

Linux Patch Management

Does anyone know who to centrally manage the distribution and application of patches to multiple Linux platforms ? Is there software for this ? (0 Replies)
Discussion started by: jimthompson
0 Replies

8. UNIX for Advanced & Expert Users

linux patch management tool

I have a suse linux 9(SLES 9) I have configured "YOU" (yast online update) and it all working fine, synchronising on a daily base with http://sdb.suse.de/download but I would like to know if they is a tools or scripts that inform you of any patches that has not been applied and notify you via... (0 Replies)
Discussion started by: hassan1
0 Replies

9. UNIX for Dummies Questions & Answers

A Terminal Dilemma

Hi everyone, I hope this is the right place to ask this question... I have a contract to convert a mainframe/DB2 application to using AIX/Oracle. Everything went fine but we are now running into a terminal problem. With the Mainframe app, the clients had great response time from remote... (5 Replies)
Discussion started by: rocky_triton
5 Replies
Login or Register to Ask a Question