Creating and Editing a Linux Patch Deployment Configuration

A Linux patch deployment configuration defines how a patch deployment will be performed. There are separate Patch Deployment Configurations for the new contentless Linux patching method and the previous content-based patching method. The new contentless patching method performs a scan for all missing patches as a part of all Patch Deployment Configurations.

Security Controls provides one predefined configuration named Update All. This configuration specifies that the agent will deploy all patches that were identified as missing by a patch scan. A patch group will not be used and a post-deploy reboot will not be performed.

You cannot edit the predefined configuration. If the predefined configuration is not adequate for your needs, you can create a custom configuration, as described separately below for contentless patching and content-based patching.

Deployments are Performed Using YUM

Yellowdog Updater, Modified (YUM) is a command-line utility that is used for retrieving, installing and managing RPM packages from official Red Hat and CentOS software repositories. When an agent needs to deploy a patch, it does so by instructing YUM to download and install the patch. If you have Linux client machines that reside in a disconnected network, the agent will not be able to utilize YUM and you must set up one or more local repositories.