Solved

patch management

Posted on 2010-08-27
19
803 Views
Last Modified: 2013-12-16
how to add latest patch as well as remoove the patch if its giving pain

0
Comment
Question by:nirajk1315
  • 9
  • 5
  • 5
19 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 33545533
RHEL might have management capability through RHN.
Removing a patch is often more complex. Deals with whether rollback has been configured.
The added problem with rollback that other packages that were updated as part of this package update need to be rolled back.
However, the way RHEL updates are managed, patches rarely adversely affect installed application since the patch fixes an issue while maintining the version of the underlying package.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 33551417
You apply a patch with the patch command - see man patch. Read carefully the section on the -p option (you can miss out -pn if patching a file in the current directory).
To reverse a patch, use the -R or --reverse option. If you have applied several patches, you must reverse them in exact reverse order (i.e. latest first).
0
 

Author Comment

by:nirajk1315
ID: 33553488
The solution is not clear and I am not satisfied with it. Please provide examples for the same.
0
 
LVL 76

Expert Comment

by:arnold
ID: 33553532
duncan_roe you misunderstood what the asker meant.

the asker is not looking for applying a diff to source.  I think this is an OS/application patch management using RPMs.

I.e. the current installed version is RHEL 5.3
An security issue/bug is detected and fixed by the vendor.
The user installs the updated RPM package for this application and any dependency.
Later the user for one reason or another believes the issues that the system now has is the result of the patched application/dependencies and would like to roll them back.
0
 
LVL 76

Expert Comment

by:arnold
ID: 33553536
nirajk, to whom was your post addressed?
0
 

Author Comment

by:nirajk1315
ID: 33553661
i addressed to duncon_roe. boss i didnt gt porper answer for what i asked. suppose u added one patch and when u restart your start. u found that patch is affecting your server performace. now u want to roll back that patch. how to do it. and how to list the added patch also. please give me a proper example.
0
 

Author Comment

by:nirajk1315
ID: 33553668
My another question is which protocol, basically used in naming resolution. its a dns server questions. please try to find out the answer for this question also
0
 
LVL 76

Expert Comment

by:arnold
ID: 33554537
If you are using yum, you have a log of the packages installation in /var/log/yum.log.

IMHO, it is often unnecessary to remove updated package as they are often not the cause of the issue you might experience.  I.e. at times it is more of a coincidence.
I.e. you update package A and then if the performance seems degraded, you assume that the issue with the patched package versus an increase in accesses or something similar that can contribute and explain the issue.

Prior to updating a package, make sure to review the explanation on what the fixes are in the package.  There are times that an exploit exist in an application.  The vendor fixes and redhat releases an updated version if your application relies on this exploit/vulnerability/flaw, the application needs to be corrected versus rolling back the update leaving your system vulnerable.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 33554648
nirajk, are you asking about diff patches (as I posted about) or something else?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:nirajk1315
ID: 33555725
i am asking how to roll back package. once u added. is there any procedure to do this. or not.
0
 

Author Comment

by:nirajk1315
ID: 33555731
if u deleted yum .log then how to see installed patches. is there procedure or not
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 33556736
rpm -q -a might show you what's installed now. If you deleted the yum log, you may have lost history
0
 

Author Comment

by:nirajk1315
ID: 33556905
i am talking about patches not about package. rpm -qa it will query all packages. and i am asking how to remove new uploaded package.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 33557556
If you have deleted the yum log, you could be in some trouble there. I don't use yum myself - better hope some of the others post again.
An updated package is just that - it is not a patch. Patches are what I described early on in this Q
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 33560684
patches come in updated packages in RHEL.
Patch management as duncan_roe pointed out deals with you compiling and building application from source.  Then when a bug/vulnerability is discovered, you use diff to differentiate the original that you have installed from the new version that you modify or get a Patch from the application vendor to apply to your source.  You then recompile and rebuild.  If something goes wrong, you would either reinstall from your original build location, or use the example duncan included where you would run patch -R vendor_patch and then recompile and reinstall the application.

In older versions of RHEL where they use up2date, I think there was an option to keep packages for rollback.  I am unaware of whether this option is available in the RHEL5.  When updating, you have to keep the old package.

You can use rpm -qa and save it to a file to maintain/log the current state of the system i.e. which packages/versions are installed.

If you have a backup of the system, you can try restoring the yum.log file.
0
 

Author Comment

by:nirajk1315
ID: 33732208
how to remotely manag kernl panic problem
0
 

Author Comment

by:nirajk1315
ID: 33732211
plz give step by step metho to resolve kernel panic situation
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 33733024
That is a completely new Q - you should post it as such. Otherwise, likely only those who have responded to this question are likely to see it
0
 

Author Closing Comment

by:nirajk1315
ID: 34040271
i didnt get proper answer bt i want to close the question
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now