Patching method
BigFix offers more flexibility to the patch management solution by using native tools.
The Fixlets for all CentOS content use the Yellow dog Updater, Modified (YUM), the default patch manager for CentOS. YUM is a package management tool that updates, installs, and removes Red Hat Package Manager (RPM) packages. YUM uses a command-line interface and simplifies the process of installing, uninstalling, and updating packages, provided that there is access to the YUM repository.
Previously, the BigFix Patch for CentOS sites used a set of utilities that are called Endpoint Dependency Resolver (EDR) utilities to handle package dependencies on the endpoint. YUM replaces these EDR utilities and gives you more flexibility in terms of patch deployment and providing results that are in parallel with Red Hat and CentOS solutions. The following sites are available for
- YUM utility configuration settings
-
The BigFix Patch for CentOS sites that apply the YUM utility use Fixlet settings in /etc/yum.conf. except for the following YUM configuration settings:
- cachedir
- keepcache
- plugins
- reposdir
- pluginpath
- pluginconfpath
- metadata_expire
- installonlypkgs
- Identifying file relevance with Native tools content
-
The native tools captures file relevance in the same way as EDR. Both methods check for the relevance clause
exist lower version of a package, but not exist higher version of it
. If both tools are applied to the same deployment, the relevance results are the same.
Patching method matrix
Patching method | Applicable sites | Applicable features |
---|---|---|
Endpoint Dependency Resolution (EDR) |
|
|
Native tools (YUM) |
|
Download Plug-ins |
Native tools (DNF) | Patches for CentOS 8 | Download Plug-ins |