Welcome
Patch User Guides
Explore how BigFix Patch streamlines automated patch management, enhances vulnerability remediation, and facilitates seamless update deployment from a unified console. This comprehensive solution ensures efficient system maintenance and security, making it an essential tool for IT professionals.
Patch for Oracle Linux User's Guide
Discover how BigFix Patch for Oracle Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Oracle Linux endpoints.
Using Patches for Oracle Linux
You can manage Fixlets using dashboards, reports, and wizards. You can deploy, fix, and uninstall Fixlets. You can also view the breakdown of Fixlets available or needed in your deployment.
Patch Using Kernel Fixlets
To prevent accidental deployment of the wrong kernel family, which could lead to stability issues, and to ensure that systems only receive the correct kernel updates.

BigFix Documentation Homepage
BigFix 11 Patch Documentation
Welcome to the BigFix Patch documentation, where you can find information about how to install, maintain, and use the BigFix Patch.
BigFix Platform
Patch Overview
Learn how BigFix Patch offers an automated and streamlined patch management solution, simplifying the patching process that is administered from a single console.
Patch User Guides
Explore how BigFix Patch streamlines automated patch management, enhances vulnerability remediation, and facilitates seamless update deployment from a unified console. This comprehensive solution ensures efficient system maintenance and security, making it an essential tool for IT professionals.
- Patch for Windows User's Guide
  Discover how BigFix Patch for Windows™ provides Fixlets for Microsoft™ security and non-security patches. Dashboards, wizards, and reports aid you in managing updates for various endpoint devices.
- Patch for AIX User's Guide
  Discover how BigFix Patch for AIX® provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all AIX endpoints.
- Patch for VIOS User's Guide
  Discover how BigFix Patch for VIOS provides an automated and simplified patching process specifically designed for IBM's AIX Virtual I/O Server (PowerVM VIOS) environments. It allows system administrators to manage and deploy patches efficiently across all PowerVM VIOS endpoints from a single console.
- Patch for Red Hat Enterprise Linux User's Guide
  Discover how BigFix Patch for Red Hat Enterprise Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Red Hat Enterprise Linux endpoints.
- Patch for CentOS Linux User's Guide
  Learn about BigFix® Patch for CentOS Linux™ that provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all CentOs endpoints.
- Patch for Alma Linux User's Guide
  Discover how BigFix Patch for Alma Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Alma Linux endpoints.
- Patch for Amazon Linux User's Guide
  Discover how BigFix® Patch for Amazon Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Amazon Linux endpoints.
- Patch for SUSE Linux Enterprise User's Guide
  Discover how BigFix Patch for SUSE Linux™Enterprise provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all SUSE Linux endpoints.
- Patch for Ubuntu User's Guide
  Discover how BigFix Patch for Ubuntu provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Ubuntu endpoints.
- Patch for Oracle Linux User's Guide
  Discover how BigFix Patch for Oracle Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Oracle Linux endpoints.
  - Overview
    BigFix® Patch for Oracle Linux™ keeps your Linux clients current with the latest updates and service packs.
  - Setup
    Set up your environment for patch management.
  - Using Patches for Oracle Linux
    You can manage Fixlets using dashboards, reports, and wizards. You can deploy, fix, and uninstall Fixlets. You can also view the breakdown of Fixlets available or needed in your deployment.
    - Patch using Fixlets
      You can apply Oracle Linux patches to your deployment by using the Fixlets on the Patches for Oracle Linux sites.
    - Patch by using the YUM utility
      Patch by using the YUM utility used for managing packages or applying patches.
    - Supersedence
    - Patch using modular Fixlets
      This topic describes how to deploy a modular Fixlets on OEL.
    - Patch Using Kernel Fixlets
      To prevent accidental deployment of the wrong kernel family, which could lead to stability issues, and to ensure that systems only receive the correct kernel updates.
  - Multiple-Package Baseline Installation
    BigFix Patch provides a solution to combine the installation of updates for multiple packages in a baseline into a single task, which can reduce the execution time of the baseline.
  - Manage YUM transactions
    View YUM transaction history and manage transactions through the YUM Transaction History dashboard.
  - Manage custom repositories
    Use the Oracle Linux Custom Repository Management dashboard to register and manage repositories.
  - Using the download plug-in
    The download plug-ins and OEL Plug-in are executable programs that downloads relevant packages directly from the patch vendor. Fixlets use an internal protocol to communicate with the download plug-in to download files. These Fixlets are based on updates made by the vendor.
  - Using the download cacher
    The download cacher is a standalone command-line tool that is designed to download and cache files required for caching. The pre-cached files can be used by the download plug-in to patch the endpoints.
  - Frequently asked questions
    Learn the answers to frequently asked questions about Patch for Oracle Enterprise Linux.
- Patch for Solaris User's Guide
  Discover how BigFix Patch for Solaris provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Solaris endpoints.
- Patch for HP-UX User's Guide
  Discover how BigFix Patch for HP-UX provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all HP-UX endpoints.
- Patch for Mac OS X User's Guide
  Discover how BigFix® Patch for Mac OS X provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Mac OS X endpoints.
- Patch for Debian User's Guide
  Discover how BigFix Patch for Debian provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Debian endpoints.
- Patch for Raspbian User's Guide
  Discover how BigFix Patch for Raspbian provides Fixlets that you use to manage the latest updates and service packs that Raspberry Pi releases. These Fixlets are available through the Patches for Raspbian sites.
- Patch for Rocky Linux User's Guide
  Discover how BigFix Patch for Rocky Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Rocky Linux endpoints.
- Patch for Open SUSE Leap 15 User's Guide
  Discover how BigFix Patch for Open SUSE Leap 15 provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Open SUSE Leap 15 endpoints.
- Patch for VMware ESXi User's Guide
  Discover how BigFix Patch for VMware ESXi provides you unified, near real-time visibility to manage patches to all VMware ESXi endpoints from a single console.
- Patch for Virtual Endpoint Manager User's Guide
  Discover how BigFix Patch for Virtual Endpoint Manager provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches in a virtual environment.
- Extended third-party Windows Application
- Supersedence for Non-Windows
  This topic describes how supersedence works in Patch.
Detailed system requirements
The tables in this section provide detailed information about the system requirements for BigFix 11.
Glossary
This glossary provides terms and definitions for the BigFix® Patch software and products.
Patch guides in PDF format
Below is a comprehensive list of links to the BigFix Patch user guides available in PDF format, designed to assist users in navigating and utilizing the software effectively:

Patch Using Kernel Fixlets

To prevent accidental deployment of the wrong kernel family, which could lead to stability issues, and to ensure that systems only receive the correct kernel updates.

BigFix applies the following safeguards:: By default, Fixlets for Non-UEK (Unbreakable Enterprise Kernel) are applicable to Oracle Enterprise Linux (OEL) endpoints. Fixlets targeting the UEK kernel are not applicable unless they are explicitly enabled. This default behavior ensures that only standard (Non-UEK) kernel updates are deployed, unless UEK-specific updates are intentionally required.

Enabling UEK Kernel Fixlets
1. To make a specific UEK kernel version Fixlet applicable on endpoints, you must deploy a corresponding client setting configuration Fixlet.
2. These configuration Fixlets set the _BESClient_OEL_RestrictUEK client setting to the specific UEK version you wish to enable.
3. Available Fixlets of Oracle 8 and 9 are:
  - 301 - Configure OEL8 Client Setting _BESClient_OEL_RestrictUEK to 6
  - 401 - Configure OEL8 Client Setting _BESClient_OEL_RestrictUEK to 7
  - 601 - Configure OEL9 Client Setting _BESClient_OEL_RestrictUEK to 7.
4. Example:
  Deploying Fixlet 301 for Oracle Linux 8 enables the applicability of UEK6 kernel Fixlets, while disabling all UEK7 and Non-UEK kernel Fixlets. This ensures that only the specified UEK kernel track is applied to the targeted endpoints.
Disabling UEK Kernel Fixlets
1. If you need to revert the client to the default state (only Non-UEK kernel Fixlets are applicable), you must remove the UEK restriction setting from the endpoint. The following Fixlets perform these actions to remove the restriction:
  - 501 - Delete OEL8 UEK Client Setting _BESClient_OEL_RestrictUEK
  - 501 - Delete OEL9 UEK Client Setting _BESClient_OEL_RestrictUEK.