Ubuntu Client setting

BigFix Patch for Ubuntu client settings refer to the configurations and preferences established within the operating system for managing and applying software patches, updates, and fixes.

This feature is optimized for systems running Ubuntu 18.04 onwards.

BigFix Patch introduces the following client settings which are used in BigFix Patch for Ubuntu patching module:

Table 1. Logging flags
Name/Description Values Component(s) affected
_BESClient_LinuxPatch_enable_debug_log
This configuration setting will:
  • Enable/disable DEBUG mode for deployment logs (EDR_DeploymentResults.txt), which generates on BigFix client (/var/opt/BESClient/EDRDeployData) while patching.
  • Generate/delete EDR deployment files like
    • EDR_RepoData.txt
    • EDR_PackageList.txt
    • EDR_ResolverOutput.log
    • EDR_ResolverError.log
Default value 0 (disabled)
Setting type Boolean
Value range
  • 0
    • Disable DEBUG mode for deployment logs while patching.
    • EDR deployment files are deleted after patching.
  • 1
    • Enable DEBUG mode for deployment logs while patching.
    • EDR deployment files are retained even after patching is completed.
Task available
  • 57-Configure the client setting to enable the Debug Log for Linux Patching
  • 58-Configure the client setting to disable the Debug Log for Linux Patching
Client
_BESClient_Ubuntu_AddNoRemove
By default, the apt package manager may resolve complex dependency conflicts by uninstalling existing software that is deemed incompatible with the requested update. In enterprise environments, this can lead to accidental "cascade removals" of critical services (e.g., MySQL Server, Network Manager). This configuration setting will:
  • Prohibits conflicting package removal during the upgrades by adding --no-remove to apt-get install command.
  • By default, --no-remove option is not included in the apt command during an upgrade.
Default value 0 (disabled)
Setting type Boolean
Value range
  • 0
    • The --no-remove flag is not included in the patching commands. apt-get is allowed to remove conflicting packages to resolve dependencies.
  • 1
    • Enhanced safety mode. The --no-remove flag is added to apt-get install. Patching will stop if package removal is required.
Task available
  • 91-Enable _BESClient_Ubuntu_AddNoRemove Client setting for Ubuntu endpoints
  • 92-Disable _BESClient_Ubuntu_AddNoRemove Client setting for Ubuntu endpoints
Client
_BESClient_Ubuntu_AllowAPTDownloads
When this configuration setting is enabled, the BigFix client uses the apt package manager to download packages directly from Ubuntu repositories. When it is disabled, the client performs offline patching, where both metadata and packages are pre-downloaded.
Default value 0 (disabled)
Setting type Boolean
Value range
  • 0
    • Offline patching. Packages and metadata are pre-downloaded.
  • 1
    • Online patching. The system downloads packages directly from external Ubuntu repositories.
Task available
  • 22-Enable custom repository support - Ubuntu
  • 23-Disable custom repository support - Ubuntu