Frequently Asked Questions
Learn the answers to frequently asked questions about Patch for Oracle Enterprise Linux.
- Why are my Oracle Linux patch updates failing deployment?
-
Some repositories are not enabled by default because they might break Oracle Enterprise Linux upstream compatibility. This might cause patches to fail deployment and users might get the following similar error shown in the EDRDeployData.log file:
No package kernel-devel-3.10.0-514.26.1.0.1.el7.x86_64 available. No package kernel-headers-3.10.0-514.26.1.0.1.el7.x86_64 available. No package kernel-tools-3.10.0-514.26.1.0.1.el7.x86_64 available. No package kernel-tools-libs-3.10.0-514.26.1.0.1.el7.x86_64 available. No package perf-3.10.0-514.26.1.0.1.el7.x86_64 available. No package python-perf-3.10.0-514.26.1.0.1.el7.x86_64 available. Error: Nothing to do
Users would need to decide if upstream compatibility is necessary.
Follow these steps to enable the missing repository:
- Go to /etc/yum.repos.d/public-yum-ol7.repo and look for the OL7 repository file.
- If the entry for If the entry for the repository, in this case, [ol7_MODRHCK] exists, ensure that it is enabled.
- If the repository entry does not exist, add the following entry:
[ol7_MODRHCK] name=Latest RHCK with fixes from Oracle for Oracle Linux $releasever ($basearch) baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/MODRHCK/$basearch/ ggpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 priority=20 enabled=1
- Save your changes.
- How to identify the packages belonging to a Oracle Linux repository?
-
Some repositories are not enabled by default and this might cause patches to fail deployment. There might be chance when the patches deployment failed for a package but users are not aware as which repository that package belongs to. In that case, use yum commands to identify the repository.
- What to do when Fixlets fail to install with the following message in the EDR log? "Warning: Nothing to install. Please check if you are using the latest kernel."
- This message appears only in case of Fixlets that deploy kernel packages. A kernel Fixlet
becomes relevant if the endpoint does not have the target kernel package installed or if the
endpoint's active kernel is at a lower version than the target kernel package. An endpoint is
still considered subject to kernel vulnerabilities even if it has the latest kernel installed
but not using it
actively.
To remediate the issue, restart the endpoint and ensure it is using the latest kernel available.