Unsupported content

 

This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Patch management enhancements

BMC Server Automation version 8.5 includes the following enhancements in patch management:

Updated shavlik version

Because of updates in the shavlik engine shipped with BMC Server Automation 8.5, you are no longer required to enable the Windows Update Service or Remote Registry Service to perform patching on any
Windows platform. Moreover, the user who runs Patch Analysis Job does not need Admin Share Access (admin$) for relevant folders. For more information about prerequisites for patching on Windows, see Patch catalog - Windows Catalog and Creating a Patching Job.

Enhancements in Windows downloads through proxy

Patch management in BMC Server Automation version 8.5 includes the following enhancements to proxy support for Windows:

  • Windows Patch catalogs can now download patches from FTP URLs through proxy.
  • When live browsing the Hotfixes node of a server, BMC Server Automation can now connect to the Shavlik Technologies site through a proxy, based on the settings that you configured in the Global Configuration parameter list. Proxy settings are no longer taken from the HTTP proxy server settings configured through the Application Server Administration console (blasadmin utility).

Using the Debug Mode property to download logs created during patching analysis jobs

The logs and other data created during the analysis of a Patching Job can be downloaded on the Application Server, if the Debug Mode property is set to True. For more information about the Debug Mode property, see Patching Job - Properties.

Using the Patch Downloader to export Shavlik metadata to a CSV file

You can obtain information about patches by using the -exportMetadata option to export Shavlik metadata to a CSV file. You can use the QNumbers in the CSV file to map the metadata (Product Name, Vendor Name, Patch Key, etc.) to a corresponding patch. For more information about using the -exportMetadata option in the Patch Downloader, see Obtaining additional information from the Patch Downloader utility for Microsoft Windows.

Changes in the display of Patching Job results

Patching Job results have been enhanced with the following changes:

  • Under the Patching Job run, all remediation runs of a Patching Job run are now displayed, regardless of whether remediation was invoked automatically (based on the Create remediation artifacts setting) or manually (using the Deploy Selected Patches option or the Remediate All Servers option, as described in Managing patches through the analysis results view).
  • Under each remediation run, all associated Deploy Job runs are displayed alongside the Download run.

For more information, see Viewing Patching Job results.

Association of Deploy Jobs with Patch Remediation Jobs

Remediation Jobs for the deployment of patches are now more closely associated with their parent Patching Jobs. This is exhibited in the following areas:

  • All remediation runs are displayed under a Patching Job run in the display of job results, as discussed in the previous section.
  • All associated Remediation Jobs are displayed in a Dependencies view invoked for a Patching Job (using the Show Dependency option).
  • When deleting a Patching Job, you can see all associated Remediation Jobs in the list of dependencies and  they can be deleted along with the parent Patching Job.
  • Remediation Jobs associated with a Patching Job are deleted along with their parent Patching Job during a database cleanup.

New platform support for patch management

BMC Server Automation 8.5 adds patching support for the following operating systems:

Ubuntu and Debian

The following Ubuntu and Debian release versions are supported:

  • Ubuntu 11.10 (oneiric)
  • Ubuntu 12.04 (precise),
  • Ubuntu 12.10 (quantal)
  • Ubuntu 13.04 (raring)
  • Debian 6
  • Debian 7

The Ubuntu and Debian Catalog tab within Patch Catalog now includes a hierarchy for each version. The following example shows the hierarchy for a version:

Example:

  • OS Version - 11.10
    • Base URL - http://archive.ubuntu.com/ubuntu/
      • Distribution - precise-updates
      • Component - Multiverse
      • Architecture - x86_64, x86

For more information about Ubuntu patching support, see the following topics:

Support for configurable options of the yum.conf file in Linux patching jobs

You can customize the yum.conf file, which is shipped with the Linux server. You can use the yum.conf option available in the BMC Server Automation Patching Job analysis GUI to configure the different patch analysis and deployment parameters. For more information, see Patching Job - Analysis Options for Red Hat Enterprise Linux, Oracle Enterprise Linux, and SUSE Linux Enterprise.

Ability to exclude patches from Windows servers

You can exclude one or more patches from a Server or a Patch Catalog by using the Exclude from server option. You can exclude available or missing patches from one or more servers or server groups. You can also exclude patches based on patch Q numbers.

For more information, see the following topics:

Undo a Deploy job for AIX patches

BMC Server Automation supports the undo functionality when you are deploying AIX patches. For more information, see Undo a Patch Deploy Job.

Support for displaying the IAVA ID attribute in Windows patch analysis results 

The IAVA ID for a Windows bulletin is now available in the patch analysis results. However, the value in the property appears blank by default. You are required to set the property manually in the Bulletin DepotSoftware in the catalog. For more information, see Setting the Information Assurance Vulnerability Alert ID.

Was this page helpful? Yes No Submitting... Thank you

Comments