• Applying Ad Hoc or Emergency Patches on Linux Hosts Note:
Before patching your Linux hosts, ensure that the Enterprise Manager user has the EM_PATCH_DESIGNER role and the OPERATOR_ANY_TARGET privilege. If
the Enterprise Manager user does not have these, ensure that the super user grants them.
Applying Patches on a Linux Patching Group Based on Compliance
If the Linux Patching Compliance Home page reports that a particular Linux patching group is not compliant, you can choose to patch the group. To apply patches on this Linux patching group, follow these steps:
1. In Cloud Control, from the Enterprise menu, select Provisioning and Patching, then select Linux Patching.
2. On the Linux Patching page, in the Compliance Report section, select the Linux patching group that you want to patch, then click Schedule Patching.
3. On the Package Repository page, in the LINUX Distribution section, select the tool that you want to use to update the RPM.
Note:
If the Linux host to be patched is running on Oracle Linux 6 (OL6) or later, then you must use the yum tool for patching. The up2date patching tool is not supported for this Linux version. If you do not use the yum tool in this scenario, the patching process fails on the Configure Host For Patching step with the following error: You are not selecting 'yum' as the tool to update the RPMs in this system. 'yum' is the only supported tool for updating RPMs in Oracle Linux 6 operating system
a. If you have selected yum as the patching tool, make sure that you select the patching mode that you want to use. Select Package update and new
package installation if you plan to update the existing packages, as well as
install new packages. Select Package update only if you plan to only update the existing packages, and not install any new packages.
b. In the Stage Location section, specify the location where you want the Linux patching configuration and log files to be created.
c. In the Package Repository section, select the RPM repositories that you want to use.
d. In the Check GPG Signatures section, select Check GPG signatures to ensure that yum or up2date performs a GPG signature check on the packages obtained from the specified repositories. This key may not be previously imported into the RPM database. To ensure that this key is imported, select
Import GPG key, then specify the GPG Key URL.
e. In the Advanced Options section, by default, the Hide obsolete updates option is selected. Selecting this option hides the obsolete packages on the Select Updates page. If you want to view these packages on the Select Updates page, ensure that you deselect this option.
f. If you have selected yum as the patching tool, in the Advanced Options section, select one of the following patch application modes:
• Most suitable architecture, if you want yum to install the latest version of
the selected package, or update the existing version of the package to the latest version, for the suitable RPM architectures that are installed on the Linux hosts that you are patching.
If you select this option, Cloud Control runs the following yum command:
yum install|update packagename
• Specific architecture, if you want yum to install the latest version of the
selected package, or update the existing version of the package to the latest version, on only those Linux hosts that have the RPM architecture of the selected package.
If you select this option, Cloud Control runs the following yum command:
yum install|update packagename.arch
• Specific version and architecture, if you want yum to install only the
specific version of the package selected on the Select Updates page, or
Chapter 3
update the existing version of the package to this specific version, on only those Linux hosts that have the RPM architecture of the selected package. If you select this option, Cloud Control runs the following yum command:
yum install|update epoch:packagename-ver-rel.arch
Click Next.
4. On the Select Updates page, select the packages to be updated.
Note:
If the Hide obsolete updates option was selected in the previous step, the values for Total packages available and Total packages available
in this view may be different. This difference corresponds to the number
of obsolete packages present in the repositories. Click Next.
5. On the Select Hosts page, select the Linux hosts to be updated. You can also select a group by changing the target type to group.
By default, every discovered Linux host is displayed on this page, and can be selected. However, if you want only those hosts that have an older version of at least one of the packages (that you selected for the update operation in the previous step) to be displayed on this page, run the following command: $<OMS_HOME>/bin/emctl set property -name 'oracle.sysman.core.ospatch.filter_uptodate_hosts' -value 'true'
Click Next.
6. On the Credentials page, enter the credentials to be used for the updates. Click Next.
7. On the Pre/Post script page, enter the scripts that need to be executed before/ after the patching process, if any.
Click Next.
8. On the Schedule page, enter the details of the patching schedule that must be used.
Click Next.
9. On the Review page, review the update parameters.
Click Finish. A deployment procedure is submitted to update the selected packages. Follow all the steps of the procedure until it completes successfully.