LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-07-2017, 01:01 AM   #1
vimalparikh
LQ Newbie
 
Registered: Nov 2017
Posts: 6

Rep: Reputation: Disabled
Only Security patches in Linux Redhat Servers


Team,

I am taking care of 7 Linux servers in my organization. Since 2014, we have not install any patch, security updates in our serves. Two days back only i have attached subscription to all the servers and registered them on the red-hat portal.

I details on portal like below:
https://access.redhat.com/management/systems





All of them are our database and production servers,Any one can guide me how should i go ahead in installing patches.

Is there any way that i can installs only security patches in the server..

Please show me the way which is secure .

Waiting for your reply eagerly.

Regards,
Vimal
 
Old 11-07-2017, 01:45 AM   #2
notKlaatu
Senior Member
 
Registered: Sep 2010
Location: Wellington, New Zealand
Distribution: Slackware, Fedora, NetBSD
Posts: 1,071

Rep: Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725
First thing you must do is a yum upgrade. Run this to make sure that everything that is installed is as up-to-date as it can be.

You don't say what version of RHEL you are running, so it's difficult to tell you how to upgrade or what to upgrade to. Look at the version you are running:

Code:
# cat /etc/*release*
and then check with Red Hat on the life cycle of what you are running. If it's still a supported version, then upgrading (with `yum ugrade`) installs all the security patches and, in theory, you should be fine.

If it's out of support, then you'll want to upgrade to the next version that is still supported.
 
Old 11-07-2017, 02:58 AM   #3
vimalparikh
LQ Newbie
 
Registered: Nov 2017
Posts: 6

Original Poster
Rep: Reputation: Disabled
Hi friend,

Thanx for the prompt reply,I dont know how to share screen shot herewith , else i must have shared redhat portal subscription page.

My all servers are Red hat Enterprise linux server release 6.5 and 7.0.

Since 2014 , we have not upgraded patches, So request you to show me the way to install security patches which not hamper existing runing application as server is production server.
'
Right now i can see Security advisory total count is 292
Bug fixes count is 782
Enhancement count is 86... Displayed on subscription page infront of the server.

please help
 
Old 11-07-2017, 03:06 AM   #4
notKlaatu
Senior Member
 
Registered: Sep 2010
Location: Wellington, New Zealand
Distribution: Slackware, Fedora, NetBSD
Posts: 1,071

Rep: Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725Reputation: 725
Are you able to log in to the servers? Do you know how to do that?

To update your systems, you must run the 'yum update' command from a terminal, or else log in to your RHEL desktop and click the update applet in the system tray.

If you're not familiar with any of that, take a look at the basic System Administration Guide in your RHEL documentation.
 
Old 11-07-2017, 03:12 AM   #5
vimalparikh
LQ Newbie
 
Registered: Nov 2017
Posts: 6

Original Poster
Rep: Reputation: Disabled
Hi,

I understand, but as per my understanding yum update update everything on the server.

It might possible that it will update my database like sql and oracle version, And my application gets stop working.

Thats why i am asking you that is there any ways to install only security updtaes rather than all the update??
 
Old 11-07-2017, 04:43 AM   #6
knudfl
LQ 5k Club
 
Registered: Jan 2008
Location: Copenhagen DK
Distribution: PCLinuxOS2019 CentOS6.10 CentOS7.7 + 50+ other Linux OS, for test only.
Posts: 17,268

Rep: Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568Reputation: 3568
Redhat, quote from 'redhat.com/solutions/10021'
Quote:
Is it possible to limit yum so that it lists or installs only security updates?
https://access.redhat.com/solutions/10021
→ Resolution : Install the yum-security plugin
.... etc. etc.


All "redhat.com/solutions" are probably on-line.
Example search "red hat update only security patches"
https://www.google.com/webhp?hl=all&...ecurity+patche


-

Last edited by knudfl; 11-07-2017 at 04:46 AM.
 
Old 11-07-2017, 12:11 PM   #7
timl
Member
 
Registered: Jan 2009
Location: Sydney, Australia
Distribution: Fedora,CentOS
Posts: 683

Rep: Reputation: 151Reputation: 151
Are the production servers replicated in the testing environment? If possible it is good to test out updates to see how they will affect production
 
Old 11-07-2017, 02:14 PM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 21,959

Rep: Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827
Quote:
Originally Posted by vimalparikh View Post
Team,
I am taking care of 7 Linux servers in my organization. Since 2014, we have not install any patch, security updates in our serves. Two days back only i have attached subscription to all the servers and registered them on the red-hat portal. I details on portal like below:
https://access.redhat.com/management/systems

All of them are our database and production servers,Any one can guide me how should i go ahead in installing patches. Is there any way that i can installs only security patches in the server.. Please show me the way which is secure . Waiting for your reply eagerly.
Since you have paid for the subscription, you have also paid for support...why have you not just called Red Hat and asked them??

Barring that, you need to update your systems, period, if they are your database and production servers. You don't say anything about what's running on them (software? DB engine? anything?), but reading the release notes will give you a good indication of what has changed between patch sets, and what they affect. Back up your data, and patch the systems during off hours and schedule a maintenance window. Putting off patching because it *MIGHT*, maybe, sorta-kinda cause some sort of maybe-problem is poor logic. You need the updates/patches/fixes..apply them.

Because either you do it now, or later...either way, any issues you find will have to be dealt with. What are you going to do if the server crashes? As soon as you install a new OS and do a restore, guess what? The patches got applied during the rebuild...now you've restored a broken server, leading to MORE downtime.
 
1 members found this post helpful.
Old 11-07-2017, 10:22 PM   #9
vimalparikh
LQ Newbie
 
Registered: Nov 2017
Posts: 6

Original Poster
Rep: Reputation: Disabled
Thanx a lot for valuable feedback.

I will raise a support ticket to red hat.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
There is any recommended patches \ security patch for redhat 5.1? shaybery Red Hat 3 05-29-2008 12:54 PM
Kernel security patches for servers vargadanis Linux - Security 1 12-23-2006 04:30 PM
updating redhat security patches APARs how? bonsky Linux - Security 1 09-22-2006 05:43 AM
installing security patches on prod servers. juanb Linux - Software 0 08-19-2004 03:40 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration