RHEL latest Patch update without updating OS version
Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
RHEL latest Patch update without updating OS version
Hi All,
As part of OS hardening process, we need to update the server to have latest patches. I have not done this before. I have used yum to install, update or remove one package at a time.
Now we need to update the server such that it has all the updated patches. From net, found that using --exclude=kernel will not update kernel. How to use yum to update patches without updating the OS versions. Current OS version is RHEL 5.5 and RHEL 5.6 is some servers.
you can't, it's the same thing. the minor releases, 5.5, vs 5.6 ARE the package updates. the numbers themselves just really relate to a re-baselining of the latest packages in the major version, just a line in the sand that's drawn when new ISO's are mastered etc. It makes no sense to talk about one without the other.
that said, it's possible to only update packages that are marked as security fixes etc. with the yum-plugin-security package installed, you can run "yum update --security" but that may or may not upgrade all manner of dependencies as part of the upgrade.
Last edited by acid_kewpie; 12-19-2012 at 07:45 AM.
I tried in a test machine for applying security patches alone. I followed http://www.cyberciti.biz/faq/redhat-...urity-updates/. But for me it does not list any security patches, when I use this command "yum --security check-update". So does this mean that this test machine has upto date security patches.
Current OS version is RHEL 5.5 and RHEL 5.6 is some servers. (..) for me it does not list any security patches, (..) So does this mean that this test machine has upto date security patches.
In the tutorial you linked to the assumption is made that the machines were first upgraded to the current Update version. There is no workaround and there should be no reason to stay with Update 5 or 6. If you think there are post your compelling reasons here.
Its customers point of view, I do not have a say on it. For updating OS we need approvals. We are updating security patches alone. But certainly in near future we will be updating all the OS to the latest one
We have a OEL server. I need to update security patches. I tried with Yum
[root@server ~]# yum repolist
Loaded plugins: rhnplugin, security
This system is not registered with ULN.
ULN support will be disabled.
repolist: 0
[root@server ~]# up2date --show-channels
Your GPG keyring does not contain the Enterprise Linux public key.
Without it, you will be unable to verify that packages Update Agent downloads
are securely signed on the Unbreakable Linux Network.
Your Update Agent options specify that you want to use GPG.
To install the key, run the following as root:
Is registering with ULN a must for updating security patches. In CentOS its free hence its working. Anyway we are in the process of getting the ULN account.
rpm --import /usr/share/rhn/RPM-GPG-KEY
Oracle (OEL / Unbreakable Linux) is a paid for distro (like RHEL) so yes, you will need a paid for subscription to ULN (or equiv) to get updates (& support).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.