Linux patches are managed by linking to Yellowdog Updater Modified (yum). The following diagram shows the overall flow of Linux patch management:
Figure 2.5 Overview of Linux patch management
Point
When the linkage servers have internet access, work performed using Internet terminals can be performed on the linkage servers.
Download patches [operation by the infrastructure administrator]
The infrastructure administrator uses the Internet terminal to download the latest patches (RPM packages) from either the Fujitsu website or the Red Hat Network.
Register patches [operation by the infrastructure administrator]
The infrastructure administrator registers the patches (RPM packages) with the yum repository server. The infrastructure administrator then defines these patches as part of the Linux patch management target.
If patches have been added to or removed from the yum repository server, define the Linux patch management target again and then execute the yum cache cleanup notification command.
Obtain the patch application status [processing by Systemwalker Software Configuration Manager]
Systemwalker Software Configuration Manager extracts information about which RPM packages have been applied or can be applied from each server, and then registers this information in the CMDB.
RPM package information can be obtained either automatically or manually (using a command).
Send new patch registration notification [processing by Systemwalker Software Configuration Manager]
When Systemwalker Software Configuration Manager detects a new patch, an email is automatically sent to each tenant user and each tenant administrator, notifying them that the new patch has been registered.
Execute patch application [operation by the infrastructure administrator, the tenant user or the tenant administrator]
Either the tenant user or the tenant administrator logs in to the management console and applies the new patch.
Infrastructure administrators can perform patch application using the command on the admin server.
Check execution status [operation by the infrastructure administrator, the tenant administrator, or the tenant user]
Check the patch application status using the management console or the command on the admin server.
Obtain patch application information [processing by Systemwalker Software Configuration Manager]
Systemwalker Software Configuration Manager extracts patch application information from each server and stores it in the CMDB.
Look up patch application status
The infrastructure administrator, tenant user, and tenant administrator log in to the management console and check the patch application status. Infrastructure administrators can also check the patch application status using the command on the admin server.
