Skip to main content

Patching Linux - Pain or Gain?

How to Patch Your Linux Installation

Like all OSes, every once in a while you need to update the software running on your Linux server. You can do this in one of three ways :

  • Download the updated packages and manually install them yourself.
  • Use a built-in open source application that comes with the OS distribution.
  • Use a third party application that downloads the file and then runs the installation for you.

Let’s look at these in more detail.

Manual Updates

One way you can update your RedHat or SuSE machine is by going to your particular vendor’s Web or FTP site, and downloading the packages directly from the online file repository or a trusted mirror site. For recent products, like Novell’s SLES or RedHat Enterprise Servers, once you get the file onto your machine you can then run the RedHat Package Manager (aka “rpm”) and update the target program you choose.

linux rpm redhat

linux rpm redhat

After downloading the rrdtool’s latest RPM, you can run “rpm –i" to install the new package, or “rpm –u” if you are updating rrdtool. The next RPM command queries all the installed RPMs, and extracts only the information you want, using the grep command. The third command uninstalls the rrdtool using “rpm –e”. Finally, the last line confirms that the application rrdtool is not installed anymore.

If you have a location of a package available via a URL, you can point RPM to update it for you. This image shows the update, the confirmation, and the removal of the livna-release-6-1 package.

In a perfect world, once you run the rpm command, you’re done in a moment or two. Confirmation may be a short message provided by the package installation, or you just get a command prompt ready for your next Linux command. However, since we don’t live in a perfect world, things can get a little confusing. You may run into a dependency issue where another package on your machine has to be updated before you can update your target program.

linux rpm

linux rpm

A failed RPM installation will generate the above message and not continue the install.

Things can get worse when you realize that these packages that need updates also require further updates themselves, turning a simple upgrade into a longer exercise of having to figure out how to deal with all these dependencies and sub-dependencies.