11-04-2012 08:47 PM
I want to install the security patches for our Production server RHEL 4.2.
So far there is no patche update done for this server and assist me how to proceed to install only security patches.
How do i determine the impact on installing them.
This is first time i'm going to install the patches to a Linux Server.
Appreciate your detail steps and recommendations for proper installation.
Thank you very much in advance.
11-05-2012 12:57 AM
You should have a valid RedHat Subscription (sometimes called "license" although it's not quite the same thing) for your server, otherwise you cannot access RedHat update services and cannot get patches.
With a valid RedHat Subscription, you'll also have access to RedHat Knowledge Base.
Installing security patches only is rather difficult in RHEL4, as you must filter the list of patches yourself.
This RHKB article may help:
The .2 part in the RHEL 4.2 version number identifies the update level, which is sort of similar to Service Pack level in Microsoft Windows operating systems, although RedHat tends to release more update levels with less impact. The current (and also the last) update level for RHEL 4 is 4.9.
The RHEL 4.2 update level was released in 2005-10-05, so as of today, your server is 7 years out of date. With so many update levels between 4.2 and 4.9, it is likely that some of the security patches will depend on some non-security bug-fix patches, so you may need to omit some security patches if it is an absolute requirement that the server must stay in the .2 update level.
Through access.redhat.com, you can get a list of all RedHat security notifications that affect your server, if your server is registered to RedHat Network and can communicate with RedHat servers. You can also read the full text of each security and bug-fix advisory: this may help you in making decisions with the patches.
The regular life cycle of RHEL 4 ended in 2012-02-29: that means RedHat will not publish any patches for RHEL 4 after that date on regular support channels. However, if you pay extra for it, you can stil be supported with Extended Life Cycle until 2015-02-28.
Essentially, your first Linux Server patching task is going to be about as difficult and complicated as it can possibly be. You have my sympathy. Good luck.
11-07-2012 10:50 AM
You have three options.
1. Connect the server to an RHN account and run the up2date command
2. Install Centos yum rpm, set up a repository and use yum update to do the job (I've done this).
3. Build (after purchase) a Satellite server for updating patches.
RHEL 4.x is end of life you should also plan a migration to RHEL 6 if your apps support it.
Owner of ISN Corporation