Home
Patch User Guides
BigFix Patch provides an automated, simplified patching process that is administered from a single console.
Patch for Amazon Linux User's Guide
BigFix® Patch for Amazon Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Amazon Linux endpoints.
Overview
BigFix Patch for Amazon Linux keeps your Linux™ clients current with the latest updates and service packs.
Patching method
BigFix offers more flexibility to the patch management solution by using native tools.

Patch User Guides
BigFix Patch provides an automated, simplified patching process that is administered from a single console.
- Patch for Windows User's Guide
  BigFix Patch for Windows™ provides Fixlets for Microsoft™ security and non-security patches. Dashboards, wizards, and reports aid you in managing updates for various endpoint devices.
- Patch for AIX User's Guide
  BigFix® for Patch for AIX® provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all AIX endpoints.
- Patch for Red Hat Enterprise Linux User's Guide
  BigFix Patch for Red Hat Enterprise Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility, and enforcement to deploy and manage patches to all Red Hat Enterprise Linux endpoints.
- Patch for CentOS Linux User's Guide
  BigFix® Patch for CentOS Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all CentOs endpoints.
- Patch for Amazon Linux User's Guide
  BigFix® Patch for Amazon Linux™ provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Amazon Linux endpoints.
  - Overview
    BigFix Patch for Amazon Linux keeps your Linux™ clients current with the latest updates and service packs.
    - Supported platforms and updates
      BigFix Patch for Amazon Linux provides Fixlets for Amazon Linux Security Advisories, Fix Advisories, and Enhancement Advisories on Amazon Linux platforms.
    - Supported Amazon Linux repositories
      BigFix Patch for Amazon Linux supports the packages in several Amazon Linux repositories.
    - Site subscription
      Sites are collections of Fixlet messages that are created internally by you, by HCL, or by vendors.
    - Patching method
      BigFix offers more flexibility to the patch management solution by using native tools.
  - Using the download plug-in for Amazon Linux
    The site Patches for Amazon Linux uses CentOS Plug-in R2 for downloading the packages from the internet and caches it on BigFix server. CentOS Plug-in R2, is an executable program that downloads relevant packages directly from the patch vendor. Fixlets use an internal protocol to communicate with the download plug-in to download files. These Fixlets are based on updates made by the vendor.
  - Using BigFix Patch for Amazon Linux
  - Multiple-Package Baseline Installation
    BigFix Patch provides a solution to combine the installation of updates for multiple packages in a baseline into a single task, which can reduce the execution time of the baseline.
  - YUM transaction management
    View YUM transaction history and manage transactions through the YUM Transaction History dashboard, which works with Amazon Linux.
- Patch for SUSE Linux Enterprise User's Guide
  BigFix Patch for SUSE Linux Enterprise provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all SUSE Linux endpoints.
- Patch for Ubuntu User's Guide
  BigFix Patch for Ubuntu provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Ubuntu endpoints.
- Patch for Oracle Linux User's Guide
  BigFix® Patches for Oracle Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Oracle Linux endpoints.
- Patch for Solaris User's Guide
  BigFix Patch for Solaris provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Solaris endpoints.
- Patch for HP-UX User's Guide
  BigFix® for Patch for HP-UX provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all HP-UX endpoints.
- Patch for Mac OS X User's Guide
  BigFix® for Patch for Mac OS X provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Mac OS X endpoints.
- Patch for Debian User's Guide
  BigFix Patch for Debian provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Debian endpoints.
- Patch for VMware ESXi User's Guide
  BigFix Patch for VMware ESXi provides you unified, near real-time visibility to manage patches to all VMware ESXi endpoints from a single console.
- Patch for Raspbian User's Guide
  BigFix Patch for Raspbian provides Fixlets that you use to manage the latest updates and service packs that Raspberry Pi releases. These Fixlets are available through the Patches for Raspbian sites.
- Patch for Rocky Linux User's Guide
  BigFix Patch for Rocky Linux provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches to all Rocky Linux endpoints.
- Patch for Virtual Endpoint Manager User's Guide
  BigFix® for Virtual Endpoint Manager provides an automated, simplified patching process that is administered from a single console. It gives you unified, near real-time visibility and enforcement to deploy and manage patches in a virtual environment.
- Updates for Middleware Applications
  Middleware patching is an important process for organizations to ensure their systems are secure and up to date. By applying the appropriate patches and security updates, organizations can minimize the risk of malicious attacks and potential data loss. BigFix users can enjoy unified patch management by using a single platform for deploying database and middleware patches.
- Supersedence for Non-Windows
  This topic describes how supersedence works in Patch.

Patching method

BigFix offers more flexibility to the patch management solution by using native tools.

The Fixlets for all Amazon Linux content use the Yellow dog Updater, Modified (YUM), the default patch manager for Amazon Linux. YUM is a package management tool that updates, installs, and removes Red Hat Package Manager (RPM) packages. YUM uses a command-line interface and simplifies the process of installing, uninstalling, and updating packages, provided that there is access to the YUM repository.

YUM replaces these EDR utilities and gives you more flexibility in terms of patch deployment and providing results that are in parallel with Red Hat and Amazon Linux solutions. The following sites are available for Amazon Linux site uses YUM because it reduces dependency issues and improves performance.

YUM utility configuration settings

The BigFix Patch for Amazon Linux sites that apply the YUM utility use Fixlet settings in /etc/yum.conf except for the following YUM configuration settings:

cachedir
keepcache
plugins
reposdir
pluginpath
pluginconfpath
metadata_expire
installonlypkgs

Identifying file relevance with Native tools content

The native tools capture file relevance in the same way as EDR. Both methods check for the relevance clause exist lower version of a package, but not exist higher version of it. If both tools are applied to the same deployment, the relevance results are the same.