Using the download plug-in

The download plug-ins, CentOS Plug-in and CentOS Plug-in R2, are executable programs that downloads relevant packages directly from the patch vendor. Fixlets use an internal protocol to communicate with the download plug-in to download files. These Fixlets are based on updates made by the vendor.

For the Fixlet to be able to use the protocol, register the download plug-in on the BigFix server. Use the Manage Download Plug-ins dashboard to register the appropriate plug-in.
Notes:
  • Download plug-ins support basic authentication only.
  • The BigFix server and the BigFix client must be on the same version to avoid a null error.
Table 1. CentOS Download Plug-in
Download Plug-in Name Applicable Sites
CentOS Plug-in R2

Patches for CentOS6 Plugin R2

Patches for CentOS7 Plugin R2

Patches for CentOS 8

CentOS Plug-in

Patches for CentOS 5 Native Tools

Patches for CentOS 6 Native Tools

Patches for CentOS 7

Important: The CentOS Plug-in, Patches for CentOS 6 Native Tools site, and Patches for CentOS 7 site are going to be deprecated in September 2017. You must switch to CentOS Plug-in R2 of the said components at the soonest possible time to ensure continuous patching and uninterrupted access to the BigFix content.

The CentOS Plug-in R2 downloads and caches patches directly from the vendor's website to the BigFix server, improving the accuracy and reliability of package dependency resolution and repository support.

Note: The CentOS Plug-in R2 does not work when the Require SHA-256 Downloads option in the BigFix Administration tool is enabled. When this option is enabled, all download verification use only the SHA-256 algorithm. However, there are certain repository metadata from the vendor, which do not contain SHA-256 values for packages in the repository that are used by the plug-in.

Consider disabling the Require SHA-256 Downloads option to successfully deploy a patch. Security and package integrity is not compromised as another layer of checking and verification is done using the GPG signature of the package. For more information about the download option, see BigFix Platform Installation Guide at https://help.hcltechsw.com/bigfix/9.5/platform/Platform/Installation/c_security_settings.html.

The download plug-in is highly extensible and robust, enabling such possibilities:
  • Customize available repositories through a user extensible repository list.
  • Installation and dependency resolution can easily be extended to all repositories, not just those that are shipped out of the box.
  • Functionalities can easily be extended by customers and service teams.
It also improves performance related to downloading large numbers of packages, which consequently shortens the turnaround time for patching.
The revised CentOS Plug-in accesses the following URLs:
  • http://mirror.centos.org
  • http://vault.centos.org