Patch using modular Fixlets

Modular streams must be enabled on client before deploying the modular Fixlets.

Modular stream can be enabled on the endpoint using Fixlet "

dnf
                            module commands execution on endpoint - RHEL 8 - x86_64

" or by manually running dnf module commands (reset, enable) on the endpoint (this commands will run successfully only when the client is registered with subscription manager).

Added a new prerequisite Fixlet "

List enabled modules to file on
                            client - RHEL 8 - x86_64 (Prerequisite)

". This Fixlet must be deployed first before deploying modular Fixlets on client. As a good practise, this Fixlet should be deployed before the modular Fixlets are deployed.

Once the above prerequisite Fixlet is deployed, the same Fixlet will be re-deployed automatically once a day to read the information about the modular streams.

If the modular Fixlets are applicable, you can deploy modular Fixlets on the endpoint. If it is not applicable, you need to enable modular stream version on the endpoint and rerun our prerequisite Fixlet.

Example

Perform the following steps to deploy the modular Fixlet "RHSA-2021:2584 - Ruby:2.7 Security, Bug Fix, and Enhancement Update - Red Hat Enterprise Linux 8 (x86_64)":

The Fixlet "RHSA-2021:2584 - Ruby:2.7 Security, Bug Fix, and Enhancement Update - Red Hat Enterprise Linux 8 (x86_64)" is not applicable because ruby version of 2.7 is not enabled on the endpoint as shown in the following figures:
Figure 1. Fixlet is not relevant

Figure 2. Ruby 2.7 (disabled)
To enable ruby modular stream version of 2.7, you must deploy the Fixlet "dnf module commands execution on endpoint - RHEL 8 - x86_64" as shown in the following figures:
Figure 3. Reset command on ruby module

Figure 4. Enable ruby module with stream 2.7
The Fixlet "List enabled modules to file on client - RHEL 8 - x86_64 (Prerequisite)" must be deployed before deploying the modular Fixlet. Once it is deployed, the modular Fixlet become relevant on the client where ruby 2.7 has been enabled, as shown in the following figure:
Figure 5. Relevant Fixlet
Now, modular Fixlet "RHSA-2021:2584 - Ruby:2.7 Security, Bug Fix, and Enhancement Update - Red Hat Enterprise Linux 8 (x86_64)" is applicable and can be deployed on the client.
Note: An errata for a specific module stream is used to patch only the specific stream and not to be used as an update for other module streams. Follow this general practice for all the modular streams. For example, an endpoint is usually configured to one module stream, such as nodejs:10 and the packages from the same stream should be applied as an update. For some reason, however, if you want to switch the module stream that is installed on an endpoint from nodejs:10 to nodejs:12 then you must remove all the nodejs:10 packages or dependencies manually and update the endpoint with nodejs:12 packages. This scenario cannot be covered through BigFix, as this is limitation from RED HAT.
Note: Modular Fixlets are available for RHEL8 and RHEL9.
For more information related to modular steams, refer to following links:
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/installing_managing_and_removing_user-space_components/managing-versions-of-appstream-content_using-appstream
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/pdf/installing_managing_and_removing_user-space_components/red_hat_enterprise_linux-8-installing_managing_and_removing_user-space_components-en-us.pdf