Linux Repos

When patching linux computers, which repos does Automox use? Does it go out to the current official repos, or does it look to the local computer and potentially modified repos? If its the latter, is there a way to change this? If not, it would be nice if it was an option (like windows update vs wsus).

1 Like

It uses the native repos of the particular Linux flavor:

But those commands are referencing the local sources.list file for example, right? So if I commented everything out, my computer wouldnt patch, right? Or am I misunderstanding you.?

Correct - if you change the sources on the machine that’s what Automox will use. There’s no way for Automox to override that outside of creating a worklet to update that sources.list file, then patch, then change it back, for instance.

@idf, you raise a significant question, and I appreciate the straightforward answer you got from @Nic. But: presumably if a Linux system’s repo configuration has been customized, that will modify its package dependency tree (how it decides which versions of packages to install).

If Automox then ignores this customization and performs updates with the system-default configuration, the resulting upgrade may overwrite, disable, or conflict with whatever packages the customized repo configuration was providing (because the dependency logic would be changed).

If so, I don’t think even the workaround Nic suggested would be advisable. But your question raises a point: if Automox relies on the current repo configuration, could that not cause Automox to ignore critical security patches? Perhaps Automox should “object,” and flag nonstandard Linux repo configurations as risks for this reason.

You are right that it would be ideal if Automox could override the local settings as an option, especially with the recent article on repo typosquatting:

That being said, such a feature is probably fairly far down the priority list, given that the lion’s share of our install base is Mac & Windows. You can create a feature request and vote for it on here, in case I’m wrong about the level of demand for this feature:

This is a bummer because my primary use case is Linux. Its advertised as a fully featured cross-platform patch management solution but in reality its fully featured on Windows and Mac. Time and time again I need Automox to do something a fully featured patch management solution for Linux should do and time and time again I am told sorry, you have to use Mac or Windows if want anything more than the basics. It might be time to start shopping around.

I hear you - it’s frustrating that Linux doesn’t get more love across the board.