Policies to patch Linux systems...



We’re adding in some LInux systems to our Automox infrastructure, but the method of patching them is totally unclear when it comes to policies etc.  Does anyone have any examples, or any Linux based patching via Automox documentation available?


2 replies

Hello @MRaybone 

When Patching Linux you don't really need to do anything special, patch policies are not OS specific so any patch policy will patch Linux unless you have a patch advanced and have specific requirements using that.

Some other things to watch for are the reboots, not every patch requires an OS reboot.  Usually anything kernel related will need a reboot. 

  • dbus

  • *-firmware-*

  • glibc

  • gnutls

  • kernel-*

  • hal

  • openssl-libs

  • systemd

  • udev


I’m glad you mentioned the kernel.  We’re in a position where we can’t upgrade the kernel [waves at CrowdStrike], are those all the packages we’d need to filter out in order to keep the kernel version the same?