How to configure SuSE Linux settings for SuSE Linux Patching?

Description

The SuSE Linux settings enables administrators to manage all security patches that are released by the SuSE Linux, for subscribed SuSE Linux servers and desktops. It allows you to identify missing SuSE package updates, install them and audit the updates, helping enterprises maintain high level of security across Linux endpoints.

Note: For patching SUSE, it is recommended that all the managed endpoints have valid SUSE Linux Enterprise subscriptions.

This how-to document provides prerequisites to patch SuSE systems and instructions to configure SuSE settings.

Prerequisites:

  1. Configure proxy settings and ensure https://scc.suse.com/subscriptions and https://updates.suse.com are accessible from the Central server.
  2. Install the agents on the SuSE systems to be patched.
  3. Allow your proxy to download .rpm files.
  4. Verify if you have purchased sufficient licenses for your patching requirements.

Steps to configure SuSE Linux settings:

  1. Provide the valid registration code that is available for your SuSE subscription. A registration code is required to validate your subscription and download metadata files and patch binaries for your SuSE machines.
  2. You will find the registration code on the SuSE portal 

Architecture and SuSE Linux patching process:

This section explains the processes involved in patching SuSE systems with the help of an architecture diagram. 

suse-architecture-diagram.jpeg

Steps involved in the process of scanning and patch deployment: 

  1. a) The Central server syncs supported latest patches information from ManageEngine's central Patch Repository.
    b) It then downloads the metadata files from SuSE repository. This data is required for scanning missing dependencies in SuSE machines.
  2. The server initiates scan on all the SuSE systems and detects the missing patches and its dependencies.
  3. Then it downloads the patches and dependencies from the SuSE repository.
  4. a) The downloaded files are replicated from the central server to the Distribution Server(s). The remote office agents download the files from the Distribution Server.
    b)Other agents download the files from the central server.  
  5. Once patches are downloaded and available, deployment is carried out.