Linux Patching
If you currently patch your Linux managed devices... then this poll is for YOU.
We would also love to know:
- Which distros do you patch? How often?
- Do you patch manually or automatically?
- Do you use built-in commands or any third party tools?
- Do you patch all updates/critical/software?
- How do you track the success/failure of the installation?
Linux Patching 5 votes
Comments
-
I patch on a set schedule
I almost exclusively patch Debian and Ubuntu. I run patches once a month, or unless there's an urgent CVE that surfaces outside my patch schedule.
I currently patch manually because Atera cannot patch automatically - this is annoying because about 10% of my total endpoints are Linux servers.
I use built-in commands packaged in a script. I used to use Webmin, but did away with that to minimize resource utilization, attack surface area, and unnecessary dependencies.
I typically patch everything. I'm proficient enough in most Debian Linux distributions to fix problems with updating. But for some packages, like PHP or a database, I'll version lock those so they only receive security updates, but not major versions which can introduce unwanted changes and/or incompatibility.
I track success individually on each endpoint and test service functionality post-update. I also rely on apt logs and querying systemctl to show me errors.
I do have a problem with Atera's Linux agent, and it prevents me from installing it on any production Linux servers. Atera's Linux agent has several dependencies - namely the .NET framework. This is a large package that introduces unwanted packages on managed Linux servers and increases resource utilization. Since most of the servers I manage are low cost cloud instances, this means resource contention is high and anything that consumes resources is very much unwanted. I understand Atera's desire to keep a similar codebase, but Linux is not Windows, and there's no need to install Windows dependencies on Linux to manage things in the Linux space. If Atera's Linux agent gets a rewrite in a native language that can be deployed with no (or very limited) dependencies, I would be willing to try it again - but as it is now I'd rather not use it.
1 -
Thank you everyone for your input!
0 -
Hi Community! Quick update: Linux patching is now live!
0
Topics
- All Topics
- 42 Getting started
- 26 Read before posting
- 8 Meet and greet
- 259 General
- 72 News and announcements
- 2 Swag
- 1 Roadmap updates
- 84 Resources
- 12 Knowledge Base
- 18 Webinars
- 1 Shared Script Library
- 2 Blog
- 21 Pro Tips
- 28 Got an idea?
- 3 Atera Academy
- 2 ActionAI
- 1 Copilot
- 143 Remote Monitoring and Management
- 85 Remote Monitoring
- 28 Patch Management
- 107 Professional Services Automation
- 65 Helpdesk
- 17 Billing
- 22 Reporting
- 41 Integrations & add-ons
- 22 Integrations
- 11 Add-ons
- 108 Scripting and automations
- 62 Scripts
- 32 Automations