Linux Patching
If you currently patch your Linux managed devices... then this poll is for YOU.
We would also love to know:
- Which distros do you patch? How often?
- Do you patch manually or automatically?
- Do you use built-in commands or any third party tools?
- Do you patch all updates/critical/software?
- How do you track the success/failure of the installation?
Linux Patching 5 votes
Comments
-
I patch on a set schedule
I almost exclusively patch Debian and Ubuntu. I run patches once a month, or unless there's an urgent CVE that surfaces outside my patch schedule.
I currently patch manually because Atera cannot patch automatically - this is annoying because about 10% of my total endpoints are Linux servers.
I use built-in commands packaged in a script. I used to use Webmin, but did away with that to minimize resource utilization, attack surface area, and unnecessary dependencies.
I typically patch everything. I'm proficient enough in most Debian Linux distributions to fix problems with updating. But for some packages, like PHP or a database, I'll version lock those so they only receive security updates, but not major versions which can introduce unwanted changes and/or incompatibility.
I track success individually on each endpoint and test service functionality post-update. I also rely on apt logs and querying systemctl to show me errors.
I do have a problem with Atera's Linux agent, and it prevents me from installing it on any production Linux servers. Atera's Linux agent has several dependencies - namely the .NET framework. This is a large package that introduces unwanted packages on managed Linux servers and increases resource utilization. Since most of the servers I manage are low cost cloud instances, this means resource contention is high and anything that consumes resources is very much unwanted. I understand Atera's desire to keep a similar codebase, but Linux is not Windows, and there's no need to install Windows dependencies on Linux to manage things in the Linux space. If Atera's Linux agent gets a rewrite in a native language that can be deployed with no (or very limited) dependencies, I would be willing to try it again - but as it is now I'd rather not use it.
1 -
Thank you everyone for your input!
0 -
Hi Community! Quick update: Linux patching is now live!
0
Topics
- All Topics
- 40 Getting started
- 24 Read before posting
- 8 Meet and greet
- 224 General
- 61 News and announcements
- 1 Swag
- 1 Roadmap updates
- 70 Resources
- 9 Knowledge Base
- 13 Webinars
- 1 Shared Script Library
- 2 Blog
- 17 Pro Tips
- 26 Got an idea?
- 1 Atera Academy
- 1 ActionAI
- 1 Copilot
- 128 Remote Monitoring and Management
- 80 Remote Monitoring
- 25 Patch Management
- 102 Professional Services Automation
- 63 Helpdesk
- 17 Billing
- 19 Reporting
- 34 Integrations & add-ons
- 20 Integrations
- 10 Add-ons
- 101 Scripting and automations
- 60 Scripts
- 29 Automations