Automated YOU Security updates without Kernel

From MicroFocusInternationalWiki
Jump to: navigation, search


If you have a need in your environment to apply Security updates without having a new Kernel being applyed, then the following should help you accomplish this goal.


This script checks for available security updates and removes any kernel related update and applies the rest, and if there are no updates then it will append to /var/log/online_update.log stating that there are no updates available.


Copy the text below into a file preferably named


# This script will calculate all security updates available for any SLES9 system and will remove the kernel from the patches to apply.
# The script will then download and install the patches, due to the nature of the online_update commands used.
# If no patches are available it will kick out a log of it in /var/log/online_update.log
# Note: this is only for SECURITY Updates. 
touch /tmp/patches.txt
touch /var/log/online_update.log
online_update -sd security | sed '/(Security)/ !d' | sed '/^ S / !d' | sed '/kernel/ d' | awk '{print $2}' | tr "\n" "," | sed '$s/.$//' >> /tmp/patches.txt
if [ "$update" != "" ]; then
online_update -S $update
echo "`date` -  No Security Updates Available" >> /var/log/online_update.log
rm /tmp/patches.txt


Once you have this shell script created you can save it in /usr/bin or something with the chmod 755 permissions on it. Now you are ready to set it up to run as a Cron Job at your desired date and time.