Product Name
Azure Hardened Images
Product Version
Red Hat Enterprise Linux CIS Images
Date
Problem
| Info |
|---|
Red Hat Enterprise Linux CIS Images are not patching via MS Automation . |
For the update manager, it requires a shell to be able to apply updates, gather heartbeat/status information as well as send the assessment information back to Azure all from the omsagent user. The timeout configuration is interrupting that service user from operating correctly.
The following Recommendation is causing this: 5.5.3 Ensure default user shell timeout is 900 seconds or less
For that recommendation, run the following command: echo -e 'TMOUT=900\nreadonly TMOUT\nexport TMOUT' >> /etc/profile.d/tmout.sh
Solution:
To utilize Azure Update Manager with CIS RHEL8 image you must do the following before the instance is added to Azure Automation Accounts and the Azure Update Manager.
Create the Instance.
Once the instance is created, revert Recommendation 5.5.3 Ensure default user shell timeout is 900 seconds or less by having the
TMOUT=900, readonly TMOUT, export TMOUTparameters removed from/etc/profile.d/tmout.sh.Add the instance to Azure Update Manager
| Note |
|---|
If you are reading the logs at |
| Code Block | ||
|---|---|---|
| ||
2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : Filtering xml size=158 2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : Sending available updates infor mation data. Hash=55f821 2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : installedPackages x 0,availableUpdates x 0 |
Keywords; patches MS Automation Microsoft Azure
Content by Label
| Filter by label (Content by label) | ||||||
|---|---|---|---|---|---|---|
|
| Page Properties | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||
|