Product Name
Azure Hardened Images
Product Version
Red Hat Enterprise Linux CIS Images
Date
Problem
Info |
---|
Red Hat Enterprise Linux CIS Images are not patching via MS Automation . |
For the update manager, it requires a shell to be able to apply updates, gather heartbeat/status information as well as send the assessment information back to Azure all from the omsagent user. The timeout configuration is interrupting that service user from operating correctly.
The following Recommendation is causing this: 5.5.3 Ensure default user shell timeout is 900 seconds or less
to turn this off?For that recommendation, run the following command: echo -e 'TMOUT=900\nreadonly TMOUT\nexport TMOUT' >> /etc/profile.d/tmout.sh
Since this setting is in our build script, at this time, it must be run. Because of this, you will have to remove the variables placed if you wish to work with the Azure Update Manager.
Solution:
To utilize Azure Update Manager with CIS RHEL8 image you must do the following before the instance is added to Azure Automation Accounts and the Azure Update Manager.
Revert Create the Instance.
Once the instance is created, revert Recommendation 5.5.3 Ensure default user shell timeout is 900 seconds or less
By running that command? Or does that turn it on?
Create the Instance ?
Once the instance is created, have the by having the
TMOUT=900, readonly TMOUT, export TMOUT
parameters removed from/etc/profile.d/tmout.sh.
Add the instances instance to Azure Update Manger. Manager
Note |
---|
If you are reading the logs at |
Code Block | ||
---|---|---|
| ||
2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : Filtering xml size=158 2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : Sending available updates infor mation data. Hash=55f821 2021-11-22 16:12:57 +0000 [info]: LinuxUpdates : installedPackages x 0,availableUpdates x 0 |
Note |
---|
Inversely, in that same log file, here is what you would see if you are still running into the error. |
Code Block |
---|
2021-11-18 16:03:36 +0000 [warn]: dump an error event: error_class=NoMethodError error="undefined method `+' for nil:NilClass" tag="oms.patch_management_immediate_run" time=1637251416 record={"xml"=>"<INSTANCE CLASSNAME=\"Inventory\"><PROPERTY.ARRAY NAME=\"Instances\" TYPE=\"string\" EmbeddedObject=\"object\"><VALUE.ARRAY></VALUE.ARRAY></PROPERTY.ARRAY></INSTANCE>"} |
Keywords; patches MS Automation Microsoft Azure
Content by Label
Filter by label (Content by label) | ||||||
---|---|---|---|---|---|---|
|
Page Properties | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||
|