As a managed services provider (MSP), applying patches to keep software up-to-date is crucial to secure customer networks. With various customers using different operating systems, MSPs must deal with patching vulnerabilities in a multitude of ways. For Linux operating systems, package management tools can save a great deal of time and hassle. Without package installation, MSPs would have to manage the various software dependencies individually—an effective package management strategy can allow MSPs to install a single folder for expansion into many different files.
Linux package management is often referred to as “patching,” which can quickly become confusing for MSPs and their customers. Applying a package, a.k.a. “patching” is a different concept from applying a patch. To make this distinction clear, we will refer to package management by explicitly using the term “package.”
Linux users know installing packages is a central part of using applications in the Linux universe. In addition to application uploading, Linux users can use package installation for patch updates. Linux users are generally aware modifying the Linux kernel can correct for bugs in the software, but with packaged metadata this doesn’t have to be so complicated—simply install your newest dependency as a package, and updates to your application software can be fully realized with the new package.
What is a package?
A package is a container for metadata—contents that modify or extend the functions of your current operating system and are collapsible into a simpler dataset. Essentially, packages are a way to install applications in Linux, whether these applications are for corrective patching or extending the functions of your system.
The package itself is a contained source of metadata for your system that acts as a convenient way to extend the function of your current operating system, or to modify errors in your original kernel. To install a package, you must make a modification to your kernel to accept the new metadata. Once you’ve installed your package, it’s important for MSPs to know how to fully use the features within it.
Generally, Linux users deal with either Debian-based package distribution or Red Hat-based distribution. Although the formats of these two package installation programs are different, they are both Linux distribution tools that facilitate package management.
The Debian package management process uses a Debian binary with the dpkg tool as an intermediary. Perhaps the most common package management program for Linux is Ubuntu, which uses a well-known interface and has an extensive package repository. Another major package management program is RPM Package Manager (RPM) from Red Hat.
What are the different types of packages?
Debian package management, using the Debian binary, is one of the go-to ways for Linux users to manage packages. The concept of a Debian package is quite simple: once you find a package in your repository of choice, you can use a simple set of dpkg commands to install your new application.
Because packages are metadatabases, Debian-based packages contain only three files: the Debian binary, the data file, and the control file. The control file is a tar zip file, meaning the rest of the package’s data is collapsed and sealed into the control file. Once you’ve installed this package, the control file lets you greatly expand metadata functions you would otherwise have to configure separately. Several software providers—like Ubuntu, Debian, Mint, and more—offer Debian-binary packages you can apply to your Linux system to address your specific packaging needs.
To apply another common Linux-based package management system, RPM from Red Hat, you can visit the rrdtool’s centralized Red Hat application center. Your first step in applying a Red Hat package is to download rrdtool’s RPM, which you can command in your Linux system to run a package installation. All Red Hat-based distributions, including RHEL, CentOS, Fedora, and Oracle Linux, install RPM as a default component. Package install with Red Hat is on par with Debian-binary packaging in simplicity. You can start installation with the command “rpm -i” (the “i” is for “install”), and updates can be expressed with the command “rpm -u” (the “u” is for “update”).
It’s important to note both RPM and Debian-based package management tools are synced to update their code for fixes. This means once your MSP is operating with a major Linux package management tool, you won’t have to install patches or manually update your program to fix bugs.
How do I apply packages in Linux?
To avoid lengthy command writing, package distribution companies provide graphical aids to manage package installation. These visual tools are the main source of difference between package installation among different distribution systems. Although all packages offer the same essential service, MSPs might find a particular interface works best for their management needs.
Once you’ve found your package in the appropriate repository, you can either use dpkg commands (for Debian-based management) or RPM commands to install the package into your system. Each of these providers is equipped with an archive manager that allows MSPs to visualize the contents of a command file before applying the package to the system.
If you want more hands-on control over your package management process, certain package providers allow MSPs to configure manual updates to package code. If you need even more say in your package integrity, MSPs also have the option to write Debian-based or RPM-based package code to create an original package using standard formats.
Package management with SolarWinds
SolarWinds® N-central® gives MSPs the power to monitor and manage thousands of devices on one platform, including patch management and automation capabilities. N-central Patch Manager feature includes automated or detailed manual rollout and allows MSPs to patch on or offsite. N-central allows you to manage software updates across multiple customer sites, so you can ensure your customers aren’t left vulnerable to bad actors due to out-of-date systems.
Interested in learning more about applying patches? Explore our product suite to see how you can handle patch management within your environment.