Patch Management
PatchCTL provides comprehensive patch management for your Linux fleet.
How Patching Works
- Detection - Agents scan for available updates every 6 hours
- Visibility - Updates appear in the dashboard
- Planning - Review and prioritize updates
- Execution - Install via manual action or schedule
- Verification - Confirm successful installation
Update Types
Security Updates
- Patches for known vulnerabilities
- Marked with security advisories
- Should be prioritized
Regular Updates
- Bug fixes and improvements
- Feature updates
- Can be deferred if needed
Kernel Updates
- Linux kernel patches
- Usually require reboot
- Marked with reboot required flag
Patching Methods
Manual Patching
Execute patches immediately:
- Select server(s)
- Choose updates to install
- Configure reboot policy
- Execute and monitor
Scheduled Patching
Automate with schedules:
- Define target servers
- Set maintenance window
- Configure options
- Let it run automatically
Batch Operations
Patch multiple servers at once:
- Select servers
- Choose updates
- Execute simultaneously
- Monitor progress
Package Manager Support
PatchCTL works with native package managers:
| Distro | Package Manager | Commands Used |
|---|---|---|
| Ubuntu/Debian | apt | apt update, apt upgrade |
| RHEL/Rocky | dnf | dnf check-update, dnf upgrade |
| SUSE | zypper | zypper refresh, zypper update |
Reboot Handling
Some updates require a reboot (kernel, glibc, systemd):
Reboot Policies:
- Never - Don't reboot, flag for manual action
- If Required - Reboot only when necessary
- Always - Reboot after every patch operation
The dashboard shows which servers need reboot.