Up to Discussions in Patch Manager

This Question is Answered

1 "helpful" answer available (10 pts)
39 Replies Last post: Feb 9, 2010 9:43 AM by ahe   1 2 3 Previous Next
vzovko Rookie
vzovko
35 posts since
Jan 21, 2008
Currently Being Moderated

Oct 15, 2008 5:46 AM

Clean up patch folder

Hi!

I'd really like to clean up our patch folder. We're now having 1735 patch in there and I really don't think that we need them all.

Is there any recommended way or can I simply delete all the patches and let the vaminer download the necessary ones again?

I also hope that it'll fix the problem that the downloaded patches are staying in the %TEMP% folder instead of being moved to our patch location.
http://community.landesk.com/support/message/14676

Tags: 8.8, patch, patch_manager, patches, vaminer
Zman Master
Zman
1,841 posts since
Dec 14, 2007
Currently Being Moderated
1. Oct 15, 2008 6:01 AM in response to: vzovko
Re: Clean up patch folder

Save yourself a lot of headaches and download http://www.droppedpackets.org/scripts/ldms_core.

 

It looks at your default patch directory. LANDesk Security Suite downloads patches that it needs by default, but it doesn't delete them when the need is no longer there. That's fine if you've got a ton of space on your server, but it's a pain for those of us rocking lesser hardware. This utility will delete patches that are no longer associated with detected vulnerabilities, and which have not been accessed in X days or more.

Report Abuse
vzovko Rookie
vzovko
35 posts since
Jan 21, 2008
Currently Being Moderated
2. Oct 16, 2008 1:43 AM in response to: Zman
Re: Clean up patch folder

Thanks for the ldms_core hint.

I gave it a try a few months ago and I could get it up and running right. Now I upgraded to the latest version 3.1.0 and stuck with the same errors.

(...)
WARNING: DeleteFile: stat() failed: Bad file descriptor
WARNING: DeleteFile: stat() failed: Bad file descriptor
Deleted 3195 patches, recovered 0 bytes.

(...)
WARNING: DeleteFile: stat(D:\PROGRA~1\LANDesk\MANAGE~1\ldscan\errorscan\SCAF9.SCN) failed: No such file or directory
WARNING: DeleteFile: stat(D:\PROGRA~1\LANDesk\MANAGE~1\ldscan\errorscan\SCAFF2.SCN) failed: No such file or directory
Deleted 1457 scan files

I created a scheduled task to run ldms_core.exe as our LDMS service account which has administrative rights.

The ldms_core config looks like this:

[HKEY_LOCAL_MACHINE\SOFTWARE\Monkeynoodle\ldms_core]
"mailto"="mymail@adress.com"
"db_pass"="encryptedpass"
"db_name"="LDMS"
"nmap"="C:\\PROGRA~1\\nmap\\nmap.exe"
"deletiondays"="14"
"mailfrom"="ldms_core@coreserver.com"
"mailserver"="mailserver.company.com"
"patchdir"="\\\\company.com\\files\\LDPatchDepot"
"nmap_unidentified"="1"
"nmap_options"="-A -T4 -P0 -n"
"db_instance"="sqlserver.company.com"
"db_type"="SQL"
"db_user"="LDDB_Account"

We are running LDMS 8.8 with SP1 on a fully patched german Windows Server 2003 R2 Standard.

Any ideas what's going wrong?

Report Abuse
Zman Master
Zman
1,841 posts since
Dec 14, 2007
Currently Being Moderated
3. Oct 16, 2008 6:03 AM in response to: vzovko
Re: Clean up patch folder

Well if I had to guess (this is always a bad path for me to follow), I would say that there is either file or system level corruption. Maybe run chkdsk on the vol to see.

 

In any event, I would defer  to Jack to see what those errors mean.

Report Abuse
Jack Coates Expert
Jack Coates
841 posts since
Nov 16, 2007
Currently Being Moderated
4. Oct 16, 2008 8:03 AM in response to: vzovko
Re: Clean up patch folder

Exempt it from your antivirus software's attention

Report Abuse
Brendan Rookie
Brendan
40 posts since
Aug 28, 2008
Currently Being Moderated
5. Oct 16, 2008 10:10 AM in response to: Jack Coates
Re: Clean up patch folder

I am just not sure what I am doing wrong with this, I updated to the latest 3.1.0 ldms_core and I added the entire Monkeydoodle program folder to my LANDesk AV trusted items and I still get both the"WARNING: called with 1 bind variables when 0 are needed" and the "WARNING: DeleteFile: stat() failed: Bad file descriptor" errors

 

Brendan

Report Abuse
Jack Coates Expert
Jack Coates
841 posts since
Nov 16, 2007
Currently Being Moderated
6. Oct 16, 2008 10:39 AM in response to: Brendan
Re: Clean up patch folder

Turns out I was doing something wrong -- found a couple of bugs, thanks to Steve Murphy for keeping after it. Now I'm not sure if the AV exclusion is necessary or not... I suspect that it is useful though as execution time is a lot shorter with AV off. Anyway, click here for version 3.1.1: http://www.droppedpackets.org/scripts/ldms_core/ldms_core.zip/view

Report Abuse
Brendan Rookie
Brendan
40 posts since
Aug 28, 2008
Currently Being Moderated
7. Oct 16, 2008 11:58 AM in response to: Jack Coates
Re: Clean up patch folder

Well it looks like its running correctly now, although the email I recieved looks abit garbled near the end.

 

The last section on patches ...

 

 

 

Deleted 87 patches, recovered 1,247      # put a comma between the groups of three

 

,583      # put a comma between the groups of three

 

,884      # put a comma between the groups of three

 

bytes.

 

ERROR: Can't open file E:\PROGRA~1\LANDesk\MANAGE~1\ldscan\errorscan\IMS1267.ims : No such file or directory

Report Abuse
Jack Coates Expert
Jack Coates
841 posts since
Nov 16, 2007
Currently Being Moderated
8. Oct 16, 2008 11:04 PM in response to: Brendan
Re: Clean up patch folder

That's annoying... Regular expression expansion problem that suddenly

popped up with a library upgrade. It'll be cleaned up in the next

release.

Report Abuse
vzovko Rookie
vzovko
35 posts since
Jan 21, 2008
Currently Being Moderated
9. Oct 17, 2008 1:46 AM in response to: Jack Coates
Re: Clean up patch folder

Hi!

We are using Kaspersky Total Space Security and I added the ldms_core.exe (3.1.0) to the trusted applications.

The mail which I got today  has again the "WARNING: DeleteFile: stat() failed: Bad file descriptor" error but this time only once.

It seams that ldms_core thinks the patches were already deleted but they are not.

Now I've updated to 3.1.1 and after running setup again I've got a output report with the same error again:

Subject: ldms_core.exe 3.1.1 output report
Couldn't get http://www.droppedpackets.org/scripts/ldms_core/version
ldms_core.exe 3.1.1 starting in setup mode
ERROR: Can't open file  - Bad file descriptor

Attached to this post you'll find the output reports:

ldms_core_310_output_report_1st_run.txt - My first output report mail containing the "Bad file descriptor" messages. No patches deleted.

ldms_core_310_output_report_2nd_run.txt - My second output report mail with ldms_core as a trusted application for AV. No patches deleted.

ldms_core_311_output_report_3rd_run.txt - My third output report mail with ldms_core 3.1.1. No patched deleted.

Any ideas on how to proceed?

Attachments:
Report Abuse
Jack Coates Expert
Jack Coates
841 posts since
Nov 16, 2007
Currently Being Moderated
10. Oct 17, 2008 9:01 AM in response to: vzovko
Re: Clean up patch folder

The 3.1.0 errors are expected with the bugs I fixed for 3.1.1... I don't see an error in the 3.1.1 output though. Maybe the -debug switch would give more information?

Also, if you add -skipupdate to the command line, it will quit trying to get to the website.

Report Abuse
vzovko Rookie
vzovko
35 posts since
Jan 21, 2008
Currently Being Moderated
11. Oct 17, 2008 9:40 AM in response to: Jack Coates
Re: Clean up patch folder

Hi Jack!

Attached you'll find the debug log. Again no patches were deleted.

Any ideas? 

 

Many thanks for your help here!

Attachments:
Report Abuse
Jack Coates Expert
Jack Coates
841 posts since
Nov 16, 2007
Currently Being Moderated
12. Oct 17, 2008 9:56 AM in response to: vzovko
Re: Clean up patch folder

This is working fine -- it didn't delete patches because there weren't any which matched the "not needed and last accessed a long time ago" filter. If you look at the last log from 3.1.1, it said Evaluated 30885 patches, deleted none. This log says Evaluated 30097 patches, deleted none, so there's 788 fewer patches now. That was done by another run in between these two logged runs -- when the debug switch is on, it won't delete anything from filesystem or database.

Report Abuse
Dicipulus Apprentice
Dicipulus
45 posts since
Jan 3, 2008
Currently Being Moderated
13. Oct 17, 2008 11:11 AM in response to: Jack Coates
Re: Clean up patch folder

Related post, this new version cleared up all of the errors I was getting on my core. I was starting to think I had done something wrong; thanks Jack!

Report Abuse
vzovko Rookie
vzovko
35 posts since
Jan 21, 2008
Currently Being Moderated
14. Oct 20, 2008 3:59 AM in response to: Dicipulus
Re: Clean up patch folder

Were does ldms_core get that evaluated patches number from?

I have 1751 files in my patch location and in the LDMS console under Security and Patchmanager I have the following numbers:

Detected 315
Scan 2323
Don't Scan 772
Unassigned 0
All Items 3095

I upgraded to 3.1.2 and the log from today says: Evaluated 29474 patches, deleted none.

I'm a little bit confused right know 

Report Abuse
Go to original post 1 2 3 Previous Next

More Like This

  • Retrieving data ...
LANDesk Community powered by Jive Software's Clearspace ® Subscribe| Legal Notices| Investor Relations| Avocent| Privacy Policy © 2009 LANDesk Software