Operating system patching and software update reconciliation
First Claim
1. A computer-implemented method of using a Software Reconciliation Framework (SRF) tool for reconciling software changes on a host computer, the method comprising:
- receiving detected changes to one or more files stored on a computer-readable storage device coupled to the host computer, the changes being detected with an agent or compliance and configuration tool executing on the host computer;
generating change data describing the detected changes, wherein the change data comprises one or more identifiers of one or more changed files;
determining a network address associated with a software repository for installed software based on repository information stored on the computer-readable storage device;
transmitting a request to receive a manifest for the installed software to a remote server associated with the installed software, the request identifying at least some of the installed software, wherein the request for the manifest is transmitted over a network based on the network address;
responsive to the receiving of the detecting changes, matching the one or more identifiers of the one or more changed files to a change condition associated with the manifest for the installed software, wherein the manifest for the installed software comprises a description of file changes associated with a software patch or update for the installed software, wherein the description of file changes comprises one or more identifiers of files changed by the software patch or update;
comparing the one or more identifiers of the one or more changed files in the change data to the one or more identifiers of files changed by the software patch or update described in the manifest; and
when the comparing indicates the change data matches the manifest, promoting the changes, thereby producing promoted changes, andwhen the comparing indicates the change data does not match the manifest, marking the changes for further analysis, thereby producing marked changes.
5 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and methods are disclosed for implementing software reconciliation frameworks to process changes detected to software installed on computer hosts. According to one embodiment, a method includes receiving change data describing changes to one or more software components stored on a computer-readable storage device, determining installed software on a computer associated with the computer-readable storage device, receiving a manifest comprising a description of file changes associated with a software patch or update for the installed software, and comparing the change data to the manifest. Based on the comparing, if the change data matches the manifest, the changes are promoted, and if the change data does not match the manifest, the changes are marked for further analysis.
65 Citations
17 Claims
-
1. A computer-implemented method of using a Software Reconciliation Framework (SRF) tool for reconciling software changes on a host computer, the method comprising:
-
receiving detected changes to one or more files stored on a computer-readable storage device coupled to the host computer, the changes being detected with an agent or compliance and configuration tool executing on the host computer; generating change data describing the detected changes, wherein the change data comprises one or more identifiers of one or more changed files; determining a network address associated with a software repository for installed software based on repository information stored on the computer-readable storage device; transmitting a request to receive a manifest for the installed software to a remote server associated with the installed software, the request identifying at least some of the installed software, wherein the request for the manifest is transmitted over a network based on the network address; responsive to the receiving of the detecting changes, matching the one or more identifiers of the one or more changed files to a change condition associated with the manifest for the installed software, wherein the manifest for the installed software comprises a description of file changes associated with a software patch or update for the installed software, wherein the description of file changes comprises one or more identifiers of files changed by the software patch or update; comparing the one or more identifiers of the one or more changed files in the change data to the one or more identifiers of files changed by the software patch or update described in the manifest; and when the comparing indicates the change data matches the manifest, promoting the changes, thereby producing promoted changes, and when the comparing indicates the change data does not match the manifest, marking the changes for further analysis, thereby producing marked changes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system, comprising:
-
one or more processors; memory coupled to the processors; at least one network interface; and one or more non-transitory computer-readable storage media coupled to the processors, the computer-readable storage media storing modules comprising computer-executable instructions executable by the processors, the modules comprising; a manifest acquisition module stored in the computer-readable storage media, wherein the manifest acquisition module is configured to; determine a network address associated with a software repository for one or more software modules stored on the computer-readable storage media, based on repository information stored on the computer-readable storage media, transmit a request to receive one or more manifests for the one or more software modules to a remote server associated with the one or more software modules, wherein the request for the one or more manifests is transmitted over a network based on the network address, and receive the one or more manifests using the network interface, the one or more manifests comprising descriptions of file changes associated with a software patch or update for the one or more software modules stored on the computer-readable storage media, wherein the descriptions of file changes comprise one or more identifiers of files changed by the software patch or update for the one or more software modules; a user-configurable reconciliation module stored in the computer-readable storage media, wherein the user-configurable reconciliation module is configured to reconcile changes detected in the system by; causing the manifest acquisition module to request the one or more manifests based on at least one of the detected changes, wherein a data file identifier of the at least one of the detected changes is matched to one or more change conditions associated with the one or more manifests, and reconciling the at least one of the detected changes based on approved changes determined with the received one or more manifests, wherein the reconciling comprises comparing the data file identifier of the at least one of the detected changes to the one or more identifiers of files changed by the software patch or update for the one or more software modules described in the one or more manifests; a configuration module stored in the computer-readable storage media, wherein the configuration module is configured to provide access to system credentials and network addresses that can be accessed by the manifest acquisition module to request the manifests using an application layer of the network interface; and a rule configuration module stored in the computer-readable storage media, wherein the rule configuration module is configured to manage rules defining changes to software modules that have been defined as approved. - View Dependent Claims (10, 11)
-
-
12. One or more non-transitory computer-readable storage media storing computer-executable instructions that, when executed by a processor, cause the processor to perform operations, the operations comprising:
-
detecting changes to one or more files stored on a computer-readable storage device coupled to a host computer and generating change data describing the detected changes, wherein the change data comprises one or more identifiers of one or more changed files; determining a network address associated with a software repository for installed software based on repository information stored on the computer-readable storage device; matching the one or more identifiers of the one or more changed files to a change condition associated with a manifest for the installed software, wherein the manifest comprises a description of file changes associated with a software patch or update for the installed software, wherein the description of file changes comprises one or more identifiers of files changed by the software patch or update; transmitting a request to receive the manifest for the installed software to a remote server associated with the installed software, the request identifying at least some of the installed software, wherein the request for the manifest is transmitted over a network based on the network address; comparing the one or more identifiers of the one or more changed files in the change data to the one or more identifiers of files changed by the software patch or update described in the manifest; if the change data matches the manifest, promoting the changes, thereby producing promoted changes; and otherwise, marking the changes for further analysis, thereby producing marked changes. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification