Requirements:
- Strong experience with Linux repository management
- (YUM/DNF for RHEL/CentOS/AlmaLinux, Zypper for SUSE, APT for Ubuntu/Debian)
- Knowledge of Ivanti EPM or ISEC patching mechanism
- (understanding how the agent retrieves metadata and binaries)
- Proficiency in secure HTTP/HTTPS and proxy configuration
- Experience with internal mirror creation using tools like:
reposync / createrepo (RHEL-based)
apt-mirror or rsync for Debian/Ubuntu
The expected outcome from the Engineer:
- Repository must be hosted on internal servers only, with no direct internet dependency.
- Support HTTPS and authentication (basic auth or token-based if possible).
- Implement checksum verification and GPG key validation to ensure package integrity.
- Define a retention policy for old packages (e.g., keep last 3 versions).
- Repository updates must be logged and auditable.
- Ensure the repository structure aligns with Ivanti’s expectations for patching:
- Metadata (e.g., repodata folder)
- Correct directory hierarchy (Packages, baseos, appstream, etc.)
Acceptance Criteria:
- The repository syncs without errors.
- EPM detects Linux patches correctly.
- A sample patch is successfully deployed from EPM.
- Documentation and handover are complete.
- Security audit (GPG, access, logging) passes internal policy checks.