Hello,
I need to upgrade the beacon to newest version to close some reported vulnerabilities related to the version of OPENSSL.
We are planning on FNMS upgrade soon but until that happens I need to close the said vulnerabilities ASAP.
So I'm wondering if it's possible to manually upgrade the beacon?
While being on 2023R1 of FNMS I only can pick "Always use the approved version (currently 20.1.0.13) from the drop-down list in 'Upgrade mode' field of beacon configuration. So I imagine I'd have to set it up to "Do not upgrade automatically" for now to prevent auto downgrade.
So to sum it up:
Can I manually upgrade the beacon by running installer on the beacon server? Or maybe there is a way to add new version to the list of available beacon versions?
In both cases can someone help me providing steps required?
Thanks in advance,
Paweł
Sep 09, 2024 05:12 AM - edited Sep 09, 2024 05:13 AM
OK, so not wanting to take a risk I took another approach and thought I'd share the steps taken for those will have similar question:
USE [FNMSCompliance]
GO
INSERT INTO [dbo].[AvailablePackage_MT]
([FullName]
,[Version]
,[AvailablePackageTypeID]
,[RelativeURLToOSD]
,[UseInAgentPolicy]
,[Build]
,[WebUIRelativeURL]
,[TenantID]
,[IsDeprecated]
,[DeprecationKBName]
,[DeprecationKBLink])
VALUES
('Package/Flexera/Upgrade/22.0.0/Rev1.0/Flexera Inventory Beacon Upgrade/Flexera Inventory Beacon Upgrade'
,'22.0.0'
,6
,'/Packages/Flexera/Upgrade/22.0.0/Rev1.0/Flexera Inventory Beacon Upgrade/Flexera Inventory Beacon Upgrade.osd'
,0
,'17'
,''
,1
,0
,null
,null)
GO
Note: BeaconEngine.log in C:\ProgramData\Flexera Software\Compliance\Logging\BeaconEngine is where you can see logs from the upgrade activity.
Hope someone will find it useful in the future.
Sep 12, 2024 05:51 AM - edited Sep 12, 2024 05:53 AM
Hi Paweł,
You summed it up correctly. While you could deploy the new Beacon installer and upgrade packages to your existing system, I think it's way easier to go the "Do not upgrade automatically" route.
I wouldn't do it if the Beacon is installed on an application server, but standalone Beacons should be fine. I guess the installer will preserve all the Registry settings and the Beacon should just continue to work - just to be safe, do a backup before.
Best regards,
Markward
Sep 10, 2024 03:42 AM
Thanks for your input Markward,
Think I should uninstall the beacon software first and install new version (I think it will clean up the registry)?
Or just fire up the installer by running as admin from file explorer, and it should replace the currently installed version?
Sep 10, 2024 04:50 AM
OK, so not wanting to take a risk I took another approach and thought I'd share the steps taken for those will have similar question:
USE [FNMSCompliance]
GO
INSERT INTO [dbo].[AvailablePackage_MT]
([FullName]
,[Version]
,[AvailablePackageTypeID]
,[RelativeURLToOSD]
,[UseInAgentPolicy]
,[Build]
,[WebUIRelativeURL]
,[TenantID]
,[IsDeprecated]
,[DeprecationKBName]
,[DeprecationKBLink])
VALUES
('Package/Flexera/Upgrade/22.0.0/Rev1.0/Flexera Inventory Beacon Upgrade/Flexera Inventory Beacon Upgrade'
,'22.0.0'
,6
,'/Packages/Flexera/Upgrade/22.0.0/Rev1.0/Flexera Inventory Beacon Upgrade/Flexera Inventory Beacon Upgrade.osd'
,0
,'17'
,''
,1
,0
,null
,null)
GO
Note: BeaconEngine.log in C:\ProgramData\Flexera Software\Compliance\Logging\BeaconEngine is where you can see logs from the upgrade activity.
Hope someone will find it useful in the future.
Sep 12, 2024 05:51 AM - edited Sep 12, 2024 05:53 AM
I would just have run the installer over the existing installation, bu you have just covered all the points. This approach should also work for new agent packages.
Sep 12, 2024 08:21 AM