RFE Template :

1. Proposed title of this feature request

Need more clarity on foreman-maintain packages update warning

3. What is the nature and description of the request?

Currently the message we get while running 'foreman-maintain packages update' is the following.

------
WARNING: No specific packages to update were provided
so we are going to update all available packages.
It is recommended to update everything only as part of upgrade
of the Satellite to the next version.
To Upgrade to next version use 'foreman-maintain upgrade'.
------

Need more clarity on:

1) Is it recommended to apply only the security patches on the RHEL server running Satellite? If 'foreman-maintain packages update' is not recommended, what would be the best practise to update the security patches.

2) Does "foreman-maintain packages update" work in the same manner as "yum update" would(RHEL minor version upgrade)? RHEL 7.8 to 7.9 as an example?

One of my customers raised this case and was not satisfied with the explanation from https://access.redhat.com/solutions/4591281. He is concerned about the above said warning message and looking for the best practices. Questions from the customer:

--> Is it really recommended not to update the OS but wait for a new satellite release? That means satellite/capsule servers will have security issues.

--> Can we trust that RedHat will create new satellite releases each time there are important security fixes?

It would be great if we can add more details to the warning message, with reference to the points which I have mentioned 1 & 2.

4. Is there already an existing RFE upstream or in Red Hat Bugzilla?

No

5. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?

No

6. Is the sales team involved in this request and do they have any additional input?

No

7. Would the customer be able to assist in testing this functionality if implemented?

Yes