Users of physical or virtual machines commonly install software packages, including package updates, to physical or virtual machines. The software packages can each contain a set of component files chosen to perform a given application or task, such as, for example, a group of software applications, drivers, and/or other resources used to install and use messaging or media applications. In instances, a software package can contain application software, operating system software, drivers, patches, and/or other software components grouped as a logical set. The package itself can be formatted in different formats, including, for instance, as a single file entity, in a compressed format, and/or in other data formats.
Software package update managers exist to help a user initiate and perform software package updates, such as, for example, the “yum” (Yellowdog update manager) package manager available from Red Hat, Inc., Raleigh, N.C., and others. In general, available software package managers are configured to interact with the set of installed packages on a client and with one or more software package repositories, to directly connect to those databases and download available package updates.
The process of initiating software package updates can involve, however, complications such as installation-related software faults. Those irregularities can occur in various scenarios, including in the context of preparing package updates to distribute to machines in a managed network. For instance, in a managed network which operates a comparatively large number of machines, at any given time some of the client or target machines may be currently executing the application or other software which is the object of an intended package update. A systems administrator may have to learn which machines contain those currently executing applications, in order to identify those machines and terminate the application or reboot the machine, in order to start a subsequent package update process. Current package management platforms may not contain the capability to identify machines containing an arbitrary selected package whose associated application is running, on an on-the-fly basis.
Similarly, an administrator may at times wish to identify the packages for the currently executing processes on any machines in a managed network, for instance to perform a security audit after a threat is detected which has infected a specific application, or for other purposes.
Yet further, managed networks may exist or operate in which the client or host machines scheduled to receive package updates do not themselves physically store the associated packages, such as may be the case for virtual machines in cloud-based networks which do not host or provide disk or other storage for the client population. In that case, an administrator of the set of virtual machines may need to interrogate the machines to identify the executing processes of those virtual machines, and then determine the subscribed packages corresponding to those processes since direct inspection of stored package objects is not possible.
Existing package update managers may not contain tools or processes to assist in performing audits of executing processes associated with installed packages in these and other scenarios. It may be desirable to provide systems and methods for generating an encoded package profile based on executing host processes, in which an administrator or other user can discover the currently executing applications or other processes on a client machine or machines, determine the corresponding software package or packages corresponding to those processes, encode that package complement, and potentially perform package update and/or other configuration management operations on the client machine(s).