Patch Manager (smpatch)

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Patch Manager (smpatch)

Patch Manager is a new tool provided in Solaris 9 to assist you in managing patches on your system. Specifically, Patch Manager uses the smpatch utility to do the following:

Analyze your system to determine if patches need to be installed
Download patches
Install patches
Remove patches

The syntax for the smpatch utility is as follows:

smpatch subcommand <subcommand_option>

The smpatch requires you to enter a subcommand. Each subcommand has specific options, which are described in Table 12.6.

Table 12.6. smpatch Subcommands and Options
`add`
SUBCOMMAND OPTIONS SUPPORTED BY THE `ADD` COMMAND
`-i` `patch_id1` `-i` `patch_id2`	Specifies the patch or patches that you want to install. You can list one or several patches to install, or you can specify the `-x` option to specify a file that contains the list of patches.
`-x mlist=patchlist_file`	Use this option instead of the `–i` option when you have many patches to install. With this option, you specify a file (`patchlist_file`) that contains the list of patches you want to install.
SUBCOMMAND OPTIONS FOR THE `add` SUBCOMMAND
`-d <patchdir>`	Specifies the directory where the patches are located. If you do not specify this option, the default patch spool directory (/var/sadm/spool) is assumed. The patch directory has the following syntax: system_name:/directory_path, where system_name is the name server containing the files and /directory_path is a fully qualified, shared directory. You can specify just the /directory_path if the directory is an NFS-mounted network directory or is located on the machine on which you want to install the patches.
`-h`	Displays information on how to use the command.
`-n` `system_name1` `–n` `system_name2`	Specifies the host or list of `system_name2` `. . .` systems on which you want to install the patches. You can specify the `-x mlist=system_name_file` operand instead of specifying this option.
`-x mlist=systemlist_file`	Specifies a file that contains the list of systems (machines) to which you want to install patches. You can specify the `-n` `system_name1` option instead of specifying this operand.

analyze
OPTIONS FOR THE `analyze` SUBCOMMAND
`-h`	Displays the command’s usage statement.
`-n` `system_name`	Specifies the system you want to analyze.

download
THE `download` SUBCOMMAND REQUIRES ONE OF THE FOLLOWING SUBCOMMAND OPTIONS
`-i` `patch_id1` `–i` `patch_id2`	Specifies the patch or patches `patch_id2` `. . .` that you want to download. You can specify the `-x` `idlist=patch_id_file` operand instead of this option, or you can omit this argument in favor of he `-n` `download_system` option.
`-x idlist=patchlist_file`	Specifies the file containing the list of patches you want to download. You can specify this operand instead of specifying the `-i` `patch_id1` option.
OPTIONAL SUBCOMMAND ARGUMENTS FOR THE `download` SUBCOMMAND
`-n` `download_system`	Specifies the machine on which you want to download the recommended patches.
`-d` `downloaddir`	Specifies the directory where the patches are downloaded.This directory must have write permission and be accessible to the `download_system` . If you do not specify this option, the default patch spool directory (/var/sadm/spool) located on the download system is assumed.

remove
THE `remove` SUBCOMMAND REQUIRES THE FOLLOWING OPTIONS
`-i` `patch_id`	Specifies the patch you want to remove.
AN OPTIONAL OPTION FOR THE `remove` SUBCOMMAND
`-n` `systemname`	Specifies the system on which you want to remove the recommended patches.

The smpatch commands are located in /usr/sadm/bin and /opt/SUNWppro/ bin, so you need to add these to your path. Before you can start using smpatch, you need to download PatchPro the www.sun.com/PatchPro. Select the link provided at this URL to download the PatchPro application for Solaris 9. The file will download as a zipped file. Use the gunzip command to uncompress the downloaded file and then run the tar command to untar the PatchPro file. After you untar the file, follow the installation instructions described in the README file located in the PatchPro installation directory. Make sure you also follow the instructions in the README file for setting up Sun root certificates and patch signing certificates.

After you’ve installed and set up PatchPro, you are ready to analyze your system for patches. To use the analyze subcommand, the system needs to be connected to the Internet so that it can access the SunSolve site for patch information. To analyze a system, type the following:

smpatch analyze

You’ll be asked to enter a password, as follows:

Authenticating as user: root 

Type /? for help, pressing <enter> accepts the default denoted by [ ] 
Please enter a string value for: password ::

Enter the root password. Optionally, you can set up a role to perform this task. Roles are described in Chapter 17, “Role-Based Access Control.”

The system responds with this:

Loading Tool: com.sun.admin.patchmgr.cli.PatchMgrCli from zeus 
Login to zeus as user root was successful. 
Download of com.sun.admin.patchmgr.cli.PatchMgrCli from zeus was successful. 

 Assessing required patches for machine zeus. Please wait... 
 112958-01   SunOS 5.9: patch pci.so 
 112874-01   SunOS 5.9: buffer overflow in dbm_open 
 112955-01   SunOS 5.9: patch kernel/fs/autofs kernel/fs/sparcv9/autofs 
 113070-01   SunOS 5.9: ftp patch 
 112962-01   SunOS 5.9: patch libthread_db.so.1 
 112854-01   SunOS 5.9: icmp should be QNEXTLESS 
 113184-01   SunOS 5.9: Supplemental Kernel Update Patch for S9 FCS 
 113073-01   SunOS 5.9: ufs_log patch 
 112975-01   SunOS 5.9: patch /kernel/sys/kaio

*Output has been truncated.

The following example analyzes the system named zeus and downloads the assessed patches from the SunSolve Online database to the default patch spool directory.

/usr/sadm/bin/smpatch download 

Authenticating as user: root 

Type /? for help, pressing <enter> accepts the default denoted by [ ] 
Please enter a string value for: password ::

Enter the root password, and the system responds with the following:

Loading Tool: com.sun.admin.patchmgr.cli.PatchMgrCli from zeus 
Login to zeus as user root was successful. 
Download of com.sun.admin.patchmgr.cli.PatchMgrCli from zeus was successful. 

        Assessing required patches for machine zeus. Please wait... 
 112958-01   SunOS 5.9: patch pci.so 
 112874-01   SunOS 5.9: buffer overflow in dbm_open 
 112955-01   SunOS 5.9: patch kernel/fs/autofs kernel/fs/sparcv9/autofs 
 113070-01   SunOS 5.9: ftp patch 
 112962-01   SunOS 5.9: patch libthread_db.so.1 
 112854-01   SunOS 5.9: icmp should be QNEXTLESS 
 113184-01   SunOS 5.9: Supplemental Kernel Update Patch for S9 FCS 
 113073-01   SunOS 5.9: ufs_log patch 
Downloading the required patches for machine zeus ...

* Output has been truncated.

You might get the following message:

The following patches were not downloaded. Contact your Sun Microsystems support 
provider for more information. 
        112958-01 
        112955-01 
        113070-01 
        112962-01 
        112854-01 

For downloaded patch(es) see /var/sadm/spool.

I’ve generated a list of the patches I downloaded and want to install onto this system. To install the patches in this list, I type the following:

smpatch add -x idlist=/var/sadm/spool/patchlist 
Authenticating as user: root 

Type /? for help, pressing <enter> accepts the default denoted by [ ] 
Please enter a string value for: password ::

Enter the root password, and the following displays:

Loading Tool: com.sun.admin.patchmgr.cli.PatchMgrCli from zeus 
Login to zeus as user root was successful. 
Download of com.sun.admin.patchmgr.cli.PatchMgrCli from zeus was successful. 

[ Security Manager Alert ] 
A Tool loaded from zeus:898 wishes to read from the file located at  
 /var/sadm/spool/patchlist. 
Do you wish to allow this action? [Y | n] :

Respond with Y and the system displays:

Do you wish to trust all actions by tools from this location? [Y | n] :

Respond with Y and the system displays:

Patch 113184-01, or a patch required by patch 113184-01, requires a system reboot 
after installation. Perform a reconfiguration reboot immediately after the 
installation. 

        On machine zeus ... 
                Installing patch 112785-05 
                Installing patch 112874-01 
                Installing patch 112875-01 
                Installing patch 113030-01 
                Installing patch 113068-01 
                Installing patch 113184-01

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Patch Manager (smpatch)

Create new playlist

Sign In

Sign Up

Patch Manager (smpatch)

Table of Contents for
Patch Manager (smpatch)