Previous Page
Next Page

Patch Manager (smpatch)

Patch Manager is provided in Solaris 10 to assist you in managing patches on your system. Specifically, Patch Manager uses the /usr/sbin/smpatch utility to do the following:

  • Analyze your system to determine if patches need to be installed.

  • Download patches.

  • Install patches.

  • Remove patches.

The syntax for the smpatch utility is as follows:

smpatch subcommand <subcommand_option>

The smpatch requires you to enter a subcommand, which are outlined in Table 2.8

Table 2.8. smpatch Subcommands

Subcommand

Description

add

Applies one or more patches to one or more systems. You must specify at least one patch to apply. By default, patches are applied to the local system. This subcommand attempts to apply only the patches you specify. If you specify a patch that depends on another that has not been applied, the add command fails to apply the patch you specified.

analyze

Analyzes a system to generate a list of the appropriate patches. After analyzing the system, use the update subcommand or the download and add subcommands to download and apply the patches to your systems. The smpatch analyze command depends on network services that are not available while the system is in single-user mode.

download

Downloads patches from the Sun patch server to a system. You can optionally specify which patches to download. You can also specify the name of a system and download the appropriate patches to that system.

get

Lists one or more of the smpatch configuration parameter values.

order

Sorts a list of patches into an order that can be used to apply patches.

remove

Removes a single patch from a single system.

set

Sets the values of one or more configuration parameters.

unset

Resets one or more configuration parameters to the default values.

update

Updates a single local or remote system by applying appropriate patches. This subcommand analyzes the system and then downloads the appropriate patches from the Sun patch server to your system. After the availability of the patches has been confirmed, the patches are applied based on the patch policy.


Each subcommand has specific options, which are described in Table 2.9.

Table 2.9. smpatch Subcommands and Options

Option

Description

Subcommand Options Supported by the add Command

-ipatch_id1 -i patch_id2

Specifies the patch or patches that you want to install. You can list one or several patches to install, or you can specify the -x option to specify a file that contains the list of patches.

-x mlist=patchlist_file

Use this option instead of the -i option when you have many patches to install. With this option, you specify a file (patchlist_file) that contains the list of patches you want to install.

Subcommand Options for the add Subcommand

-d <patchdir>

Specifies the directory where the patches are located. If you do not specify this option, the default patch spool directory (/var/sadm/spool) is assumed. The patch directory has the following syntax: system_name:/directory_path, where system_name is the name server containing the files and /directory_path is a fully qualified, shared directory. You can specify just the /directory_path if the directory is an NFS-mounted network directory or is located on the machine on which you want to install the patches.

-h

Displays information on how to use the command.

-n system_name1 - n system_name2

Specifies the host or list of system_name2 ... systems on which you want to install the patches. You can specify the -x mlist=system_name_file operand instead of specifying this option.

-x mlist=systemlist_file

Specifies a file that contains the list of systems (machines) to which you want to install patches. You can specify the -n system_name1 option instead of specifying this operand.

Options for the analyze Subcommand

-h

Displays the command's usage statement.

-n system_name

Specifies the system you want to analyze.

The download Subcommand Requires One of the Following Subcommand Options

-I patch_id1 -i patch_id2

Specifies the patch or patches patch_id2 ... that you want to download. You can specify the -x idlist=patch_id_file operand instead of this option, or you can omit this argument in favor of the -n download_system option.

-x idlist=patchlist_file

Specifies the file containing the list of patches you want to download. You can specify this operand instead of specifying the -i patch_id1 option.

Optional Subcommand Arguments for the download Subcommand

-n download_system

Specifies the machine on which you want to download the recommended patches.

-d downloaddir

Specifies the directory where the patches are downloaded. This directory must have write permission and be accessible to the download_system. If you do not specify this option, the default patch spool directory (/var/sadm/spool) located on the download system is assumed.

The remove Subcommand Requires the Following Options

-i patch_id

Specifies the patch you want to remove.

-n systemname

Specifies the system on which you want to remove the recommended patches. (Optional)


To use the analyze subcommand, the system needs to be connected to the Internet so that it can access the SunSolve site for patch information. To analyze a system, login as root and type the following command:

smpatch analyze

The system responds with a list of patches:

120199-01 SunOS 5.10: sysidtool Patch
119145-02 SunOS 5.10: usr/snadm/lib Patch
119252-02 SunOS 5.10: System Administration Applications Patch
119315-02 SunOS 5.10: Solaris Management Applications Patch
119313-02 SunOS 5.10: WBEM Patch
119250-02 SunOS 5.10: usr/sbin/install.d/pfinstall Patch
119534-02 SunOS 5.10: Flash Archive Patch
119254-02 SunOS 5.10: Install and Patch Utilities Patch
119783-01 SunOS 5.10 : bind patch
119065-01 SunOS 5.10: fc-cache patch
119812-01 X11 6.6.2: Freetype patch

. . . <output has been truncated> . . .

The following example analyzes the system named zeus and downloads the assessed patches from the SunSolve Online database to the default patch spool directory:

/usr/sadm/bin/smpatch download

The system responds with the following:

120199-01 has been validated.
119145-02 has been validated.
119252-02 has been validated.
119315-02 has been validated.
119313-02 has been validated.
119250-02 has been validated.
119534-02 has been validated.
[Output has been truncated.]

The patches get downloaded to the /var/sadm/spool directory as jar files. Extract the files using jar xvf as described earlier in this chapter.

After extracting the jar file, install a patch from the download directory, by typing

smpatch add -i 120469-01

The system responds with:

add patch 120469-01
Patch 120469-01 has been successfully installed.
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Approved patches will be installed in this order:
120469-01

I've generated a list of the patches I downloaded and want to install onto this system. To install the patches in this list, I type the following:

smpatch add -x idlist=/var/sadm/spool/patchlist

The system responds with

add patch 120469-01
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
The following requested patches are already installed on the system
Requested to install patch 120469-01 is already installed on the system.
No patches to check dependency.
add patch 120292-01
Package SUNWmysqlS from patch 120292-01 is not installed on the system.
The original package SUNWmysqlS that 120292-01 is attempting to install to does \
not exist on this system.
wordlist too large
Patch 120292-01 failed to be copied to the pspool directory.
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Approved patches will be installed in this order:
120292-01
add patch 120251-01
Patch 120251-01 has been successfully installed.
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Approved patches will be installed in this order:
120251-01
add patch 120198-02
Patch 120198-02 has been successfully installed.
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Approved patches will be installed in this order:
120198-02


Previous Page
Next Page