Highley Recommended, Inc.
[ Home |
News |
Services |
Links ]
Patch Management Process
Seahorse is the jumpstart install and patch server system. The file
system "/export/install" is used for storage. There is a "jumpstart"
directory with all the jumpstart files under it. To use the jumpstart
installation method a bootparams entry for the client needs to be
created by:
add_install_client -s seahorse:/export/install/"sol_2_5" \
-c seahorse:/export/install/jumpstart
May need to create an installation profile in the profiles directory
and add a new selection rule to the rules file. Sun has a jumpstart
book which documents how to use this installation method.
Patches are maintained for each operating system revision. The path
to the patch area would be "/export/install/sol_2_5/Patches". Do the
following to perform a patch update:
cd /export/install/"sol_2_5"/Patches
at -q b [-m] -f get_patch_report now
or
./get_patch_report -help
This utility will retrieve the patch report from the "sunsolve1.com"
patch server. It looks for a file "*PatchReport" in the current
location to determine which patch report file to pull off the server.
Next edit the patch report file and save the recommended patch list
paragraph into file named patch_list and check security patch paragraph
to see if any patches are listed there that are not in the recommended
patch list. I move patch_list to patch_list.last before I do this step
to maintain a little history.
Now pull down the list of patches by:
at -q b [-m] -f get_patches now
When done check that all patches were pulled by doing:
awk '{print $1}' ../patch_list |
while read one
do
if [ ! -f ${one}.tar.gz ]; then
print "Patch $one missing."
fi
done
If any patches are missing you should investigate to see if it was
obsoleted after the patch report was created. Then do:
./update_patches
The script will check for direct predecessor patches and remove them if
found, uncompress and untar the patch file into the patch directory and
create a link to the patch in this directory.
To install the patches on a system:
login as root
mount seahorse.eng.claircom.com:/export/install/"sol_2_5"/Patches /mnt
cd /mnt/current
./install_cluster
The slightly modified Sun utility, install_cluster, will install all
patches found in the current directory. We have modified it to extract
the error message instead of reporting the error code if a patch fails
to install.
For further patch storage clean up you can execute:
Usage: rm_obsolete_patches -u USER -ch Control Host [-r]
USER - User to remote login in as to the
Control Host - system which should be running latest
patches.
"-r" - Re-run command with this flag when ready
to remove patches.
Which parses the output of the "showrev -p" looking for patches that
were obsoleted by non-descendant patches. Last we have a new script that
looks at how much "/var" space is being used up by obsoleted patch
archive files. If you remove these file you can not back out the patch
that created the file.
To set up a new operating storage area. Check to see if there is enough
disk space, may need to remove the oldest version. Run the
"setup_install_server" utility that is on the operating system CD which
will copy the CD.
Create the "Patches" directory and the "Patches/current" directory.
Hard link in the patch management scripts. You should now be ready to
do installations and patch updating.