Solaris 10 patching
- From: "doofus" <tumbleweed@xxxxxxxxxxxx>
- Date: 5 Jan 2007 06:30:47 -0800
There seems to be have been a lot of angry words written on this
subject. I just want to know what the current situation is.
Reading through old posts, a few people initially did some serious
moaning about being unable ever again to patch their systems,
invariably rebuffed with "Nonsense, nothing has changed except the
patch aquisition method. Everything hitherto freely available will
continue to be so".
Is this true?
When I tried running Sun Update Connection for the first time
yesterday, I was first told to enter my Sun Online Account details.
Fine - it's perfectly resonable for Sun to keep tabs of how many
installations of the wonderful (and free) fruits of their labours are
out there, I'd say. When it came to the patches though, it was clearly
stated that I wasn't getting access to anything beyond security updates
without a paid up service plan.
Can anyone please authoritatively clarify what the policy actually is?
I find it slightly absurd that I should even have to ask that question
in a news group when we're talking about an outfit the size of Sun
Microsystems. Maybe at this point someone will (hopefully) point out my
short-sightedness with a link explaining all...
From sun's second notice on the matter,
For customers with a Sun Service plan you can make use of the free
scripting service provided by wget starting today June 1, 2006.
For customers without a Sun Service plan access to Software Updates
(patches) via wget will be available July 25, 2006.
This is very straightforward and difficult to complain about. It also
again implies (and only implies - I haven't seen the words "nothing has
been restricted" written by Sun anywhere) that patches available for
download remain unchanged. They even give us a nice simple script
(getsolpatch.sh) to help.
This wget script would be my preferred method of patching, but notes
for it's use seem pretty scant beyond "write yourself a text file
listing the patches you want to download". With the number of patches
available (thousands?) and an unwillingness (for which I make no
apologies) to read every bulletin about every patch that sun ever
releases, I don't feel I have the skill necessary to maintain a
"patch-list.txt" file and install script, especially with the necessity
to install patches in a certain order. Patches for the most part are
responses to flaws in the released product, and I would hold that this
kind of housekeeping should be Sun's job.
I loved the old "recommended patch cluster" downloads - you didn't need
to be a geek to keep your system up to date. Anyone could do it and
easily undo it if anything went wrong. Why would Sun do away with such
a longstanding and reliable service which did more than a little to
uphold their own reputation for releasing solid, secure systems?
If it's down to just terminating the ftp service in favour of wget over
https - a laudable idea, then they could still make recommended patch
clusters available by this method. Or they could even just publish
ascii "patch-list.txt" files derived from what would have been the old
This has turned into a far longer post than the one I had in my head.
I'm really just trying to find out what methods the folks in here are
using to patch their systems.
- Prev by Date: USB drive won't automount
- Next by Date: paths and umask in Solaris 10
- Previous by thread: USB drive won't automount
- Next by thread: Re: Solaris 10 patching