Re: SunOs patching - How to

supergumby wrote:
I new to SunOs, mostly used to HP-UX and AIX way of patching. I'm
trying to bring my two 420R test blades to the same patch level as my
two prod ones. I've been reading a lot on how to patch SunOs but I'm
still not sure how to achieve this. Both prod boxes says SunOs 5.8
Generic Patch February 2004, but uname -a are different, one is
Generic_117350-46 and the other says Generic_108528-29.

The first thing to check would be /etc/release on both machines. Look at the first line, which reads e.g.:

Solaris 8 2/02 s28s_u7wos_08a SPARC

If this isn't the same on both machines, then a different release of Solaris 8 has been installed. Such update releases differ in two ways: A set of current patches is pre-installed, and new features might have been added in new packages. You will have to upgrade the older system to the newer release version at first.

Next, the two machines might have been installed with a different set of packages (the cluster). In /var/sadm/system/admin/CLUSTER you find which cluster has been installed. Still, packages might have been added or removed later. So compare the output of "pkginfo" on both machines. If it differs, you won't get the same set of patches to install.

Now get pca (see sig) and run it on the machine which is more up-to-date on patches:

pca --list installed --format '%p-%i # %y' --noheader > inst.txt

This will give you a list of all installed patches, in an appropriate form to feed back into pca on the machine you want to patch. There you run:

pca --install inst.txt

Honestly, I believe that trying to get two machines to the same level is hard to achieve. If you have the chance to do so, either upgrade or reinstall both machines with latest release of the Solaris version you need, or at least install a current set of patches on both.

Hope that helps,

mp.
--
SysAdmin | Institute of Scientific Computing, University of Vienna
PCA | Analyze, download and install patches for Solaris
| http://www.par.univie.ac.at/solaris/pca/
.

Relevant Pages

  • Re: MS03-026 - are you patched? Windows Update isnt sure!
    ... registry checks to determine if a patch is installed on a given machine. ... Many patches install a registry key to indicate that they have been ...
    (NT-Bugtraq)
  • Re: This is Why Consoles are More Popular than PCs for Gaming
    ... Just remembering you needed that faithful floppy disk to install SATA ... > patch downloaded, well the patch took *forever* to install. ... You download patches every time? ... still have patches for games I have uninstalled on CD. ...
    (comp.sys.ibm.pc.games.action)
  • Re: Event ID 6161 for HP 6840
    ... patch related to an exposure via the print spooler service. ... download which offers the option of a local port. ... >> There were no problems with the install and the printer works find so long ... >> 3) All machines on the network can connect to the printer via Internet ...
    (microsoft.public.windowsxp.print_fax)
  • Re: Patching Solaris 9 systems to "current"
    ... Would it be best/safest to get a support case with Sun and ask for the last recommended patch cluster, and just install that? ... The main thing I'm looking for is "safety", by which I mean minimizing the possibility of trashing any of these systems, since all of the people who were involved with the original deployment are apparently long gone:(. ... I'd *strongly* suggest that you make a backup of the system disk on each machine before applying ANY patches! ...
    (comp.unix.solaris)
  • Re: Why not patch all windows and not just legal copies
    ... from getting patches through other means. ... I see what you are saying - the end-result is machines that get infected and ... infested are those who do not take the time to patch their stolen systems. ... breeding grounds for attacks and bots and hackers.. ...
    (microsoft.public.security)