Patches, patches and more patches

Patches, patches and more patches

Post by Chris » Fri, 26 Apr 2002 10:21:43



I've just installed Solaris 8 (2/02) on my Ultra 5 and was wondering if
there is a reliable source for patches that need to be applied. Sun's site
is somewhat confusing. There is the 8_Recommended patch cluster, then there
is PatchPro which gives me a list for the recommended and Security patches
that I should apply to my specific system, then there is patchdiag which I
ran and it gave me a report of installed and uninstalled patches. Each of
these tools list patches that are universal across each list but then each
tool lists a number of patches that neither of the other does!

I would think that patchdiag is the most accurate since it takes into
consideration which packages are installed on my system but the "Unlisted
patches" sections of the report are confusing. Do I need to install these
patches also?

Obviously I do not want to spend more time than I have to to patch my
machine, but I want to be sure my system is up to par as best I can.

Any ideas? How do other sys admins approach patches on newly installed
machines or updates for that matter?

thx

ChrisV

 
 
 

Patches, patches and more patches

Post by Thump » Fri, 26 Apr 2002 16:23:44



>I've just installed Solaris 8 (2/02) on my Ultra 5 and was wondering if
>there is a reliable source for patches that need to be applied. Sun's site
>is somewhat confusing. There is the 8_Recommended patch cluster, then there
>is PatchPro which gives me a list for the recommended and Security patches
>that I should apply to my specific system, then there is patchdiag which I
>ran and it gave me a report of installed and uninstalled patches. Each of
>these tools list patches that are universal across each list but then each
>tool lists a number of patches that neither of the other does!

Installing the 8_Recommended is always a great start, download the
file from http://www.sun.com/bigadmin/patches/indexRec.html
Quote:

>I would think that patchdiag is the most accurate since it takes into
>consideration which packages are installed on my system but the "Unlisted
>patches" sections of the report are confusing. Do I need to install these
>patches also?

>Obviously I do not want to spend more time than I have to to patch my
>machine, but I want to be sure my system is up to par as best I can.

8_Recommended is quick and easy and will bring your system up to date
Quote:>Any ideas? How do other sys admins approach patches on newly installed
>machines or updates for that matter?

>thx

>ChrisV


 
 
 

Patches, patches and more patches

Post by Adam » Fri, 26 Apr 2002 16:18:28


For a common workstation like an Ultra 5 then I would normally just install
the latest Recommended patch set from Sun.

However if your working on a newly released piece of kit, say the V880, then
its best to install the Recommended, run the patchdiag tool and see what
platform specific patches it picks out.

Adam


Quote:> I've just installed Solaris 8 (2/02) on my Ultra 5 and was wondering if
> there is a reliable source for patches that need to be applied. Sun's site
> is somewhat confusing. There is the 8_Recommended patch cluster, then
there
> is PatchPro which gives me a list for the recommended and Security patches
> that I should apply to my specific system, then there is patchdiag which I
> ran and it gave me a report of installed and uninstalled patches. Each of
> these tools list patches that are universal across each list but then each
> tool lists a number of patches that neither of the other does!

> I would think that patchdiag is the most accurate since it takes into
> consideration which packages are installed on my system but the "Unlisted
> patches" sections of the report are confusing. Do I need to install these
> patches also?

> Obviously I do not want to spend more time than I have to to patch my
> machine, but I want to be sure my system is up to par as best I can.

> Any ideas? How do other sys admins approach patches on newly installed
> machines or updates for that matter?

> thx

> ChrisV

 
 
 

Patches, patches and more patches

Post by Anthony Mandi » Sat, 27 Apr 2002 21:39:58



> I've just installed Solaris 8 (2/02) on my Ultra 5 and was wondering if
> there is a reliable source for patches that need to be applied. Sun's site
> is somewhat confusing. There is the 8_Recommended patch cluster, then there
> is PatchPro which gives me a list for the recommended and Security patches
> that I should apply to my specific system, then there is patchdiag which I
> ran and it gave me a report of installed and uninstalled patches. Each of
> these tools list patches that are universal across each list but then each
> tool lists a number of patches that neither of the other does!

        Patchdiag with the "-l" option will list patches for your OS
        that can't be installed either due to missing dependencies
        or the target package isn't installed.

Quote:> I would think that patchdiag is the most accurate since it takes into
> consideration which packages are installed on my system but the "Unlisted
> patches" sections of the report are confusing. Do I need to install these
> patches also?

        Not really. Depends on your platform, the patch, etc. I prefer
        to work off patchdiag's report though.

Quote:> Obviously I do not want to spend more time than I have to to patch my
> machine, but I want to be sure my system is up to par as best I can.

        For a workstation/desktop the recommended patch cluster and
        any security patches would suffice. You can install any extras
        if you think they would be of benefit to you.

Quote:> Any ideas? How do other sys admins approach patches on newly installed
> machines or updates for that matter?

        For important production machines? Labouriously. One at a time
        on a test system with testing directed at the things the patch
        fixes. This may include removing earlier versions of the patch
        to manage space issues. Less labouriously for less critical
        systems. A few patches at a time with a few corners cut to save
        time when testing. Naturally, you don't want to devote too much
        time to patching. Download the xref file on a regular basis
        (monthly or fortnightly etc.), run patchdiag with the old xref
        and redirect output to a file, plug in the new xref, run it
        again and redirect to another file then diff the files and
        decide if the patch changes are worthwhile chasing.

-am     ? 2002

 
 
 

1. Patches Patches Patches

I've just setup

        http://patches.arm.linux.org.uk/

which contains a collection of patches pending for testing and/or Linus'
tree.  This currently includes:

        - PCI 1 through PCI 19
        - PCIPS2 (for Mobility Electronics EV1000 docking station)
        - PCMCIA 2 through PCMCIA 7b
        - Serial 1 through Serial 17

Unfortunately, the serial changes are just too big to be mailed through
this mailing list.  I have also tacked on in serial-17.diff the patch
which should have been accepted by Linus before serial-1 through
serial-16.diff, but was completely ignored.  Also, pci-6.diff contains
the fix that prevents PPC machines from crashing, which was also
completely ignored.

Please note that there are some inter-dependencies between the PCI
patches after pci-15.diff which will break the kernel build currently.

Each subdirectory contains a readme describing each of the patches.

Please note that from time to time, patches may be re-ordered and updated
so please don't read too much into the patch filenames.

Enjoy.

--

             http://www.arm.linux.org.uk/personal/aboutme.html

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

2. Teac Quad Speed Under Kernel 1.2.1

3. Patches, Patches, Patches

4. What does the statement "exec >myfile.dat" mean?

5. How to patch an already patched file?

6. virtual screens

7. Patch LMS/Philips CD205/225/202 (driver is available as a kernel patch)

8. Newbie BIND question

9. To Patch or Not To Patch?

10. patching pine 3.95 with aix patch ...

11. A patchy patch for Microsofts already patched-up Outlook

12. 2.4.19-pre8 - i8xx series chipsets patches (patch 2)

13. PATCH: 2.2.21rc3 ppc isdn patch