On Fri, 8 Jan 1999, rick pim wrote: > john riddoch mentioned sun's "patchdiag". i took a fast look at that > and found that > - it's not available in source > - it's over a megabyte in size (even after throwing away the redundant > copy of its own tar file that sun kindly includes in the kit) > - it can produce misleading results: on my just-installed 5.7 system, it > tells me: > Patch Ins Lat Age Require Incomp Synopsis > ID Rev Rev ID ID > ------ --- --- --- --------- --------- ---------------------------------- > All security patches installed! > when there are at least two that are outstanding. i don't know that > this is at all related to the "version number" issue, but it's > not a particularly good sign. At first I have thought that you are getting this error because you are having a stale crossreference file. Every time Sun have released a patch (for all practical purposes daily) the patchdiag.xref file is updated and by the end of the day made available on the ftp sites. Unfortunally there /is/ a problem with SunOS 5.7, as even though there have been a number of patches released for it, including a kernel upgrade, patchdiag doesn't pick it up. My script that I invoke to run patchdiag is the following: ---> #!/bin/bash if [ -f ./patchdiag.xref ]; then mv patchdiag.xref patchdiag.xref. fi wget ftp://sunsolve1.sun.com/pub/patches/patchdiag.xref ./patchdiag | less <--- Which, assuming that you have less and wget (both are GNU tools), essentially downloads the latest crossreference file and runs patchdiag against it (the file have to be present in the same place where you have told patchdiag on install it is). Crossreference files are conviniently dated, so you can always see if your data is up to date: [snip] System Name: zerkalo.notbsd.org SunOS Vers: 5.6 Arch: sparc Cross Reference File Date: 07/Jan/99 PatchDiag Version: 1.0.1 [snip] Now running this on a SunOS 5.7 host will tell me that my patches are in fact all up to date. However, if I am to do a full patch audit, by using patchdiag -l, it will show me that in fact there are plenty of patches not installed. Among other cool options that patchdiag can do is ability to do a diagnostics of a different system, as long as the OS and arch the other system runs is known, and output of showrev -p and, pkginfo -l is available: stany@zerkalo:/opt/patchdiag-1.0.1[19]$ ssh stanyat_private showrev -p >/tmp/showrev_2.7.txt stany@zerkalo:/opt/patchdiag-1.0.1[19]$ ssh stanyat_private pkgadd -l >/tmp/pkgadd_2.7.txt stany@zerkalo:/opt/patchdiag-1.0.1[20]$ ./patchdiag -p /tmp/pkgadd_2.7.txt /tmp/showrev_2.7.txt 5.7 sparc asmodean.notbsd.org [snip] OTHER RELATED UNINSTALLED PATCHES NOTE: This is determined by the packages that have been installed on the system. When one patch refers to multiple packages, we list the additional packages in the next lines. The various 'S','R','*' marks denote unbundled packages that is designated as an 'Security' or 'Recommended'. S = Security R = Recommened Unbundled * = Both Security and Recommended Unbundled Patch Package Latest Synopsis ID Name Revision ------ - --------- ----------------------------------------------------------------- 106147 SUNWxilvl 01 SunOS 5.7: VIS/XIL Graphics Patch 106541 SUNWcar 01 SunOS 5.7: kernel update patch SUNWcpr SUNWcsr SUNWhea 106793 * SUNWcsu 01 SunOS 5.7: ufsdump and ufsrestore patch SUNWhea 106812 SUNWplow1 04 SunOS 5.7: ctl print utility patch 106832 SUNWcsr 01 SunOS 5.7: auditreduce/c2audit/praudit patch SUNWcsu SUNWhea 106879 SUNWpmowu 01 Power_Mgmt-SW 7: sys-suspend patch 106934 SUNWdtbas 01 CDE 1.3: libDtSvc Patch 106938 SUNWcsl 01 SunOS 5.7: libresolv patch 106960 R SUNWman 01 SunOS 5.7: Manual Pages for patchadd.1m and patchrm.1m 106963 SUNWcsr 01 SunOS 5.7: /kernel/drv/esp and /kernel/drv/sparcv9/esp patch [snip the rest of the output. There are plenty more patches...] Yes, the kernel patch is in there, together with all the other "Security and Recommended unbundled" patches Best of luck. Hope it helps in keeping your systems up to date. //Stany P.S. A note of warning - it is really worth-while to find out what patches do before you add them. -- +-----------------------------------------------------------------------------+ | Stanislav N. Vardomskiy - Procurator Odiosus Ex Infernis[TM] | | This message is brought to you by letters jey, ow, el and tee. | | Jolt! For all the sugar and twice the caffeine. | +-----------------------------------------------------------------------------+
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:17 PDT