The following subcommands are supported:

add

Installs patches on single or multiple machines. You can either specify the patch IDs and the machine names directly on the command line, or you can specify a patchlist_file and a machinelist_file that contains the list of patches and the machines on which you want to install the patches, respectively.

analyze

Analyzes and lists the patches required for a specified machine.

You must first install the PatchPro application on the host machine before you run the analyze command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.

download

Downloads patches from the SunSolve Online database to the patch directory. You can either specify the patches that you want to download, or you can specify a machine name to download the recommended patches for that machine.

You must first install the PatchPro application on the host machine before you run the download command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.

remove

Removes a single patch from a system.

The smpatch authentication arguments, auth_args, are derived from the smc(1M) argument set and are the same regardless of which subcommand you use.

Valid auth_args are -D, -H, -l, -p, -r, and -u; they are all optional. If no auth_args are specified, certain defaults will be assumed and the user may be prompted for additional information, such as a password for authentication purposes.

The single letter options can also be specified by their equivalent option words preceded by a double dash. For example, you can use either -D or --domain.

Descriptions and other arg options that contain white spaces must be enclosed in double quotes.

The following authentication arguments (auth_args) are supported:

-D | --domain domain

Specifies the default domain that you want to manage. smpatch only accepts files for this option.

If you do not specify this option, the Solaris Management Console assumes the file default domain on whatever server you choose to manage, meaning that changes are local to the server. Toolboxes can change the domain on a tool-by-tool basis; this option specifies the domain for all other tools.

-H | --hostname host_name:port

Specifies the host and port to which you want to connect. If you do not specify a port, the system connects to the default port, 898. If you do not specify a host (host_name:port, the Solaris Management Console connects to the local host on port 898. You may still have to choose a toolbox to load into the console. To override this behavior, use the smc -B option, or set your console preferences to load a home toolbox by default.

-l | --rolepassword role_password

Specifies the password for the role_name. If you specify a role_name but do not specify a role_password, the system prompts you to supply a role_password. Passwords specified on the command line can be seen by any user on the system, hence this option is considered insecure.

-p | --password password

Specifies the password for the user_name. If you do not specify a password, the system prompts you for one. Because passwords specified on the command line can be seen by any user on the system, this option is considered insecure.

-r | --rolename role_name

Specifies a role name for authentication. If you do not specify this option, no role is assumed.

-u | --username user_name

Specifies the user name for authentication. If you do not specify this option, the user identity running the console process is assumed.

--

This option is required and must always follow the preceding options. If you do not enter the preceding options, you must still enter the -- option.

The subcommand-specific options, subcommand_args, must come after the auth_args and must be separated from them by the -- option. Enclose descriptions and arg options that contain white space in double quotes.

add

The add subcommand requires one of the following subcommand arguments:

-i patch_id1 -i patch_id2 . . .

Specifies the patch or patches that you want to install. You can specify the -x idlist=patch_id_file operand instead of specifying this option.

-x idlist=patchlist_file

Specifies a file that contains the list of patches that you want to install. You can specify the -i patch_id1 option instead of specifying this operand.

The following subcommand arguments are optional for the add subcommand:

-d patchdir

Specifies the directory where the patches are located. If you do not specify this option, the default patch spool directory (/var/sadm/spool), located on the host specified with the -H authentication argument, is assumed. The patch directory has the following syntax: machine_name:/directory_path, where /directory_path is a fully-qualified, shared directory. You can specify just the /directory_path if the directory is an NFS-mounted network directory or is located on the machine on which you want to install the patches.

-h

Displays the command's usage statement.

-n machine_name1 -n machine_name2 . . .

Specifies the machine(s) on which you want to install the patches. If you do not specify this option, the machine is assumed to be be that specified with the -H authentication argument. You can specify the -x mlist=machine_name_file operand instead of specifying this option.

-x mlist=machinelist_file

Specifies a file that contains the list of machines to which you want to install patches. You can specify the-n machine_name1 option instead of specifying this operand.

analyze

The following subcommand arguments are optional for the analyze subcommand:

-h

Displays the command's usage statement.

-n machine_name

Specifies the machine for which you want to display a list of patches recommended by SunSolve. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.

download

The download subcommand requires one of the following subcommand arguments:

-i patch_id1 -i patch_id2 . . .

Specifies the patch or patches that you want to down load. You can specify the -x idlist=patch_id_file operand instead of this option or you can omit this argument in favor of -n download_machine option.

-x idlist=patchlist_file

Specifies the file containing the list of patches that you want to download. You can specify this operand instead of specifying the -i patch_id1 option.

The following subcommand arguments are optional for the download subcommand:

-n download_machine

Specifies the machine on which you want to download the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.

-d downloaddir

Specifies the directory where the patches are downloaded. This directory must have write permission and be accessible to the download_machine. If you do not specify this option, the default patch spool directory (/var/sadm/spool) located on the download machine is assumed.

remove

The remove subcommand requires the following arguments:

-i patch_id

Specifies the patch that you want to remove.

The following subcommand arguments are optional for the remove subcommand:

-n machine

Specifies the machine on which you want to remove the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.

The following example installs patches 102893-01, 106895-09, and 106527-05 on the machines lab1 and lab2. The patches are located in the /files/patches/s9 shared directory on the machine fileserver:

/usr/sadm/bin//smpatch add -H myhost -p mypasswd -u root -- \
-i 102893-01 -i 106895-09 -i 106527-05 \
      -d fileserver:/files/patches/s9 \
      -n lab1 -n lab2

The following example specifies the /tmp/patch/patch_file to install patches on the machines lab1 and lab2. The patches are located in the NFS network-mounted directory /net/fileserver/export/patchspool/Solaris9:

/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
     -x mlist=/tmp/patch/patch_file \
     -d /net/fileserver/export/patchspool/Solaris9 \
     -n lab1 -n lab2

The following example installs the patches listed in /tmp/patch/patch_file on the machines listed in /tmp/patch/machine_file. The patches are located in the default /var/sadm/spool directory on the default machine myhost.

/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
     -x mlist=/tmp/patch/patch_file  \
     -x mlist=/tmp/patch/machine_file

The following example analyzes the lab1 machine and downloads the assessed patches from the Sunsolve Online database to the default patch spool directory.

/usr/sadm/bin/smpatch download -p mypasswd -u root -- -n lab1

The following example downloads the 102893-01 and 106895-09 patches from the Sunsolve Online database to the /files/patches/s8 directory located on the default machine.

/usr/sadm/bin/smpatch download -p mypasswd -u root -- \
          -i 102893-01 -i 106895-09 -d /files/patches/s8

The following example removes patch 102893-01:

/usr/sadm/bin/smpatch remove -p mypasswd -u root -- \
          -i 10283-01