|
System Administration Commands | smpatch(1M) |
SYNOPSIS
| /usr/sadm/bin/smpatch subcommand [auth_args ] -- [subcommand_args] |
|
The smpatch command manages patch installation on single or multiple machines, analyzes patch requirements, and downloads required patches.
To run this command on multiple machines, you must first create a role on each machine that contains the necessary rights to perform patch management. In addition, all of the machines on which you want to install patches must run the same version of the Solaris operating environment, have the same
hardware architecture, and have the same patches installed.
Subcommands
|
The following subcommands are supported:
- add
- Installs patches on single or multiple machines. You can either specify the patch IDs and the machine names directly on the command line, or you can specify a patchlist_file and a machinelist_file that contains the list of patches and the machines on which you want to install the patches, respectively.
- analyze
- Analyzes and lists the patches required for a specified machine.
You must first install the PatchPro application on the host machine before you run the analyze command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.
- download
- Downloads patches from the SunSolve Online database to the patch directory. You can either specify the patches that you want to download, or you can specify a machine name to download the recommended patches for that machine.
You must first install the PatchPro application on the host machine before you run the download command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.
- remove
- Removes a single patch from a system.
|
|
|
There are two kinds of options: authentication arguments (auth_args) and subcommand arguments (subcommand_args).
Authentication Arguments
|
The smpatch authentication arguments, auth_args, are derived from the smc(1M) argument set and are the same regardless of which subcommand
you use.
Valid auth_args are -D, -H, -l, -p, -r, and -u; they are all optional. If no auth_args are specified, certain defaults will be assumed and the user
may be prompted for additional information, such as a password for authentication purposes.
The single letter options can also be specified by their equivalent option words preceded by a double dash. For example, you can use either -D or --domain.
Descriptions and other arg options that contain white spaces must be enclosed in double quotes.
The following authentication arguments (auth_args) are supported:
- -D | --domain domain
- Specifies the default domain that you want to manage. smpatch only accepts files for this option.
If you do not specify this option, the Solaris Management Console assumes the file default domain on whatever server you choose to manage, meaning that changes are local to the server. Toolboxes can change the domain on a tool-by-tool basis; this option specifies the domain for all other tools.
- -H | --hostname host_name:port
- Specifies the host and port to which you want to connect. If you do not specify a port, the system connects to the default port, 898.
If you do not specify a host (host_name:port, the Solaris Management Console connects to the local host on port 898. You may still have to choose a toolbox to load into the console. To override this behavior, use the smc -B option, or set your console preferences to load a home toolbox by default.
- -l | --rolepassword role_password
- Specifies the password for the role_name. If you specify a role_name but do not specify a role_password, the system prompts you to supply a role_password. Passwords specified on the command line can be seen by any user on the system, hence this option is considered insecure.
- -p | --password password
- Specifies the password for the user_name. If you do not specify a password, the system prompts you for one. Because passwords specified on the command
line can be seen by any user on the system, this option is considered insecure.
- -r | --rolename role_name
- Specifies a role name for authentication. If you do not specify this option, no role is assumed.
- -u | --username user_name
- Specifies the user name for authentication. If you do not specify this option, the user identity running the console process is assumed.
- --
- This option is required and must always follow the preceding options. If you do not enter the preceding options, you must still enter the -- option.
|
Subcommand Arguments
|
The subcommand-specific options, subcommand_args, must come after the auth_args and must be separated from them by the -- option. Enclose descriptions and arg options that contain white space in double quotes.
- add
- The add subcommand requires one of the following subcommand arguments:
- -i patch_id1 -i patch_id2 . . .
- Specifies the patch or patches that you want to install. You can specify the -x idlist=patch_id_file operand instead of specifying this option.
- -x idlist=patchlist_file
- Specifies a file that contains the list of patches that you want to install. You can specify the -i patch_id1 option instead of specifying
this operand.
The following subcommand arguments are optional for the add subcommand:
- -d patchdir
- Specifies the directory where the patches are located. If you do not specify this option, the default patch spool directory (/var/sadm/spool), located on the host specified with the -H authentication argument, is assumed. The patch directory has the following syntax: machine_name:/directory_path, where /directory_path is a fully-qualified, shared directory. You can specify
just the /directory_path if the directory is an NFS-mounted network directory or is located on the machine on which you want to install the patches.
- -h
- Displays the command's usage statement.
- -n machine_name1 -n machine_name2 . . .
- Specifies the machine(s) on which you want to install the patches. If you do not specify this option, the machine is assumed to be be
that specified with the -H authentication argument. You can specify the -x mlist=machine_name_file operand instead of specifying this option.
- -x mlist=machinelist_file
- Specifies a file that contains the list of machines to which you want to install patches. You can specify the-n machine_name1
option instead of specifying this operand.
- analyze
- The following subcommand arguments are optional for the analyze subcommand:
- -h
- Displays the command's usage statement.
- -n machine_name
- Specifies the machine for which you want to display a list of patches recommended by SunSolve. If you do not specify this option, the machine is assumed to be that specified by the -H
authentication argument.
- download
- The download subcommand requires one of the following subcommand arguments:
- -i patch_id1 -i patch_id2 . . .
- Specifies the patch or patches that you want to down load. You can specify the -x idlist=patch_id_file operand instead of this option or you can omit this argument in favor of -n download_machine option.
- -x idlist=patchlist_file
- Specifies the file containing the list of patches that you want to download. You can specify this operand instead of specifying the -i patch_id1 option.
The following subcommand arguments are optional for the download subcommand:
- -n download_machine
- Specifies the machine on which you want to download the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication
argument.
- -d downloaddir
- Specifies the directory where the patches are downloaded. This directory must have write permission and be accessible to the download_machine. If you do not specify this option, the default patch spool
directory (/var/sadm/spool) located on the download machine is assumed.
- remove
- The remove subcommand requires the following arguments:
- -i patch_id
- Specifies the patch that you want to remove.
The following subcommand arguments are optional for the remove subcommand:
- -n machine
- Specifies the machine on which you want to remove the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.
|
|
|
The following operands are supported:
-
machinelist_file
- Specifies the fully-qualified path and file name of the file containing the list of machine names on which you want to install the patches. The machinelist_file file contains one machine name
per line.
-
patchlist_file
- Specifies the fully-qualified path and file name of the file containing the list of patches that you want to install. The patchlist_file contains one patch ID per line.
|
| Example 1. Installing Patches on Multiple Machines
|
The following example installs patches 102893-01, 106895-09, and 106527-05 on the machines lab1 and lab2. The patches are located in the /files/patches/s9 shared directory on the machine fileserver:
|
/usr/sadm/bin//smpatch add -H myhost -p mypasswd -u root -- \
-i 102893-01 -i 106895-09 -i 106527-05 \
-d fileserver:/files/patches/s9 \
-n lab1 -n lab2
|
|
Example 2. Installing Patches Using a patch_list File
|
The following example specifies the /tmp/patch/patch_file to install patches on the machines lab1 and lab2. The patches are located in the NFS network-mounted directory /net/fileserver/export/patchspool/Solaris9:
|
/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
-x mlist=/tmp/patch/patch_file \
-d /net/fileserver/export/patchspool/Solaris9 \
-n lab1 -n lab2
|
|
Example 3. Installing Patches Using a patch_list File and a machine_list File
|
The following example installs the patches listed in /tmp/patch/patch_file on the machines listed in /tmp/patch/machine_file. The patches are located in the default /var/sadm/spool directory on the default machine myhost.
|
/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
-x mlist=/tmp/patch/patch_file \
-x mlist=/tmp/patch/machine_file
|
|
Example 4. Analyzing and Downloading Patches from Sunsolve Online
|
The following example analyzes the lab1 machine and downloads the assessed patches from the Sunsolve Online database to the default patch spool directory.
|
/usr/sadm/bin/smpatch download -p mypasswd -u root -- -n lab1
|
|
Example 5. Downloading Patches From the Sunsolve Database
|
The following example downloads the 102893-01 and 106895-09 patches from the Sunsolve Online database to the /files/patches/s8 directory located on the default machine.
|
/usr/sadm/bin/smpatch download -p mypasswd -u root -- \
-i 102893-01 -i 106895-09 -d /files/patches/s8
|
|
Example 6. Removing Patches
|
The following example removes patch 102893-01:
|
/usr/sadm/bin/smpatch remove -p mypasswd -u root -- \
-i 10283-01
|
|
|
|
See environ(5) for descriptions of the following environment variables that affect the execution of smpatch: JAVA_HOME. If this environment variable is not specified, the /usr/java location is used. See smc(1M).
|
|
The following exit values are returned:
-
0
- Successful completion.
-
1
- Invalid command syntax. A usage message displays.
-
2
- An error occurred while executing the command. An error message displays.
|
|
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | SUNWmga |
|
| |