Sun Microsystems, Inc.
spacerspacer
spacer   www.sun.com docs.sun.com | | |  
spacer
black dot
   
A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z
    
 
System Administration Commandssmpatch(1M)


NAME

 smpatch - manage patches

SYNOPSIS

 /usr/sadm/bin/smpatch subcommand [auth_args ] -- [subcommand_args]

DESCRIPTION

 

The smpatch command manages patch installation on single or multiple machines, analyzes patch requirements, and downloads required patches.

To run this command on multiple machines, you must first create a role on each machine that contains the necessary rights to perform patch management. In addition, all of the machines on which you want to install patches must run the same version of the Solaris operating environment, have the same hardware architecture, and have the same patches installed.

Subcommands

 

The following subcommands are supported:

add
Installs patches on single or multiple machines. You can either specify the patch IDs and the machine names directly on the command line, or you can specify a patchlist_file and a machinelist_file that contains the list of patches and the machines on which you want to install the patches, respectively.
analyze
Analyzes and lists the patches required for a specified machine.

You must first install the PatchPro application on the host machine before you run the analyze command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.

download
Downloads patches from the SunSolve Online database to the patch directory. You can either specify the patches that you want to download, or you can specify a machine name to download the recommended patches for that machine.

You must first install the PatchPro application on the host machine before you run the download command. To install PatchPro, download the packages from the Sun Microsystems web site and follow the instructions to install the software on your machine.

remove
Removes a single patch from a system.

OPTIONS

 

There are two kinds of options: authentication arguments (auth_args) and subcommand arguments (subcommand_args).

Authentication Arguments

 

The smpatch authentication arguments, auth_args, are derived from the smc(1M) argument set and are the same regardless of which subcommand you use.

Valid auth_args are -D, -H, -l, -p, -r, and -u; they are all optional. If no auth_args are specified, certain defaults will be assumed and the user may be prompted for additional information, such as a password for authentication purposes.

The single letter options can also be specified by their equivalent option words preceded by a double dash. For example, you can use either -D or --domain.

Descriptions and other arg options that contain white spaces must be enclosed in double quotes.

The following authentication arguments (auth_args) are supported:

-D | --domain domain
Specifies the default domain that you want to manage. smpatch only accepts files for this option.

If you do not specify this option, the Solaris Management Console assumes the file default domain on whatever server you choose to manage, meaning that changes are local to the server. Toolboxes can change the domain on a tool-by-tool basis; this option specifies the domain for all other tools.

-H | --hostname host_name:port
Specifies the host and port to which you want to connect. If you do not specify a port, the system connects to the default port, 898. If you do not specify a host (host_name:port, the Solaris Management Console connects to the local host on port 898. You may still have to choose a toolbox to load into the console. To override this behavior, use the smc -B option, or set your console preferences to load a home toolbox by default.
-l | --rolepassword role_password
Specifies the password for the role_name. If you specify a role_name but do not specify a role_password, the system prompts you to supply a role_password. Passwords specified on the command line can be seen by any user on the system, hence this option is considered insecure.
-p | --password password
Specifies the password for the user_name. If you do not specify a password, the system prompts you for one. Because passwords specified on the command line can be seen by any user on the system, this option is considered insecure.
-r | --rolename role_name
Specifies a role name for authentication. If you do not specify this option, no role is assumed.
-u | --username user_name
Specifies the user name for authentication. If you do not specify this option, the user identity running the console process is assumed.
--
This option is required and must always follow the preceding options. If you do not enter the preceding options, you must still enter the -- option.

Subcommand Arguments

 

The subcommand-specific options, subcommand_args, must come after the auth_args and must be separated from them by the -- option. Enclose descriptions and arg options that contain white space in double quotes.

add
The add subcommand requires one of the following subcommand arguments:
-i patch_id1 -i patch_id2 . . .
Specifies the patch or patches that you want to install. You can specify the -x idlist=patch_id_file operand instead of specifying this option.
-x idlist=patchlist_file
Specifies a file that contains the list of patches that you want to install. You can specify the -i patch_id1 option instead of specifying this operand.

The following subcommand arguments are optional for the add subcommand:

-d patchdir
Specifies the directory where the patches are located. If you do not specify this option, the default patch spool directory (/var/sadm/spool), located on the host specified with the -H authentication argument, is assumed. The patch directory has the following syntax: machine_name:/directory_path, where /directory_path is a fully-qualified, shared directory. You can specify just the /directory_path if the directory is an NFS-mounted network directory or is located on the machine on which you want to install the patches.
-h
Displays the command's usage statement.
-n machine_name1 -n machine_name2 . . .
Specifies the machine(s) on which you want to install the patches. If you do not specify this option, the machine is assumed to be be that specified with the -H authentication argument. You can specify the -x mlist=machine_name_file operand instead of specifying this option.
-x mlist=machinelist_file
Specifies a file that contains the list of machines to which you want to install patches. You can specify the-n machine_name1 option instead of specifying this operand.
analyze
The following subcommand arguments are optional for the analyze subcommand:
-h
Displays the command's usage statement.
-n machine_name
Specifies the machine for which you want to display a list of patches recommended by SunSolve. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.
download
The download subcommand requires one of the following subcommand arguments:
-i patch_id1 -i patch_id2 . . .
Specifies the patch or patches that you want to down load. You can specify the -x idlist=patch_id_file operand instead of this option or you can omit this argument in favor of -n download_machine option.
-x idlist=patchlist_file
Specifies the file containing the list of patches that you want to download. You can specify this operand instead of specifying the -i patch_id1 option.

The following subcommand arguments are optional for the download subcommand:

-n download_machine
Specifies the machine on which you want to download the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.
-d downloaddir
Specifies the directory where the patches are downloaded. This directory must have write permission and be accessible to the download_machine. If you do not specify this option, the default patch spool directory (/var/sadm/spool) located on the download machine is assumed.
remove
The remove subcommand requires the following arguments:
-i patch_id
Specifies the patch that you want to remove.

The following subcommand arguments are optional for the remove subcommand:

-n machine
Specifies the machine on which you want to remove the recommended patches. If you do not specify this option, the machine is assumed to be that specified by the -H authentication argument.

OPERANDS

 

The following operands are supported:

machinelist_file
Specifies the fully-qualified path and file name of the file containing the list of machine names on which you want to install the patches. The machinelist_file file contains one machine name per line.
patchlist_file
Specifies the fully-qualified path and file name of the file containing the list of patches that you want to install. The patchlist_file contains one patch ID per line.

EXAMPLES

 Example 1. Installing Patches on Multiple Machines
 

The following example installs patches 102893-01, 106895-09, and 106527-05 on the machines lab1 and lab2. The patches are located in the /files/patches/s9 shared directory on the machine fileserver:

 
/usr/sadm/bin//smpatch add -H myhost -p mypasswd -u root -- \
-i 102893-01 -i 106895-09 -i 106527-05 \
      -d fileserver:/files/patches/s9 \
      -n lab1 -n lab2
Example 2. Installing Patches Using a patch_list File
 

The following example specifies the /tmp/patch/patch_file to install patches on the machines lab1 and lab2. The patches are located in the NFS network-mounted directory /net/fileserver/export/patchspool/Solaris9:

 
/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
     -x mlist=/tmp/patch/patch_file \
     -d /net/fileserver/export/patchspool/Solaris9 \
     -n lab1 -n lab2
Example 3. Installing Patches Using a patch_list File and a machine_list File
 

The following example installs the patches listed in /tmp/patch/patch_file on the machines listed in /tmp/patch/machine_file. The patches are located in the default /var/sadm/spool directory on the default machine myhost.

 
/usr/sadm/bin/smpatch add -H myhost -p mypasswd -u root -- \
     -x mlist=/tmp/patch/patch_file  \
     -x mlist=/tmp/patch/machine_file
Example 4. Analyzing and Downloading Patches from Sunsolve Online
 

The following example analyzes the lab1 machine and downloads the assessed patches from the Sunsolve Online database to the default patch spool directory.

 
/usr/sadm/bin/smpatch download -p mypasswd -u root -- -n lab1
Example 5. Downloading Patches From the Sunsolve Database
 

The following example downloads the 102893-01 and 106895-09 patches from the Sunsolve Online database to the /files/patches/s8 directory located on the default machine.

 
/usr/sadm/bin/smpatch download -p mypasswd -u root -- \
          -i 102893-01 -i 106895-09 -d /files/patches/s8
Example 6. Removing Patches
 

The following example removes patch 102893-01:

 
/usr/sadm/bin/smpatch remove -p mypasswd -u root -- \
          -i 10283-01

ENVIRONMENT VARIABLES

 

See environ(5) for descriptions of the following environment variables that affect the execution of smpatch: JAVA_HOME. If this environment variable is not specified, the /usr/java location is used. See smc(1M).

EXIT STATUS

 

The following exit values are returned:

0
Successful completion.
1
Invalid command syntax. A usage message displays.
2
An error occurred while executing the command. An error message displays.

ATTRIBUTES

 

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
AvailabilitySUNWmga

SEE ALSO

 

arch(1), uname(1), patchadd(1M), patchrm(1M), share(1M), smc(1M), attributes(5), environ(5)


SunOS 5.9Go To TopLast Changed 18 Jan 2002

 
      
      
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.