Certification Objective 2.03Working with Packages and Patches

Previous page
Table of content
Next page

Certification Objective 2.03—Working with Packages and Patches

Exam Objective 2.8: Perform Solaris 10 OS package administration using command-line interface commands and manage software patches for the Solaris OS, including preparing for patch administration and installing and removing patches using the patchadd and patchrm commands.

Installing and removing software products, an essential part of software management, is one of many responsibilities of a system administrator. Sun and its third-party vendors deliver software products in the form of components called packages. Furthermore, between the two releases of the OS, you also need to deal with patches, which present either new features or fixes to existing problems.

Performing Package Administration

The application software for Solaris OS is delivered in units called packages. A package is a set of files and directories in a defined format. The package format conforms to the application binary interface (ABI), which is a supplement to the System V Interface Definition. An ABI describes the low-level interface between an application program and the operating system, between an application and its libraries, or between different parts of the application. An ABI is like an Application Programming Interface (API): an API defines the interface between the application source code and libraries, thereby enabling the same source code to compile on any system supporting that API. Similarly, an ABI allows compiled object code to function without changes or the need to recompile on all systems using compatible ABIs.

Building a software product in units of one or more packages makes it easier to transfer it to a medium, to mass produce it, and to install and manage it. To build a package, an application developer must provide the following package components:

  • Required components;

    • Package objects. These are the files and directories of the application software.

    • Control files. These are the information files and installation scripts. Only two control files, which are the information files, are required: the pkginfo and prototype files.

  • Optional components:

    • Optional information files

    • Installation scripts

The Solaris OS provides a set of utilities (commands) that can interpret the package format (ABI) to perform tasks such as installing a package, verifying a package installation, and removing a package. The commonly used commands to manage packages are listed in Table 2-6.

Table 2-6: Some commands for package management

Command

Description

pkgask

Used to save the responses (to the questions chat will be asked by the pkgadd command from the user) in a file that can later be used by a pkgadd command instead of user needing to type the responses.

pkgadd

Adds (installs) a software package.

pkgchk

Checks a package installation.

pkginfo

Lists the package information.

pkgparam

Displays the parameter values for a software package.

pkgrm

Removes a software package.

pkgtrans

Translates a package from one format to another.

Making a package work on your system requires more than simply copying it to your system; you need to install it. Installing and uninstalling packages are the two most important tasks involved in package management.

Installing a Package

To install a package, you can use the pkgadd command, which uncompresses the files in the package, copies them from the installation media to a local system's disk, and does other necessary things. Note that the package files are delivered in package format and are unusable in the form they are delivered. Therefore, the pkgadd command interprets the control files of the software package and then uncompresses them and installs the product files onto the system's local disk. The pkgadd command has the following syntax:

    pkgadd [-n] [-a <adrain>] [-d <device>] [-G] [-r <response>]    [-R <rootPath>] [<source>]  [<instances>]

The options and arguments are described here:

  • -a <admin>. This indicates to use the installation administration file specified by <admin> instead of the default file. If the full path is not specified, the file is first looked for in the current working directory; if not found there, it is then looked for in the /var/sadm/install/admin directory.

  • -d <device>. This indicates that the package to be installed should be copied from the device specified by <device>, which could be a full path name to a directory or the identifier for a tape, floppy disk, or removable disk such as /var/tmp or /floppy/<floppy_name>. The <device> can also specify a device alias or a datastrcam created by the pkgtrans command.

  • -G. This instructs the user to add the package only to the current zone. Zones are described in Chapter 15.

  • -n. This specifies the installation mode to be non-interactive, and the list of the installed files is not displayed. The default mode is interactive.

  • -r <response>. This specifics the full path to the file that contains the responses from the previous pkgask command. These responses can be used by the pkgadd command instead of requiring the user to type the responses.

  • -R <rootPath>. This specifics the full path to the directory to be used as the root for installation.

  • <source>. This is an alternative to the -d <device> option; it is to specify the source of the packages to be installed.

  • <instances>. This lists the package instances to be installed. By default, the command searches for the instances on the source and presents the list for you to select the instances for installation. Think of an instance of a package as a working copy of the package.

On the Job 

An instance of a package is created by opening the package; it contains a working copy of all the private data of the package. Opening a package allocates memory for the instance's data and sets the data to the initial values stored in the package. The package instance exists until it is terminated by closing the package, which frees the memory used to hold the package data. Multiple instances, which can exist simultaneously, can be created from the same package.

On occasion you may just want to copy the packages to the system for a possible installation at a later time. You can do this by using the pkgadd command with the spool option that follows:

    pkgadd -d <deviceName> -s <spoolDir> <pkgid>

This form of the command copies the packages from the device specified by <deviceName> to the directory specified by <spoolDir>. The argument <pkgid> specifics a space-delimited list of packages that need to be copied; the default is to copy all the packages from the specified device.

On the Job 

If the -d <device> option is not specified, the pkgadd command looks for the packages in the spool directory /var/spool/pkg.

Once you've installed a package, you need to verify the accuracy of the installation.

Checking a Package

You can use the pkgchk command to check the accuracy of installed files, including the integrity of directory structures and files in a package. You can also use this command to display the information about the package files. The detected discrepancies are written to the standard error device along with a detailed explanation of the problem. The syntax for the pkhchk command is as follows:

    pkgchk [-a|-c] -1] [-p <pathName>[-v] <pkgid>

The options are described here:

  • -a|c. The -a option means check the file attributes only and not the file contents, whereas the -c option means check the file contents only and not the file attributes. The default is to check both the file attributes and the file contents.

  • -l. This option specifies to list the information about the files contained in the package.

  • -p <pathName>. This option specifies to limit the check to the files whose path names are given in a comma or white space-delimited list specified by <pathName>.

  • -v. This option specifies the verbose mode.

  • <pkgid>. This option specifies the space-delimited list of packages. By default, all the installed packages on the system are checked.

You can also use the pkgchk command with the -d <device> option to check the content of the packages that have not yet been installed but were spooled on the device specified by <device>, which could be a directory, tape, or floppy disk.

Now that you know how the pkgchk command works, here are some practical scenarios and their solutions.

SCENARIO & SOLUTION

You want to check the content of an installed . package SUNWbash.

Issue the command pkgchk -c SUNWbash.

You want to check the file attributes of an installed package SUNWPython.

Issue the command pkgchk -a SUNWPython.

You want to check the software packages that have not yet been installed but were spooled in the /var/install/packages directory.

Issue the command pkgchk -d /var/install/packages.

At times you may just want some information about packages; you can get that by using the pkginfo command.

Retrieving Information about Packages

You can use the pkginfo command to retrieve information about software packages that are installed on the system or about the packages that reside on a particular device such as a directory or a tape. Without options (that is, by default), the pkginfo command displays the primary category, package instance, and the names of all completely and partially installed packages—one line per package. The command has the following syntax:

    pkginfo [-i|-p] [-1 |-q|-x] [-c <category>] [<instances>]

The options are described here:

  • -i|-p. The -i option means display information only about the fully installed packages, whereas the -p option means display information only about the partially installed packages.

  • -l|-q|-x. The -l option specifies the long display format, the -q option specifies do not display any information (used by programs), and the -x option specifies an extracted listing of package information.

  • -c <category>. This option only displays packages whose category is included in the list specified by <category>. The category is a package attribute whose value is defined in the pkginfo file of the package.

You can also use the pkginfo command with the -d <device> option to get the information about the packages that have not yet been installed but were spooled on a device specified by <device>, which could be a directory, tape, or floppy disk.

On occasion, you may want to remove a package from your system, and you can do that by using the pkgrm command.

Removing a Package

You can use the pkgrm command to remove a completely or partially installed package from the system. If the command finds a dependency of another package on the package under removal, an action defined in the admin file is taken. The default mode for the command is interactive, which means that the prompt messages are displayed to allow you to confirm the actions to be taken. However, while issuing the command, you can override the default interactive mode with the non-interactive mode by using the -n option. Also, by default, the pkgrm command deletes all the files that compose the package except those shared by other packages.

The pkgrm command has the following syntax:

    pkgrm [-a <admin>] [-A] [-n] [<pkgid>]

The operand <pkgid> specifies the space-delimited list of packages that will be removed. The default is to remove all the available packages. The options are described here:

  • -a <admin>. This option indicates to use the installation administration file specified by <admin> instead of the default file. If the full path is not specified, the file is first looked for in the current working directory; if not found there, it is then looked for in the /var/sadm/install/admin directory.

  • -A. This option instructs to remove all the files of the package including those shared by other packages.

  • -n. This option specifies the non-interactive mode; the default is the interactive mode.

You already know that you can spool (store) packages without installing them by using the pkgadd command. Accordingly, you can remove the spooled packages by using the pkgrm command as follows:

    pkgrm -s <spoolDir>

The argument <spoolDir> specifies the full path to the spool directory from which the packages are to be removed. The default spool directory is /var/sadm/pkg.

On the Job 

Use the same kind of tool to uninstall a software package as you used to install it. For example, if you used SUN GUI to install a software package, use the GUI to uninstall it and not the command. Also never uninstall a package manually by using the rm command on its files. It will create inconsistencies and can damage the other installed packages.

The application packages are independent modules of software offering additional functionality, and their task does not include modifying the existing files on the system. The software components (special packages) that may update or replace the existing files are called patches. In addition to managing the packages, you will also need to manage patches.

Performing Patch Administration

A patch is a collection of files and directories that may replace or update existing files and directories that are preventing proper execution of the existing software. A patch is identified by its unique patch ID, which is an alphanumeric string that consists of a patch base code and a number that represents the patch revision number; both separated by a hyphen (e.g., 108528-10). You can get Solaris patches from the following web site:

  • http://sunsolve.sun.com

If the patches you downloaded are in a compressed format, you will need to use the unzip or the tar command to uncompress them before installing them. You do not have to install each available patch. The strategy for updating software (applying patches) recommended by Sun includes these practices:

  • Analyze the need to apply patches (or update your software) based on risk, cost, availability, and timing.

  • Minimize change to your environment whenever possible.

  • Address Sun Alert notifications and other critical issues as soon as possible.

  • Make other changes to your environment only to address known problems.

  • Keep your environment as current as appropriate for your business and application needs.

You can install and uninstall the patches on your system by using the patchadd and patchrm commands, respectively.

Managing Patches with the patchadd Command

You can use the patchadd command to install patches and to find out which patches are already installed on your system. You can use this command only on Solaris 2.x or higher version. Remember that to apply a patch means to install it, and the files to be patched refer to the already installed files that are being modified or replaced as a result of installing the patch. The patchadd command used to apply (install) a patch has the following syntax:

    patchadd [-d] [-G] [-u] [-B <backoutDir>] <source> [<destination>]

The options and operands are described here:

  • -d. Do not back up the files to be patched (changed or removed due to patch installation). When this option is used, the patch cannot be removed once it has been added. The default is to save (back up) the copy of all files being updated as a result of patch installation so that the patch can be removed if necessary.

  • -G. Adds patches to the packages in the current zone only. Zones are discussed in Chapter 15.

  • -u. Turns off file validation. That means that the patch is installed even if some of the files to be patched have been modified since their original installation.

  • -B <backoutDir>. Saves the backout data to a directory whose full path is specified by <backoutDir>. The backout data is the data created when a patch is applied to enable the system to return to its previous state if the patch is removed—that is, backed out.

  • <source>. Specifies the source from which to retrieve the patch, such as a directory and a patch id.

  • <destination>. Specifies the destination to which the patch is to be applied. The default destination is the current system.

The following form of the patchadd command can be used to find out which patches are currently installed:

    patchadd -p <dest±nation>

Now that you know how to use the patchadd command to manage patches, here are some practical scenarios and their solutions.

SCENARIO & SOLUTION

Obtain information about all the patches that have already been applied on your system.

Issue the command patchadd -p.

Find out if a particular patch with the base number 113029 has been applied on your system.

Use patchadd -p | grep 113029.

Install a patch with patch id 105754-03 from the /var/sadm/spool directory on the current standalone system.

Use patchadd /var/sadm/spool/105754-03.

Verify that the patch has been installed.

Use patchadd -p | 105754.

While you install a patch, the patchadd command logs information into the following file:

    /var/sadm/patch/<patch-ID>/log

Note that the patchadd command cannot apply a patch under the following conditions:

  • The package is not fully installed on the system.

  • The architecture of the patch package differs from the architecture of the system on which it is being installed.

  • The version of the patch package does not match the version of the corresponding installed package.

  • A patch with the same base code and a higher revision number has already been applied.

  • A patch that makes this patch obsolete has already been applied.

  • The patch to be applied is incompatible with a patch that has already been applied to the system. Each installed patch keeps this information in its pkginfo file.

  • The patch to be applied depends on another patch that has not yet been applied.

On the Job 

In the process of installing a patch, the pkgadd command is called to apply the patch packages from the patch directory to a local system's disk. However, do not use the pkgadd command directly to install a patch; use the patchadd command instead.

You can issue the following command to get the revision information about the patches installed on your system:

    showrev -p

In general, the showrev command is meant for displaying the machine, software revision, and patch revision information. If issued without any argument and option, this command displays the system revision information in general, including hardware provider, hostname, hostid, domain, release, kernel architecture and version, and application architecture.

Clearly, installing a patch is more involved than installing a package, because when you install a patch you might be updating or overwriting some existing files. Consequently, there are issues of saving those files and restoring them if you need to uninstall the patch at a later time.

Removing Patches

You can remove (uninstall) a patch and restore the previously saved files by using the patchrm command. This command can be used only on Solaris 2.x or higher versions. The command has the following syntax:

    patchrm [-f] [-G] -B <backoutDir>] <patchID>

The operand <patchID> specifies the patch ID such as 105754-03. The options are described here:

  • -f. Forces the patch removal even if the patch was superseded by another patch.

  • -G. Removes the patch from the packages in the current zone only. Zones are discussed in Chapter 15.

  • -B <backoutDir>. Specifics the backout directory for a patch to be removed so that the saved files could be restored. This option is needed only if the backout data has been moved from the directory where it was saved during the execution of the patchadd command.

For example, the following command removes a patch with patch ID 105975-03 from a standalone system:

    patchrm 105975-03

As a security feature, a package can include a digital signature. The valid digital signature of a package ensures that the package has not been modified since the signature was applied to it. Because the digital signature can be verified before the package is added to your system, using signed packages is a secure method of downloading or adding packages. A signed package is identical to an unsigned package, except for the digital signature. The same holds true for the patches.

The three most important takeaways from this chapter are as follows:

  • Solaris installation software offers several installation methods to address different situations under which the installation will be performed. Solaris can be installed on both SPARC and x86-based hardware systems.

  • When you install Solaris, you install a software group that consists of software packages and clusters. Applications in the Solaris world are distributed in the form of packages that you can add to an installed Solaris system.

  • You can also add patches that are released between the two releases of the OS to an installed system to fix existing problems or to add new features to keep the system current.



Previous page
Table of content
Next page
Sun Certified System Administrator for Solaris 10 Study Guide Exams 310-XXX & 310-XXX
Sun Certified System Administrator for Solaris 10 Study Guide Exams 310-XXX & 310-XXX
ISBN: N/A
EAN: N/A
Year: 2005
Pages: 168
BUY ON AMAZON
VBScript Programmers Reference
Postfix: The Definitive Guide
C & Data Structures (Charles River Media Computer Engineering)
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
FileMaker 8 Functions and Scripts Desk Reference
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy