Hello, I'm new to Solaris System Administration and have 7 Solaris 9 boxes that I now am managing. One of my first tasks is to find out if these Solaris boxes need any updates. I've been doing some reading on the subject and am finding that there are many ways to do this. Update Manager, smpatch, patchadd, Recommended Patch Pack, Alert Patch Pack, etc... I'm interested in how other Sysadmins are keeping their Solaris boxes up-to-date. What strategies do you find work best?
all depends i guess on what there boxes do and where they are in the network environment.
In theory, it's usually a good idea to with the bundled patches. i used to work on Netware, they used to have consolidated service packs where the vendor tests and bundle/lumps the patches together for you. Sun have clustered patches which seems to be a similar thing.
In practice, my gut instincts based on real work experience are to
- if it ain't broke, don't fix it, but monitor it
- if you have to patch it because of security alerts, then be conservative. on boxes that have been in production for a long time, the hardware is not up to date, and there are services and deamons that who knows who put on before you, there is that possibility that installing a group of patches at once breaks something. So doing them one by one might be a safer route.
- have a test environment and test the patch and how to roll out of it before you deploy.
I look after 40 solaris boxes at present, we use live upgrade (LU) to patch our systems.
search LU patching, but the in simple terms we use LU to create a copy of the boot env and then patch that copy (cluster patches) and reboot, if all is ok we stay on that new boot env, if you run into problems with apps etc we roll back to the old boot env.
@ forum member 874464,
Welcome to the forum. Please don't post in threads that are long dead.
This one was originally posted to a former Sun Microsystems forum that was merged into this Oracle forum. None of the original thread participants ever bothered to re-register, thus the username of `SunFOrumsGuest20` [sic]. No one will come back to review the new data.
If a thread hasn't been touched in (something like) a couple of months, leave it be.
When the time comes that you have your own new question, start your own topic. Feel free to provide a link to an old post that may be relevant to your problem. Moderator Advice and Action:
I'm locking this thread now.