Our patching policy requires that we run patches through a series of environments before they enter production. This means we must create a baseline and maintain it throughout our patch cycle. In the past this was accomplished by simply grabbing a patch cluster and using it throughout the cycle. I would like to move forward and begin using smpatch and a local patch server to accomplish what we used to do while providing the ability to report patch complaince against baseline. I would also like to be able to run a report against the latest patch database to help identify patches that may need to be fast-tracked due to their criticalness.
Ideally, it would be nice to simply copy the "current2.zip" database to "current2_YYYYMMDD.zip" and flip the clients patchpro.patchset setting to either use the baseline database or the current database. Is this, or something like this, possible?
I'm planning to set the patchsvr "Patchset maximum age:" to 0 to keep the database around indefinitely. I will then copy the current2.zip file to the dated filename as a baseline copy. When I want to analyze against current I can delete the current2.zip file and it will pull a fresh copy from sun. I can then simply restore the baseline file when finished so patching and analysis will revert to the baseline.
Does this sound reasonable? Am I missing something simple and all this manual effort isn't really necessary? Any help would be appreciated.
If the procedure you documented works for your environment then by all means use it. However I should note that patching multiple systems to the same baseline is not natively support within smpatch.
If you're willing to switch to a different tool: PCA handles baseline patching just fine:
It uses Sun's patchdiag.xref file as the patch information database, and you can simply feed any past version of that file into PCA using its "--xrefdir" and "--nocheckxref" options.