8 Replies Latest reply on Aug 13, 2012 3:34 PM by Soory

    Java update

      I want to remove Java 1.5 on my servers and replace it with Java 1.6. Can someone tell me how to do it safely?
      I have the Java Desktop on my servers, so I'm concerned that removing Java 1.5 will break the server.
      I started to remove the Java packages but the system wanted to remove additional packages that depend on the java packages.

      Any help would be great.
        • 1. Re: Java update
          Dump the new java into /usr/java/current and then adjust YOUR path statement and not root's.

          • 2. Re: Java update
            Don't remove the current running version. Instead, install the latest version in desired path and point /usr/bin/java to link to the new version. In this case system will not break. I have done this in my manufacturing production environment.
            • 3. Re: Java update
              So if I install the newer version of Java and then point /usr/bin/java to the new Java, can I then remove the old version? The reason I want to remove the old version is, so It will not come up on the security scans performed on the server. If it comes up I have to patch the old version.
              • 4. Re: Java update
                How does this help?
                • 5. Re: Java update
                  Dump the new java into /usr/java/current and then adjust YOUR path statement and not root's.

                  how does this help?
                  • 6. Re: Java update
                    For a security scan it won't.

                    Presumably the Java that is already installed was at or near the latest at the time. So whatever was written by a Sun/Oracle Engineer used the version they had at the time.

                    Installing patches may change the Java version or it may not.

                    I'm of the school to leave the base stuff alone and if you need to upgrade anything or add features such as adding stuff to the default Apache that is installed leave the Sun/Oracle stuff alone and roll your own.

                    So if you use Java and you're worried about security holes then install a more current Java into another directory and then just change your path. A relatively quick and painless thing to do.

                    I would advocate against just changing the link in /usr/bin. It's painless to just dump a current version some place else and change paths. Simple and effective. And a different admin won't have to figure out what you changed and then try to figure out why.

                    If your security scan indicates that the one installed needs patching then you need a support contract.

                    Which would be the appropriate way to do this in my opinion.

                    Then you don't have to worry about if the latest and greatest version 7 may cause compatibility problems. If you don't want to pay for updates then install the latest and greatest on a dev box and massage until you're sure that it doesn't break anything. And if it does then Oracle support will tell you to rollback before they even look at the issue. Which is the real reason I just put newer stuff or addons on a separate build. Less issues to deal with. The same with adding stuff to Apache. If you have issues they'll tell you to return back to stock and then they'll look at it.

                    • 7. Re: Java update
                      Thanks for your help. We have a support contract with Oracle. I was just wanting to remove the old Java so I would not have to patch it. All Java on my servers are up to date. Most of the apps on our servers use embedded Java, So I have to patch them as well. I have a few servers that come up with 4 or 5 versions of java installed on them. I'm the admin that does the Java patching, my coworker does the 10_recommended patches which also update java sometimes. If there is ever a question as about Java patches I'm the one that handles it. The system java is mostly used for the Java desktop as far as I can tell.
                      • 8. Re: Java update
                        I opted to not to remove the old version, because some of the applications may be still using it, which should not stop working. Hence, removing or running multiple versions depends on your environment.

                        I agree setting the PATH variable is also a good option.