This
chapter introduces you to the
dupatch
utility for installing,
removing, and managing patches.
It also provides information you must be aware
of when installing patches.
See
Chapter 4
for instructions
on installing and removing patches from the Tru64 UNIX operating system and
the TruCluster Software Products (TCR)
2.1 Overview of dupatch
All official Tru64 UNIX and TCR patches are installed, removed,
and managed through the
setld-based
patch management utility
dupatch.
Because
dupatch
manages patch interdependencies, direct
setld
installations and deinstallations (setld
-l
-d) are disabled.
Note
For clustered systems running TruCluster Server Version 5.0A or higher, the
dupatchutility is run in conjunction with the rolling upgrade procedure described in Chapter 5.
Directions for enabling or disabling patches are provided after the successful installation or removal of all selected patches (for example, kernel rebuild and system reboot).
The
dupatch
utility is a command line interface that
provides you with menus that step you though the various tasks.
With
dupatch, you can perform the following actions:
Install and remove all or selected patches.
View the patch-specific documentation.
View patch tracking and management information.
Establish a baseline for systems that had manually installed system files placed on them.
The
dupatch
utility captures patching activities
in the following log files:
/var/adm/patch/log/session.log
Every time you run
dupatch
it creates a session log
that captures
dupatch
activities.
The
session.log
files from the previous 25 sessions are saved.
The order is first
in, first out -- with
session.log.25
as the oldest
file.
/var/adm/patch/log/Dupatch_load_Date.log
When you run
dupatch
from the newly untarred kit
or from the mounted Tru64 UNIX Patch CD-ROM,
dupatch
determines if the patch distribution contains new patch tools, and loads
them if necessary.
This log file would have a name similar to this:
Dupatch_load_2000Jul1:15:43:35.log
/var/adm/patch/log/baseline.log
When you run the system baselining feature,
dupatch
creates a baseline log.
The
session.log
files from the
previous 25 sessions are saved.
The order is first in, first out -- with
baseline.log.25
as the oldest file.
When
patches are installed or removed, an event log that captures installation
and removal information is created.
It is located in
/var/adm/patch/log/event.log.
Only one copy of the file is updated each time patches are installed
or removed.
The
dupatch
utility also manages
the system inventory for Tru64 UNIX and TCR patches.
This enables patch
tracking and management of patch activity such as:
Tracking current
dupatch-installed patches.
Ensuring correct handling of customized system configuration
files so that customizations are not lost (for example,
conf.c).
These files are also referred to as system-protected files (.new..).
Validating patch applicability to existing system files (collision detection).
2.2 Patch Installation and Removal
Patch installation and removal is accomplished through the
dupatch
utility.
For patch installation and removal
dupatch
manages the following:
Patch applicability
Patch dependencies
Patch reversibility
System inventory changes for patches
Capturing patch activities in log files
Patch applicability to the existing system files is done on a file-by-file basis for each patch. This ensures that the installation of a patch will not degrade or crash the system. The installation of a patch is blocked if any system files to be replaced by a patch are not valid predecessors of the patch files.
Patch applicability also enables consistency checking and reporting for the installation of Tru64 UNIX and TCR patches.
In all cases where a patch is blocked, informative messages are provided to assist you in determining how to proceed. Chapter 7 lists common error messages and suggested corrective actions.
The installation of a patch is blocked if any of the following conditions exist:
The underlying software product subset is not installed. For example if the applicable Tru64 UNIX or TCR release subset is not installed.
The
setld
inventory is inconsistent with
the existing system files.
This occurs when an operating system or TCR
setld
subset is installed and individual operating system files
that are part of that subset are moved, deleted, or replaced.
Any of the existing system files (files that are targeted
to be updated by a patch) have changed and cannot be related to previous versions
of the patch.
This ensures that operating system files that change due to
other explicit system administrator action (for example, layered product patches
or non-dupatch
installed CSP installations) are not inadvertently
overwritten.
You must take special action, through the baseline feature, to
enable patch installation in this situation.
2.2.2 Patch Dependency Management
Selective patch installation and removal is allowed in the Tru64 UNIX
and TCR patch kits.
When patches are selectively chosen,
dupatch
provides warning messages regarding other dependent patches requiring
installation or removal for correct system operation.
The
dupatch
utility manages
the dependencies between patches within each product patch kit and across
product patch kits.
For example,
dupatch
manages the following
kinds of dependencies when patches on systems where both Version 4.0F and
TCR1.6 are installed or removed:
Patch dependencies within a product patch kit
If, for example, you choose to install Tru64 UNIX 4.0F Patch 1.00
and it depends upon Tru64 UNIX 4.0F Patch 5.00, which is not already installed
or chosen for installation, the
dupatch
preinstallation
check will warn you of the dependency and prevent the installation of Tru64 UNIX
4.0F Patch 1.00.
If the patch selections are reversed,
dupatch
will
warn you and prevent installation of the chosen patch.
Patch dependencies across product patch kits
If, for example, you choose to install Tru64 UNIX 4.0F Patch 1.00
and it depends upon TruCluster 1.6 Patch 17.00, which is not already installed
or chosen for installation, the
dupatch
preinstallation
check will warn you of the dependency and prevent the installation of the Tru64 UNIX
4.0F Patch 1.00.
If the patch selections are reversed,
dupatch
will
warn you and prevent installation of the chosen patch.
Note
Even though selective patch installation capabilities exist, Compaq recommends that you install all patches in each kit for Tru64 UNIX and TCR to prevent the occurrence of known and corrected software problems.
Enabling patch reversibility during patch installation allows you to revert the system to its state prior to the installation of a particular patch.
By default, the reversibility installation option is set to enable reversibility for patches. If you choose to make patch subsets nonreversible, then those patches will become nonremovable upon the successful installation of those patches.
Note
Customer-Specific-Patches are forced to be reversible when the CSP kit is manufactured. This forced reversiblity overrides the reversibility option provided by
dupatchduring installation.
Patch reversibility is dependent upon saving the existing system files
that will be updated by the patch.
Saving these files requires the availability
of adequate storage space in
/var/adm/patch/backup, which
can be a mount point for a separate disk partition, an NFS mount point, or
a symbolic link to another file system.
This allows you to configure your
system to reduce the impact on system disk space for the
/,
/usr, and
/var
partitions.
To further reduce the storage space required to save existing system
files, the patch kits for Tru64 UNIX and TCR use the
gzip
utility to save each patch file in a compressed tar image.
This results in
a file with a name like
filename.tar.gz.
The
dupatch
utility checks for the required storage
space prior to patch installation.
Patch installation is prevented if adequate
backup space is unavailable.
2.2.4 Patch Installation and Removal Event Log
Patch installation
and removal activities are logged in the patch event log located in
/var/adm/patch/log/event.log.
The information in the patch event
log is not yet available through the
dupatch
user interface.
However, the file is plain text and can be viewed manually.
The following list describes the types of information an event log provides, although the format and content are subject to change. Example 2-1 shows a typical event log.
| DUPATCH_REV> | The revision of
dupatch
being used |
| TYPE> | The type of action that was taken; either install or remove |
| NAME> | The name entered by user through a
dupatch
query |
| USER> | the name of the user performing the action |
| NOTES> | Notes that were entered by the user through
a
dupatch
query |
| KITLOC> | The directory from which the patch kit was installed |
| KITNAME> | The name of the patch kit that was installed |
| REVERT> | The choice made on whether or not the patch installation is reversible |
| BACKUP_DIRECTORY> | A pointer to the directory that contains the original files before they were patched |
| BACKUP_SETUP> | A plain directory; not a mount point or a symbolic link |
| SUCCEED> | A list of patches for which the action succeeded |
| FAIL> | A list of patches for which the action failed |
<RECORD> DUPATCH_REV>27-04 TYPE>install NAME>msstone USER>mstone DATE>Mon Jul 3 13:03:33 EST 2000 NOTES>Install BL13 patches from CD-ROM > KITLOC>/cdrom/DIGITAL_UNIX_V4.0F/patch_kit/DIGITAL_UNIX_V4.0F/kit KITNAME><DUV40FAS0004-20000613> OSF440 REVERT>Y BACKUP_DIRECTORY>//var/adm/patch/backup BACKUP_SETUP> SUCCEED>OSFPAT00001900440
2.3 Viewing the Patch Documentation
When you select the Patch
Documentation item of the main menu,
dupatch
returns a
menu that gives you access to different information:
Problem summaries
Provide brief descriptions of the problems corrected by the patches. You can view the problems corrected by installed patches or by patches available from a specific kit.
Full descriptions
Provide complete descriptions of the problems corrected by the individual patches. You can view the problem descriptions for installed patches or for patches available from a specific kit.
Special Instructions
These files describe special instructions you need to be aware of for individual patches. You can view the instructions for installed patches or for patches available from a specific kit.
Report identifiers
Revision control strings
The following output shows the Patch Documentation menu and a typical session with it:
Tru64 UNIX Patch Utility (Rev. 27-04)
==========================
- This dupatch session is logged in /var/adm/patch/log/session.log
Patch Documentation Menu:
------------------------
Installed patches on the system
1) View problem summaries
2) View full descriptions
3) View special instructions
4) View Problem Report Identifiers
5) View Revision Control Strings
Patches in the patch kit
6) View problem summaries
7) View full descriptions
8) View special instructions
9) View Problem Report Identifiers
10) View Revision Control Strings
All (installed and non-installed) patches
11) View patch problem summaries
12) View patch full descriptions
13) View patch special instructions
14) View Problem Report Identifiers
15) View Revision Control Strings
b) Back to Main Menu
q) Quit
Enter your choice: 6
Patch Documentation Selection Menu:
-----------------------------------
1) List Release problem summaries
2) List Customer Specific problem summaries
3) List All problem summaries
b) Back to Documentation Menu
q) Quit
Enter your choice: 1
Enter path to the top of the patch distribution,
or enter "q" to get back to the menu [/mnt/PatchKit/kit2/patch_kit]: [Return]
There may be more patches than can be presented on a single
screen. If this is the case, you can choose patches screen by screen
or all at once on the last screen. All of the choices you make will
be collected for your confirmation before any patches are examined.
- Tru64_UNIX_V5.0A / Cluster Kernel Patches:
1) Patch 00090.00 - versw command can core dump during rolling upgrade
2) Patch 00186.00 - Disks can become inaccessible on a cluster node
- Tru64_UNIX_V5.0A / Commands, Shells, & Utilities Patches:
3) Patch 00015.00 - Fixes a problem that occurs in multibyte locales
4) Patch 00019
.
.
.
The patch description information and special instructions are conveniently
organized in the
Patch Summary and Release Notes
document
that is packaged with each kit.
2.4 Viewing Patch Tracking Information
The
dupatch
utility allows you to view the
following patch installation and removal information:
List of dupatch-installed patches on the system
The following sample log shows how you can list the installed dupatch-based customer-specific patches:
DIGITAL UNIX Patch Utility (Rev. 27-04)
==========================
- This dupatch session is logged in /var/adm/patch/log/session.log
Patch Tracking Menu:
-------------------
1) List installed patches
2) List installed patch files
3) List patch kit information for installed patches
4) Show Patch History for selected patches
5) Show System Patch History
b) Back to Main Menu
q) Quit
Enter your choice: 1
Patch Tracking Selection Menu:
------------------------------
1) List Release Patches
2) List Customer Specific Patches
3) List All Patches
b) Back to Tracking Menu
q) Quit
Enter your choice: 2
Gathering details of relevant patches, this may take a bit of time
Patches installed on the system:
-------------------------------
(depending upon the number of patches you installed, this may take a while)
- DIGITAL_UNIX_V4.0F / Commands, Shells, & Utility Patches:
Patch C 00045.00 - Fix for QAR 61365
- DIGITAL_UNIX_V4.0F / Security Related Patches:
Patch C 00043.00 - Fix for SSRT0585U
Patch C 00052.00 - Fix for SSRT0585U
- DIGITAL_UNIX_V4.0F / X11 Patches:
Patch C 00044.00 - Fix for QAR 57198
Press RETURN to get back to the Patch Tracking Menu...
List of patched files on the system
The following show how you can list the installed patch files for customer-specific patches:
DIGITAL UNIX Patch Utility (Rev. 27-04)
==========================
- This dupatch session is logged in /var/adm/patch/log/session.log
Patch Tracking Menu:
-------------------
1) List installed patches
2) List installed patch files
3) List patch kit information for installed patches
4) Show Patch History for selected patches
5) Show System Patch History
b) Back to Main Menu
q) Quit
Enter your choice: 2
Patch Tracking Selection Menu:
------------------------------
1) List Release Files
2) List Customer Specific Files
3) List All Files
b) Back to Tracking Menu
q) Quit
Enter your choice: 2
Gathering details of relevant patches, this may take a bit of time
The list of all patched files on your system:
--------------------------------------------
(depending upon the number of patches you installed, this may take a while)
./usr/bin/X11/dxpause (DIGITAL_UNIX_V4.0F Patch C 00044.00)
./usr/dt/bin/dtappintegrate (DIGITAL_UNIX_V4.0F Patch C 00043.00)
./usr/dt/bin/dtappintegrate (DIGITAL_UNIX_V4.0F Patch C 00052.00)
./usr/sbin/quotaoff (DIGITAL_UNIX_V4.0F Patch C 00045.00)
./usr/sbin/quotaon (DIGITAL_UNIX_V4.0F Patch C 00045.00)
Press RETURN to get back to the Patch Tracking Menu...
List of patch kit information on installed patches
The following shows how you can list the patch kits for the installed patches on your system:
DIGITAL UNIX Patch Utility (Rev. 27-04)
==========================
- This dupatch session is logged in /var/adm/patch/log/session.log
Patch Tracking Menu:
-------------------
1) List installed patches
2) List installed patch files
3) List patch kit information for installed patches
4) Show Patch History for selected patches
5) Show System Patch History
b) Back to Main Menu
q) Quit
Enter your choice: 3
Patch Tracking Selection Menu:
------------------------------
1) List Release kit information
2) List Customer Specific kit information
3) List All kit information
b) Back to Tracking Menu
q) Quit
Enter your choice: 3
Gathering details of relevant patches, this may take a bit of time
Patches installed on the system came from following patch kits:
--------------------------------------------------------------
- DUV40F1-C0004300-1367-19991104 OSF440
- DUV40F1-C0004400-1372-19991105 OSF440
- DUV40F1-C0004500-1373-19991105 OSF440
- DUV40F1-C0005200-1377-19991105 OSF440
- DUV40FAS0001-19990609 OSF440
NOTE
When a patch kit is listed, it does not necessarily mean
all patches on that kit are installed on your system.
Press RETURN to get back to the Patch Tracking Menu...
If no patches are installed on the system, you will receive a message similar to the following:
There are no patches installed on your system.
List history for selected patches
The following shows you how to show the patch history for selected patches:
DIGITAL UNIX Patch Utility (Rev. 27-04)
==========================
- This dupatch session is logged in /var/adm/patch/log/session.log
Patch Tracking Menu:
-------------------
1) List installed patches
2) List installed patch files
3) List patch kit information for installed patches
4) Show Patch History for selected patches
5) Show System Patch History
b) Back to Main Menu
q) Quit
Enter your choice: 4
Patch Tracking Selection Menu:
------------------------------
1) List Release Patch History for selected patches
2) List Customer Specific Patch History for selected patches
3) List All Patch History for selected patches
b) Back to Tracking Menu
q) Quit
Enter your choice: 3
There may be more patches than can be presented on a single
screen. If this is the case, you can choose patches screen by screen
or all at once on the last screen. All of the choices you make will
be collected for your confirmation before any patches are listed.
- DIGITAL_UNIX_V4.0F / Commands, Shells, & Utility Patches:
1) Patch 00020.00 - Cannot Use ipcs Cmd On System Not Booted With vmunix
2) Patch 00025.00 - Fix For ksh, file, tail, nawk, awk, And pax
3) Patch 00032.00 - mkdir -p Not Returning Error
4) Patch 00038.00 - quotaon Returns Incorrect Error Status
5) Patch 00040.00 - binmail Delivers Only Partial Messages
6) Patch 00041.00 - Fix For nroff Y2K Problem
7) Patch 00045.00 - Fix For sort -i Abort Problem
8) Patch 00047.00 - vi Puts Server Port INTO PASSALL MODE
9) Patch C 00045.00 - Fix for QAR 61365
10) Patch C 00046.00 - Fix for TLAQ90041
- DIGITAL_UNIX_V4.0F / Common Desktop Environment (CDE) Patches:
11) Patch 00005.00 - dtfile May Leave Defunct Processes
- DIGITAL_UNIX_V4.0F / Filesystem Patches:
12) Patch 00039.00 - System Panic When Accessing ISO9660 Format CDROM
13) Patch 00054.00 - AdvFS volumes Not Setting I/O Byte Transfer Size
- DIGITAL_UNIX_V4.0F / Hardware Configuration Patches:
14) Patch 00018.00 - Resolves Corrupt EV6 Binary Error Log Entries
15) Patch 00072.00 - Updates FORE ATM (lfa) driver to Rev. V1.0.14
- DIGITAL_UNIX_V4.0F / I/O Device Handling Patches:
16) Patch 00053.00 - Fix For spo_process_rsp Panic
17) Patch 00056.00 - KZPCA Host Bus Adapter May Hang
18) Patch 00058.00 - Additional Error Detection for FC Driver
19) Patch 00060.00 - Fix For spo_misc_errors errlog Entries
20) Patch 00073.00 - Problems With Driver Support For ELSA Gloria Synergy
- DIGITAL_UNIX_V4.0F / Kernel Patches:
21) Patch 00016.00 - Fixes Kernel Memory Fault Caused By SMP Race
22) Patch 00034.00 - Fix For kio Subsystem Panic
23) Patch 00044.00 - Fix For Kernel Memory Fault
24) Patch 00055.00 - New Functionality To Detect Unlinked Reference Files
- DIGITAL_UNIX_V4.0F / Library Patches:
25) Patch 00046.00 - Shared Library Fix For curses-based Applications
26) Patch 00048.00 - DECthreads Library Fix
- DIGITAL_UNIX_V4.0F / Network Patches:
27) Patch 00008.00 - Fix For POP Mail Handler
28) Patch 00017.00 - Fix For BIND Server
29) Patch 00021.00 - Fix For XTI And DECnet/OSI
30) Patch 00022.00 - automount Daemon Hangs
31) Patch 00043.00 - Fix For XTI Over TCP/IP
32) Patch 00057.00 - Fixes Several NFS Problems
33) Patch 00059.00 - Characters Randomly Repeated Using tip
- DIGITAL_UNIX_V4.0F / Security Related Patches:
34) Patch 00002.00 - Security (SSRT0571U)
35) Patch 00003.00 - Security (SSRT0585U)
36) Patch 00004.00 - Security (SSRT0580U)
37) Patch 00006.00 - Security (SSRT0600U)
38) Patch 00011.00 - Security (SSRT0596U)
39) Patch 00012.00 - Security (SSRT0567U)
40) Patch 00028.00 - Security (SSRT0556U)
41) Patch 00031.00 - Security (SSRT0563U)
42) Patch C 00043.00 - Fix for SSRT0585U
43) Patch C 00052.00 - Fix for SSRT0585U
- DIGITAL_UNIX_V4.0F / X11 Patches:
44) Patch 00007.00 - dxcalendar Reminder Displays Through dxpause Screen
45) Patch 00062.00 - Fix For Motif Drag-and-Drop
46) Patch 00063.00 - xfs Fails With Segmentation Fault
47) Patch 00074.00 - Fix For ELSA Gloria Synergy Graphics Board
48) Patch C 00044.00 - Fix for QAR 57198
Or you may choose one of the following options:
49) ALL of the above
50) CANCEL selections and redisplay menus
51) EXIT without listing any patches
Enter your choices or press RETURN to redisplay menus.
Choices (for example, 1 2 4-6): 49
You are listing the following patches:
- DIGITAL_UNIX_V4.0F / Commands, Shells, & Utility Patches:
Patch 00020.00 - Cannot Use ipcs Cmd On System Not Booted With vmunix
Patch 00025.00 - Fix For ksh, file, tail, nawk, awk, And pax
Patch 00032.00 - mkdir -p Not Returning Error
Patch 00038.00 - quotaon Returns Incorrect Error Status
Patch 00040.00 - binmail Delivers Only Partial Messages
Patch 00041.00 - Fix For nroff Y2K Problem
Patch 00045.00 - Fix For sort -i Abort Problem
Patch 00047.00 - vi Puts Server Port INTO PASSALL MODE
Patch C 00045.00 - Fix for QAR 61365
Patch C 00046.00 - Fix for TLAQ90041
- DIGITAL_UNIX_V4.0F / Common Desktop Environment (CDE) Patches:
Patch 00005.00 - dtfile May Leave Defunct Processes
- DIGITAL_UNIX_V4.0F / Filesystem Patches:
Patch 00039.00 - System Panic When Accessing ISO9660 Format CDROM
Patch 00054.00 - AdvFS volumes Not Setting I/O Byte Transfer Size
- DIGITAL_UNIX_V4.0F / Hardware Configuration Patches:
Patch 00018.00 - Resolves Corrupt EV6 Binary Error Log Entries
Patch 00072.00 - Updates FORE ATM (lfa) driver to Rev. V1.0.14
- DIGITAL_UNIX_V4.0F / I/O Device Handling Patches:
Patch 00053.00 - Fix For spo_process_rsp Panic
Patch 00056.00 - KZPCA Host Bus Adapter May Hang
Patch 00058.00 - Additional Error Detection for FC Driver
Patch 00060.00 - Fix For spo_misc_errors errlog Entries
Patch 00073.00 - Problems With Driver Support For ELSA Gloria Synergy
- DIGITAL_UNIX_V4.0F / Kernel Patches:
Patch 00016.00 - Fixes Kernel Memory Fault Caused By SMP Race
Patch 00034.00 - Fix For kio Subsystem Panic
Patch 00044.00 - Fix For Kernel Memory Fault
Patch 00055.00 - New Functionality To Detect Unlinked Reference Files
- DIGITAL_UNIX_V4.0F / Library Patches:
Patch 00046.00 - Shared Library Fix For curses-based Applications
Patch 00048.00 - DECthreads Library Fix
- DIGITAL_UNIX_V4.0F / Network Patches:
Patch 00008.00 - Fix For POP Mail Handler
Patch 00017.00 - Fix For BIND Server
Patch 00021.00 - Fix For XTI And DECnet/OSI
Patch 00022.00 - automount Daemon Hangs
Patch 00043.00 - Fix For XTI Over TCP/IP
Patch 00057.00 - Fixes Several NFS Problems
Patch 00059.00 - Characters Randomly Repeated Using tip
- DIGITAL_UNIX_V4.0F / Security Related Patches:
Patch 00002.00 - Security (SSRT0571U)
Patch 00003.00 - Security (SSRT0585U)
Patch 00004.00 - Security (SSRT0580U)
Patch 00006.00 - Security (SSRT0600U)
Patch 00011.00 - Security (SSRT0596U)
Patch 00012.00 - Security (SSRT0567U)
Patch 00028.00 - Security (SSRT0556U)
Patch 00031.00 - Security (SSRT0563U)
Patch C 00043.00 - Fix for SSRT0585U
Patch C 00052.00 - Fix for SSRT0585U
- DIGITAL_UNIX_V4.0F / X11 Patches:
Patch 00007.00 - dxcalendar Reminder Displays Through dxpause Screen
Patch 00062.00 - Fix For Motif Drag-and-Drop
Patch 00063.00 - xfs Fails With Segmentation Fault
Patch 00074.00 - Fix For ELSA Gloria Synergy Graphics Board
Patch C 00044.00 - Fix for QAR 57198
Is this correct? (y/n): y
Patch History for selected patches
Date Time Prd Patch Operation KitName
---- ---- ___ _____ _________ _______
1999/11/05 13:13 DU Patch C 00052.00 Installed DUV40F1-C0005200-1377-19991105
1999/11/05 12:56 DU Patch C 00046.00 Removed
1999/11/05 10:53 DU Patch C 00046.00 Installed DUV40F1-C0004600-1374-19991105
1999/11/05 10:50 DU Patch C 00045.00 Installed DUV40F1-C0004500-1373-19991105
1999/11/05 10:48 DU Patch C 00044.00 Installed DUV40F1-C0004400-1372-19991105
1999/11/05 10:43 DU Patch C 00043.00 Installed DUV40F1-C0004300-1367-19991104
1999/11/04 10:11 DU Patch 00074.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00073.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00072.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00063.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00062.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00060.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00059.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00058.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00057.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00056.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00055.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00054.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00053.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00048.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00047.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00046.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00045.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00044.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00043.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00041.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00040.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00039.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00038.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00034.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00032.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00031.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00028.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00025.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00022.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00021.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00020.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00018.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00017.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00016.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00012.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00011.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00008.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00007.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00006.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00005.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00004.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00003.00 Installed DUV40FAS0001-19990609
1999/11/04 10:11 DU Patch 00002.00 Installed DUV40FAS0001-19990609
Press RETURN to get back to the Patch Tracking Menu...
2.5 Handling Manually Installed System Files with Baselining
A
dupatch
feature called baselining looks at the files installed on a system, compares
them to the files it expects to find, and prevents the installation of any
patch files that might cause an incompatibility among system files.
This section
provides an overview of the baselining process.
See
Section 4.7
for instructions on setting a baseline.
Unknown system files occur when the files are replaced through non-standard system file installation methods such as the following:
The manual installation of system files such as system administration customizations or manually installed patches
Using the
setld
utility to install system
files from user-derived
setld
subsets
Using the
setld
utility to install files
for layered software products
Changes that result from weak system control programs (usually
named
file.scp)
Missing system files result from a root user manually deleting system
files that were installed during a standard full or update installation
procedure or with the
dupatch
utility.
The file is removed
but the system inventory records are still in place.
Unknown and missing system files will block patch installations until you take corrective action. However, before taking any action, it is important that you understand the origin of the unknown system files or why missing files are no longer present on your system. Changing the system without this knowledge could render your operating system or layered product software environment in an inconsistent and nonoperational state.
For example, a file whose origin is unknown that is blocking the installation of a release patch, could be part of a manually installed customer-specific patch that is not contained in the release patch. Removing that one file will disrupt the operation of your CSP and possibly the operation of the system.
When you
run the
dupatch
system baseline feature, a baseline log
file is captured in
/var/adm/patch/log/baseline.log.
The
session.log
files from the previous 25 sessions are saved.
The order
is first in, first out -- with
baseline.log.25
as
the oldest file.
You may need to set the patch baseline for your system if you have
manually installed system files or if
dupatch
informs you
that patch installation is blocked by system files that are missing or unknown.
Warning
Misusing the baselining feature can cause serious problems with your system. It is important to be aware of the following potential problems:
Enabling baselining to override its applicability checking could render your operating system or layered product software environment in an inconsistent and nonoperational state.
Enabling baselining to update your system sets a new baseline for your operating system or TCR software environments. You will not be able to revert to the previous system state for manually installed patches that were marked as installed by baselining. Compaq recommends that you backup your
/,/usr, and/varfile systems before enabling system updates throughdupatchbaselining.
Baselining is divided into five phases that provide system information
and optionally allow you to take actions that change the patch baseline of
your system.
You can run through all phases of baselining to get the system
analysis without enabling changes to your system.
You can run baselining in
multiuser mode when you are the root user.
2.5.1 Phase 1 - System Evaluation
The primary goal of Phase 1 is to evaluate your system relative to the patch kit that is being installed. However, the baselining feature will report all missing and unknown files to assist you in better understanding the state of the changed files on the system.
The rest of the baselining phases use the information gathered in Phase 1 to inform you of any installation conflicts for patches contained in the patch kit.
The amount of time needed to evaluate the state of the system varies
greatly depending on the size of the patch kit, the version of the software
product, and the performance of the system.
2.5.2 Phase 2 - Patch Layered Product Conflicts
Phase 2 reports information for patches whose installation is blocked by system files that were installed by layered products.
Baselining will not override layered product patch installation collision detection mechanisms as it is likely that the layered product or application customizations are not contained in the patch. Installation of the patch in this situation would render the layered product or application nonoperational.
To resolve this situation contact your layered product or application
Customer Services or Compaq Services if you have purchased Business
Critical Services.
2.5.3 Phase 3 - Identifying Manually Installed Patches
Phase 3 reports patches that exactly match existing files on your system
that are not marked as
installed
by the system inventory.
For example, in earlier kits, TCR release patches were installed manually.
This phase will report any manually installed release patch files that exactly
match a patch contained in the current
dupatch-based TCR
patch kit.
You can optionally enable
dupatch
to mark these patches
as
installed, which involves copying valid
setld
database information to your system.
The
dupatch
utility will copy the appropriate
patch_subset.inv,
patch_subset.scp, and
patch_subset.ctrl
files into place for these patches.
If you do not want to enable
dupatch
to mark these
patches as installed, you must manually remove the patched system files so
the normal
dupatch
installation can install the affected
patches.
2.5.4 Phase 4 - Handling Missing or Unknown Files on Your System
Phase 4 reports information about any unknown and missing system files. These files should be considered as intentional customizations which are important to correct system operation. As such, care should be taken to understand why system files have been customized.
Before enabling any patch installations in Phase 5, review the information reported in Phase 4 against your log of manual system changes to ensure you understand why the system was intentionally customized and to determine how to proceed. In some cases you may need to remove customizations to ensure proper system operation.
To assist you in identifying the origin of changed system files, baselining now reports all missing or unknown system files.
The following sections provide general guidance for some of the normal
situations where system files are intentionally customized manually.
2.5.4.1 Manually Installed Customer-Specific Patches
In response to a problem report, you may receive a manually installable customer-specific patch from your service provider. Customer-specific patches are a set of compatible files that deliver fixes to the problems you reported. Additionally the patch may include instrumentation necessary for debugging purposes.
If your system was customized through a manual installation of customer-specific
patches, you must ensure that the fixes delivered by the customer-specific
patches are included in the current release patch kit before enabling
dupatch
to overwrite any unknown or missing system files.
Warning
If you are unsure if the customer-specific patch is included in the official patch kit, do not enable
dupatchto overwrite the manually installed customer-specific patch. If you must install the official patch being blocked by a customer-specific patch, contact your service provider for assistance.
If the unknown or missing files are attributable to manually installed customer-specific patches that are included in a release patch kit, perform one of the following steps:
If all customer-specific patch files are overwritten by the
patches noted in Phase 5, you can safely enable
dupatch
to overwrite applicable missing or unknown system files.
If some of the customer-specific patch files are not overwritten by the patches noted in Phase 5, contact your service provider for assistance.
To determine if your customer-specific patch is included in the release
patch kit, refer to the
Patch Summary and Release Notes
for the release patch kit, the Compaq
Services Web-based patch search engine (http://www.service.digital.com/patches/index.html), your
service provider.
2.5.4.2 Manually Installed Release Patches
For some software products, manual installation has been the practiced method for patch installation. For example, until recently, patches for TCR had been manually installed.
You must determine whether the fixes delivered by the manually installed
release patches are included in the current
dupatch-based
release patch kit before enabling
dupatch
to overwrite
any unknown or missing system files.
Once you have made this determination,
proceed as follows:
If the unknown or missing system files are attributable to
the manual installation of release patches and those patches are included
in the current
dupatch-based releasel patch kit, you can
safely enable
dupatch
to overwrite applicable missing or
unknown system files.
If the unknown or missing system files are not attributable to manual installation, you must understand the origin of the unknown or missing system files by reviewing the information reported in Phase 4 against your log of manual system changes to ensure you understand why the system was intentionally customized, and to determine how to proceed.
2.5.4.3 User Customized Commands and Utilities
Periodically system administrators of production computing environments replace Tru64 UNIX commands or utilities with freeware or their own customized version of the command or utility. In this situation you must ensure the unknown or missing files are attributable to intentional replacement of commands, utilities, or other system files.
If the unknown or missing system files are attributable to the replacement
of commands, utilities, or other system files with customized versions for
the computing environment, do not enable
dupatch
to overwrite
the manually installed customized files.
Instead, determine the reason for
the customization and then decide how to proceed.
2.5.5 Phase 5 - Enabling dupatch to Overwrite Changed System Files
The fifth phase reports patches that are blocked due to missing or
unknown system files, and optionally allows you to override the
dupatch
conflict management mechanism so the
dupatch-based
patch may be installed.
For each patch that is blocked by a missing or unknown system file you are presented with the following information:
Software product identifier
Patch category
Patch identifier
Patch subset description
The list of unknown and missing files that block the patch installation
The origin of all other files contained in the patch
Optionally, you can enable
dupatch
to override the
collision detection mechanisms and install any of these patches.
Use the missing
and unknown file information presented in Phase 4 and your system administration
log of manual system changes to make Phase 5 patch installation enabling decisions.
Warning
Do not enable
dupatchto install patches over missing or unknown system files for which you do not know the origin. Doing so may cause your operating system and TCR software environment to be in an inconsistent and nonoperational state.
2.6 Command Line User Interface
The
dupatch
utility
provides a command line interface that allows
dupatch
to
be called by other programs.
You can use the command line to invoke all functions
except for baselining.
The functions have the same operation and definition
as the menu-driven interface.
The following example shows the use of the
dupatch
command and several of its options to install Tru64 UNIX 4.0F Patch 8.01:
/usr/sbin/dupatch -install -kit /var/bl15/patch_kit -name Mike -note \ "install patch" -product TRU64_UNIX_V5.0 -patch 08.01
The following example shows the use
of the
dupatch
command and several of its options to remove Tru64 UNIX
4.0F Patch 8.01:
/usr/sbin/dupatch -delete -name Mike -note "delete patch" \ -product TRU64_UNIX_V5.0 -patch 08.01
2.6.1 Using Command Line Options
You must specify all mandatory options on the command line or in the
data_file
file.
If any mandatory option is missing, the command
will fail with an appropriate error message; it will not prompt you for the
missing option and information.
Remember, there is no reason to remove old official patches on your
system before installing the new official patches.
2.6.2 Restriction on Loading New dupatch Tools from the Command Line
The new patch tools cannot be loaded using the
delete
command on the command line.
Doing that will cause the following error to
be displayed:
product_map does not exist or is empty, Cannot continue.
If you want to use
delete
from
the command line, you can first load the new tools, without impacting the
system, by issuing the
install
command with the
-precheck_only
option.
This will load the tools and not cause changes
to your system.
2.6.3 Command Line Interface Options
The following list shows all of the command line interface
options (typing
dupatch
-help
provides
the same information):
dupatch -delete[Mandatory]-name user_name-note user_note-patch all | patch_id{patch_id...][Optional]-data data_file-nolog(No session logging)-proceed( Proceed with patches that passed predeletion check)-product all | product_id*-root root_path*Mandatory when more than one product is available for operationdupatch -help[Optional ]-data_file(Specifiesdata_file to use)-kit kit_location-patch_id( Specifiespatch_id to use)-rev(Listsdupatchversion)-product_id(Specifiesproduct_id to use)dupatch -install[Mandatory ]-kit kit_location-name user_name*-noteuser_note*-patch all | patch_id[patch_id...]*Optional when -precheck_only is specified [Optional ]-single_user(Bring system from multiuser to single-user mode)-data data_file-nobackup-nolog(No session logging)-precheck_only(Check patch applicability without installing)-proceed(Proceed with patches that passed preinstallation check)-product all | product_id*-root root_path*Mandatory when more that one product is available for operation.-cfgfileconfig_file(Configuration file for kernel rebuild)dupatch -track[Mandatory]-type file | file | patch(Use file to list all patched files.) (Use kit to list installed patch kits.) (Use patch to list installed patches.) [Optional ]-datadata_file-nolog(No session logging.)-rootroot_path
Specifying a Data File
When using the -data option, you must specify a data file, which is a file path that contains specifications with the following format:
switch1=value
switch2=value
.
.
.
switch3
For example:
kit = /mnt name = John Doe note = install April patch kit patch = all precheck_only nobackup
The following list describes characteristics of a data file:
Blank lines and comments (preceded with #) are allowed.
Line continuation (\) is required if a specification spans multiple lines.
When a option is specified both on the command line and in the data file, the value specified on the command line overrides that specified in the data file.
Specifying a Patch ID
The following list describes the characteristics of a patch ID:
A valid patch ID specification has the following format:
all xxxx[.yy]
For example:
15 200.11 10.2 00111.02
Both xxxx and yy are numeric values; leading zeros can be omitted.
Patch revision (yy), when left unspecified, maps to wildcarded "??"
Multiple patch_id specifications are separated by white space.
The keyword
all
cannot be combined with
other patch IDs.
Specifying a Product ID
The following list describes the characteristics of a product ID.
Note
When using the command line, the -product option must preceed the -patch option.
A valid product ID has the following format:
all description_version
where description is the product description, and version is the product version.
For example:
DIGITAL_UNIX_V4.0F TruCluster_V1.6
Product ID specifications are case insensitive.
Wildcards are not allowed in product ID specifications.
Multiple product ID specifications are separated by white space.
The keyword
all
cannot be combined with
other product IDs.
Specifying a Root Path
The following list describes the characteristics of a root path:
The
-root
option, which is similar to the
-D
option of
setld, specifies an alternative root
for the specified operation.
The root path must be the root of a complete Tru64 UNIX file system.
The default root path is
/
for all operations.
If
-root
is the only argument on the command
line,
dupatch
will proceed in interactive mode; this is
an exception to the command line rule previously mentioned.
Specifying Product Strings
The following list provides valid Tru64 UNIX product strings:
TRU64_UNIX_V5.0A TRU64_UNIX_V5.0 TRU64_UNIX_V4.0G DIGITAL_UNIX_V4.0F DIGITAL_UNIX_V4.0D TruCluster_V5.0A TruCluster_V1.6 TruCluster_V1.5
The following list describes characteristics of product strings:
A product string specification only applies to the patch ID specifications that follow it and ends when another product string is specified.
A product-string specification is not necessary when the system being patched has only one product installed. For example, Tru64 UNIX Version 4.0F with no TCR.
Because the purpose of the product-string is to clarify the patch ID specification, its specification must precede that of the patch ID.
The following example shows a product string:
dupatch -install -product DIGITAL_UNIX_V4.0F -patch 1.1 -product TruCluster_V1.6 -patch 35 \ -name Mike -note "installing patch 1.1" -kit