On Tue, Jun 17, 2008 at 4:46 PM, Jerry Jelinek <[EMAIL PROTECTED]> wrote: > If the original system is still available, you can work > around this by removing the IDR before migrating the zone.
Is it feasible to "simply" remove it as part of attaching? I don't think that it is possible to install an IDR with "patchadd -d" and a spot check of a zone that has an IDR (installed in global zone before non-global zone creation) shows that there is a package datastream file at /var/sadm/pkg/$pkg/save/$idr/undo in the non-global zone. > I have a few different ideas for how to handle this. > > 1) change the meaning of attach -u -F > Right now -F just forces the attach, changes the zone > state to installed and we're done. No update occurs. We > could change the interaction of these two options so that > we still do the update but ignore any verification warnings. > However this would allow a potentially major downgrade. This would be my third choice, but wouldn't be too excited about it. If this is done there needs to be clear warning or error messages in log files under the newly attached zone's /var/sadm directory. > 2) attach -u -p xxxxxxx -p yyyyyyy .... > Add a new -p option which allows you to specify patches to > ignore. We would use this to specify IDRs which don't > exist on the target, although it could also be used for > regular patches that might be broken. > The user would have to understand this at a pretty good > level to know when to use the option. We might want to extend > this idea to specify pkgs as well, in case we have a broken > pkg. This allows a potentially major downgrade if the user > specifies a lot of patches. If it is not possible to back out the missing IDR, then this would be my second choice. > 3) attach -u -i > Add a new -i option which means ignore all IDRs. > This is pretty specific to the IDR issue, doesn't require a > lot of thought for the user, but doesn't give much flexibility > if we hit a different problem with bad patches or pkgs. > This forces the user to think about the impact of ignoring > the IDRs before an update is done. > > 4) attach -u > No change to the CLI but change the implementation to > always ignore all missing IDRs. > This might still allow a pretty big downgrade with no > user input if you had a lot of IDRs on the source system for > some reason. This is pretty specific to the IDR issue, doesn't > require any thought for the user, but doesn't give much flexibility > if we hit a different problem with bad patches or pkgs. > > Let me know what you think about these choices or if there is > another idea that seems better. I really hope it could just be backed out. -- Mike Gerdts http://mgerdts.blogspot.com/ _______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org
