Your post brings up some interesting issues that should be considered
as progress is made on new/updated installation, packaging, and
patching tools.
On 10/11/07, mario heimel <mheimel at web.de> wrote:
> with "patchadd -M `pwd`" pdo magic all patches were installed first
> in the global zone and after that in all non-global zones. when
> 118833-36 is installed in the global zone, patchadd failed to
> install the patches in the non-global zones.
The patch readme for that patch specifically states that the patch
must be installed by itself - "patchadd -M $dir <patchlist>" is not
allowed.
> after the test i have removed the patchcluster and remain with the
> old "patchadd for every patch", which is slower but safer with the
> beast 118833-36.
I've taken to breaking up the 10_Recommended cluster into those things
before 118833-36 and those things after. The suggested practice of
running install_cluster which calls patchadd in slow mode is a waste
of time. In the case of patching - time really is money. I use a
pretty much stock install_cluster script for applying the stuff up to
118833-36, perform a reboot, then install the stuff after 118833-36
with patchadd -M ...
> what about 120012-14, it is also a beast ? :)
For some reason I am afraid of this one. I can't put my finger on
why. Perhaps I'm overly freaked out by the fact that 120012 is less
than 125100.
I hope that the next incarnation of patching improves things such that
it is really hard for distributors to add tags like "reboot
immediately after installation" or "install in single user mode".
These flags have been misused so much that it would be a mistake to
use a patching tool that honored them. This seems to have contributed
to the rather extreme measures taken by 118833-36 in lofs mounting a
shell script over pdo (aka patchadd).
Also, this question brings up good questions about how next generation
tools can alert the sysadmin that there are scary things in the patch.
Reading through 100+ patch README's is tedious. This is especially
the case since there are generally the following classifications of
special installation instructions:
1) There are no special instructions, but you have to
look to find out.
2) This is not a complete fix for some of the bugs.
You must install other patches too to get the
complete fix.
3) Install in single user mode and/or reboot after
installation (very commonly over-cautious advice)
4) You must do some other thing before/after installing
this patch
5) Very long list of a mixture of the above
This is complicated by the fact that there is no good way to determine
if the special instructions even apply. Perhaps the "this patch will
alter config file X, check it afterwards" applied in rev -03 of the
patch and had no relevance for releases -04 through -22 (assuming -03
was installed. If a person patches regularly, they would have
encountered the same warning many times and possibly done a lot of
extra checking of something that had no real chance of changing.
--
Mike Gerdts
http://mgerdts.blogspot.com/
