James Carlson wrote: > Jerry Jelinek writes: >>> This document describes in detail how the packaging bits will be taken >>> care of. But how are patches re-run to update the zone on attach? We >>> don't have copies of the patch metadata (the scripts) around in usable >>> form, do we? Do we just 'assume' that those patches never do anything >>> useful to any non-global zone? >> The patch bits are handled in the same way that they are currently handled >> for a freshly installed zone. That is, those changes are already merged >> into the bits as well as the spooled pkg data that we have in the global >> zone. > > Yep; I know. I was asking more about the patch-related scripting. > >> When we install a new zone the bits from the global zone are copied >> into the zone and the spooled pkg is used to update the editable >> and volatile files as well as the metadata for the pkg that is stored in >> the zone. > > This is actually a different case. With the usual patch install > scenario, one may need to worry about the zones on the system today > and the zones that are yet to be installed in the future. This > project introduces a new case: new un-upgraded zones may now show up > in the future, long after the patch scripts have run. > > I think the assumption needs to be that we'll just never have a patch > script that needs to muck about in existing zones. Right?
James, OK, sorry for misunderstanding your point. Actually, I think the assumption is different. I think the assumption is that patching leaves the bits and spooled pkgs on the system in a state that is suitable for installing the pkg into a zone. And, what is a new use case now, is that this has to apply not only to fresh zones, but to zones that have been previously installed. However, I am not sure this is really anything new. When we are upgrading a system from one Solaris update to the next, I believe the pkgs we are installing are in this state. That is, a Solaris upgrade from one update to the next does not install the patches as a separate step, it expects the pkgs to be pre-patched. Is that your understanding as well? So maybe there could be an issue if we had a patch that was not suitable for use in a Solaris update but that was issued asynchronously? I will add some material explaining this assumption to the proposal. Thanks, Jerry
