A long while ago, I brought up the unpopular point, that the real problem
with patching, is not "SVR4 patching is broken", but "Sun's patching teams
make poor choices about how to structure patches(and group packages)".
I was basically shouted down, for daring to criticize Sun, or the direction
IPS was heading in.
No one bothered to confirm or deny whether what I said, was *true* or not.
Here's some hard data to prove the truth of the point I was trying to make.
My reason in bringing this up again, in this forum, is to ask the IPS team
how they plan to make IPS magically fix this sort of problem, when it is
caused by the sun packaging/patch teams' PROCESSES, not lack of technology.
My guess is the reply will be , "disk space is cheap, so just do full
installs everywhere". But I'll state ahead of time that in my opinion, this
is not an appropriate response to customers
* * * * * * *
The real-life problem:
(and note that, being real-life, the problem description is somewhat LONG :-)
I'm looking to patch a bunch of solaris 10 sparc servers.
They have a "server oriented install" set of packages. To give some idea of
the scope of the install:
# pkginfo|grep SUNW|wc -l
592
# (whereas a full install, would have 2000+ packages)
They have SUNWxim installed. Even though a local X server is not installed.
Because, being a university, our customers may very well wish to run UTF-8
locales for some programs, remotely.
That means we have things like
system SUNWeuxwe UTF-8 X Window Environment
installed. Which require SUNWxim.
(I also vaguely recall that some java things complain without SUNWxim
installed, but i could be mistaken)
So far so good.. but now I want to install a recommended patch cluster.
Which includes patch 121975-01
patching 121975-01 FAILS. Because it depends on 121975-01.
patch 121975-01 fails, because SUNWdtdte is not installed.
But we dont WANT SUNWdtdte installed! That includes stuff like dtlogin, and
all kinds of other cruft that dont belong on our servers!
SUNWxim does not depend on SUNWdtdte. Therefore, a patch for SUNWxim, has no
business pulling in an implied dependancy on SUNWdtdte either.
But it does, and the patch fails without it.
That fairly tightly fits my own personal definition of
"broken patch creation policies/procedures".
So, how is switching to the "better technology" of IPS, going to solve this
problem of broken patch creation process inside of Sun?
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
