James Carlson wrote:
Jerry Jelinek writes:
This document describes in detail how the packaging bits will be taken
care of. But how are patches re-run to update the zone on attach? We
don't have copies of the patch metadata (the scripts) around in usable
form, do we? Do we just 'assume' that those patches never do anything
useful to any non-global zone?
The patch bits are handled in the same way that they are currently handled
for a freshly installed zone. That is, those changes are already merged
into the bits as well as the spooled pkg data that we have in the global
Yep; I know. I was asking more about the patch-related scripting.
When we install a new zone the bits from the global zone are copied
into the zone and the spooled pkg is used to update the editable
and volatile files as well as the metadata for the pkg that is stored in
This is actually a different case. With the usual patch install
scenario, one may need to worry about the zones on the system today
and the zones that are yet to be installed in the future. This
project introduces a new case: new un-upgraded zones may now show up
in the future, long after the patch scripts have run.
I think the assumption needs to be that we'll just never have a patch
script that needs to muck about in existing zones. Right?
OK, sorry for misunderstanding your point. Actually, I think the
assumption is different. I think the assumption is that patching
leaves the bits and spooled pkgs on the system in a state that is
suitable for installing the pkg into a zone. And, what is a new use
case now, is that this has to apply not only to fresh zones, but to
zones that have been previously installed.
However, I am not sure this is really anything new. When we are upgrading
a system from one Solaris update to the next, I believe the pkgs we are
installing are in this state. That is, a Solaris upgrade from one update
to the next does not install the patches as a separate step, it expects
the pkgs to be pre-patched. Is that your understanding as well? So maybe
there could be an issue if we had a patch that was not suitable for use in
a Solaris update but that was issued asynchronously? I will add some material
explaining this assumption to the proposal.
zones-discuss mailing list