Re: Sun's new patch policy for Solaris 10 'software updates'! - SUN

This is a discussion on Re: Sun's new patch policy for Solaris 10 'software updates'! - SUN ; Casper H.S. Dik napisa³(a): > I upgrade around 10 systems every two weeks mostly through hands-off > jumpstart, some using live upgrade. > > If you use liveupgrade, the process itself is fairly straightfoward with > only a few minutes ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Re: Sun's new patch policy for Solaris 10 'software updates'!

  1. Re: Sun's new patch policy for Solaris 10 'software updates'!

    Casper H.S. Dik napisa³(a):
    > I upgrade around 10 systems every two weeks mostly through hands-off
    > jumpstart, some using live upgrade.
    >
    > If you use liveupgrade, the process itself is fairly straightfoward with
    > only a few minutes downtime when booting into the new OS (and the ability
    > to fall back)


    Hmmm...
    I was always wondering, whether the people who use automatic upgrades
    (regardless of OS, be it Solaris or Linux) aren't afraid of the
    possibility that the upgrade will destroy their own modifications made
    to the system...
    I'm always afraid of this, because I always modify a lot of things in
    the system (modify startup scripts in /etc/rc*.d, add many programs,
    replace some of them - like Apache or sendmail - with versions compiled
    from source etc.) and I think an automatic upgrade process would
    probably just overwrite my modifications...
    What do you think?
    --
    Regards,
    Jaroslaw Rafa
    raj@ap.krakow.pl
    --
    Spam, wirusy, spyware... masz do¶æ? Jest alternatywa!
    http://www.firefox.pl/ --- http://www.thunderbird.pl/
    Szybciej. £atwiej. Bezpieczniej. Internet tak jak lubisz.

  2. Re: Sun's new patch policy for Solaris 10 'software updates'!

    =?ISO-8859-2?Q?Jaros=B3aw_Rafa?= writes:

    >I'm always afraid of this, because I always modify a lot of things in
    >the system (modify startup scripts in /etc/rc*.d, add many programs,
    >replace some of them - like Apache or sendmail - with versions compiled
    >from source etc.) and I think an automatic upgrade process would
    >probably just overwrite my modifications...
    >What do you think?


    Any required modification to a startup script is a bug.

    What types of modifications are you talking about?

    Any modification to a file marked "f" and not "v" or "e" in]
    /var/sadm/install/contents in unsupported insofar patches and
    upgrades will ignore such modifications.

    Casper
    --
    Expressed in this posting are my opinions. They are in no way related
    to opinions held by my employer, Sun Microsystems.
    Statements on Sun products included here are not gospel and may
    be fiction rather than truth.

  3. Re: Sun's new patch policy for Solaris 10 'software updates'!

    =?ISO-8859-2?Q?Jaros=B3aw_Rafa?= writes:
    >Casper H.S. Dik napisa³(a):
    >> I upgrade around 10 systems every two weeks mostly through hands-off
    >> jumpstart, some using live upgrade.
    >>
    >> If you use liveupgrade, the process itself is fairly straightfoward with
    >> only a few minutes downtime when booting into the new OS (and the ability
    >> to fall back)


    >I was always wondering, whether the people who use automatic upgrades
    >(regardless of OS, be it Solaris or Linux) aren't afraid of the
    >possibility that the upgrade will destroy their own modifications made
    >to the system...
    >I'm always afraid of this, because I always modify a lot of things in
    >the system (modify startup scripts in /etc/rc*.d, add many programs,
    >replace some of them - like Apache or sendmail - with versions compiled
    >from source etc.) and I think an automatic upgrade process would
    >probably just overwrite my modifications...
    >What do you think?


    If you run a non-sun Sendmail, then don't install the Sendmail
    packages. No package means no patch applied. Likewise for Apache.
    Very easy to not worry about it.


  4. Re: Sun's new patch policy for Solaris 10 'software updates'!

    Jaroslaw Rafa wrote:
    >
    > I'm always afraid of this, because I always modify a lot of things in
    > the system (modify startup scripts in /etc/rc*.d, add many programs,
    > replace some of them - like Apache or sendmail - with versions compiled
    > from source etc.) and I think an automatic upgrade process would
    > probably just overwrite my modifications...
    > What do you think?


    I think that if you have modifications which you aren't installing by
    (configuration managed) finish scripts in jumpstart, then that's
    probably a bug and you'll get what you deserve. Of course (almost)
    everyone has this issue, but it doesn't prevent it being a bug,
    especially as it means (for most people) that after a while no-one
    understands the configuration of the machine at all, which means that
    upgrades or reinstalls become this horrible, painful, saga.

    --tim


  5. Re: Sun's new patch policy for Solaris 10 'software updates'!

    In comp.unix.solaris Jaros?aw Rafa wrote:
    > Casper H.S. Dik napisa?(a):
    >> I upgrade around 10 systems every two weeks mostly through hands-off
    >> jumpstart, some using live upgrade.
    >>
    >> If you use liveupgrade, the process itself is fairly straightfoward with
    >> only a few minutes downtime when booting into the new OS (and the ability
    >> to fall back)

    >
    > Hmmm...
    > I was always wondering, whether the people who use automatic upgrades
    > (regardless of OS, be it Solaris or Linux) aren't afraid of the
    > possibility that the upgrade will destroy their own modifications made
    > to the system...
    > I'm always afraid of this, because I always modify a lot of things in
    > the system (modify startup scripts in /etc/rc*.d, add many programs,
    > replace some of them - like Apache or sendmail - with versions compiled
    > from source etc.) and I think an automatic upgrade process would
    > probably just overwrite my modifications...
    > What do you think?


    Others have addressed the correctness of such changes already. I'll just
    re-emphasize Casper's last point: Live Upgrade provides you with the ability
    to fall back, and it's as easy as booting from the not-yet-upgradaed Boot
    Environment.

    If anything breaks, reboot to recover. It doesn't get any easier than that.

    Colin

  6. Re: Sun's new patch policy for Solaris 10 'software updates'!

    Colin B. wrote:
    > Others have addressed the correctness of such changes already. I'll just
    > re-emphasize Casper's last point: Live Upgrade provides you with the ability
    > to fall back, and it's as easy as booting from the not-yet-upgradaed Boot
    > Environment.
    >
    > If anything breaks, reboot to recover. It doesn't get any easier than that.


    This only works if you discover the breakage before you've made any
    other significant changes to the new (upgraded) filesystem. If you,
    for example, create some new users in /etc/passwd, between upgrading
    and discovering a problem, aren't you going to have to manually
    propagate all those changes back to the pre-upgrade filesystem?
    That's really not as nice as being able to back out a patch, which
    just modifies the affected files rather than moving the entire
    filesystem back to snapshot at some point in the past.

    - Logan

  7. Re: Sun's new patch policy for Solaris 10 'software updates'!

    Jarosław Rafa writes:

    > I'm always afraid of this, because I always modify a lot of things in
    > the system (modify startup scripts in /etc/rc*.d, add many programs,
    > replace some of them - like Apache or sendmail - with versions
    > compiled from source etc.) and I think an automatic upgrade process
    > would probably just overwrite my modifications...
    > What do you think?


    If you're compiling from source I would personally look at NetBSD's
    pkgsrc. It can be used on Solaris (amoung other OSes) and has built-in
    infrastructure for upgrading. It also has a mechanisum ("pkgviews")
    for having multiple versions of one package installed.

    --
    David Magda
    Because the innovator has for enemies all those who have done well under
    the old conditions, and lukewarm defenders in those who may do well
    under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI

+ Reply to Thread