06-06-2014
I agree that is not the way to do it (in general, not specifically for Solaris). You need to create (or use) some sort of baseline, either locally or somewhere else that is the same for development, test, qa and production, otherwise (because these environments should be patched in a certain order and never at the same time) there will be all sorts of differences between environments or perhaps even between different hosts within the same environment, depending on the moment of update. Ideally there are some extra unused hosts that can be tested prior to dev or test environments.
There also needs to be a distinction between preventive and corrective patching and patches need to be tested first. I personally am not of the school of "don't fix if it ain't broken", I think regular patching is a necessity. Security patches should be treated differently (perhaps also with a different frequency) from ordinary patching, especially if hosts are directly of indirectly exposed to the Internet. Besides OS, also applications (and their patching) need to be taken into account.
At any rate there should also be a good roll-back mechanism in place, simply removing a patch is often not sufficient to return to a previous state if need be..
Last edited by Scrutinizer; 06-06-2014 at 12:51 PM..
8 More Discussions You Might Find Interesting
1. Solaris
Hi all,
I'm new to Solaris. How can i make sure that all my servers are patched to the same level. When i do a uname -a, i see different level. How can i make sure that they are having the same patches. Any expert to guide me through pls?
eg.
ServerA#uname -a
SunOS ServerA 5.10... (0 Replies)
Discussion started by: ahlude
0 Replies
2. Virtualization and Cloud Computing
HPL-2008-80 Adaptive Information Technology for Service Lifecycle Management - Rolia, Jerry; Belrose, Guillaume; Brand, Klaus; Edwards, Nigel; Gmach, Daniel; Graupner, Sven; Kirschnick, Johannes; Stephenson, Bryan; Vickers, Paul; Wilcock, Lawrence
Keyword(s): Software as a Service, Enterprise... (0 Replies)
Discussion started by: Linux Bot
0 Replies
3. Solaris
Hi all
Ive got 12 odd sun servers, running solars 8, 9 and soon 10. Have to admit I havent patched for years. Infact the last time I did patch a load of servers, sun provided you will a small script which would review the current patch levels, create a xml file that you would use on sunsolve... (3 Replies)
Discussion started by: sbk1972
3 Replies
4. Solaris
Hi Gurus
I wanted to patch two servers yesterday with the SUN provided patch_cluster for solaris 10
One server is had the same patchlevel before and after patching
SunOS svr10008 5.10 Generic_125100-10 sun4v sparc SUNW,Sun-Fire-T200
The other had after the patching a different patchlevel... (3 Replies)
Discussion started by: gnom
3 Replies
5. Solaris
Hello to all, I have a quick question. I am learning Solaris, with Solaris 10 x86, and one of the chapters in the manual is about patching. So can I download free patches from the Sun page, I mean with out paying a license. Because It would be a great exercise to patch my installation of Solaris.... (1 Reply)
Discussion started by: piukeman
1 Replies
6. Red Hat
hello,
I'm a Solaris admin and I was asked to patch some RHEL servers. I'm having trouble trying to figure out the RHEL java version. Can someone help me?
This what I do in Solaris
java -version
java version "1.5.0_34"
java(TM) 2 Runtime Envirement, Standard Edition (build 1.5.0_34-b03)... (5 Replies)
Discussion started by: bitlord
5 Replies
7. Solaris
Greetings everyone! I have the task of patching six ldoms and two control domains. I have never done this before and would like to know of any pitfalls or "gotchas" I may encounter. I have been looking online but have found very little about patching ldoms. Thank you all. (4 Replies)
Discussion started by: desertdenizen
4 Replies
8. Homework & Coursework Questions
Hello,
I would like to build some sample C++ application on Solaris SunOS 5.8 Generic Virtual sun4v sparc.
so I would like to know what are the compilation utilities and runtime utilities I need to get in my machine
and will any one explain me the detaied life cycle of program like
what... (1 Reply)
Discussion started by: Revathi R
1 Replies
LEARN ABOUT SUSE
splitdiff
SPLITDIFF(1) Man pages SPLITDIFF(1)
NAME
splitdiff - separate out incremental patches
SYNOPSIS
splitdiff [-a] [-d] [-p n] [file]
splitdiff {[--help] | [--version]}
DESCRIPTION
If you have a patch file composed of several incremental patches, you can use splitdiff to separate them out. You may want to do this in
preparation for re-combining them with combinediff(1).
The effect of running splitdiff is to separate its input into a set of output files, with no output file patching the same file more than
once.
OPTIONS
-a
Split out every single file-level patch.
-d
Create file names such as a_b.c for a patch that modifies a/b.c.
-p n
Strip the first n components of the pathname to aid comparisons.
--help
Display a short usage message.
--version
Display the version number of splitdiff.
SEE ALSO
combinediff(1), lsdiff(1)
AUTHOR
Tim Waugh <twaugh@redhat.com>
Package maintainer
patchutils 21 Oct 2003 SPLITDIFF(1)