Cluster Readme40sp6

5/12/2018 Cluster Readme40sp6 - slidepdf.com

http://slidepdf.com/reader/full/cluster-readme40sp6 1/22

CLUSTER_README

NAME : Solaris 10 SPARC Recommended Patch Cluster

DATE : Sep/17/10File Name : 10_RecommendedSep10_Part1.zip

File Size : 937,397,864 bytes

File Name : 10_RecommendedSep10_Part2.zip

File Size : 809,971,730 bytes

INTENT:

NOTE: From 2010.06.01 the patch inclusion criteria for the Recommended Cluster have

changed. Previously the Recommended Cluster included the latest revision of any Solaris

Operating System patch that addresses a Sun Alert issue. The Recommended Cluster content is now based on the 2010.05.31 Recommended Cluster (the final patch cluster

from prior to this change), and going forward will be updated according to the new patch

inclusion criteria given below. For further information about this change, please see:

http://blogs.sun.com/patch/entry/merging_the_solaris_recommended_and

The Recommended OS Cluster Solaris 10 SPARC provides the minimum set of patchesneeded to address Sun Alert issues for Solaris 10 for sparc. The patches contained in this

patch cluster are considered the most important and highly recommended patches for

Solaris 10. They provide the minimum amount of change required to address knownSecurity, Data Corruption, and Availability issues.

The Recommended Cluster comprises:

1. The latest revision of the patch and package utility patches that ensure correct patching

operations.

2. The minimum revision of Solaris Operating System patches which address Sun Alert

issues. These are patches which fix Security, Data Corruption, or Availability issues.

3. Any patch that is required to correctly install the above patches.

When new patches are released that meet the above criteria, the patch cluster is updated.If a patch is withdrawn from release due to problems, the patch cluster is also updated.

The withdrawn patches are removed from the patch cluster.

The patch cluster can be installed to a system running Solaris 10 3/05 ("FCS") or a later

Solaris 10 Update release.

Depending on the current patch level of the target system, installation of the patch cluster can involve applying a number of complex Solaris 10 patches. These complex patches

may require the user to follow specific install instructions listed in the Special Install



Instructions section of the patches' README files, particularly if the patches are applied

to the active boot environment of a system. The key issues are also described below in

this README file.

The matter of applying complex patches is primarily a concern for systems which are

running an early Solaris 10 Update release and have not recently been patched. To avoidapplying complex patches, and to get full new feature functionality, it is recommended to

install or upgrade these systems using the latest Solaris 10 Update release install media.

Following an install or upgrade operation, it is recommended to install this patch cluster to ensure the system has all current patches which address Sun Alert issues applied,

including those patches released after the latest Solaris 10 Update release content was

finalised.

This CLUSTER_README contains important information. Please read this README

before installing this patch cluster.

PATCH CLUSTER DESCRIPTION:

This patch cluster is provided as two zip files. The files are named as:

10_RecommendedSep10_Part1.zip

10_RecommendedSep10_Part2.zip

Once the zipped files have been downloaded, they should be extracted. For example, to

extract this patch cluster in the current working directory, run:

# unzip -q 10_RecommendedSep10_Part1.zip# unzip -q 10_RecommendedSep10_Part2.zip

A new directory named as 10_Recommended will be created in the current directory.

If you experience problems unzipping this patch cluster please refer to SunSolve

document 252447 'Unzip of Solaris 10 Recommended Patch Clusters and Solaris 10

Sun Alert Patch Clusters fails', available from:

http://sunsolve.sun.com/search/document.do?assetkey=1-62-252447-1

************** ATTENTION **************

If this patch cluster is installed to the active boot environment, then depending on thestarting patch level of the system, complete installation of the patch cluster may require

up to two installation phases with intervening reboots. For further information, refer to

section 'III. Installing this Patch Cluster to the Active Boot Environment' below.



If this patch cluster is installed to an inactive boot environment, then the need for

multiple reboots and some special instructions can be avoided.

*************** PASSCODE **************

The install script will only execute when the passcode specified in the README file is

provided as a command line option. This is a safety mechanism to ensure you have read

this README. You must follow the Special Install Instructions for key patches such asthose highlighted in this README. It is also strongly recommended to read the Special

Install Instructions section of the README of patches included in this patch cluster to

check for any special install instructions which may apply to your specific system

configuration.

PASSCODE: s10cluster

PATCHES INCLUDED:

Note that the patch list order below reflects the patch install order.

120900-04 SunOS 5.10: libzonecfg Patch

121133-02 SunOS 5.10: zones library and zones utility patch119254-76 SunOS 5.10: Install and Patch Utilities Patch

119317-01 SunOS 5.10: SVr4 Packaging Commands (usr) Patch

121296-01 SunOS 5.10: fgrep Patch138215-01 SunOS 5.10: sort patch

127884-01 SunOS 5.10: awk patch141588-04 SunOS 5.10: ksh,sh,pfksh,rksh,xargs patch142251-01 SunOS 5.10: sh patch

118666-26 Obsoleted by: 118666-27 JavaSE 5.0: update 24 patch (equivalent to JDK

5.0u24)118667-26 Obsoleted by: 118667-27 JavaSE 5.0: update 24 patch (equivalent to JDK

5.0u24), 64bit

118712-23 Obsoleted by: 118712-24 SunOS 5.10: Sun XVR-100 Graphics Accelerator

Patch118777-16 Obsoleted by: 118777-17 SunOS 5.10: Sun GigaSwift Ethernet 1.0 driver

patch

121181-03 Obsoleted by: 121181-04 Sun Trunking Utility 1.3: maintenance patch118918-24 SunOS 5.10: Solaris Crypto Framework patch

138217-01 SunOS 5.10: svccfg & svcprop patch

119578-30 SunOS 5.10: FMA Patch140860-01 SunOS 5.10: su patch

121453-02 SunOS 5.10: Sun Update Connection Client Foundation

121118-16 Obsoleted by: 121118-17 SunOS 5.10: Sun Update Connection System

Client 1.0.10



118833-36 SunOS 5.10: kernel patch

119059-56 X11 6.6.2: Xsun patch

119063-01 SunOS 5.10: libXpm patch119081-25 SunOS 5.10: CD-ROM Install Boot Image Patch

119115-35 Mozilla 1.7: patch

119117-52 Evolution 1.4.6 patch119130-33 SunOS 5.10: Sun Fibre Channel Device Drivers

119213-23 Obsoleted by: 119213-24 NSS_NSPR_JSS 3.12.6: NSPR 4.8.4 / NSS

3.12.6 / JSS 4.3.2124628-10 Obsoleted by: 124628-11 SunOS 5.10: CD-ROM Install Boot Image Patch

119252-29 Obsoleted by: 119252-30 SunOS 5.10: System Administration Applications

Patch

123611-04 X11 6.6.2: Trusted Extensions patch119280-22 CDE 1.6: Runtime library patch for Solaris 10

124188-03 SunOS 5.10: Trusted Solaris Attributes Patch

119315-19 Obsoleted by: 119315-20 SunOS 5.10: Solaris Management Applications

Patch120199-15 Obsoleted by: 120199-16 SunOS 5.10: sysidtool Patch

119534-19 SunOS 5.10: Flash Archive Patch119548-14 GNOME 2.6.0: Gnome Multi-protocol instant messaging client Patch

140899-01 SunOS 5.10: [ir].manifest patch

120272-28 SunOS 5.10: SMA patch

122640-05 SunOS 5.10: zfs genesis patch126897-02 SunOS 5.10: Fault Manager Patch

127755-01 SunOS 5.10: Fault Manager patch

125503-02 SunOS 5.10: package-move-of-IP-objects patch118731-01 Obsoleted by: 120011-14 SunOS 5.10: /usr/sbin/zonecfg patch

124204-04 Obsoleted by: 120473-05 SunOS 5.10: zfs patch122660-10 Obsoleted by: 120011-14 SunOS 5.10: zones patch125547-02 SunOS 5.10: zoneadm indirect dependency patch

140796-01 SunOS 5.10: umountall patch

120011-14 SunOS 5.10: kernel patch139520-02 SunOS 5.10: package specific [ir].manifest removal patch

119757-18 Obsoleted by: 119757-19 SunOS 5.10: Samba patch

119764-06 SunOS 5.10: ipmitool patch

119783-15 SunOS 5.10: bind patch119810-05 SunOS 5.10: International Components for Unicode Patch

119812-09 X11 6.6.2: FreeType patch

119900-10 GNOME 2.6.0: Gnome libtiff - library for reading and writing TIFF Patch119903-02 OpenWindows 3.7.3: Xview Patch

119906-16 Obsoleted by: 119906-17 GNOME 2.6.0: Virtual File System Framework

patch119986-03 SunOS 5.10: clri patch

120061-02 Obsoleted by: 144521-01 SunOS 5.10: glm patch

120094-30 Obsoleted by: 120094-31 X11 6.6.2: xscreensaver patch

120185-21 StarOffice 8 (Solaris): Update 16



120201-05 X11 6.8.0: Xorg client libraries patch

120460-17 Obsoleted by: 120460-19 GNOME 2.6.0: Gnome libs Patch

119368-04 Obsoleted by: 119368-05 GNOME 2.6.0: Printing Technology Patch120286-03 Obsoleted by: 120286-04 GNOME 2.6.0: Gnome text editor Patch

120292-02 Obsoleted by: 120292-03 SunOS 5.10: mysql patch

120329-02 SunOS 5.10: rexec patch121975-01 CDE 1.6: Xsession patch

120410-33 Obsoleted by: 120410-34 SunOS 5.10: Internet/Intranet Input Method

Framework patch120412-11 Obsoleted by: 120412-12 SunOS 5.10: Simplified Chinese locale patch

120414-27 Obsoleted by: 120414-28 SunOS 5.10: Asian CCK locales patch

120543-20 SunOS 5.10: Apache 2 Patch

120719-02 SunOS 5.10: SunFreeware gzip patch120739-06 GNOME 2.6.0: GNOME PDF Viewer based on Xpdf

120811-09 SunOS 5.10: FUJITSU PCI Fibre Channel Driver 3.0 patch

120830-06 SunOS 5.10: vi and ex patch

120849-04 SunOS 5.10: Sun PCI-E Gigabit Ethernet Adapter Patch121012-03 Obsoleted by: 144047-01 SunOS 5.10: traceroute patch

121095-02 GNOME 2.6.0: GNOME EXIF tag parsing library for digital cameras121104-11 SunOS 5.10: Adobe Acrobat Reader patch

121136-02 SunOS 5.10: Adobe Acrobat Reader browser-plugin patch

121211-02 SunOS 5.10: Sun Java Web Console (Lockhart) Patch

121308-20 Obsoleted by: 121308-21 SunOS 5.10: Solaris Management Console Patch121606-04 GNOME 2.6.0: Python patch

122212-40 Obsoleted by: 122212-41 GNOME 2.6.0: GNOME Desktop Patch

122259-03 Obsoleted by: 122259-04 SunOS 5.10: SunFreeware gnu esp ghostscript patch

122261-03 SunOS 5.10: SunFreeware ghostscript man pages patch122470-03 Obsoleted by: 122470-04 GNOME 2.6.0: GNOME Java Help Patch122675-05 SunOS 5.10: SunFreeware samba man pages patch

122911-22 SunOS 5.10: Apache 1.3 Patch

122958-06 GNOME 2.6.0: RealPlayer media application123003-04 SunOS 5.10: SAM module patch

124171-07 SunOS 5.10: SCN Base cacao module patch

123630-03 SunOS 5.10: HTTP proxy settings patch

123005-07 Obsoleted by: 123005-08 SunOS 5.10: Basic Registration Update123590-12 SunOS 5.10: PostgresSQL patch

123893-22 Obsoleted by: 123893-23 SunOS 5.8 5.9 5.10: Common Agent Container

(cacao) runtime 2.2.4.2 upgrade patch 22123938-02 GNOME 2.6.0: GNU Transport Layer Security Library Patch

124393-10 CDE 1.6: Dtlogin smf patch

124444-01 SunOS 5.10: mountd patch124457-02 Obsoleted by: 124457-03 X11 6.6.2: xdm patch

124630-42 Obsoleted by: 124630-43 SunOS 5.10: System Administration Applications,

Network, and Core Libraries Patch

124939-03 SunOS 5.10 5.10_x86: JDMK 5.1 patch



124943-01 SunOS 5.10: SunFreeware gzip man pages patch

124997-01 SunOS 5.10: /usr/bin/tip patch

125136-22 Obsoleted by: 125136-23 JavaSE 6: update 20 patch (equivalent to JDK 6u20)

125137-22 Obsoleted by: 125137-23 JavaSE 6: update 20 patch (equivalent to JDK

6u20), 64bit125215-03 SunOS 5.10: wget patch

125279-05 CDE 1.6: dtsession patch

125332-11 JDS 3: Macromedia Flash Player Plugin Patch125388-03 Obsoleted by: 125388-04 SunOS 5.10: SNIA Multipath Management API

and Multipathing Utilities

125533-15 Obsoleted by: 125533-16 GNOME 2.6.0: Trusted Extension Runtime Patch

125539-06 Mozilla 1.7: Mozilla Firefox Web browser 125541-06 Mozilla 1.7: Mozilla Thunderbird email client

125555-07 SunOS 5.10: patch behavior patch

125719-31 Obsoleted by: 125719-33 X11 6.8.0: Xorg server patch

125731-05 SunOS 5.10: XML and XSLT libraries patch125891-01 SunOS 5.10: libc_psr_hwcap.so.1 patch

125952-20 Oracle Java Web Console 3.1126206-05 SunOS 5.10: zebra ripd quagga patch

126363-08 SunOS 5.10: X Window System changes - Solaris Trusted Extensions

126365-16 Obsoleted by: 126365-17 SunOS 5.10: CDE Desktop changes - Solaris

Trusted Extensions126440-01 SunOS 5.10: rm patch

126540-02 SunOS 5.10: libumem library patch

126868-03 SunOS 5.10: SunFreeware bzip2 patch127127-11 SunOS 5.10: kernel patch

127724-02 SunOS 5.10: xntpd patch136882-02 SunOS 5.10: ImageMagick patch136998-09 SunOS 5.10: PostgreSQL 8.2 core patch

137000-07 SunOS 5.10: PostgreSQL 8.2 documentation patch

137004-08 SunOS 5.10: PostgreSQL 8.2 source code patch137032-01 SunOS 5.10: namefs patch

137080-05 SunOS 5.10: libpng Patch

137093-01 SunOS 5.10: logindevperm patch

138866-03 SunOS 5.10: sharetab patch137137-09 SunOS 5.10: kernel patch

137147-06 SunOS 5.10: libexpat patch

137871-02 SunOS 5.10: tk patch138181-01 SunOS 5.10: ike.preshared patch

138195-04 Service Tags 1.0: patch for Solaris 10

138361-01 SunOS 5.10: snmpXdmid patch138373-02 SunOS 5.10: fifofs patch

138387-01 SunOS 5.10: libc.so.1.9 patch

138647-01 SunOS 5.10: /usr/bin/dircmp patch

138822-07 SunOS 5.10: PostgreSQL 8.3 documentation patch



138824-07 SunOS 5.10: PostgreSQL 8.3 source code patch

138826-07 SunOS 5.10: PostgreSQL 8.3 core patch

138876-01 SunOS 5.10: usr/lib/inet/in.dhcpd patch138880-02 SunOS 5.10: ses patch

139099-04 SunOS 5.10: gtar patch

141016-01 SunOS 5.10: Dummy Patch139555-08 SunOS 5.10: Kernel Patch

139620-01 CDE 1.6: Dthelp patch

139967-01 SunOS 5.10: usr/sbin/rpc.metad patch139986-01 SunOS 5.10: rpc.ypupdated patch

140159-03 SunOS 5.10: rsh/rlogin/rcp/rdist patch

140399-03 SunOS 5.10: ftp and ftpd patch

140455-01 X11 6.6.2: VNC Viewer patch140563-01 SunOS 5.10: ptsl patch

142292-01 SunOS 5.10: Place Holder patch


141500-07 Obsoleted by: 141500-08 SunOS 5.10: kinit patch141502-02 SunOS 5.10: auditconfig patch

141506-09 Obsoleted by: 141506-10 SunOS 5.10: ipf patch141514-02 SunOS 5.10: vntsd patch

141518-12 Obsoleted by: 143599-07 SunOS 5.10: zoneinfo patch

141552-01 SunOS 5.10: Apache 2 mod_perl Perl cgi patch

141558-01 SunOS 5.10: acctcom patch141586-01 SunOS 5.10: libgss.so.1 patch

141590-02 SunOS 5.10: dtrace fasttrap patch

141874-09 Obsoleted by: 141874-10 SunOS 5.10: fp patch141876-07 Obsoleted by: 144188-02 SunOS 5.10: emlxs patch

142084-04 Obsoleted by: 143957-03 SunOS 5.10: qlc patch142244-02 SunOS 5.10: hme driver patch142397-01 SunOS 5.10: libsasl.so.1 patch

142529-01 SunOS 5.10: uptime w utmp_update whodo patch

142911-01 SunOS 5.10: Place Holder patch142933-02 SunOS 5.10: failsafe patch


143140-04 Obsoleted by: 143559-03 SunOS 5.10: ssh patch

143317-02 GNOME 2.6.0: Instant Messaging patch143502-01 GNOME 2.6.0: Trusted Extensions patch

143506-01 GNOME 2.6.0: Python patch

143510-01 GNOME 2.6.0: GIMP patch143525-01 SunOS 5.10: add_drv patch

143725-01 SunOS 5.10: SunFreeware ntp patch

143727-01 SunOS 5.10: SunFreeware ntp source patch143731-01 SunOS 5.10: libaudiofile patch

143733-01 CDE 1.6: ToolTalk RPC patch

143739-01 SunOS 5.10: Gedit patch

143977-01 Obsoleted by: 144734-01 SunVTS 7.0: Patch Set 8



144106-01 SunOS 5.10: usr/lib/nfs/nfslogd patch

144254-01 SunOS 5.10: rpcsec patch

144325-01 Obsoleted by: 144325-02 SunOS 5.10: Resource Management User InterfacePatch

145006-02 SunOS 5.10: Webmin patch

145124-01 SunOS 5.10: usermgmt patch

Extra Patches:

The patch cluster contains the following patches which are themselves obsolete by other

patches in the patch cluster. These patches are required to ensure correct installation of

the patch cluster on Solaris 10 11/06 and earlier Solaris 10 Update releases. The obsolete

patches will only be applied to those systems where they are necessary, they will not beapplied if the system is already at a higher patch level.

Patchid Reason

122660-10: Obsolete patch required by 125547-02. 125547-02 is the zoneadmindirect dependency patch, which is needed to resolve an issue

applying kernel patch 120011-14 on a system with zones support. SeeCR 6471974.

124204-04: Obsolete patch required by 122660-10.

118731-01: Obsolete patch required by 124204-04.

The patch cluster contains the following patches for Unbundled Software Products (ie.

add on products that are not part of a default Solaris 10 installation). Patches for Unbundled Products are included in the patch cluster only if their use is required to avoid

critical OS problems. These patches will only be applied to systems where the associatedUnbundled Product is installed.

Patchid Reason

121181-03: Patch is required to avoid panic caused by bad interaction betweenSun Trunking and GigaSwift Ethernet drivers. See SunAlert 200701.

IMPORTANT NOTES AND WARNINGS:

KNOWN ISSUES:

When installing the patch cluster to an inactive boot environment, the install script mayabort with the following message:

ERROR: Failed to determine zone configuration for target boot environment.Please verify configuration with zoneadm(1M).

This will occur when /etc/zones/index in the inactive boot environment has an incorrect

setting for the state for the global zone. The correct setting is 'installed', however this can



become incorrectly changed to 'configured' as a consequence of CR 6804076. To

determine if the issue exists, mount the inactive boot environment and run the following

command:

# grep "^global:configured:" <inactive-BE-mount-point>/etc/zones/index

global:configured:/#

Output from the grep command indicates that the issue exists.

To resolve this issue, first make a backup copy of /etc/zones/index in the inactive boot

environment, then manually edit /etc/zones/index in the inactive boot environment and

set the global zone state to 'installed'.

PATCH CLUSTER SIZE:

This patch cluster is delivered as two zip files. The combined size of these files isapproximately 1.9G. In uncompressed form, the size of the patch cluster is approximately

4.2 GB.

FILESYSTEM FREE SPACE REQUIREMENTS:

It is difficult to give a precise estimate of how much free disk space is required to install

the patch cluster. The amount of free space required depends on many factors. The

following factors all increase the amount of space needed:

- The release of Solaris 10 onto which the patch cluster is being installed.A Solaris 10 3/05 ("FCS") system will require considerably more free space than asystem running the latest Solaris 10 Update release.

- Whether zones are installed or not.The nature of the zones is important. Each whole root non-global zone will require

approximately the same amount of free space as the global zone, while each sparse root

non-global zone will require much less space on the filesystems where the zone resides.

- Whether the patch cluster is installed with the "save" feature disabled.

It is strongly recommended to use the default "save" feature when installing the patch

cluster even though this requires more disk space. It allows the patches that are appliedto be removed in case any issues are found post installation. Disabling the "save" feature

with the "-d" flag (described below) will reduce the amount of disk space needed,

however this is not the recommended way of installing the patch cluster.

As a guide, the free space required to install this patch cluster using the default "save"

feature to an unpatched Solaris 10 FCS system with the entire distribution plus OEM

support metacluster is approximately 2.1G. Each whole root non-global zone would need



approximately the same amount of space free in the filesystem that contains the zone's

root.

The install script will check that sufficient space is free before applying each patch. The

script will stop if it estimates there is not enough free space available, and will provide

instructions on how to override space checking should the user wish to continue patchcluster installation anyway.

The backout data for patches applied using patchadd's default save mode is stored under the /var/sadm/pkg directory in the target system. The amount of backout data stored

builds up as more patches are applied to the system. If the filesystem on which the

/var/sadm/pkg directory resides becomes low on free space, SunSolve document 208057

'Solaris[TM]: Recovering Space Used for Saved Backout Data from Patches' describes anumber of options for increasing the amount of free space available. This document is

available from:


SYSTEMS WITH LIMITED DISK SPACE SHOULD *NOT* INSTALL

PATCHES:

Whether you use the default "save" feature to store backout data or not, the patch

application process still requires disk space for installation and administrative tasks. Thedisk space is needed in filesystems where patches deliver payload. The exact amount of

space depends on the system's architecture, the software packages already installed, and

the difference in size of the patched objects.

In case a problem occurs, ensure a recent full system backup is available.

SAVE AND BACKOUT OPTIONS:

By default, the install script uses the patchadd command's default save mode to save acopy of the objects being patched. This is the recommended option. Patches can only be

removed and the original objects restored if the default "save" feature is used when

installing this patch cluster.

You can override the "save" feature by using the "-d" flag when executing the install

script. Using the "-d" flag means that you will not be able to backout the patches. This

would be problematic if ever there was a need to remove a patch, therefore use of the "-d"flag is not the recommended option.

BOOTING OF NEWLY CREATED NON-GLOBAL ZONES:



Newly created non-global zones can fail to boot for a short period (~5 minutes)

immediately after having been installed. This problem only affects systems running

Solaris 10 5/09 (Update 7) or earlier Solaris 10 Update releases, where this patch cluster has been installed and patch 121428-13 (or higher) has *not* been applied. Note patch

121428-13 (or higher) does not meet the criteria for inclusion in this patch cluster.

Resolution is to wait for a sufficient period before booting a newly created zone, or toapply patch 121428-13 (or higher) before creating new non-global zones.

SPECIAL INSTALL INSTRUCTIONS:

As with any patch individually applied, there might be additional Special Install

Instructions. These instructions are documented in the individual patch README file.To determine if any additional installation steps are necessary, it is recommended to read

each patch README before installing this patchcluster.

A PATCH MAY NOT BE APPLIED:

Some of the patches in the patch cluster will not apply on particular systems. Thefollowing are examples of when a patch might not apply. These situations are nominal

and are not a cause for concern.

The patch may be one of the obsolete or Unbundled Software Product patches listed inthe "PATCHES INCLUDED" section.

The patch might patch packages that:

- Are only installed on specific hardware.

- Were introduced in a later Solaris Update release than the release installed on the target

system.

- Are not present in the installation Software Group (metacluster) that was installed on

the target system.

- Have been deliberately removed from the target system during system hardening.

The patchadd command recognises packages that already have a patch applied and will

only apply a patch to those packages which aren't already patched. Therefore, if a patch patches several packages and only some of them are present on the target system, then

those packages present are patched. If other packages are installed on the system at a later

date, then patches for those packages need to be reapplied.

OLDER VERSIONS OF PATCHES ALREADY APPLIED:



Backing out older revisions of patches provided in the patch cluster is not required for the

newer revision to be applied. If the patch cluster is installed using the default "save"

feature, then the patchadd command will save off the preexisting objects. If a patch issubsequently removed, the objects will be restored to the prior patch level.

INSTALL INSTRUCTIONS:

This patch cluster can be installed on the active boot environment, or to an inactive bootenvironment using either the "-B" Live Upgrade option, or the "-R" alternate root option.

The "-R" alternate root option can be used to patch alternate boot environments that have

been created manually and not necessarily via Live Upgrade.

Patching an inactive boot environment is recommended, because the downtime

associated with patching is reduced and there's a simple fallback option if needed: reboot

back into the original boot environment. Patching an inactive boot environment removes

the need to follow a significant number of Special Install Instructions that would berequired if you patched the active boot environment.

If the patch cluster is installed to an inactive boot environment then some patches may

need to be applied to the active boot environment initially. For example, the same

revision (or higher) of the patch utilities patch contained in this patch cluster will need to

be applied to the active boot environment before the patch cluster can be applied to analternate boot environment. See

"--apply-prereq" flag in the "PATCH CLUSTER INSTALLATION INSTRUCTIONS"

section.

Specific details for the three install contexts are given in the following sections. Generalinstallation instructions applicable to all contexts are given in the "PATCH CLUSTER INSTALLATION INSTRUCTIONS" section.

I. Installing this Patch Cluster to a Live Upgrade Boot Environment

Before installing this patch cluster to an inactive Live Upgrade boot environment, it is

important those patches necessary to ensure the correct functioning of Live Upgrade areapplied to the required boot environments.

If the intent is use of Live Upgrade on a system that has non-global zones on UFSfilesystems and is running Solaris 10 8/07 (Update 4) or an earlier Solaris 10 Update

release, then it is recommended to install the Solaris 10 Live Upgrade Zones Starter Patch

Bundle. Installing the LU Zones Starter Patch Bundle will provide these systems with alevel of functionality sufficient to enable use of Live Upgrade without the need to apply

further patches to the active boot environment. The LU Zones Starter Patch Bundle is

available from the patch cluster download location on SunSolve.



If the intent is use of Live Upgrade on a system running Solaris 10 5/08 (Update 5) or an

later Solaris 10 Update release, then the list of required patches can be found in SunSolve

document 206844 'Solaris[TM] Live Upgrade Software: Minimum Patch Requirements'(formerly Infodoc 72099), available from:


It is generally recommended to review document 206844 before installing this patch

cluster to an inactive Live Upgrade boot environment. The document provides the mostcurrent information on those patches necessary to ensure the correct functioning of Live

Upgrade on various different system configurations.

When installing this patch cluster to an inactive boot environment, the install script maystop and notify the user of the need to invoke the script with the "--apply-prereq" flag to

ensure appropriate levels of various patches (including the patch utility patches) are

applied to the running system. The patch cluster will not install to an inactive boot

environment if the running system does not have these patches applied.

There is no need to bring the running system to single-user mode when installing this patch cluster to an inactive boot environment.

A discussion of how to use Live Upgrade to create and manage boot environments is

outside the scope of this document. The install script accompanying this patch cluster willnot create Live Upgrade boot environments. For information on how to use Live Upgrade

please see document "Solaris 10 Installation Guide: Solaris Live Upgrade and Upgrade

Planning.", available from:

http://docs.sun.com/app/docs/doc/820-0178

The following command installs this patch cluster to an inactive boot environment that

was previously created with Live Upgrade:

./installcluster -B <inactive_boot_environment_name>

For example, to install the patch cluster to an inactive boot environment named

'second_disk', the following command would be run:

# lustatus

Boot Environment Is Active Active Can Copy Name Complete Now On Reboot Delete Status

-------------------------- -------- ------ --------- ------ ----------

first_disk yes yes yes no -second_disk yes no no yes -

# ./installcluster -B second_disk



II. Installing this Patch Cluster to an Alternate Root

This patch cluster can be installed to an arbitrary alternate root. This mode of installation

is not recommended for general users, it is provided for advanced users who recognisesituations where this mode of installation is beneficial, and have a thorough

understanding of the additional complexities involved in setting up the alternate root.

When installing this patch cluster to an alternate root, the install script may stop and

notify the user of the need to invoke the script with the "--apply-prereq" flag to ensure

appropriate levels of various patches (including the patch utility patches) are applied to

the running system. The patch cluster will not install to an alternate root if the runningsystem does not have these patches applied.

There is no need to bring the running system to single-user mode when installing this

patch cluster to an alternate root.

The following command installs this patch cluster to an alternate root:

./installcluster -R <alternate_root_path>

For example, if an alternate boot environment has its root and all subordinate file systemsmounted under /mnt/altroot, the following command would be run:

# ./installcluster -R /mnt/altroot

III. Installing this Patch Cluster to the Active Boot Environment

Patching an inactive boot environment using either the "-B" Live Upgrade option, or the"-R" alternate root option is recommended over patching the active boot environment.

The following special warnings apply if this patch cluster is applied to the active boot

environment:

1. SINGLE USER MODEThe installation should be performed in single-user mode (run level S).

Depending on system configuration, it may be necessary to mount local filesystems before installing this patch cluster (for example, if a system configuration has zone roots

on a local filesystem that is not mounted in single-user mode). In most cases, onlining the

filesystem/local service will be sufficient to ensure the required filesystems are mounted.

This can be accomplished by running the following command:



# svcadm enable svc:/system/filesystem/local:default

Note that the install script may abort during the setup phase with an indefinite error

message if the required filesystems are not mounted. The exact error messaging can vary

from one system configuration to another - for illustrative purposes one example of suchmessaging follows:

# ./installcluster --s10cluster

Setup .zoneadm: /export/zones/z1s: No such file or directory could not verify zonepath

/export/zones/z1s because of the above errors.

zoneadm: zone z1s failed to verify

ERROR: Zone verification failed : unable to mount zone 'z1s'.

#

Should this problem occur, ensure local filesystems are mounted then reinvoke the installscript.

2. REBOOTS

Some patches specify in their README file that an immediate reboot or reconfiguration

reboot ('reboot -- -r') is required when they are applied to an active boot environment.

Generally, it is possible to complete patching operations before initiating the reboot, butnormal operations should not be resumed until the reboot is performed. In the rare case

where it is not possible to continue patching operations, the specific patches involved willcontain logic that prevents further patching operations until a reboot is performed. For further information, please see SunSolve document 249046 'Definitive interpretation of

the "rebootimmediate" and "reconfigimmediate" patch flags', available from:


The install script will stop installation of the patch cluster when an interim reboot is

required, and notify the user that a reboot is needed. The install script should bereinvoked after the reboot and patch cluster installation will resume. See "PATCH

CLUSTER INSTALLATION INSTRUCTIONS" for details of the messages that are

displayed. The factors that determine how many reboots are necessary are described below.

Depending on the starting patch level of the target system, up to two reboots are needed.If the active boot environment is running a kernel at a patch level below 118833-36, the

install script needs to be invoked TWO times, with a reboot after each invocation.

First reboot:



A reboot is necessary after applying patch 118833-36 because the patchadd command is

disabled and no further patches can be applied until the system is rebooted. This is a

safety device which is necessary due to the complexity of installing the code changesdelivered in kernel patch 118833-36 to an active boot environment.

Kernel patch 118833-36 is the kernel patch released shortly after the Solaris 10 11/06release (Solaris 10 Update 3). This patch delivers a significant amount of code change.

Some manual steps might be required in order to safely apply this patch. Please carefully

review the Special Install Instructions in the 118833-36 patch README.

Final reboot:

A reboot is required at the end of the patch cluster installation to ensure all changes are

activated.

3. ZONES MUST BE HALTED

If the active boot environment is running a kernel at a patch level of 118833-36 or above,all native non-global zones need to be halted before the patch cluster can be installed (in

the output of 'zoneadm list -cv,' halted zones are shown as being in the 'installed' state).

4. PATCHES UTILISING DEFERRED ACTIVATION PATCHING

The deferred activation patches included in the patch cluster are listed below:

Patch Details

120011-14: Solaris 10 8/07 (Update 4) kernel patch.127127-11: Solaris 10 5/08 (Update 5) kernel patch.

137137-09: Solaris 10 10/08 (Update 6) kernel patch.139555-08: Solaris 10 5/09 (Update 7) kernel patch.141444-09: Solaris 10 10/09 (Update 8) kernel patch.

142909-17: Solaris 10 9/10 (Update 9) kernel patch.

Please carefully review the Special Install Instructions in the README files of these

patches.

Deferred activation patching was introduced in the patch utilities during the course of theSolaris 10 8/07 release as a way of ensuring system consistency while patching an active

boot environment. Patches that need to be applied in deferred activation patching mode

will have the SUNW_PATCH_SAFE_MODE parameter set to true in their pkginfo files.Deferred activation patching utilizes loopback mounts (lofs) to mask the patched objects

until a reboot is performed.

Deferred activation patching is designed to enable subsequent patches to be applied before the reboot is initiated. If any subsequent patch directly or indirectly requires a

patch applied in deferred activation patching mode, the patch will also automatically be

applied in deferred activation patching mode by the patchadd command. Objects updated

using deferred activation patching will be activated upon reboot of the system.



After applying patches in deferred activation patch mode, a system will have a large

number of files mounted via loop back filesystem. The df and mount commands willshow these mounted files.

For more information on deferred activation patching see:

http://docs.sun.com/app/docs/doc/817-0547/gfick?l=en

A reboot is required after applying deferred activation patches, to activate the changes.

PATCH CLUSTER INSTALLATION INSTRUCTIONS:

1. Make sure the patch cluster has been expanded. See "PATCH CLUSTER

DESCRIPTION" section for more details.

2. Decide if you want to save backout data so that patches can be removed at a later date.

By default, the install script uses the patchadd command's default save mode to save a

copy of the objects being patched. This is the recommended option. Patches can only be

removed and the original objects restored if the default "save" feature is used when

installing this patch cluster.

You can override the "save" feature by using the "-d" flag when executing the install

script. Using the "-d" flag means that you will not be able to backout the patches. Thiswould be problematic if ever there was a need to remove a patch, therefore use of the "-d"

flag is not the recommended option.

3. Issue the following commands to Stop the voice system:

stop_vs

stop_wait

If local oracle is installed, issue the following commands to stop oracle:orastat

stop_ora oracle

Save the configuration of the current system to a single XML file.

save_conf

Flush all data from all UFS file systems to the disk before continuing:

lockfs -fa

4. Run the installcluster script.

# cd 10_Recommended# ./installcluster -h

usage: installcluster [-d] [-h] [-R alt-root-path|-B alt-boot-env]



[--apply-prereq] --<passcode>

[-d] - don't save undo packages[-h] - display this usage message

[-B alt-boot-env] - specify LU boot environment as target

[-R alt-root-path] - specify alternate root as target[--apply-prereq] - apply prerequisite patches only

--<passcode> - passcode required for script execution

#

- The "-d" flag is explained in step 2.

- The "-B" flag is explained in section "I. Installing this Patch Cluster to a

Live Upgrade Boot Environment".

- The "-R" flag is explained in section "II. Installing this Patch Cluster to anAlternate Root".

- The "--apply-prereq" flag is for use on the active boot environment, prior to installing

the patch cluster to an inactive boot environment. It ensures at least the same revision

(or higher) of the patch utilities patches contained in this patch cluster are applied to the

running system. This is a prerequisite for installing the patch cluster to an inactive bootenvironment.

- The "--<passcode>" flag is a safety mechanism to ensure the README file has beenread. The passcode can be found at the end of the "PATCH CLUSTER

DESCRIPTION" section.

5. The progress of the install script is displayed on your terminal. The output should look

similar to the following (this is from a system on which kernel patch 118833-36 wasalready applied):

# ./installcluster --s10cluster

Setup .......

Solaris 10 SPARC Recommended Patch Cluster (2009.10.21)

The patch set will complete installation in this session. No intermediate reboots arerequired.

Application of patches started : 2010.09.08 17:06:27



Applying 120900-04 ( 1 of 197) ... skipped

Applying 121133-02 ( 2 of 197) ... skipped

Applying 119254-76 ( 3 of 197) ... skipped.

. <similar output omitted>

.Applying 144254-01 (195 of 197) ... success

Applying 144325-01 (196 of 197) ... success

Applying 145124-01 (197 of 197) ... success

Application of patches finished : 2010.09.08 18:46:39

Following patches were applied :119059-56 139520-02 121211-02 136882-02 141506-09

119063-01 119757-18 121308-20 137032-01 141518-12

119081-25 119764-06 121606-04 137080-04 141552-01

119115-35 119783-15 122212-40 137093-01 141558-01119117-52 119810-05 122259-03 138866-03 141586-01

119130-33 119812-09 122261-03 137137-09 141590-02119213-23 119900-10 122470-03 137147-06 141874-09

124628-10 119903-02 122675-05 137871-02 142084-04

119252-29 119906-16 122911-22 138181-01 142244-02

123611-04 119986-03 123938-02 138361-01 142397-01119280-22 120061-02 124393-10 138373-02 142529-01

124188-03 120094-30 124444-01 138387-01 142911-01

119315-19 120201-05 124457-02 138647-01 142933-02120199-15 120460-17 124630-42 138876-01 142909-17

119534-19 119368-04 124943-01 138880-02 143140-04119548-14 120286-03 124997-01 139099-04 143317-02140899-01 120292-02 125215-03 141016-01 143502-01

120272-28 120329-02 125279-05 139555-08 143506-01

122640-05 121975-01 125388-03 139620-01 143510-01126897-02 120410-33 125555-07 139967-01 143525-01

127755-01 120543-20 125731-05 139986-01 143731-01

125503-02 120719-02 125891-01 140159-03 143733-01

118731-01 120739-06 126206-05 140399-03 143739-01124204-04 120830-06 126440-01 140563-01 144106-01

122660-10 121012-03 126540-02 142292-01 144254-01

125547-02 121095-02 126868-03 141444-09 144325-01140796-01 121104-11 127127-11 141500-07 145124-01

120011-14 121136-02 127724-02 141502-02

Following patches were skipped :

Patches already applied

120900-04 138215-01 118666-26 118918-24 121453-02

121133-02 127884-01 118667-26 138217-01 121453-02



119254-76 141588-04 118712-23 119578-30 121118-16

119317-01 142251-01 118777-16 140860-01 118833-36

121296-01Patches not applicable to packages on the system

121181-03 124171-07 125332-10 126365-16 138826-07

120185-21 123630-03 125533-15 136998-09 140455-01120412-11 123005-07 125539-06 137000-07 141514-02

120414-27 123590-12 125541-06 137004-08 141876-07

120811-09 123893-22 125719-31 138195-04 143725-01120849-04 124939-03 125952-20 138822-07 143727-01

122958-06 125136-22 126363-08 138824-07 143977-01

123003-04 125137-22

Installation of patch set complete. PLEASE REBOOT THE SYSTEM.

Install log files written :

/var/sadm/install_data/s10s_rec_cluster_short_2010.09.08_17.06.27.log/var/sadm/install_data/s10s_rec_cluster_verbose_2010.09.08_17.06.27.log

#

If the patch cluster is installed on the active boot environment, the system may require

one or more interim reboots before completing installation. If a message similar to thefollowing is seen during installation, reboot the system and reinvoke the install script.

"The installation of this patch set has halted after applying patch 118833-36.

The machine must now be rebooted before further patches can be applied. Please rebootthe machine and rerun this script. For further details, see patch set README file."

Once the system is rebooted and the install script is reinvoked, installation of the patchcluster will continue.

6. If an unexpected error is encountered during the installation of this patch cluster, theinstall script will abort. Should this occur, the error must be investigated and the issue

resolved before proceeding further. More details about the causes of failure can be found

in the log files. The following log files are created during installation of the patch cluster:

/var/sadm/install_data/s10s_rec_cluster_failed_<time stamp>.log

This log file contains patchadd output from patches that failed to apply. Review this log

file to determine why a patch failed to apply. Note that this log file will only be created if

a patch fails to apply.



/var/sadm/install_data/s10s_rec_cluster_short_<time stamp>.log

This log file contains the same output that the install script displays on the terminal while

the patch cluster is installing.

/var/sadm/install_data/s10s_rec_cluster_verbose_<time stamp>.log

This log file contains all patchadd output generated during the installation of the patch

cluster.

The individual patch log files can also be inspected under

/var/sadm/patch/<PatchID>/log.

If the patch cluster is installed either with the "-B" Live Upgrade option, or the "-R"

alternate root option, log files will reside in the inactive boot environment.

7. Reboot the system.

If this patch cluster is installed to an inactive boot environment using either the "-B" Live

Upgrade option or the "-R" alternate root option, then a reboot will be needed to activate

the inactive boot environment.

If the "-B" Live Upgrade option is used, then the luactivate command will need to be run,and either an init(1M) or a shutdown(1M) will be needed to complete activation of the boot environment. A reboot(1M) will not complete activation of a boot environment

following an luactivate.

If the "-R" alternate root option is used, it may be necessary to rebuild the boot archive in

the alternate root before booting the alternate root. The "-R" option can be used to patch

an alternate root in many different contexts however, and whether the boot archive

rebuild step is necessary, not necessary, or even undesirable very much depends on user intent and the circumstances of each individual case. For this reason, the install script

does not rebuild the boot archive. The decision and responsibility for rebuilding the boot

archive is left to the user. Rebuilding the boot archive in an alternate root can beaccomplished by running the following command:

<alternate_root_path>/boot/solaris/bin/create_ramdisk -R <alternate_root_path>

If this patch cluster is installed to the active boot environment, a reboot is needed to

activate certain objects which have been patched, and to resolve potentially inconsistent

states resulting from newly patched code interacting with old code running in memory.



Normal operations should not be resumed until the reboot is performed. Depending on

the starting patch level of the target system, interim reboots may also be required. The

install script will stop installation of the patch cluster when a reboot is required, andnotify the user that a reboot is needed. The install script should be reinvoked following an

interim reboot.

CLUSTER UNINSTALLATION INSTRUCTIONS:

1. The uninstall of the patch cluster should be performed in single-user mode (run levelS).

2. To remove the patch cluster execute the script "rm_cluster" in the patch cluster

directory.

3. If removing patches from an active boot environment, a reconfiguration reboot ('reboot

-- -r') is needed to deactivate certain objects which have been patched, such as the Kernel.

Some of these patches specify that a reboot must occur immediately after the patch isuninstalled on an active boot environment.

4. Atleast two reconfiguration reboots are necessary because no more patches can be

removed until the system is rebooted. All subsequent patches in this patch cluster will

fail to uninstall until the system is rebooted. To complete the patch cluster uninstallation,

perform a reconfiguration reboot of the system and then invoke rm_cluster script again.

########################################################################

Avaya Modifications Start:########################################################################

Removed following patches from Sun Patch Cluster for trace issue141444-09

142909-17

143140-03

141590-02139555-08

This Patch Cluster has been tested and certified with Avaya IR 4.0 SP6 and is intended for this version only.

########################################################################

Avaya Modification End:

########################################################################

Cluster Readme40sp6

Documents