Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Features
SA automates Solaris patching by enabling you to:
-
Determine which patches and IPS packages your managed servers need.
SA can determine the patches and IPS packages your managed Solaris servers need by examining the OS version, the applications installed on your servers, and the patches already installed on your servers. SA examines all available Solaris patches and then determines which patches your servers need, the required installation order, and the reboot requirements.
-
Create Solaris patch policies.
This is a model-based approach to managing your Solaris servers. SA enables a policy setter to create a model of their IT environment by creating a Solaris patch policy. A Solaris patch policy specifies patches, patch clusters, and scripts that must be installed on your managed servers. A system administrator can then apply the patch policies to the Solaris servers in their environment. Create Solaris patch policies from downloaded Solaris patches and patch clusters.
-
Download Solaris patches, patch clusters, and patch bundles, and then store them, and related vendor information, in the SA Library.
SA can import Solaris patches, patch clusters, Fujitsu clusters,IPS packages and related vendor information from My Oracle website and add them to Solaris patch policies. Vendor information can include reboot specifications, platform settings (such as support for multi-platform patches), patch dependencies, and a Readme file. Your patch policies are stored in the SA Library and accessible from the SA Client.
-
Resolve all dependent patches for Solaris patches.
SA can examine all Solaris patch metadata and identify obsolete patches, superseded patches, incompatible patches, required dependent patches and withdrawn patches, and then update your patch policy. SA also places the patches and IPS packages in the correct install order.
-
Install Solaris patches, patch clusters and IPS packages on managed servers.
SA allows you to directly install Solaris patches, patch clusters and IPS packages on managed servers or to install by using Solaris patch policies. In the SA Client, you can set the installation order for the patches and patch clusters in the patch policy. SA includes the reboot settings from the Solaris patches in the policy.
SA installs patches, patch clusters, Fujitsu clusters, patch bundles and IPS packages by remediating patch policies on managed Solaris servers. The remediate process offers various patch reboot settings, such as single-user mode, reconfiguration reboot, and reboot immediate.
SA ensures that each patch is applicable to each server. For example, if the package or application the patch applies to is not installed on the server or if a newer patch is already installed on the server, SA will not install that patch on the server.
Note SA now allows you to install Solaris 10 Patches which are categorized as Interim Diagnostic and Relief (IDR) or Test patches.
The installation behavior for these patches is the same as for Standard SA Patches except for the following differences:
- SA cannot resolve dependency information for the Test or IDR patches because these patches do not exist in the Oracle's Solaris Patch Metadata catalog.
-
When attempting to add a Test or IDR patch to a patch policy, SA display the following warning message: "
Solaris Interim Diagnostic and Relief (IDR) and Test patches can cause issues with your managed servers. Please install only as directed by Solaris support." - When attempting to install a Test or IDR patch Ad-Hoc, SA will display the following warning message: "
Solaris Interim Diagnostic and Relief (IDR) and Test patches can cause issues with your managed servers. Please install only as directed by Solaris support."
-
Install Solaris patches in single-user mode.
SA will install Solaris patches in single-user mode if it is required by the patch metadata published by Oracle. After the patch installation is completed, SA will return to multi-user mode. (See Troubleshoot Solaris patch installation for additional tips about install modes.)
-
Install patches by Solaris zones
The SA Client lets you can install patches on Solaris global and non-global zones by using Solaris patch policies.
-
Establish a patch installation process.
In SA, you can separate and independently schedule the various stages of Solaris patch management, such as by analysis, download, and installation. You can set up email notification for the job status of each completed stage and associate a ticket ID with each job.
-
Verify the compliance status of servers with patch policies
The Compliance view allows you to determine if servers are configured according to the patch policy and to remediate non-compliant servers. You can perform compliance scans, including server platform, patch supersedence, and package applicability checks.
-
Search for software resources and servers.
In the SA Client, the Library provides a way to search for Solaris patches, clusters and patch policies using powerful and flexible search criteria such as by availability, architecture, operating system, reboot options, version, and many other parameters. You can also search for Solaris patch policies by name, folder name, availability, operating system, and so on. See "Searching for Objects with the SA Client" in the SA
Policy-based patch management
With Solaris patch policies, you can ensure your Solaris servers have the right patches installed by creating a patch policy. A patch policy is a model of your desired IT environment. A Solaris patch policy defines a server baseline to ensure that all servers are provisioned with standard contents. Using SA, you can automatically download Solaris patches, organize them into polices, define installation order among patches in the policy, automatically resolve all dependencies for the patches and set reboot settings for all patches in the policy.
System administrators can then manage the servers in their environment by applying the Solaris patch policy to the servers. SA applies the changes to the managed servers when you remediate the managed servers with the patch policy. When a change needs to be made to a patch policy, a policy setter simply changes the baseline defined in the policy and the incremental differences are applied across the target servers.
Solaris patch bundles
You can import and install Solaris patch bundles.
- You can download Solaris patch bundles and import them into the SA library using the
solpatch_importcommand. - You can install Solaris patch bundles directly on managed servers or on all servers in a device group or you can add Solaris patch bundles to a Solaris patch policy (or to a software policy), attach the policy to managed servers or device groups and then remediate the servers against those policies. When you remediate the servers or device groups, the Solaris patches specified in the attached policy are automatically installed on the managed servers.
- All
solpatch_importactions, except the policy action, now can be performed with patch bundles. - When you import a bundle, SA updates the metadata in the SA Library with all the patches contained in the bundle. Depending on the number of patches in your SA Library, the bundle import may take some time.
- Deleting a patch bundle from the SA Library or by using the solpatch_import command deletes all the parts of the bundle.
-
The default reboot settings for patch bundles are listed below. You can change these settings by opening the patch bundle in the SA Client, selecting the Properties view and editing the Install Parameters.
- Reboot Required: Yes – This setting indicates the managed server will be rebooted when the patch bundle is successfully installed.
- Install Mode: Single-user Mode – This setting indicates that the patch bundle will be installed in single user mode. Note that the Solaris system is rebooted to single user mode, then the patch bundle is installed, then the system is rebooted to multiuser mode. SeeTroubleshoot Solaris patch installation for additional tips about install modes.
- Reboot Type: Reconfiguration – This setting indicates that a reconfiguration reboot will be performed after installing the patch bundle.
- Reboot Time: Immediate – This setting indicates that the server will be rebooted immediately after installing the patch bundle.
-
A Solaris patch compliance scan will indicate that the server is out of compliance even though the patch bundle installed successfully if one or more patches in the bundle were not installed because a required prerequisite patch was not installed. For details on what patches in the patch bundle were not installed, see the log file for the patch bundle installation job.
A software compliance scan will similarly indicate the server is out of compliance if the patch bundle is included in the software policy and the same scenario occurs.
To bring the server into compliance, place the relevant patches into a patch policy, resolve the dependencies on the policy to place all required patches in the policy and remediate the policy on the server.
- You must set the “Manage Packages” permission to “Read and Write” to use the
solpatch_importcommand. For details on permissions, see the SA -
If you encounter errors when importing Solaris patch bundles, perform the following troubleshooting steps.
- Log in as root to the SA core where the SA patch has been installed.
-
Locate the log file from the patch install, which is typically located at:
/var/log/opsware/install_opsware/patch_opsware.<time stamp>.log
-
Search this log file for a message with “update_supplements.” For example, you could use the following grep command:
grep update_supp patch_opsware* -
The result should be a log message with “update_supplements successfully completed”. However, if the message indicates the update_supplements failed, update the Solaris patch supplement file manually as follows.
-
Log in as root to an SA core system where the
solpatch_importcommand is installed. -
Change to the directory where the
solpatch_importcommand is:/opt/opsware/solpatch_import/bin. -
Run the following command:
./solpatch_import -a update_supplements -
Try importing Solaris patch bundles again.
Fujitsu clusters
A Fujitsu cluster is a cluster designed for a Solaris operating system that runs on Fujitsu hardware. SA supports Fujitsu clusters.
Cluster downloads
If you use a single
solpatch_importcommand to download both a Fujitsu cluster and a Solaris recommended cluster file, both files will be downloaded to the same location but will not be imported into the SA core. The first downloaded cluster will be overwritten by the second downloaded cluster, because both clusters have the same file names (such as: 10_Recommended.zip). To avoid overwriting one file with the other, do not use a singlesolpatch_importcommand to download the two clusters. Instead, download the first cluster, move it to a different location, and then download the second one.You can still use a single
solpatch_importcommand to import Fujitsu clusters and standard Solaris recommended clusters for the same operating system because when SA imports a file, it downloads and then immediately imports it to the core. No file overwriting can occur.Patch policies
You can create patch policies for any cluster from the command line or by using the SA Client.
When you create a patch policy for a Fujitsu cluster by using the –
a policyor--action=policyoption from a command line, all applicable patches included in the cluster are applied—regardless of whether Fujitsu intended them to be installed on your hardware model, using the cluster install. These extra patches do not cause harm.If you want to apply only the patches that Fujitsu has designated for your hardware model, use the SA Client to create a new policy and include the Fujitsu cluster. When you remediate the policy, SA will correctly apply only the relevant patches.
SA commands
You can use the same cluster commands for Fujitsu clusters as you do for standard Solaris clusters.
Use the following command to display additional information about cluster commands:
/opt/opsware/solpatch_import/bin/solpatch_import --manualFujitsu clusters can only be imported using the solpatch_import command.
- You can download Solaris patch bundles and import them into the SA library using the
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to hpe_sa_docs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: