Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
SA patching in Solaris 11
Solaris 11 patching support leverages the existing Solaris patching functionality, with a few differences to adapt to the new Solaris IPS package delivery structure.
- IPS packages and server types in Solaris 11 recommended patch policies
- Differences in Solaris 11 patch policies
- Differences in Solaris 11 remediation
- Solaris 11 patch policy rules
- Reasons an IPS package might not install
- Other differences
IPS packages and server types in Solaris 11 recommended patch policies
The recommended Solaris 11 patch policy that is created via the solpatch_import command applies to both types of Solaris 11 servers: SunOS 5.11 (SPARC) or SunOS 5.11 x86 (x86). Individual IPS Packages can apply to Solaris 11 servers with SPARC architecture, x86 architecture, or both. The SA remediation process prevents irrelevant or wrong packages from installing.
Differences in Solaris 11 patch policies
- All patch units are IPS Packages, so when adding items to Solaris 11 patch policies, there are only two item types: IPS packages and scripts.
- The Resolve Dependency action is not needed because the dependency check is done during remediation for Solaris 11. For previous versions of Solaris, the Resolve Dependency action was a separate step that needed to be done within the policy before remediation.
-
A Solaris 11 patch policy only performs applicable updates on IPS packages that are already installed on a managed server.
For instance:
If a managed server has the following files:
- X version 1 and
- Y version 2
and you try to install these files:
- X version 2,
- Y version 2, and
- Z version 2
only X version 2 will be installed because it is an update to X version 1, which is already installed on the server.
Package Y will be omitted from the install because it is already up to date; Z will be omitted because it was not updating a package that already existed on the server.
Differences in Solaris 11 remediation
- Applicability analysis: SA verifies that the IPS package is relevant to the server by determining if a previous version of the package has already been installed on the server. If a previous version does not exist or if a superseding package does, then the IPS package is considered not applicable.
- Remediation process: Remediating IPS packages essentially installs the new IPS package version on top of the previous version.
After running the remediation job, a new boot environment (BE) may be created. In this case, the server will not be compliant until after the server reboots and the new packages are available. If a new BE is required, then the system will need to reboot. The reboot options defined for the remediation job will be obeyed.
HPE Software recommend not to change the Default Reboot Setting, “Hold all server reboots until all actions have completed” when remediating a Solaris 11 Patch Policy. Changing this default reboot setting may result in patches not being installed during a patch policy remediation.
See Solaris documentation for information on Solaris 11 boot environments and zones.
Solaris 11 patch policy rules
Solaris 11 patch policy supersedence rules
If IPS package Z version 1 and version 2 are included in a policy, Z version 1 will be marked as superseded by Z version 2 and will not be installed.
Solaris 11 patch policy applicability rules
- If IPS package Z version 2 is in the policy, and no previous version of Z is installed on the managed server, Z version 2 will not be installed.
- If IPS package Z version 1 is in the policy, and Z version 2 is installed on the managed server, Z version 1 will be marked as superseded by an installed package and will not install.
- If IPS package Z version 1 is in the policy, and Z version 1 is installed on the managed server, Z version 1 will be marked as already installed and will not install.
Reasons an IPS package might not install
Patch policy rules are applied first:
- Base package does not exist: IPS Package A version 1 cannot install because there is no previous version of package A installed on the managed server
-
Newer version is already installed:
- Package A version 1 cannot install because a newer version, package A version 2, was also included in the policy and was installed instead.
- Package A version 1 cannot install because package A version 2 (newer package) is already installed on the managed server
Generic rules for all policies (software or patch) are applied second:
- Dependency: Package B version 1 cannot install because it requires package A version 3, which is not in the SA repository.
- Blocker: Package A version 1 cannot be installed because package X, which is installed on the managed server, prevents it.
- Duplicate: Package A version 1 cannot install because it is already installed
- Other: Additional reasons may apply per Solaris IPS analysis. SA passes the Solaris error messages through to the SA remediation job.
Other differences
The patchadd utility is not applicable to Solaris 11 because there is no concept of a patch unit like there is in previous versions (version) of Solaris. All units are IPS packages, which use the 'pkg' command instead.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to hpe_sa_docs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: