Patch Management User Guide for HP-UX 11.x Systems (5900-3011, April 2013)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP-UX patches and patch management
- 2 Quick start guide for patching HP-UX systems
- 3 HP-UX patch overview
- 4 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 5 What are standard HP-UX patch bundles?
- 6 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 7 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 8 Using HP-UX Software Assistant for patch management
- 9 Using Dynamic Root Disk for patch management
- 10 The Patch Assessment Tool
- 11 Support and other resources
- A Patch usage models
- Glossary
- Index
Some specific criteria to consider when planning your change:
◦ Backup of your system.
◦ System down time.
◦ When are your maintenance windows? What length of time are they?
◦ In the event of patches causing negative side effects, what steps will you take to back
out changes, and how long will it take to execute these steps?
◦ To significantly reduce downtime, and to take advantage of the ability to easily
switch back to your original image if the applied patches cause any negative side
effects, consider using Dynamic Root Disk (DRD). With DRD, you create a copy of
the root disk (or clone) that you can apply patches to, while your system is still up
and running. Once all the patches are loaded on the clone, you can then reboot the
system, using the clone as your active root volume. If for any reason you decide that
the patched root volume does not perform as you desire, you can quickly reboot the
original system image. For more information, please see Chapter 9 (page 89).
• Installing patches.
◦ Review Special Installation Instructions.
Prior to beginning the process of patch installation, review the patches to be installed
to find any associated Special Installation Instructions. You can use the
show_patches –it command directed at the source depot to list Special Installation
Instructions documented within any patches in the depot. For more information, see
show_patches(1).
◦ Install patches on the systems.
◦ Verify patches.
Verify that the patches installed correctly and that the patch had the desired effect.
◦ Recover disk space.
If disk space is an issue, you might find that you need to commit patches. This process
recovers disk space consumed by files that were saved to allow patch rollback. Your
organization should develop a formal plan to determine when and how patches
should be committed. See Chapter 3: “HP-UX patch overview” (page 17) for more
information.
• If you have opted to use DRD to reduce your downtime, you will need to create a clone
and apply the patches to the clone, then boot the clone once all changes have been
implemented. For more information, please see Chapter 9 (page 89).
4. Tracking the patch levels of the systems. (Patch level refers to the set of active patches on the
system.)
• Patch level is important when determining which patches are needed on each system.
• You need to know the patch levels of the systems when interpreting patch testing results.
• If you need to open a support call, you might be asked for the current patch level to aid
in troubleshooting.
46 Patch management overview