Patch Management User Guide for HP-UX 11.x Systems (5900-3011, April 2013)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP-UX patches and patch management
- 2 Quick start guide for patching HP-UX systems
- 3 HP-UX patch overview
- 4 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 5 What are standard HP-UX patch bundles?
- 6 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 7 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 8 Using HP-UX Software Assistant for patch management
- 9 Using Dynamic Root Disk for patch management
- 10 The Patch Assessment Tool
- 11 Support and other resources
- A Patch usage models
- Glossary
- Index
7 Using software depots for patch management
A software depot, or simply depot, is a special type of file or directory formatted for use by Software
Distributor for HP-UX (SD-UX). Depots can contain a variety of software products. This chapter
focuses specifically on depots as repositories for patches and patch bundles. These depots are
commonly referred to as patch depots.
Common uses for patch depots include the following:
• Patch depots are an extremely effective mechanism for managing patches. They can be
especially beneficial in managing patches for groups of systems.
• Patch depots can be used as a single source of patches. This helps you to install all patches
in a single installation session.
• Depots are used for software delivery. When you download patches or patch bundles from
HP, you receive either a depot or a file that contains a depot.
• Patch depots can be transferred using email or file transfer protocol (FTP).
Patch depots are an extremely useful patch management tool for systems whose patching you
manage as a group. For these groups, you can use patch depots to centrally manage tasks such
as defining, testing, and updating patch configurations. First, you create a separate centralized
depot for each group; then you manage the patches in each depot rather than on each individual
system. These centralized depots, which can be accessed remotely, are used as the single patch
source for patch installations on all systems in the corresponding group. This allows you to maintain
the same patch level (set of active patches) on all your systems with less overall effort.
Another benefit of using depots is that they minimize the number of reboots required during patch
installation. If you place all the patches to install into a single depot, you will be able to install the
entire contents of the depot onto a system with a single reboot.
For information about depots beyond the scope of this guide, see the Software Distributor
Administration Guide on the HP Business Support Center website at http://www.hp.com/go/
sd-docs.
Common software distributor commands for patching
Please note that use of the various SD-UX commands requires root privileges. For information on
the SD-UX commands, see the Software Distributor Administration Guide on the HP Business Support
Center website at http://www.hp.com/go/sd-docs.
Table 10 SD commands and patch tools
DescriptionSD-UX Command
Check for installation problems and issues related to patches. Options allow
you to check for patches missing the SD-UX patch attributes, missing patch
check_patches
filesets, patch object modules missing from archive libraries, patch filesets with
the incorrect patch_state, patch filesets not in the configured state, and
patch filesets that fail swverify.
This command is available on 11i v3 systems, and is available as a patch in
preceding HP-UX versions:
• PHCO_27780: 11.11 HP-UX Patch Tools
• PHCO_32220: 11.23 HP-UX Patch Tools
See check_patches(1M) for more information.
Allows you to commit all patches that have been superseded a specified number
of times. You can execute this command in preview mode to see what effect
the command will have without making any changes.
cleanup
66 Using software depots for patch management