Patch Management User Guide for HP-UX 11.x Systems (762796-001, March 2014)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP secure development lifecycle
- 2 HP-UX patches and patch management
- 3 Quick start guide for patching HP-UX systems
- 4 HP-UX patch overview
- 5 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 6 What are standard HP-UX patch bundles?
- 7 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 8 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 9 Using HP-UX Software Assistant for patch management
- 10 Using Dynamic Root Disk for patch management
- 11 The Patch Assessment Tool
- 12 Support and other resources
- 13 Documentation Feedback
- A Patch usage models
- Glossary
- Index
v=HP,fr=1.0, fa=HP-UX_B.11.11_32/64
* Selection succeeded.
* Beginning Analysis
* Session selections have been saved in the file
"/.sw/sessions/swremove.last".
* The analysis phase succeeded for
"my_system:/my_depots/new_directory_depot".
* Analysis succeeded.
* Beginning Execution
* The execution phase succeeded for
"my_system:/my_depots/new_directory_depot".
* Execution succeeded.
NOTE: More information may be found in the agent logfile using the
command "swjob -a log my_system-0843 @
my_system:/my_depots/new_directory_depot".
======= 05/03/04 13:25:02 MDT END swremove SESSION (non-interactive)
(jobid=my_system-0843)
Advanced topic: removing superseded patches from a depot
If you have a depot that you are using for patch installation that contains both superseded patches
and corresponding superseding patches, the superseded patches will never be installed and are
a waste of disk space. There is a patch utility called cleanup that you can use to remove all
patches from a software depot if they have been superseded by patches that are also available
in the depot. This command works only for directory depots, not tape depots.
The cleanup utility is delivered by the following patches (and their superseding patches):
• PHCO_27779 (HP-UX 11.0, B.11.00)
• PHCO_27780 (HP-UX 11i v1, B.11.11)
• PHCO_32220 (HP-UX 11i v2, B.11.23)
• Shipped with SD-UX (HP-UX 11i v3, B.11.31)
To execute cleanup on the depot some_depot, you can use the following command:
cleanup [-p] -d /some_directory/some_depot
If you use the -p option, the command executes in preview mode. You will be able to see what
changes will be made without any changes actually occurring. HP recommends that you always
execute the command in preview mode first.
For additional information and command options, see the cleanup(1M) manpage.
The following example shows how to use the cleanup command to remove superseded patches
from the depot /my_depots/patch_depot.
• Use the swlist command to show the contents of depot /my_depots/patch_depot. The
depot contains two patches: PHCO_24630 and PHCO_27780. The patch PHCO_27780
supersedes PHCO_24630.
$ swlist -l product -d @ /my_depots/patch_depot
# Initializing...
# Contacting target "my_system"...
#
# Target: my_system:/my_depots/patch_depot
#
PHCO_24630 1.0 HP-UX Patch Tools
PHCO_27780 1.0 HP-UX Patch Tools
• Use the cleanup command in preview mode to see what changes will occur. The command
output shows that patch PHCO_24630 will be removed because the cleanup command
Removing software from a directory depot 79