Patch Management User Guide for HP-UX 11.x Systems (762796-001, March 2014)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP secure development lifecycle
- 2 HP-UX patches and patch management
- 3 Quick start guide for patching HP-UX systems
- 4 HP-UX patch overview
- 5 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 6 What are standard HP-UX patch bundles?
- 7 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 8 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 9 Using HP-UX Software Assistant for patch management
- 10 Using Dynamic Root Disk for patch management
- 11 The Patch Assessment Tool
- 12 Support and other resources
- 13 Documentation Feedback
- A Patch usage models
- Glossary
- Index
1. Use the following swreg command to unregister the depot:
$ swreg -u -l depot /my_depots/PHCO_27780_depot
======= 08/06/04 14:10:35 MDT BEGIN swreg SESSION
(non-interactive)
* Session started for user "root@my_system".
* Beginning Selection
* Targets: my_system
* Objects: /my_depots/PHCO_27780_depot
* Selection succeeded.
======= 08/06/04 14:10:36 MDT END swreg SESSION
(non-interactive)
2. Remove the depot's root directory and contents:
$ rm -r /my_depots/PHCO_27780_depot/
Installing patches from a depot
To install patches from a directory or tape depot, use the swinstall command.
• For additional information about the swinstall command, see the swinstall(1M) manpage
and the Software Distributor Administration Guide on the HP Business Support Center website
at http://www.hp.com/go/sd-docs.
• For more information about installing patches, see Chapter 3: “Quick start guide for patching
HP-UX systems” (page 10).
When you run the swinstall command, the output tells you the success or failure of the command
and how to get additional information. Prior to actually installing patches, you should run the
swinstall command in preview mode by including the -p argument.
Although the swinstall command takes many arguments, the following are pertinent to this
discussion:
swinstall [-p] -s source_system:/some_directory/source_depot [-x
autoreboot=true -x patch_match_target=true software_selections] [@
target_selections]
A basic description of these swinstall arguments follows:
• -p
Executes the command in preview mode. When executed in preview mode, the swinstall
command does not perform the software installation. Rather, this argument shows what the
output from executing the command would be if the patch were installed.
Creates a log file that contains information such as disk space requirements and use. The
command output includes instructions for viewing the log file. The instructions are similar to
the following:
NOTE: More information may be found in the agent
logfile using the command
"swjob -a log some_system-1251 @ some_system:/".
• -ssource_system:/some_directory/source_depot
Specifies the tape or directory depot from which patches will be installed. For a tape depot,
this must refer to a local depot.
To install from a depot located on media, such as CD or DVD, use the appropriate path and
depot name of the depot on the media.
• -x autoreboot=true
Reboots the system when required.
Installing patches from a depot 81