HP UX Patch Management manual Example of running the Patch Assessment Tool

Page 89

4.You can access information regarding the use of the Patch Assessment Tool, including how to complete the tasks in the previous list, from the useful links navigation menu on the run a patch assessment page. Some links include the following topics:

running a patch assessment

configuring an assessment profile

interpreting assessment results

5.To run an assessment, you must complete the following tasks. The following items represent an outline of these tasks; for procedures you can use the useful links navigation menu or “Example of running the Patch Assessment Tool” (page 89).

Download a collection script to the system to be analyzed.

Run the collection script.

The collection script creates a file called hostname.fs, where hostname is the result of the uname -ncommand. This file contains information about what software, patches, and patch bundles are installed on the system.

Upload hostname.fs to the Patch Assessment site.

Select an assessment profile.

The assessment profile specifies what rules the tool should use when determining which patches and patch bundles to select for the system. You can select the default HP recommended assessment profile or you can create a custom assessment profile. A custom profile allows you to do the following:

A custom profile allows you to select a patch strategy.

A custom profile allows you to specify that the assessment select patches for any of the following:

Latest QPK patch bundle

Security patches

Replacements for installed patches with critical warnings

Replacements for installed patches with any warnings

Critical fixes

Updates for patches already installed

Miscellaneous patches for the specific operating system of the system being assessed

Miscellaneous patches for the specific hardware model of the system being assessed

Application-specific patch sets

All applicable patches

Use the ITRC frequently to monitor your patch environment.

Example of running the Patch Assessment Tool

The following example shows the steps to follow for creating a custom patch assessment profile and for running a patch assessment using this profile. The example assumes you are accessing the ITRC from the system to be analyzed. If this is not the case, you can still use the Patch Assessment Tool, but you must perform intermediate steps to transfer files to the system you are using to access the ITRC and the system to be analyzed.

1.Open a browser window on the target system.

2.Log in to the ITRC at http://itrc.hp.com.

3.Select Patch database from the left navigation.

Example of running the Patch Assessment Tool

89

Page 88 Page 90
Image 89
Page 88 Page 90
Contents Patch Management User Guide for HP-UX 11.x Systems Revision history Table of Contents What are standard HP-UX patch bundles? Using Dynamic Root Disk for patch management 107 104Patch management strategies HP-UX patches and patch managementWhere to start How to get patchesOverview Quick start guide for patching HP-UX systemsBefore you begin Should you use standard HP-UX patch bundles?Acquiring the bundles Acquiring and installing standard HP-UX patch bundlesStandard HP-UX patch bundles As root, run the createdepothp-ux11script Installing the bundlesSwlist Advanced topic using Dynamic Root Disk DRDAcquiring the patches Acquiring and installing individual patchesQuick start guide for patching HP-UX systems Swverify -d \* @ /tmp/somepatchdirectory/depot Installing the patchesAdvanced topic using Dynamic Root Disk DRD Patch-related concepts HP-UX patch overviewPatch identification HP-UX software structureSoftware depots and patch depots Patch bundlesPatch state Patch statusSwlist -l fileset -a state grep patchid StateCategory tags Swlist -l product -a categorytag patchid Which patches are on a system?For example Examples of the swlist command$ swlist -l product *,c=patch $ swlist -l bundle @ somesystem $ swlist -l product *,c=manualdependencies$ swlist -l fileset -a ancestor PHSS29183 Ancestors and supersessionAncestors $ swlist -a appliedpatches Xserver.AGRM SupersessionSwlist -a appliedpatches filesetname Showpatches -s Swlist -l patch -x showsupersededpatches=trueSwlist -a patchstate -x showsupersededpatches=true patchid $ swlist -l fileset -a supersedes PHSS28681HP-UX Patch Supersession Chain Patch-related attributesSee Category tags Corequisites and prerequisites Patch dependenciesTypes of dependencies Swlist -vl fileset -a dependencytype fileset Enforced and unenforced manual dependenciesImpact of dependencies on acquiring patches Patch commitment Patch rollback and commitmentPatch rollback HP-UX patch ratings Advanced topic patch cleanup utilityCleanup -p -c number Rating details HP patch ratingFinding information for a specific patch Critical and noncritical patchesPatch documentation $ swlist -l product -a categorytag PHSS30011Subset of fields in patch text file and patch details Patch warnings Obtaining information using the ItrcAdvanced topic the readme attribute Swlist -l product -a readme patchid moreCritical and noncritical warnings Advanced topic finding patches with warnings How to handle patch warningsQuestions to ask Considerations Backup and recoveryPatch management life cycle Patch management overviewPatch management life cycle Patch management overview Restrictive Conservative Innovative Establishing a software change management strategyOperational factor and patch management strategy matrix Recommendations for software change managementPatch management and software depots Consideration of HP patch ratingAcquiring patches for proactive patching Proactive patching strategyAdvanced topic HP-UX Software Assistant Reactive patching strategyAcquiring patches for reactive patching Advanced topic security patching strategyAdvanced topic scanning for security patches Testing the patches to be installedStandard HP-UX patch bundles Key featuresWhat are standard HP-UX patch bundles? Standard HP-UX patch bundle use and release dates Obtaining standard HP-UX patch bundlesQuick start guide for patching HP-UX systems Obtaining an Itrc user account Using the IT Resource CenterUseful pages on the Itrc Find individual patchesAccessing the patch database and finding an individual patch Key featuresClick the add to selected patch list button Using the IT Resource Center Check for patches with dependencies Advanced topic checking for all patch dependenciesUsing the IT Resource Center Click the add to selected patch list button Custom patch bundles run a patch assessment Standard patch bundlesSupport information digests Ask your peers in the forumsSearch knowledge base Common software distributor commands for patching Using software depots for patch managementDirectory depots Depot typesTape depots Using depotsSwlist -l depot Viewing depotsChoosing depot type and depot location $ swlist -l depot @ swdepot.xyz.com $ swlist -l depotSwlist -l depot @ remotesystem Creating and adding to a directory depot Depot/patches/11.11 Copying patches to depotsCopying products with patch dependencies to depots Registering and unregistering directory depotsAdvanced topic HP-UX Software Assistant Examples of registering and unregistering depots Advanced topic access control lists$ swreg -l depot /depot/patches/2003-07periodicdepot $ swreg -u -l depot /depot/patches/2003-07periodicdepot$ swverify -d \* @ /mydepots/newdirectorydepot Verifying directory depotsExamples of verifying directory depots Removing software from a directory depot Verification had errorsVerification succeeded $ swverify -d \* @ /mydepots/PHSS30278depotExecution succeeded $ swlist -l product -d @ /mydepots/patchdepot $ /usr/sbin/cleanup -d /mydepots/patchdepotAdvanced topic removing superseded patches from a depot Removing a directory depot Installing patches from a depot$ swlist -l product @ /mydepots/patchdepot $ swreg -u -l depot /mydepots/PHCO27780depotReboots the system when required Analysis succeeded Examples of installing patches from a depotAnalysis and Execution succeeded Installing products with patch dependencies from a depotCustom patch bundles Rev Bundle Description Examples of listing patches and bundlesRev Patch description $ swlist -d @ /mydepots/temporarydepot Creating a custom bundleAnalysis succeeded Finally, remove the temporary depot For more information Using HP-UX Software Assistant for patch managementUsing Dynamic Root Disk for patch management Drd1m Benefits of the Patch Assessment Tool Using the Patch Assessment ToolPatch Assessment Tool Example of running the Patch Assessment Tool Select upload new system information Related information Support and other resourcesContacting HP Non-HP websites Typographic conventionsHP websites Times Patch usage models Components in test Image Then production Patch usage model 1 hardware/application software changeDRD Begi n Product needs to be certified on HP-UX 11i v2/v3 Patch usage model 3 operating environment cold install Patch usage model 3 operating environment cold install Patch usage model 4 operating environment update Patch usage model 4 operating environment update Create clone Patch usage model 5 proactive patchPassed? System Patch usage model 6 reactive patchAncestor GlossaryIPD SWA Index Index See also HWE Index
Top Page Image Contents