Performing a Solaris 11 patch analysis
To perform patch analysis for Solaris 11 servers, you create and run an NSH Script Job from the provided Solaris 11 Patching script.
Before you begin
Ensure that you have installed the scripts for the Solaris 11 patching solution, as described in Installing the script-based patching solution for Solaris 11.
To perform patch analysis, the role running the job must be mapped to root on the helper or target. This is typically achieved by granting mappings through RBAC and pushing ACLs. For more information, see Controlling server access with agent ACLs.
To create an NSH Script Job for Solaris 11 patch analysis
- In the BMC Server Automation Console, browse to Depot > Solaris Patch Analysis.
- Right-click the Solaris 11 Patching script, and select NSH Script Job.
The New NSH Script Job wizard opens.
- In the New NSH Script Job wizard, configure the job through the various panels. Use the following steps to perform the most basic configuration for this job.
- On the General panel, define a name for the job and specify a location in the Jobs folder in which to save the job.
- On the Targets panel, choose the servers where the job should run.
On the Parameters panel, adjust the values of the editable script parameters:
Parameter Flag Description Default value Repository Server -s Name or IP address of the repository server. (no default value) Repository Location -r Location of the repository on the repository server. /export/repoSolaris11 Depot Workspace -D
Path to subfolder within the Depot folder, in which to save objects (custom software and BLPackages) required during deployment of missing patches. If the folder does not already exist, it will be created during patch analysis.
/Solaris 11 Patching Job Workspace -J
Path to subfolder within the Jobs folder, in which to save deploy jobs and batch jobs that are created during the deployment of missing patches. If the folder does not already exist, it will be created during patch analysis.
/Solaris 11 Patching Debug Mode -d
Whether or not to turn on debugging during the patching process. One of the following values:
- 0 — non-debug mode
- 1 — debug mode
0 Script Mode -m Whether to perform analysis or packaging, or both. If you choose to perform only packaging, ensure that analysis was performed previously. Specify one of the following values:
- a — analysis only
- p — packaging only
- ap — both analysis and packaging
a Script Location -l
Full NSH path to the Solaris11_Script-<version>/Scripts directory. You extracted this directory when you prepared to install the Solaris 11 patching solution package.
Detected automatically. Example path:
Analysis Mode -a Mode of analysis, one of the following:
- update — analyze only for updates available for installed IPS packages on a target server
- install — analyze for installation of specific IPS packages (as specified by the Analysis Filter) and their dependencies on the target server
update Publisher Name -p Name of the publisher of the Solaris patches (typically solaris). solaris Analysis Filter -f
Specific IPS packages to do analysis against, specified in FMRI format. Use the space character as the delimiter to separate multiple packages. The maximum supported length for this string is 255 characters.
If you set the Analysis Mode to install, you must enter at least one package.
For update mode, you can choose no filters, by setting a blank value.
Analyzer Timeout -o
The amount of time (in seconds) to allow before the internal deploy job for patching analysis times out.
Note: This internal deploy job runs on target servers during patch analysis, but it does not deploy patches to the target servers.
For no timeout, set the value to 0.
0 Auto Execute Deploy Job -x
Whether to execute the patch deploy job immediately after the packaging phase is complete — either 0 (no) or 1 (yes).
- On the Schedules panel, schedule the execution of the job (either immediately or at a later time).
- When you finish all relevant job configuration on the remaining panels (Default Notifications, Properties, and Permissions), click Finish.
Where to go from here
After the job runs, you can view a summary of the most recent patch analysis results on each target server through a Live Browse of the Solaris 11 Analysis Results extended object. This summary is obtained from the patch analysis job log.
To troubleshoot issues that might arise during patch analysis, see Troubleshooting Patch Management for Solaris 11.