Generating weekly patch reports with Solaris


If you manage servers running Solaris 9 and 10, you may have noticed that Sun added the smpatch utility to assist with the cumbersome job of patching. I try my best to apply all critical and security patches to the systems I support, and have come to rely on the following cron job to notify me when new patches are available for my systems:

0 0 * * 0 /usr/sbin/smpatch analyze | /usr/bin/mailx -s "Patch list for `/usr/bin/hostname`" matty

The smpatch “analyze” option will retrieve the list of available patches from Sun, and compare those with the patches currently applied to the system. If smpatch detects that a new patch is available, it will print the patchid and patch description to standard output, which I pipe to mailx. This results in an email similar to the following showing up in my inbox:

From: Super-User
To: matty
Subject: Patch list for tigger
Date: Sat, 1 Apr 2006 11:14:23 -0500T(EST):00-04:00

118375-07 SunOS 5.10: nfs Patch
122243-01 SunOS 5.10: patch forthdebug
122242-01 SunOS 5.10: patch cmlb
122241-01 SunOS 5.10: patch dad
118346-03 SunOS 5.10: libnsl Patch
122027-02 SunOS 5.10: bge Driver Patch
121118-06 SunOS 5.10_sparc, Sun Update Connection Client, System Edition 1.0.4
119278-07 CDE 1.6: dtlogin patch
122206-01 GNOME 2.6.0: On-screen Keyboard Patch
120460-07 GNOME 2.6.0: Gnome libs Patch
122204-01 GNOME 2.6.0: configuration framework Patch
122210-01 GNOME 2.6.0: GNOME Media Player Patch
119368-04 GNOME 2.6.0: Printing Technology Patch
122208-01 GNOME 2.6.0: Removable Media Patch
120286-02 GNOME 2.6.0: Gnome text editor Patch
119906-04 Gnome 2.6.0: Virtual File System Framework patch
119538-04 GNOME 2.6.0: Window Manager Patch

I use the patch details to decide if I need to patch the system, and to document which areas of the system were patched. If something goes horribly awry after ‘smpatch update’ runs, I can look back through my patch emails to see which subsystems and applications were impacted.

This article was posted by Matty on 2006-04-01 12:28:00 -0400 -0400