Solaris 10 Recommended Bundle Patch ZFS

September 17, 2015

Regarding to Oracle Security alert CVE list, we need to apply Solaris Recommended Bundle patch instead of apply one by one patch. But we have to make sure backup everything include create ZFS snapshot and splitting ZFS mirror for rollback plan.

Here a notes for Solaris 10 patching update that can be used as reference and I hope it is useful (:

 										
	Darke console login: root									
	Password:									
	Sep 10 17:51:19 Darke login: ROOT LOGIN /dev/console									
	Last login: Thu Sep 10 16:13:34 on console									
	Oracle Corporation      SunOS 5.10      Generic Patch   January 2005									
	Sourcing /root/root/.profile-EIS.....									
	Darke[root]/root/root>									
	Darke[root]/root/root> . /root/root/.profile-EIS									
	root@Darke # bash									
	root@Darke # export TERM=vt100									
	root@Darke #									
	root@Darke #									
	root@Darke # zpool list									
	NAME      SIZE  ALLOC   FREE  CAP  HEALTH  ALTROOT									
	rpool     278G  86.0G   192G  30%  ONLINE  -									
	root@Darke # zpool status									
	  pool: rpool									
	 state: ONLINE									
	 scan: none requested									
	config:									
										
	        NAME                         STATE     READ WRITE CKSUM									
	        rpool                        ONLINE       0     0     0									
	          mirror-0                   ONLINE       0     0     0									
	            c9t5000CCA0546DA579d0s0  ONLINE       0     0     0									PRIMARY
	            c5t5000CCA0546E64E1d0s0  ONLINE       0     0     0									SECONDARY / NEWRPOOL
										
	errors: No known data errors									
	root@Darke #									
	root@Darke # eeprom|grep root									
	boot-device=rootdisk0 rootdisk1									
	nvramrc=devalias rootdisk1 /pci@400/pci@1/pci@0/pci@4/scsi@0/disk@w5000cca0546e64e1,0:a									
	devalias rootdisk0 /pci@400/pci@2/pci@0/pci@4/scsi@0/disk@w5000cca0546da579,0:a									
	root@Darke #									
	root@Darke # zpool split rpool newrpool c5t5000CCA0546E64E1d0s0									
	root@Darke # zpool status									
	  pool: rpool									
	 state: ONLINE									
	 scan: none requested									
	config:									
										
	        NAME                       STATE     READ WRITE CKSUM									
	        rpool                      ONLINE       0     0     0									
	          c9t5000CCA0546DA579d0s0  ONLINE       0     0     0									
										
	errors: No known data errors									
	root@Darke #									
	root@Darke # mkdir /newrpool									
	root@Darke # zpool import -N -R /newrpool newrpool									
	root@Darke # zfs list -r newrpool									
	NAME                              USED  AVAIL  REFER  MOUNTPOINT									
	newrpool                         87.0G   187G   106K  /newrpool/rpool									
	newrpool/ROOT                    44.8G   187G    31K  legacy									
	newrpool/ROOT/s10_dev      44.8G   187G  13.5G  /newrpool									
	newrpool/ROOT/s10_dev/var  31.3G   187G  31.3G  /newrpool/var									
	newrpool/TCM                     2.46M  4.00G  2.46M  /newrpool/TCM									
	newrpool/dump                    8.02G   187G  8.00G  -									
	newrpool/export                   280M   187G    33K  /newrpool/export									
	newrpool/export/home              280M   187G   280M  /newrpool/export/home									
	newrpool/optBMC                   822M  4.20G   822M  /newrpool/opt/BMC									
	newrpool/swap                    33.0G   188G  32.0G  -									
	newrpool/syslv                   79.7M   187G  79.7M  /newrpool/syslv									
	root@Darke #									
	root@Darke # zfs mount -vO -o mountpoint=/newrpool newrpool									
	root@Darke # cd /newrpool/boot									
	root@Darke # ls -l									
	total 2									
	-rw-r--r--   1 root     root          52 Mar 16 12:41 menu.lst									
	root@Darke # cp menu.lst menu.lst.orig									
	root@Darke # cat menu.lst									
	title s10_dev									
	bootfs rpool/ROOT/s10_dev									
	root@Darke # export TERM=vt100									
	root@Darke # vi menu.lst									
	root@Darke #									
	root@Darke # zfs mount -vO -o mountpoint=/newrpool newrpool/ROOT/s10_dev									
	root@Darke # cd /newrpool/									
	root@Darke # rm /newrpool/etc/zfs/zpool.cache									
	root@Darke # grep rpool /newrpool/etc/vfstab									
	/dev/zvol/dsk/rpool/swap        -       -       swap    -       no      -									
	root@Darke # cp /newrpool/etc/vfstab /newrpool/etc/vfstab.orig
	root@Darke # vi /newrpool/etc/vfstab	

Editing vfstab

 								
	root@Darke #									
	root@Darke # grep rpool /newrpool/etc/vfstab									
	/dev/zvol/dsk/newrpool/swap     -       -       swap    -       no      -									
	root@Darke # bootadm update-archive -v -R /newrpool									
	cannot find: /newrpool/etc/cluster/nodeid: No such file or directory									
	cannot find: /newrpool/etc/mach: No such file or directory									
	root@Darke #									
	root@Darke #									
	root@Darke #									
	root@Darke # cd /									
	root@Darke # zfs unmount /newrpool									
	root@Darke # umount /newrpool									
	root@Darke # zpool export newrpool									
	root@Darke # zfs snapshot -r rpool@backup									
	root@Darke # zfs list | grep backup									
	rpool@backup                             0      -   106K  -									
	rpool/ROOT@backup                        0      -    31K  -									
	rpool/ROOT/s10_dev@backup          0      -  13.5G  -									
	rpool/ROOT/s10_dev/var@backup      0      -  31.3G  -									
	rpool/TCM@backup                         0      -  2.46M  -									
	rpool/dump@backup                        0      -  8.00G  -									
	rpool/export@backup                      0      -    33K  -									
	rpool/export/home@backup                 0      -   280M  -									
	rpool/optBMC@backup                      0      -   823M  -									
	rpool/swap@backup                        0      -  32.0G  -									
	rpool/syslv@backup                       0      -  79.7M  -									
	root@Darke #									
	root@Darke # ls -lh /root/root/Patch/									
	total 9478277									
	-rw-r--r--   1 moon   earth      4.1K Sep  9 18:11 V77079-01.zip									
	-rw-r--r--   1 moon   earth      548M Sep  9 18:12 V77080-01.zip									
	-rw-r--r--   1 moon   earth      2.1G Sep  9 18:11 V77081-01.zip									
	-rw-r--r--   1 moon   earth      807M Sep  9 18:12 V77084-01.zip									
	-rw-r--r--   1 moon   earth       52M Sep  9 18:12 V77086-01.zip									
	-rw-r--r--   1 moon   earth      1.0G Sep  9 18:11 V77087-01.zip									
	root@Darke #									
	root@Darke # init 0									
	root@Darke # svc.startd: The system is coming down.  Please wait.									
	svc.startd: 75 system services are now being stopped.									
	syncing file systems... done									
	Program terminated									
	NOTICE: Entering OpenBoot.									
	NOTICE: Fetching Guest MD from HV.									
	NOTICE: Starting additional cpus.									
	NOTICE: Initializing LDC services.									
	ChassisSerialNumber AK00277203									
	NOTICE: Probing PCI devices.									
	NOTICE: Finished PCI probing.									
										
										
	SPARC T4-1, No Keyboard									
	Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.									
	OpenBoot 4.36.2, 31.5000 GB memory available, Serial #108038382.									
	Ethernet address 0:10:e0:70:88:ee, Host ID: 867088ee.									
										
										
										
	{0} ok boot -s									
	Boot device: /pci@400/pci@2/pci@0/pci@4/scsi@0/disk@w5000cca0546da579,0:a  File and args: -s									
	SunOS Release 5.10 Version Generic_150400-23 64-bit									
	Copyright (c) 1983, 2015, Oracle and/or its affiliates. All rights reserved.									
	Booting to milestone "milestone/single-user:default".									
	Hostname: Darke									
	Loading smf(5) service descriptions: 1/1									
	Requesting System Maintenance Mode									
	SINGLE USER MODE									
										
	Root password for system maintenance (control-d to bypass):									
	single-user privilege assigned to /dev/console.									
	Entering System Maintenance Mode									
										
	Sep 10 18:05:23 su: 'su root' succeeded for root on /dev/console									
	Oracle Corporation      SunOS 5.10      Generic Patch   January 2005									
	Sourcing /root/root/.profile-EIS.....									
	Darke[root]/root/root> . /root/root/.profile-EIS									
	root@Darke # cd /root/root									
	root@Darke # ls									
	Patch									
	root@Darke # bash									
	root@Darke # cd Patch/									
	root@Darke # ls									
	V77079-01.zip  V77081-01.zip  V77086-01.zip									
	V77080-01.zip  V77084-01.zip  V77087-01.zip									
	root@Darke # ls -lh									
	total 9478277									
	-rw-r--r--   1 moon   earth      4.1K Sep  9 18:11 V77079-01.zip									
	-rw-r--r--   1 moon   earth      548M Sep  9 18:12 V77080-01.zip									
	-rw-r--r--   1 moon   earth      2.1G Sep  9 18:11 V77081-01.zip									
	-rw-r--r--   1 moon   earth      807M Sep  9 18:12 V77084-01.zip									
	-rw-r--r--   1 moon   earth       52M Sep  9 18:12 V77086-01.zip									
	-rw-r--r--   1 moon   earth      1.0G Sep  9 18:11 V77087-01.zip									
	root@Darke #									
	root@Darke # unzip -q V77081-01.zip									
	root@Darke # ls									
	README-15JUL15  V77080-01.zip   V77084-01.zip   V77087-01.zip									
	V77079-01.zip   V77081-01.zip   V77086-01.zip   sun									
	root@Darke # cd sun									
	root@Darke # cd patch									
	root@Darke # cd 10									
	root@Darke # ls									
	10_Recommended.README   README                  install_all_patches									
	10_Recommended.tar.bz2  info.txt									
	root@Darke # pwd									
	/root/root/Patch/sun/patch/10									
	root@Darke #									
	root@Darke # unpack-patches -q -r									
										
										
	Cleaning out /tmp/10...									
										
	Unpacking Recommended OS Patchset - will take some time...									
	10_Recommended.tar.bz2									
		
		
	Installation of patch set complete. PLEASE REBOOT THE SYSTEM.									
										
	Install log files written :									
	  /var/sadm/install_data/s10s_rec_patchset_short_2015.09.10_18.17.38.log									
	  /var/sadm/install_data/s10s_rec_patchset_verbose_2015.09.10_18.17.38.log									
										
										
	Clearing directory /tmp/10...									
	root@Darke # init 6									
	Creating boot_archive for /var/run/.patch_root_loopbackmnt									
	updating /var/run/.patch_root_loopbackmnt/platform/sun4v/boot_archive									
	root@Darke # Sep 10 18:59:47 su: 'su troya' succeeded for root on /dev/???									
	svc.startd: The system is coming down.  Please wait.									
	svc.startd: 24 system services are now being stopped.									
	syncing file systems... done									
	Program terminated									
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: