Changes to 23-FEB-2011: Solaris package management is broken between r0 and r4
'''It's simple, you see -- just remove all the patches you have ever applied before installing any new packages. Duh!'''
More failure on the Solaris front. --> More failure on the Solaris front. Package management on Solaris (10 and older) systems is completely broken. If you have have to install a vendor package after the system has been installed you must first back-out all patches.
(blank line)
''What ? That can't be right... I install packages all the time without backing out all my patches. You're crazy!''
(blank line)
Sure, you CAN install packages without backing out all the patches but it's not a good idea. The central issues here are that:
1. A single Solaris patch provides updates for multiple packages; and
2. Solaris patches are sparse
(blank line)
So when you patch a system, all the packages that are installed get patched and the bits for packages that are not installed get ignored. Thus, if you later install package that was patched by a patch you have already installed, you cannot then re-apply the patch (because you already have it, and you may even have a newer patch that overlaps some of the packages so you cannot simply re-install the patch as you may end up downgrading things that have been patched).
(blank line)
''What ?''
(blank line)
Let's work from a recent example. I got a request to install TFTP on 2 existing servers. These servers are running Solaris 10 Update 5. They have, of course, had all relevant patches applied to them. They did not have the `SUNWtftp` package installed. That made me sad. But I endeavored to persevere and decided to install the `SUNWtftp` package despite not being able to take the systems down for several hours to patch them. So I installed the `SUNWtftp` package from Solaris 10 Update 5 from the original installation media. I ended up with the package `SUNWtftp` version `11.10.0,REV=2005.01.21.15.53` installed.
(blank line)
Good to go.
(blank line)
Well, not quite. I tried to actually USE the tftp service and it ended up failing with:
Feb 23 22:42:27 nx tftpd[14237]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:32 nx tftpd[14278]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:37 nx tftpd[14317]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:42 nx tftpd[14388]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:47 nx tftpd[14458]: [ID 659407 daemon.error] socket (main): Permission denied
(blank line)
Well... That sucks. I do some research and find out that this is a bug in older tftp daemons with newer kernels. Well, I did just install some old software. Maybe I just need to patch it up.
(blank line)
Let's see, according to the documentation I will need the patches:
1. `142909-17` (obsoletes `140169-01`, which obsoletes `123332-02`, which obsoletes `123332-01`)
(blank line)
That should be easy enough! Just one patch. Let's get to it.
(blank line)
# scp user@jumpstart:/jumpstart/Patches/142909-17.zip /var/tmp
# cd /var/tmp
# unzip 142909-17.zip
# patchadd 142909-17
...
(blank line)
''This story is still in progress, I need to gather more details before I can complete it.''
Only in r0
Only in r4 --> Modified slightly between r0 and r4