How To Use Solaris Live Upgrade to Install Patches

Lynne Thompson, September 2007

Solaris Live Upgrade is the recommended program to add patches.

Using Solaris Live Upgrade to Add Patches (Overview)

Solaris TM Live Upgrade can be used both as an upgrade tool and a patching tool for the Solaris operating system (OS). Solaris Live Upgrade greatly simplifies the upgrade and patching process. This document provides procedures to create a copy of your root (/) file system and patch the copy. Patching the copy of your system provides these advantages:

  • Depending on the patch properties of the patch that is applied, a reboot might be required before further patches can be applied. Or, the system might require that you apply patches in single-user mode. Solaris Live Upgrade avoids having to reboot or take the system down to single-user mode.

  • Solaris Live Upgrade reduces the amount of downtime involved in patching and reduces risk by providing fallback capability if necessary.

With Solaris Live Upgrade, you create an identical copy of the running operating system (OS). Then you patch the copy that you created, rather than patching the running system. When you are ready to activate the changes, you boot the copy, and the copy becomes the active OS. This enables the currently running system to continue to run throughout the patching process. If problems occur with the newly patched copy, you can fall back to the original OS.

All tasks except the reboot can be accomplished on an operational production system, so the impact on any running processes is minimal. The combination of maximizing system availability when applying changes and minimizing risk by offering the ability to reboot to a known working state (your original boot environment) has made Solaris Live Upgrade a tool of choice for the data center since the Solaris 8 release.

This document provides a high-level procedure for doing a simple patching process. Other documents provide detailed planning information or procedures for more complex upgrading procedures, such as for upgrading when Solaris Zones are installed or upgrading with a mirrored root ( /) file system. For links to more documentation.

Note - This procedure provides commands for the Solaris 10 8/07 release. If you are using Solaris Live Upgrade from another release, you might need slightly different procedures. For your specific release, see the Solaris Live Upgrade documentation on docs.oracle.com.

Figure 1 describes the complete Solaris Live Upgrade process.

Figure 1 Solaris Live Upgrade Process for Patching

This figure describes the commands for the Solaris Live Upgrade process:

  1. 1. Creating a new boot environment with the lucreate command.

  2. 2. Applying patches to the new boot environment with the luupgrade command.

  3. 3. Using the luactivate command to activate the new boot environment or fallback to the original boot environment.

  4. 4. Removing an inactive boot environment with the ludelete command. You can remove a boot environment after the running boot environment is stable.

Planning for Using Solaris Live Upgrade

Table 1 Planning and Limitations

Issue Description
Disk space requirements Using Solaris Live Upgrade involves having two boot environments on your system. Therefore enough disk space for both the original and new boot environments is a prerequisite. Either you need an extra disk or one disk large enough to contain both boot environments.
Supported releases Sun supports and tests an upgrade from any release to a release that is no more than two releases ahead of the one you are running. For example, if you are running the Solaris 7 release you can upgrade to any Solaris 8 or Solaris 9 release, but not a Solaris 10 release. If you are running the Solaris 7 release, you would need to upgrade to the Solaris 8 release before using Solaris Live Upgrade.

You need to upgrade to the latest version of the Solaris Live Upgrade software prior to patching the system, regardless of the version of the Solaris OS running on the system. The procedure below shows you how to add the latest packages. You need these for the latest features and bug fixes.
Dependency order of patches The Solaris 10 patchadd command correctly orders patches for you, but Solaris 9 and earlier releases require patches to be in dependency order. Because Sun uses a command line similar to the luupgrade command in the procedure below as part of the standard testing, use a similar approach when you use Solaris Live Upgrade to patch, regardless of the Solaris release you are patching.
Evaluate the patch log Patching can generate a number of errors. You should go through the patch log and evaluate whether any patch failures impact you.

For example, if you were to patch a Solaris 10 3/05 system with the latest Recommended Patch cluster, many of the patches relate to functionality introduced after Solaris 10 3/05, and therefore, patches with the new functionality would fail to install.
Support for third-party patches Third-party patches might not be able to be applied through Solaris Live Upgrade. All Sun patches conform to the requirement that preinstallation and postinstallation scripts never modify the running system when the target is an inactive boot environment. Furthermore, testing the application of Recommended Patches with Solaris Live Upgrade is part of Sun's standard test procedures. However, Sun cannot guarantee that all third-party patches are equally well behaved. When you intend only to patch an inactive boot environment, you might need to verify that a third-party patch does not contain a script that attempts to modify the currently running environment .

How to Apply a Patch When Using Solaris Live Upgrade

This procedure provides commands for the Solaris 10 8/07 release. If you are using Solaris Live Upgrade from another release, you might need slightly different procedures. For the release you are using, see the Solaris Live Upgrade documentation on docs.oracle.com.

  1. 1. Before installing or running Solaris Live Upgrade, you are required to install the following patches. These patches ensure that you have all the latest bug fixes and new features in the release.
    1. a. Become superuser or assume an equivalent role.
    2. b. If you are storing the patches on a local disk, create a directory such as /var/tmp/lupatches and download the patches to that directory.
    3. c. From the SunSolve web site, obtain the list of patches.
    4. d. Change to the patch directory. 
      #

                        
cd /var/tmp/lupatches
    5. e. Install the patches with the patchadd command. 
      #

                        
patchadd
                        
patch_id

      patch_id is the patch number or numbers. Separate multiple patch names with a space.

      Note - The patches need to be applied in a specific order that are specified in infodoc 72099.

    6. f. Reboot the system if necessary. Certain patches require a reboot to be effective.

      x86 only: Rebooting the system is required or Solaris Live Upgrade fails. 

      #

                        
init 6
  2. 2. Remove existing Solaris Live Upgrade packages.

    The three Solaris Live Upgrade packages, SUNWluu, SUNWlur, and SUNWlucfg, comprise the software needed to upgrade by using Solaris Live Upgrade. These packages include existing software, new features, and bug fixes. If you do not remove the existing packages and install the new packages on your system before using Solaris Live Upgrade, upgrading to the target release fails.

    Note - The SUMWlucfg package is new starting with the Solaris 10 8/07 release. If you are using Solaris Live Upgrade packages from a previous release, you do not need to remove this package. 

    #

                    
pkgrm SUNWlucfg SUNWluu SUNWlur
  • Install the Solaris Live Upgrade packages.

    The following provide the steps to install the packages by using the liveupgrade20 command. The liveupgrade20 command requires Java. If your system does not have Java installed, then you need to use the pkgadd command to install the packages individually.

    1. a. Insert the Solaris DVD or CD.

      This media contains the packages for the release to which you are upgrading.

    2. b. Change the directory to the installer.

      • If you are using the Solaris Operating System DVD:

        • For SPARC based systems: 

          #

                                
cd /cdrom/cdrom0/s0/Solaris_10/Tools/Installers

        • For x86 based systems: 

          #

                                
cd /cdrom/cdrom0/Solaris_10/Tools/Installers

      • If you are using the Solaris Software - 2 CD, run the installer.

        %

                            
./installer
    3. c. Run the installer. 
      #

                        
./liveupgrade20 -noconsole - nodisplay

      The -noconsole and -nodisplay options prevent the character user interface (CUI) from displaying.

      Note - The Solaris Live Upgrade CUI is no longer supported.

    4. d. Verify that the packages have been installed successfully. 
      #

                        
pkgchk -v SUNWlucfg SUNWlur SUNWluu
  • e. Create the new boot environment. 
    #

                    
lucreate [-c  
                      
BE_name] -m  
                      
mountpoint:device:fs_options [-m ...] \
  -n  
                      
BE_name
    -n BE_name

    The name of the boot environment to be created. BE_name must be unique on the system.

    -c BE_name

    (Optional) Assigns the name BE_name to the active boot environment. This option is not required and is used only when the first boot environment is created. If you run lucreate for the first time and you omit the -c option, the software creates a default name for you.

    -m mountpoint:device:fs_options [ -m ...]

    Specifies the file systems' configuration of the new boot environment in the vfstab. The file systems that are specified as arguments to -m can be on the same disk or they can be spread across multiple disks. Use this option as many times as needed to create the number of file systems that are needed.

    • mountpoint can be any valid mount point or - (hyphen), indicating a swap partition.

    • device field is the name of the disk device.

    • fs_options field is ufs, which indicates a UFS file system.

    In the following example, a new boot environment named solaris2 is created. The root ( /) file system is placed on c0t1d0s4. 

    #

                    
lucreate -n solaris2 -m /:/dev/dsk/c0t1d0s4:ufs

    This command generates output similar to the following. The time to complete varies depends on the system.

    Discovering physical storage devices.

Discovering logical storage devices. 
Cross referencing storage devices with boot environment configurations. 
Determining types of file systems supported. 
Validating file system requests. 
The device name <c0t1d0s4> expands to device path </dev/dsk/c0t1d0s4>.
Preparing logical storage devices.
Preparing physical storage devices.
Configuring physical storage devices.
Configuring logical storage devices.
Analyzing system configuration.
No name for current boot environment.
Current boot environment is named <solaris1>.
Creating initial configuration for primary boot environment <solaris1>.
The device </dev/dsk/c0t1d0s4> is not a root device for any boot environment. 
PBE configuration successful: PBE name <solaris1> PBE Boot Device </dev/dsk/c0t1d0s4>
Comparing source boot environment <solaris1> file systems with the 
file system(s) you specified for the new boot environment. 
Determining which file systems should be in the new boot environment. 
Updating boot environment description database on all BEs. 
Searching /dev for possible boot environment filesystem devices. 
Updating system configuration files. 
The device </dev/dsk/c0t1d0s4> is not a root device for any boot environment. 
Creating configuration for boot environment <solaris2>. 
Source boot environment is <solaris1>. 
Creating boot environment <solaris2>. 
Creating file systems on boot environment <solaris2>. 
Creating <ufs> file system for </> on </dev/dsk/c0t1d0s4>. 
Mounting file systems for boot environment <solaris2>. 
Calculating required sizes of file systems for boot environment <solaris2>. 
Populating file systems on boot environment <solaris2>. 
Checking selection integrity. 
Integrity check OK. 
Populating contents of mount point </>. 
Copying. 
Creating shared file system mount points. 
Creating compare databases for boot environment <solaris2>. 
Creating compare database for file system </>.
Updating compare databases on boot environment <solaris2>. 
Making boot environment <solaris2> bootable. 
Population of boot environment <solaris2> successful. 
Creation of boot environment <solaris2> successful.
  • f. (Optional) Verify that the boot environment is bootable.

    The lustatus command reports if the boot environment creation is complete and bootable. 

    #

                    
lustatus
                    <em>
BE_name</em>
boot environment   Is        Active  Active     Can         Copy
Name               Complete  Now         OnReboot   Delete       Status
------------------------------------------------------------------------
solaris1            yes      yes      yes       no      -
solaris2            yes       no       no       yes     -
  • g. Apply patches to the boot environment.

    The patches you apply can come from several sources. The following example provides steps for installing patches from the SunSolve database. However, the procedure can be used for any patch or patch bundle, such as patches from custom patch bundles, Sun Update Connection enterprise patches, Enterprise Installation Services CD, or security patches.

    1. a. Create a directory such as /var/tmp/lupatches and download the patches to that directory.
    2. b. Change to the patch directory. 
      #

                        
cd /var/tmp/lupatches
    3. c. Apply the patches. 
      #

                        
luupgrade -n
BE_name
                        
-t -s 
                        
path-to-patches
patch-name
      -t

      Indicates to add patches to the boot environment.

      -n BE_name

      Specifies the name of the boot environment where the patch is to be added.

      -s path-to-patches

      Specifies the path to the directory that contains the patches that are to be added.

      patch-name

      Specifies the names of the patch or patches that are to be added. Separate multiple patch names with a space.

      In the following examples, the patches are applied to the solaris2 boot environment. The patches can be stored on a local disk or on a server.

      • If you are storing the patches in a directory on the local disk:

        #

                            
luupgrade -n solaris2 -t -s /tmp/solaris/patches 222222-01 333333-01

      • If you are storing the patches on a server:

        #

                            
luupgrade -n solaris2 -t \
                             
-s /net/server/export/solaris/patch-dir/patches 222222-01 333333-01

      Note - The Solaris 10 patchadd command correctly orders patches for you, but Solaris 9 and earlier releases require patches to be in dependency order. Because Sun uses a command line similar to the luupgrade command above as part of the standard testing, use a similar approach when you use Solaris Live Upgrade to patch, regardless of the Solaris release you are patching.

  • h. Evaluate the patch log file to make sure there were no patch failures.
  • i. Activate the new boot environment. 
    #

                    
luactivate  
                      
BE_name

    BE_name specifies the name of the boot environment that is to be activated.

    See the following documents for more information about activating a boot environment:

    • For an x86 based system, the luactivate command is required when booting a boot environment for the first time. Subsequent activations can be made by selecting the boot environment from the GRUB menu.

    • To successfully activate a boot environment, that boot environment must meet several conditions..

  • j. Reboot. 
    #

                    
init 6

    Caution - Use only the init or shutdown command to reboot. If you use the reboot, halt, or uadmin command, the system does not switch boot environments. The most recently active boot environment is booted again.

    The boot environments have switched and the new boot environment is now the current boot environment.

  • k. (Optional) Fall back to a different boot environment.
    1. a. (Optional) Verify that the boot environment is bootable.

      The lustatus command reports if the boot environment creation is complete and bootable. 

      #

                       
lustatus 
                        
BE_name
boot environment   Is        Active  Active     Can         Copy
Name               Complete  Now         OnReboot   Delete       Status
------------------------------------------------------------------------
solaris2            yes      yes      yes       no      -
solaris1            yes       no       no       yes     -
    2. b. Activate the solaris1 boot environment.

      • For SPARC based systems:

        #

                            
/sbin/luactivate solaris1
#  
                            
init 6

      • For x86 based systems, reboot and choose the solaris1 boot environment from the GRUB menu. 

        GNU GRUB version 0.95 (616K lower / 4127168K upper memory)

+-------------------------------------------------------------------+
|solaris1                                                            |
|solaris1 failsafe                                                   |
|Solaris2                                                            |
|solaris2 failsafe                                                   |
+-------------------------------------------------------------------+
Use the ^ and v keys to select which entry is highlighted. Press
enter to boot the selected OS, 'e' to edit the commands before
booting, or 'c' for a command-line.
        #

                            
init 6