To Upgrade a SunScreen EFS HA Secondary Machine
To upgrade a SunScreen EFS secondary machine, you must first manually remove the old SunScreen EFS software. Then, you install the new SunScreen 3.1 software.
Remove the SunScreen EFS Software
-
On the machine that is the SunScreen EFS secondary, become root.
-
Remove the SunScreen EFS software packages by typing:
For SunScreen EFS 2.0: # pkgrm SUNWicgSS SUNWicgEF SUNWicgSM SUNWHJicg SUNWjvjit SUNWjvrt SUNWicgSD SUNWicgSA SUNWfwcnv For SunScreen EFS 3.0: # pkgrm SUNWicgSS SUNWicgSA SUNWicgSD SUNWicgSM SUNWdthj SUNWfwcnv SUNWhttp SUNWsman
Note -If you did not originally install any of these packages, omit them from the string or else remove the packages one at a time.
-
Remove any SKIP software packages by typing:
For SunScreen EFS 2.0: # pkgrm SICGcrc2 SICGcrc4 SICGes SICGkeymg SICGkisup SICGbdcdr For SunScreen EFS 3.0: # pkgrm SUNWbcd SUNWbdcx SUNWrc2 SUNWrc4 SUNWrc4x SUNWes SUNWesx SUNWkeyman SUNWkisup
-
(EFS 2.0 only) Leave any SunScreen EFS 3.0 cryptography upgrades on your system. If needed, remove any SKIP cryptography upgrades by typing:
# pkgrm SICGcdes SICGc3des SICGcsafe SICGkdsup SICGkusup
-
Remove all old SunScreen EFS certificates, configurations, and logfiles by typing:
# rm -rf /var/opt/SUNWicg /etc/opt/SUNWicg/etc/skip
-
Reboot your machine to complete the removal of the SunScreen EFS installation by typing:
# sync; init 6
Install SunScreen 3.1
Before You Begin
Before you start, you will need to know the name of the HA network interface and the IP address of the primary HA interface. You can determine the name of the HA interface by issuing these commands on the secondary machine:
# ssadm edit initial edit> list interface |
To determine the IP address of the HA primary network interface, run the ifconfig -a command on the HA primary machine.
Install the Software
Follow the directions for a regular installation (routing with local administration, routing with remote administration, or stealth) with these exceptions:
Exception 1 -- When you encounter the Secondary HA Designation window (as was shown in "Installing in Routing Mode With Local Administration"), select Yes, then click Next.
Exception 2 -- When you encounter the Secondary HA Data window:
-
Type the HA interface. This is the network interface (for example qfe0) on both the primary and secondary systems that are used for administration and HA communication.
-
Type the HA primary IP address. This is the IP address of the primary machine's HA interface.
- © 2010, Oracle Corporation and/or its affiliates