All patches applied at the global zone level are applied across all zones. When a non-global zone is installed, it is at the same patch level as the global zone. When the global zone is patched, all non-global zones are similarly patched. This action maintains the same patch level across all zones.
The patchadd system utility described in the patchadd(1M) man page is used to add patches on a system with zones installed.
To add a patch to the global zone and to all non-global zones, run patchadd as the global administrator in the global zone.
When patchadd is used in the global zone, the following conditions apply:
The patchadd utility is able to add the patch(es) to the global zone and to all non-global zones only. This is the default action.
The patchadd utility cannot add the patch(es) to the global zone only or to a subset of the non-global zones.
When you add a patch to the global zone and to all non-global zones, you do not have to consider whether the patch affects areas that are shared from the global zone.
The following steps are performed by the patchadd utility:
The patch is added to the global zone.
The patch database on the global zone is updated.
The patch is added to each non-global zone.
The patch database on each non-global zone is updated.
When used in a non-global zone by the zone administrator, patchadd can only be used to add patches to that zone. A patch can be added to a non-global zone in the following cases:
The patch does not affect any area of the zone that is shared from the global zone.
All packages in the patch are set SUNW_PKG_ALLZONES=false.
The following steps are performed by the patchadd utility:
The patch is added to the zone.
The patch database on the zone is updated.
The following list specifies the interaction between the -G option and the SUNW_PKG_ALLZONES variable when adding a patch in global and non-global zones.
If any packages have SUNW_PKG_ALLZONES=TRUE, this use results in an error and no action.
If no packages have SUNW_PKG_ALLZONES=TRUE, patch is applied to package(s) in global zone only.
If any packages have SUNW_PKG_ALLZONES=TRUE, patch is applied to those package(s) in all zones.
If any packages do not have SUNW_PKG_ALLZONES=TRUE, patch is applied to those package(s) in all appropriate zones. Global zone only packages are installed only in the global zone.
If any packages have SUNW_PKG_ALLZONES=TRUE, this use results in an error and no action.
If no packages have SUNW_PKG_ALLZONES=TRUE, patch is applied to packages in non-global zone only.