Use the following task map to troubleshoot signed patch problems.
Task |
Description |
For Instructions |
---|---|---|
Obtain PatchPro configuration information. |
Obtain information about your patch management environment to help you diagnose problems. |
See How to Obtain Information About Your Patch Management Environment. |
View patch management tool log files. |
View log files on the system to identify problems with installing patch management tools or applying signed patches. | |
Set up a separate PatchPro log file. |
Move the log from syslog to a separate file. | |
Resolve a sequestered patch. |
Resolve a patch that has been sequestered, one that cannot be installed by PatchPro. |
For up-to-date information about troubleshooting signed patch problems, error messages, or documentation errata, see the Signed Patches Release Notes for PatchPro 2.2.
To begin troubleshooting problems with PatchPro 2.2 or Patch Manager Base 1.0.1, you must understand how your patch management environment is configured. Use the pprosetup -L command to obtain the configuration information.
Become superuser.
Obtain the configuration information.
# pprosetup -L Log file location: System log file (consult /etc/syslog.conf for exact location) Log file size: 50000 Download directory: /var/sadm/spool Sequester directory: /var/sadm/spool/patchproSequester Proxy server name: webaccess.corp.net.com Proxy server port: 8080 Server URL: https://patchpro.sun.com/servlet/ \ com.sun.patchpro.server.PatchProServerServlet/ Database URL: https://patchpro.sun.com/database/patchprodb.zip Detectors URL: https://patchpro.sun.com/database/pprodetectors.jar |
Various log files on the system can help you to identify problems with installing patch management tools or applying signed patches.
By default, PatchPro writes to the system log file. The system log configuration file, /etc/syslog.conf, specifies where the system log file resides on the system. By default, the system log file is /var/adm/messages.
(Optional) To instruct PatchPro to write messages to a different file on the local file system, update the patchpro.log.file property in the PatchPro configuration file, /etc/opt/SUNWppro/etc/patchpro.conf.
For example, if you want PatchPro to write to the /var/tmp/patchpro.log file, assign /var/tmp/patchpro.log to the patchpro.log.file property.
Use the following table to determine which log file might contain information about a failed installation of a patch management tool or a signed patch.
Log File |
Description |
---|---|
/var/tmp/ppro_install_log.nnn |
Identifies the success or failure of the installation of PatchPro packages and patches. |
/var/tmp/log/patchpro.log |
Identifies problems that are found when using the patch management tool. |
/var/adm/messages |
Identifies problems that are found when applying a signed patch to a system by using the various patch management tools. Also, identifies problems that are found when the patch management tools do not initialize properly. |
Solaris Management Console Log Viewer on a Solaris 9 system |
Identifies the success or failure of applying a signed patch with the Solaris Management Console Patches Tool. |
Select a file of specific maximum size to serve as the PatchPro circular log.
Become superuser.
Save the current PatchPro configuration by creating a copy of the PatchPro configuration file.
# cp /etc/opt/SUNWppro/etc/patchpro.conf \ /etc/opt/SUNWppro/etc/patchpro.conf.orig |
Edit the patchpro.conf configuration file.
Resume syslog logging.
# cp /etc/opt/SUNWppro/etc/patchpro.conf.orig \ /etc/opt/SUNWppro/etc/patchpro.conf |
A patch might not install successfully if the patch installation policy cannot be satisfied. Namely, a patch that has the rebootafter property cannot be applied in automatic mode. A patch that cannot be installed by PatchPro is sequestered in the /var/sadm/spool/patchproSequester directory, by default.
Review the README file associated with the patch to determine the installation details of the patch.
To view the README, do one of the following:
View a copy of the patch README from the SunSolve Online Web site.
Extract the README file from the JAR archive.
To protect the digital signature, do not expand the JAR archive. Use the following procedure to safely extract the patch README file.
Also, review the contents of the /var/tmp/log/patchpro.log file to determine why a patch did not install successfully.
Become superuser.
Verify that one or more patches were not installed by viewing the contents of the /var/sadm/spool/patchproSequester directory.
# cd /var/sadm/spool/patchproSequester; ls |
Extract the README file from the JAR archive.
First, identify the name of the README file, for example:
# /usr/j2se/bin/jar tvf 107058-01.jar | grep README 1440 Sat Apr 06 08:50:08 MST 2002 107058-01/README.107058-01 |
Then, extract the README file.
# /usr/j2se/bin/jar xvf 107058-01.jar 107058-01/README.107058-01 extracted: 107058-01/README.107058-01 |
View the README file.
# more 107058-01/README.107058-01 |