This appendix describes common problems that you might encounter when using Patch Manager to analyze systems to determine the list of appropriate patches, download the patches to the system, and apply the patches.
This appendix is divided into these topics:
Additional troubleshooting information about Sun Patch Manager 2.0 might appear in the Sun Patch Manager 2.0 Release Notes for the Solaris 9 Operating System.
When running the smpatch update command, any of the following errors appear:
Cannot connect to retrieve patchdb: Connection refused |
Or:
Cannot connect to retrieve patchdb: Connection timed out |
Or:
Unknown host (host-name) connecting to http://host-name/ |
This problem might be caused by a network failure between the client and the patch server, or the patch server is down.
Ensure that patchpro.patch.source points to a valid patch source.
Check the condition of the network.
If your patch management environment includes a local patch server, ensure that it is up and running.
If the problem is between your system and Sun, wait for the issue to be resolved.
When running smpatch in remote mode or trying to restart the Solaris WBEM services, the following error messages appear:
# smpatch analyze -u root Authenticating as user: root Type /? for help, pressing <enter> accepts the default denoted by [ ] Please enter a string value for: password :: root-password There is no Solaris Management Console Server running on pserver2. # /etc/init.d/init.wbem status Solaris Management Console server not running on port 898. # /etc/init.d/init.wbem start # /etc/init.d/init.wbem status Solaris Management Console server not running on port 898. |
Manually stop the Solaris WBEM services before restarting them.
# /etc/init.d/init.wbem stop # /etc/init.d/init.wbem start # /etc/init.d/init.wbem status Solaris Management Console server version 2.1.0 running on port 898. |
The browser interface that was originally released with the Sun Patch Manager 2.0 product for Solaris 9 systems has been withdrawn.
The Patch Manager product will be replaced by the new Sun Update Manager product.
You type the correct URL for the Patch Manager application, and an error page appears.
Verify that the Sun Web Console is running. If it is not running, start it.
# /usr/sbin/smcwebserver start |
You type the URL for the Patch Manager application, and a blank page appears.
The URL you typed needs to use https instead of http.
Correct the URL by using https.
You log in to the Sun Web Console, but you cannot access the Patch Manager application.
Verify that the user or role that you used to log in has the solaris.admin.patchmgr.*, solaris.jobs.admin, and solaris.compsys.write RBAC privileges.
While navigating the Patch Manager application, you see an RMI error.
Verify that the Solaris Management Console server is running. If it is not, start it and log in to the console again.
# /etc/init.d/init.wbem start |
The following error message appears when you run the smpatch analyze in remote mode against a local patch server:
# smpatch analyze -u root Authenticating as user: root Type /? for help, pressing <enter> accepts the default denoted by [ ] Please enter a string value for: password :: root-password Loading Tool: com.sun.admin.patchmgr.cli.PatchMgrCli from pserver-2 Login to pserver-2 as user root was successful. Download of com.sun.admin.patchmgr.cli.PatchMgrCli from pserver-2 was successful. Assessing patches for machine pserver-2. Please wait... Patch analysis failed. com.sun.patchpro.util.CannotConnectException: Cannot connect to retrieve patchprodb.zip: Server returned HTTP response code: 500 for URL: http://pserver-1:3816/solaris/. |
You might see this error message if one of the following situations occur:
One of the servers in the local patch server chain is down.
The web proxy of the local patch server is not configured to reach the Internet.
The local patch server is pointing to a bad patch source.
Address these issues by doing the following:
If one of the local patch servers in the chain is down, log in to that patch server and restart the web services.
# patchsvr stop Shutting down Local Patch Server # patchsvr start Starting Local Patch Server |
If the web proxy is not configured to reach the Internet, ensure that the host name of the web proxy and the port number are correctly specified.
# patchsvr stop Shutting down Local Patch Server # patchsvr setup -x web-proxy-host:port # patchsvr start Starting Local Patch Server |
If the specified patch source is bad, check the value.
# patchsvr setup -l |
If the value is correct, see if one of the other two problems is the cause of the analysis failure. A valid patch source is a URL that begins with the http:// or file:/ notation. The URL of a local patch server must terminate with a slash, such as http://patchserver:3816/solaris/.
If the value is incorrect, correct the patch source value.
# patchsvr setup -p patch-source-url |
You configure a local patch server to obtain patches from a CD mounted on the local patch server. When you attempt to download patches from the CD, you see the following error message:
Downloading the recommended patches for machine host-name. Please wait... Could not download patch. Error occurred while processing the download for this patch, patch-id, into /var/sadm/spool directory. Error: No such file or directory. |
Ensure that Solaris Volume Manager is running properly on the local patch server. If it is not, type:
# /etc/init.d/volmgt stop # /etc/init.d/volmgt start # smpatch download |
You attempt to change the configuration settings of your local patch server, but the changes are not reflected.
Stop and restart the local patch server.
# patchsvr stop Shutting down Local Patch Server # patchsvr start Starting Local Patch Server |
You encounter other problems while using a patch management environment with one or more local patch servers.
Do the following:
Verify that the client system's configuration settings are correct.
# smpatch get |
Verify that the local patch server's configuration settings are correct.
# patchsvr setup -l |
View the /var/patchsvr/logs/catalina.out and /var/patchsvr/logs/localhost_log.date.txt log files on the local patch server.
View the system log file /var/adm/messages on the client system.
Run the snoop command on the client system or on the local patch server to see if the data is being downloaded from the local patch server to the client.