The first step to install patches is of course to obtain them. See Where to find security alerts and patches to understand how to do that. If you have downloaded the latest cluster you have to save it somewhere. A good idea is to save it in some place where there is a lot of space empty and that is reachable from each machine, such that you will need to uncompress it only one time. For example, you may want to create a temporary directory under /export/lab and then uncompress the file you have downloaded in there. The file is usually gzipped and tarred, so you will need to gunzip it first and then untar it.
After you have uncompressed the file, read the README file that will containt the information for the installation. Usually, it is not very difficult, the only thing needed is launching the install script as root and then wait for several time until it finishes. After the installation process is finished, usually it asks to reboot the machine. Therefore, is a good idea to plan an update on saturday or sunday and always, before rebooting, be sure that no one is logged in. Notice that for Monviso and Piemonte, you will not only need to know if nobody is logged on the machine but also if there is no one logged on the other machines (Torino included). To know if someone is logged you can use the who command. Notice that, being Torino administred by Barbara, you will not have any chance to control if she is logged on. Therefore, is always the case to let her know you are going to do the update and that you will reboot the machine.
However, most probably you will like to update all the machines the same day. In that case, and if you saved the package in the location I suggested before, is a good idea to start from Cumiana, then move to Piemonte and finally Monviso, such that this last machine will be the last one to be rebooted and can therefore provide the files for the others (/export/lab does in fact reside on such a machine).
After having installed the main cluster with the Reccomended and Security patches, you will probably would like to check which patches have not been updated and manually download and install the ones that seems more important. I do not have any suggestion about which are the most important, usually the name should help you in understanding what they relate to. See Where to find security alerts and patches to know how to ckeck which patches are installed.
Installing a single patch is quite simple. As before, you download it, uncompress, and read the README file. Again, it should be simply matter of launching a shell script.
When the patches are installed, the old version of the files being patched are saved in order to be able to uninstall the patches if something goes wrong. After some time from when you make the update, if all the things are going well, it can be a good idea to delete those files, because they occupy a lot of space. To do that, you can as root under the directory /var/sadm/pkg. Each of the subdirectory of this directory represents a package installed in the system. For each package there is a subdirectory called save. In this directory are saved the backup for each patches applicable to the package. It is possible to delete the backup files deleting those directories, the ones for the patches. For example, to delete the backup files for the patch 106541, which applies to the package SUNWarc you may issue the command:
rm -r /var/sadm/pkg/SUNWarc/save/106541-*
Last Revised: 24 May 2003
Riccardo Serafin