HPE Community
Operating System - HP-UX
1833051 Members
2387 Online
110049 Solutions
New Discussion

Re: Do you have these issues with patching?

 
harry d brown jr
Honored Contributor

‎05-22-2003 04:16 AM

‎05-22-2003 04:16 AM

Do you have these issues with patching?


Here is a new server, just installed by one of our SA's using our supposed Depot's:

For the system, XXX 9000/800 HP-UX B.11.11 , there are 199 installed, 227 recommended, and 297 latest patches applicable to your configuration.

Can anyone say hello, wake up to reality? To me it's just plain stupidity. How can anyone be expected to work on a machine that has more patches missing than installed, and remember this is a NEW install!

Is this typical? I know the machines I'm responsible for in my R&D lab are very up to date. A machine I patched two months ago only has 9 recommended patches and 79 new ones available.

live free or die
harry
Live Free or Die
0 Kudos
Reply
12 REPLIES 12
Pete Randall
Outstanding Contributor

‎05-22-2003 04:20 AM

‎05-22-2003 04:20 AM

Re: Do you have these issues with patching?

Hey Harry!

Nice to hear from you - how have you been?

As far as your query - that's exactly the reason I don't use CPM. The one time I tried it, it came up with so many patches that I wouldn't even consider installing them. I went (and continue to go) with the QPKs instead.

Take care,
Pete

Pete
0 Kudos
Reply
Ken Hubnik_2
Honored Contributor

‎05-22-2003 04:26 AM

‎05-22-2003 04:26 AM

Re: Do you have these issues with patching?

Same here. There were patches in the depot for hardware that I did not have and software that was never installed.
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎05-22-2003 04:30 AM

‎05-22-2003 04:30 AM

Re: Do you have these issues with patching?

Hi Harry:

Like Pete, I stick with the Support Plus bundles, unless I have a specific problem that requires resolution.

My experience with patches is that there is *always* another one that enhances, corrects, tunes, or otherwise closes some issue that someone, under some conditions has encountered. To keep absolutely current would be a daily exercise. Too, if you are an early-adopter you may find that you need another patch simply to patch the patch.

Regards!

...JRF...
0 Kudos
Reply
RolandH
Honored Contributor

‎05-22-2003 04:43 AM

‎05-22-2003 04:43 AM

Re: Do you have these issues with patching?

This tool is only meaningful if you restrict it to critical patches. Otherwise it is ridiculous. We use our own designed tool for that.

Roland
Sometimes you lose and somtimes the others win

Sometimes you lose and sometimes the others win
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-22-2003 04:44 AM

‎05-22-2003 04:44 AM

Re: Do you have these issues with patching?

Hi Harry,

Sounds to me like whomever's supposed to be keeping the depots up to date is sleeping on the job. I'm assuming, of course, that you do have as SA assigned to that task.....

Cheers,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎05-22-2003 04:45 AM

‎05-22-2003 04:45 AM

Re: Do you have these issues with patching?


Pete, I've been going insane. I think I need just a little more to do to keep me busy :-)

I don't have a problem using just the QPK's, but this wasn't installed with the latest QPK! There are patches missing that were dated back to 2001!!!

live free or die
harry
Live Free or Die
0 Kudos
Reply
Tom Danzig
Honored Contributor

‎05-22-2003 04:51 AM

‎05-22-2003 04:51 AM

Re: Do you have these issues with patching?

One would think after 6+ years, the amount of patches required for HP-UX 11.00 would start to dwindle. I have found this is definitely not the case. I usually patch twice a year via CPM and I'm still amazed at how many patches are suggested.

I select only "3 star" patches on production boxes. The total number of suggested patches is typically about 100! What a pain.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎05-22-2003 04:52 AM

‎05-22-2003 04:52 AM

Re: Do you have these issues with patching?

We also take it one step further than just the std QPK & HWE bundles. Our contract calls for HP to also create a custom "Recommended" bundle that goes through an SA review process where we all yay or nay the individual patches for the final content. We have custom Security bundles created as well. We don't use CPM.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎05-22-2003 05:38 AM

‎05-22-2003 05:38 AM

Re: Do you have these issues with patching?


We only use the QPK and support bundles. Nothing else. With the number of new and replaced patches each week you would go nuts trying to keep uptodate or trying to figure out what should go on or what shouldnt. I leave that to an exercise only undertaken every few months when the new QPK bundle comes out - as these are infrequent and rigorously tested by HP on their own internal servers before released to the public.

For example; we just had a problem with a Gigabit card on 11i and we updated the patches only to find HP has release 3 versions of it this year already, and each one changes the behaviour on our server. Great. I have enough problems with the behaviour of LVM and how it handles things like disk failures/replacement after Ive installed each new QPK bundle, there is no way Im going to punish myself by installing patches any more frequently than when the QPK bundles come out - and at least te QPK bundles are tested (together), the CPM and supposed HP Customer recommended bundles arent tested together - good luck if you try them.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎05-22-2003 05:44 AM

‎05-22-2003 05:44 AM

Re: Do you have these issues with patching?

I feel your pain.

After doing a new install last May and supposedly building an Ignite Golden image, I spent three months patching the sytem, rebuilding the image.

Then the applications started going in and I spent more time putting in more patches. The application vendors like Oracle have out of date and incomplete and superseded OS patch lists.

I REALLY feel your pain.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
BFA6
Respected Contributor

‎05-22-2003 05:44 AM

‎05-22-2003 05:44 AM

Re: Do you have these issues with patching?

Hi,

At the moment if a server is in production it is only patched if it has a problem. We do not have a test box where I can install patches & see what they do to the system.

There was one new server built with latest version of CD's and it still had 79 critical patches missing.

Regards,

Hilary
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎05-22-2003 06:18 AM

‎05-22-2003 06:18 AM

Re: Do you have these issues with patching?

I've tried to adopt an approach that is conservative without being lax. The only patches I install anywhere near immediately are the security patches. After that, it's the Quality and hardware kits, but one release down; i.e., when the June patches come out, I'll install the March sets including whatever superceded patches are out. This way I'm fairly well patched without being on the bleeding edge.

What irkes me is that a brand new box from HP is never fully patched. What's the point of getting a factory racked and OS-installed system if I still have to go in and patch the thing immediately upon delivery?

mark
the future will be a lot like now, only later
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.