Patch availability change
in [Solaris]
|
Prev: <Beginner Question> - lu /sst
Next: difference between sun cluster "/dev/did" and "/dev/global" devices
From: David Kirkby on 12 Feb 2010 05:45 On Feb 12, 9:10 am, Martin Paul <m...(a)par.univie.ac.at> wrote: > David Kirkby wrote: > > FWIW, I tried to download a kernel update, which is marked as > > recommended and security using pca last night. I was unable to do so, > > even though my Sunsolve account is tied to a contract. I then logged > > into Sunsolve directly with a browser, and was able to download it. > > As John says - often updating to the latest release of pca fixes > download problems. I have the latest PCA > As somebody else already mentioned on the thread, it might be necessary > to accept the new Software License from Oracle to make hands-off > downloads work again: I had *not* done that, but I can easily do it. > Martin. But I'd also like to know exactly what patches are publicly available. I've tried to build an open-source software package (Sage) on Solaris 10 03/2005. It fails, despite it works on a patched version of Solaris. It would be nice to know exactly what patches are available for Solaris. I just created a new account on sunsolve, purposely to determine what someone without an account can get. I've not managed to find anything so far, but perhaps there are things. I want to get an old version of Solaris, fully patched, then see if this software will build. If not, the minimum requirements for the installation of Sage will either to be a later version of Solaris, or a maintenance contract. That will be a shame, but might be inevitable. I think Oracle could be shooting themselves in the foot by applying too many restrictions in the availability of patches. Let's be honest, a lot of the software in Solaris is open-source. Oracle gain from the development of open-source software. It's anyones guess if Oracle will kill off Solaris to those without a maintenance contract and it going back to being chargeable, like it was on Solaris 7 and earlier. Those without a contract would be well advised to make sure they have the latest Solaris 10, and keep about 10 copies of it in different places. I would not be surprised if the next release of Solaris 10 needs a contract. Dave
From: David Kirkby on 12 Feb 2010 05:46 On Feb 12, 8:19 am, Sami Ketola <Sami.Ket...(a)iki.finland.invalid> wrote: > David Kirkby <drkir...(a)gmail.com> wrote: > > FWIW, I tried to download a kernel update, which is marked as > > recommended and security using pca last night. I was unable to do so, > > even though my Sunsolve account is tied to a contract. I then logged > > into Sunsolve directly with a browser, and was able to download it. > > Did you forget to enable wget patch access on your sunsolve account? > > Sami I had not done that, but will do.
From: Martin Paul on 12 Feb 2010 06:06 David Kirkby wrote: > But I'd also like to know exactly what patches are publicly available. As it seems, the question is quickly answered with the new policy: None. > I want to get an old version of Solaris, fully patched, then see if > this software will build. If not, the minimum requirements for the > installation of Sage will either to be a later version of Solaris, or > a maintenance contract. That will be a shame, but might be > inevitable. I think stating a certain release of Solaris (e.g. "Solaris 10 8/07") will be the easiest solution, both for the maintainer and the prospective user. The alternative - a possibly long list of patches - can be really painful to verify. Patches have dependencies and might pull in multiple kernel patches, patches get obsoleted by other patches which either the maintainer or the user has to resolve, etc. If it's just one certain patch which is required, listing that might be better though, as upgrading to a newer release sometimes isn't possible (despite Live Upgrade). Martin. -- SysAdmin | Institute of Scientific Computing, University of Vienna PCA | Analyze, download and install patches for Solaris | http://www.par.univie.ac.at/solaris/pca/
From: David Kirkby on 12 Feb 2010 06:09 On Feb 11, 7:09 pm, groen...(a)cse.psu.edu (John D Groenveld) wrote: > In article <c871baa8-653a-43c0-ab44-463cd9be7...(a)q16g2000yqq.googlegroups..com>, > David Kirkby <drkir...(a)gmail.com> wrote: > > >I think a failure to offer security fixes would be a major obstacle to > >making Solaris more popular. For companies on a tight budget, Linux > > I think the Solaris marketing wonks see Indiana as the volume > operating system for developers, content creators, early adopters > and those who don't want to buy support contracts. That's quite possibly true, but on SPARC hardware, that is not really very viable. In any case, I rekon at least some people that use Open Solaris now might think twice about it in future. I suspect Oracle could be killing that off A lot of people buy old SPARCs and run Solaris. Killing that off, would IMHO, decrease the already small update of Solaris. > >would seem more attractive then. Any arguments by IT professionals > >that Solaris is a more stable system would be met with arguments like > >"yes, and when a major security flaw is found, you have to pay to have > >it fixed". > > I only have access to one Redhat Enterprise Linux installation and > up2date is bound to an annual support subscription. > Are RHEL security fixes available without a subscription or does > one need to run Fedora? > Or are you referring to a different Linux distributor? There are plenty of free linux distros - Ubunta, Debian etc. For startup companies on a tight budget, they are looking more attractive than Solaris. Hence those companies are likely to go with Linux rather than Solaris. I also note that patches (apart from hardware patches) will not be available to those with a hardware only warranty. So despite my Ultra 27 is only a few months old, I would be unable to get the Solaris 10 patches for the operating system which came with it - Solaris 10. It so happens that I've removed Solaris 10 and put Open Solaris on it. I'm sure when I bought that Ultra 27, I probably signed something which gave me very limited access to software updates. It would be interesting to see if these warranty terms are legally enforceable in the UK. I'm not a laywer, but from what I understand of UK law, you can't take someone legal rights away from them. So for example, when you go to a car part, and see big notices that "cars left at owners risk", that is not legally enforceable The car park owners have a duty of care, and sticking notices up like that does not remove that duty of care. I happen to know someone who parked his car on a hospital car park - he worked for the hospital. How he managed to get a car parking place in Central London I do not know, as he was a fairly junior member of admin staff. Anyway, his car got broke into, and he tried to claim from the hospital (i.e. his employer). They declined to pay up, so he took them to court, arguing they had a duty of care. The hospital paid up before it went to court. Selling someone hardware or software, then failing to fix defects might not be legally enforcable in the UK - irrespective of whatever someone might have signed. Dave
From: JKB on 12 Feb 2010 06:33
Le 12-02-2010, ? propos de Re: Patch availability change, David Kirkby ?crivait dans comp.unix.solaris : > On Feb 11, 7:09 pm, groen...(a)cse.psu.edu (John D Groenveld) wrote: >> In article <c871baa8-653a-43c0-ab44-463cd9be7...(a)q16g2000yqq.googlegroups.com>, >> David Kirkby <drkir...(a)gmail.com> wrote: >> >> >I think a failure to offer security fixes would be a major obstacle to >> >making Solaris more popular. For companies on a tight budget, Linux >> >> I think the Solaris marketing wonks see Indiana as the volume >> operating system for developers, content creators, early adopters >> and those who don't want to buy support contracts. > > That's quite possibly true, but on SPARC hardware, that is not really > very viable. I use sparc and Solaris for a long time (even on an SS20 with four Hypersparc that has never worked under Solaris...). I'm not sure that sparc has future with Oracle. I have some servers that run with Solaris, but I think that next sparc servers I shall buy will run with Linux or NetBSD, not with Solaris. I have installed Linux on a diskless T1000 and Linux runs better on T1000 than Solaris 10 ! > In any case, I rekon at least some people that use Open Solaris now > might think twice about it in future. I suspect Oracle could be > killing that off > > A lot of people buy old SPARCs and run Solaris. Killing that off, > would IMHO, decrease the already small update of Solaris. There is no patch available from Solaris 9/sparc for last december. >> >would seem more attractive then. Any arguments by IT professionals >> >that Solaris is a more stable system would be met with arguments like >> >"yes, and when a major security flaw is found, you have to pay to have >> >it fixed". >> >> I only have access to one Redhat Enterprise Linux installation and >> up2date is bound to an annual support subscription. >> Are RHEL security fixes available without a subscription or does >> one need to run Fedora? >> Or are you referring to a different Linux distributor? > > There are plenty of free linux distros - Ubunta, Debian etc. For > startup companies on a tight budget, they are looking more attractive > than Solaris. Hence those companies are likely to go with Linux rather > than Solaris. I'm not sure that the main problem is budget. If you use for exemple Linux/Debian, you can apply patches with apt-get update and apt-get upgrade without rebooting. I use some T1000/T5xxx in disless configuration and I cannot apply any patches because patchadd is totaly broken over NFS root file ! I cannot apply patches because a lot of patches require a reboot... Thus, I'm not sure that Solaris is a good choice for all new installation even patch policy was not changed by Oracle. JKB -- Le cerveau, c'est un véritable scandale écologique. Il représente 2% de notre masse corporelle, mais disperse à lui seul 25% de l'énergie que nous consommons tous les jours. |