[...] > Also, this question brings up good questions about > how next generation > tools can alert the sysadmin that there are scary > things in the patch. > Reading through 100+ patch README's is tedious. This > is especially > the case since there are generally the following > classifications of > special installation instructions: > > 1) There are no special instructions, but you have > to > look to find out. > 2) This is not a complete fix for some of the bugs. > You must install other patches too to get the > complete fix. > 3) Install in single user mode and/or reboot after > installation (very commonly over-cautious advice) > 4) You must do some other thing before/after > installing > this patch > Very long list of a mixture of the above
At home, with just a very small number of systems to patch (usually 1 or 2), I have a README summarizer script that deals with your first point. As to both your second and third points, the README files are to my mind on balance fairly well, but not perfectly maintained; I _have_ seen outright errors in them from time to time, as well as extraneous information (if I've already put on a refactored kernel patch, I don't need to know about dependencies of the earlier incarnation anymore, do I?). As to the third point in particular, I would suppose it depends on one's imagination as to what's overcautious and what isn't, but if and when everyone has zfs root and promotable clones become part of patching, wouldn't it be a matter of dividing up patches that didn't need a reboot and whose benefits were needed immediately and which were very low-risk from the rest, and doing the first bunch conventionally and the second bunch via a clone, and scheduling the reboot that switched clones at one's convenience? > This is complicated by the fact that there is no good > way to determine > if the special instructions even apply. Perhaps the > "this patch will > alter config file X, check it afterwards" applied in > rev -03 of the > patch and had no relevance for releases -04 through > -22 (assuming -03 > was installed. If a person patches regularly, they > would have > encountered the same warning many times and possibly > done a lot of > extra checking of something that had no real chance > of changing. I do think that patches (insofar as they continue to exist) would greatly benefit by sufficient machine-readable info (as well as the zfs clone possibility) to make it possible to handle as many of them as possible as no-brainers. I accept that some things (involving device firmware that must be updated in a certain sequence, for instance) might be too involved to be no-brainers, but IMO they should be very much the exception. This message posted from opensolaris.org
