NAME

     MirrorPatches - mirror patches from Solaris Patch Reports


SYNOPSIS

     MirrorPatches [ -fvh ][ -s site ][ -u user ][ -d dir ][ ver-
     sion ... ]


DESCRIPTION

     Sun Microsystems regularly publishes a patch report for sup-
     ported  Solaris  versions  -  at  this writing the report is
     updated twice a month. The patch reports  are  available  by
     anonymous  ftp  and are organized into Security, Recommended
     and Y2K Patches.

     MirrorPatches is a support tool for  Solaris  patch  manage-
     ment.  It will retrieve the Solaris patch report appropriate
     for this system (if required or requested)  and  mirror  the
     patches  mentioned in the report -- all outdated patches are
     removed.  Alternatively, you can ask that another version of
     Solaris be mirrored.

     The tool is useful if you want to maintain a  local  archive
     of patches so that other systems can download from your mir-
     ror rather than from  Sun.  The  tools  CheckPatches(8)  and
     GetApplyPatch(8) have command line options to direct them to
     your local mirror.

     The patch report and patch files are stored in  the  current
     working  directory. If you are mirroring the sun site then a
     crontab entry this sort would suffice:

       30 5 * * 6 cd /usr/ftp/pub/patches; ./MirrorPatches -f

     The cron entry says: at 5:30am every Saturday try to refresh
     the  anonymous  ftp  archive  of  patches.  In the example I
     assume  that  /usr/ftp  is  the  home  directory  for   your
     anonymous  ftp service; that you want to mirror the sunsolve
     directory structure; and you've got a copy  of  this  script
     squirreled away there.


OPTIONS

     Usually no special arguments beyond  the  fetch  option  are
     required. Sites that must navigate through an ftp proxy will
     require some of these options:

     -h              help -- displays usage guide.

     -v              verbose mode -- be noisy.

     -f              fetch the Solaris patch report from sunsolve
                    (or  the site specified).  MirrorPatches will
                    fetch a patch report if none is found in  the
                    current working directory.  Beware: the patch
                    report normally is  not  fetched  unless  you
                    explicitly ask for it.

     -s site         specifies an alternative  ftp  site  --  the
                    default  is "sunsolve.sun.com".  This is use-
                    ful if you have a local mirror of sunsolve or
                    if you need to connect through an ftp proxy.

     -u user         specifies an alternative login  id  for  the
                    anonymous  ftp  site -- the default is "ftp".
                    This is useful if you have an ftp  proxy  you
                    connect   through  --  eg.  "anonymous@proxy"
                    might be required to get through a proxy.

     -d directory    specifies the  directory  at  the  ftp  site
                    where  you  expect  to find vendor patches --
                    the default is "/pub/patches". This is useful
                    if  you  have  a local mirror but a different
                    directory structure.

      version       specifies the version(s) of Solaris for which
                    you wish to mirror patches. The default is to
                    mirror for  the  version  of  Solaris  that's
                    current  on  the  system  where the script is
                    run. This is useful if you want to maintain a
                    patch  site,  like Sunsolve, for several dif-
                    ferent Solaris versions.

     In principle the patch archive can be  on  pretty  much  any
     version of Unix -- it needn't be a Solaris system.


BUGS/BEWARE

     MirrorPatches uses the patch report  found  in  the  current
     working  directory. It will not contact sunsolve to fetch an
     update unless you explicitly ask for it.

     MirrorPatches parses a patch report. When the format of that
     document changes this tool will need an update.

     Sometimes the Sun patch site doesn't match  the  PatchReport
     --  i.e.  a  patch  mentioned in the report isn't available.
     Often that's because a new patch has outdated the patch men-
     tioned.

     This process makes no attempt to verify the integrity of the
     data  retreived.   It really ought to use the CHECKSUMS file
     at the Sun patch  site  to  verify  that  data  archived  is
     correct.

     There's a nasty confusion between  Solaris  version  numbers
     (eg.  Solaris  versions  2.6 and 8) as compared to the SunOS
     version numbers (eg. SunOS versions 5.6 and 5.8).


FILES

     MirrorPatches uses fetches data  into  the  current  working
     directory:

     SolarisV.n.PatchReport
          - the vendor's patch report as retrieved  by  anonymous
          ftp  from  the  sunsolve  site. The V.n part will match
          your Solaris version  number.  On  the  Intel  platform
          patch reports look like:  SolarisV.n_x86.PatchReport.

     107390-14.zip
          - Sun's current practice is to stored  patches  as  zip
          files. On older versions of Solaris the practice was to
          to store them as tar.Z  files.  Patches  have  a  major
          number (eg. 107390) that's associated with an issue and
          a minor number (eg. 14) which is a  sequential  release
          number -- 107390-14 supercedes patch 107390-13.


SEE ALSO

     CheckPatches(8), GetApplyPatch(8), ftp(1), and Sun Microsys-
     tems support site at http://sunsolve.Sun.COM.


AUTHOR

     Reg Quinton, University of Waterloo, Information Systems and
     Technology.