patchrm removes a patch package and restores previously saved files to a system running the Solaris 2.x operating environment or later Solaris environments (such as Solaris 8) that are compatible with Solaris 2.x. patchrm cannot be used with Solaris
1 patches. patchrm must be run as root.
With respect to zones(5), when invoked in the global zone, by default, patchrm patches all appropriate packages in all zones. Patch removal
behavior in a zones environment varies according to the following factors:
o
use of the -G option (described below)
o
setting of the SUNW_PKG_ALLZONES variable in the pkginfo file (see pkginfo(4)).
o
type of zone, global or local (non-global) in patchrm which is invoked
The interaction of the factors above is specified in "Interaction of -G and pkginfo Variable in Zones," below.
When you remove patches from packages on a Solaris system with zones installed, you will see numerous zones-related messages, the frequency and content of which depend on whether you invoke patchrm in a global or local zone, the setting of SUNW_PKG_ALLZONES,
and the use of the -G option.
OPTIONS
The following options are supported:
-Bbackout_dir
Removes a patch whose backout data has been saved to a directory other than the package database. This option is only needed if the original backout directory, supplied to the patchadd command at installation time, has been moved. Specify backout_dir as
an absolute path name.
-Cnet_install_image
Removes the patched files located on the mini root on a Net Install Image created by setup_install_server. Specify net_install_image as the absolute path name to a Solaris 2.6 or compatible version boot directory. See EXAMPLES.
-f
Forces the patch removal regardless of whether the patch was superseded by another patch.
-G
Remove patch(es) to packages in the current zone only. When used in the global zone, the patch is removed from packages in the global zone only and is not removed from packages in any existing non-global zone. When used in a non-global zone, the patch is removed from packages in
the non-global zone only. See "Interaction of -G and pkginfo Variable in Zones,", below.
-Rclient_root_path
Locates all patch files generated by patchrm under the directory client_root_path. client_root_path is the directory that contains the bootable root of a client from the server's perspective. Specify client_root_path as the absolute path name to the beginning of the directory tree under which all patch files generated from patchrm will be located. -R cannot be specified with the -S option.
Note -
The root file system of any non-global zones must not be referenced with the -R option. Doing so might damage the global zone's file system, might compromise the security of the global zone, and might damage the non-global zone's file system. See zones(5).
-Sservice
Specifies an alternate service (for example, Solaris_2.3). This service is part of the server and client model, and can only be used from the server's console. Servers can contain shared /usr file systems that are created by smosservice(1M). These service areas can then be made available to the clients they serve. -S cannot be specified with the -R option.
-t
Maintains the patchrm return codes from the Solaris release prior to Solaris 10. On a system with zones(5) installed, a return
code of 0 indicates success. Any other return code indicates failure.
Interaction of -G and pkginfo Variable in Zones
The following list specifies the interaction between the -G option and the SUNW_PKG_ALLZONES variable (see pkginfo(4))
when removing a patch in global and local (non-global) zones.
global zone, -G specified
If any packages have SUNW_PKG_ALLZONES set to true: Error; nothing changes.
If no packages have SUNW_PKG_ALLZONES set to true: Remove patch from package(s) in global zone only.
global zone, -G not specified
If any packages have SUNW_PKG_ALLZONES set to true: Remove patch from appropriate package(s) in all zones.
If no packages have SUNW_PKG_ALLZONES set to true: Remove patch from appropriate package(s) in all zones.
local zone, -G specified or not specified
If any packages have SUNW_PKG_ALLZONES set to true: Error; nothing changes.
If no packages have SUNW_PKG_ALLZONES set to true: Remove patch from package(s) in local zone only.
OPERANDS
The following operands are supported:
patch_id
The patch number of a given patch. 104945-02 is an example of a patch_id.
EXAMPLES
The examples in this section assume that patch 104945-02 has been installed to the system prior to removal. All of the examples are relative to the /usr/sbin directory.
Example 1 Removing a Patch From a Stand-alone System
The following example removes a patch from a standalone system:
example# patchrm 104945-02
Example 2 Removing a Patch From a Client's System From the Server's Console
The following example removes a patch from a client's system from the server's console:
example# patchrm-R/export/root/client1 104945-02
Note the caveat on the use of the -R option in the description of that option, above.
Example 3 Removing a Patch From a Server's Service Area
The following example removes a patch from a server's service area:
example# patchrm-SSolaris_2.3 104945-02
Example 4 Removing a Patch From a Net Install Image
The following example removes a patch from a Net Install Image:
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
SUNWswmt, SUNWcsu
DIAGNOSTICS
The following messages may help in determining some of the most common problems associated with backing out a patch.
Message
prebackout patch exited with return code code.
patchrm exiting.
Explanation and Recommended Action
The prebackout script supplied with the patch exited with a return code other than 0. Generate a script trace of the prebackout script to determine why the prebackout script failed. Add the -x option to the first line of the prepatch script
to fix the problem and run patchadd again.
Message
postbackout patch exited with return code code.
patchrm exiting.
Explanation and Recommended Action
The postbackout script supplied with the patch exited with a return code other than 0. Look at the postbackout script to determine why it failed. Add the -x option to the first line of the prepatch script to fix the problem, and, if necessary, re-exececute the postbackout script only.
Message
Only one service may be defined.
Explanation and Recommended Action
You have attempted to specify more than one service from which to backout a patch. Different services must have their patches backed out with different invocations of patchrm.
Message
The -S and -R arguments are mutually exclusive.
Explanation and Recommended Action
You have specified both a non-native service and a client_root_path from which to backout a patch. These two arguments are mutually exclusive. If backing out a patch from a non-native usr partition, the -S option should
be used. If backing out a patch from a client's root partition (either native or non-native), the -R option should be used.
Message
The service service cannot be found on this system
Explanation and Recommended Action
You have specified a non-native service from which to backout a patch, but the specified service is not installed on your system. Correctly specify the service when backing out the patch.
Message
Only one client_root_path may be defined.
Explanation and Recommended Action
You have specified more than one client_root_path using the -R option. The -R option may be used only once per invocation of patchrm.
Message
The dir directory cannot be found on this system.
Explanation and Recommended Action
You have specified a directory using the -R option which is either not mounted, or does not exist on your system. Verify the directory name and re-backout the patch.
Message
Patch patch_id has not been successfully installed to this system.
Explanation and Recommended Action
You have attempted to backout a patch that is not installed on this system. If you must restore previous versions of patched files, you may have to restore the original files from the initial installation CD.
Message
Patch patch_id has not been successfully applied to this system.
Will remove directory dir.
Explanation and Recommended Action
You have attempted to back out a patch that is not applied to this system. While the patch has not been applied, a residual /var/sadm/patch/patch_id (perhaps from an unsuccessful patchadd) directory still exists.
The patch cannot be backed out. If you must restore old versions of the patched files, you may have to restore them from the initial installation CD.
Message
This patch was obsoleted by patch patch_id.
Patches must be backed out in the reverse order in
which they were installed. Patch backout aborted.
Explanation and Recommended Action
You are attempting to backout patches out of order. Patches should never be backed-out out of sequence. This could undermine the integrity of the more current patch.
Message
Patch patch_id is required to be installed by an already
installed patch_id.
It cannot be backed out until the required patch is backed out first.
Explanation and Recommended Action
Backout the patch that is required to be installed then backout the desired patch.
Message
The installation of patch patch_id was interrupted.
Explanation and Recommended Action
A previous installation was interrupted. The interrupted patch needs to be installed before backing out the desired patch.
Message
Patch patch_id was installed without backing up the original
files. It cannot be backed out.
Explanation and Recommended Action
Either the -d option of patchadd was set when the patch was applied, or the save area of the patch was deleted to regain space. As a result, the original files are not saved and patchrm cannot be used. The original files can
only be recovered from the original installation CD.
Message
pkgadd of pkgname package failed return code code.
See /var/sadm/patch/patch_id/log for reason for failure.
Explanation and Recommended Action
The installation of one of patch packages failed. See the log file for the reason for failure. Correct the problem and run the backout script again.
Message
Restore of old files failed.
Explanation and Recommended Action
The backout script uses the cpio command to restore the previous versions of the files that were patched. The output of the cpio command should have preceded this message. The user should take the appropriate action to correct the cpio failure.
This is for Solaris 2.4 or previous versions.
On client server machines the patch package is not removed from existing clients or from client root template space. Therefore, when appropriate, all client machines will need the patch removed directly using this same patchrm method on the client. A
bug affecting a package utility (for example, pkgadd, pkgrm, pkgchk) could affect the reliability of patchadd or patchrm which use package utilities to install and backout the patch package. It is recommended
that any patch that fixes package utility problems be reviewed and, if necessary, applied before other patches are applied. Existing patches are:
Solaris 2.1:
patch 100901
Solaris 2.2:
101122
Solaris 2.3:
10133
Solaris 2.4 Sparc Platform Edition:
102039
Solaris 2.4 Intel Platform Edition:
102041
Solaris 2.5.1 Sparc Platform Edition:
104578
Solaris 2.51 Intel Platform Edition:
104579
Solaris 2.6 Sparc Platform Edition:
106292
Solaris 2.6 Intel Platform Edition:
106293
WARNINGS
Certain patches are classified as "deferred activation" patches (sometimes with initial capitals, as "Deferred Activation" patches). Under conditions indicated below, such patches require special treatment. A patch's README file specifies whether
that patch is of the deferred activation variety. (Search on "Deferred Activation" in the README file.)
If you are installing or removing a patch that uses deferred activation patching, you must check on the following:
o
On a system running zones, all non-global zones must be in a halted state for adding or removing a patch.
o
Deferred activation patching requires the loopback file system (lofs) in order to complete safely. Systems running Sun Cluster 3.1 or Sun Cluster 3.2 are likely to have lofs turned off because of restrictions on HA-NFS functionality when lofs is enabled. Therefore, before a deferred activation patch is installed or removed, you must re-enable the loopback file system by commenting out the following line in the /etc/system file:
exclude:lofs
Then, reboot your system and install or remove the patch. After you have completed the patch operation, uncomment the line cited above, then reboot to resume normal operation.