== Some things about _smpatch_ _smpatch_ is the official Sun thing for dealing with Solaris patches for Solaris 8 and 9 (Solaris 10 apparently has an all new system, hopefully better). I got interested in _smpatch_ not just because it's the official Sun tool for this stuff, but because it has one feature that _[[pca EasierPatchManagement]]_ doesn't: it can reliably tell what patches are safe to be installed on a live multiuser system. (While [[pca]] can skip patches that require reboots, it doesn't currently have a 'skip patches that claim to require single user mode' option. Although the information is theoretically there in the patch READMEs.) My first _smpatch_ surprise was how you get it. For Solaris 9, it isn't distributed as a download; instead the [[download page http://www.sun.com/download/products.xml?id=40c8c2ad]] blandly tells you to install three patches. (For more fun, it gives specific revisions of those three patches, one of which is now obsolete.) So I did the smart thing and used [[pca]], whereupon it cheerfully told me that I already had a current version of patch 112945, the main Sun Patch Manager 2.0 software patch (according to the [[download page]]). It turns out 112945 is actually a general patch that is part of the recommended patch set, so I had it installed long ago. After that there are a number of other things: * _smpatch_ needs you to be root. For everything. * _smpatch_ is achingly slow, even assuming it downloads the patch database from Sun *every time*. * there seems to be no way to get detailed information about a patch that _smpatch analyze_ tells you about, such as whether it wants reboots or single-user mode or whatever. (I checked and _smpatch analyze_ always produces the same output; it appears that only _smpatch update_ will do anything different.) * there's no way to restrict _smpatch_ to just recommended and/or security patches. Overall grade: less than compelling. There seems to be no reason not to use [[pca]] instead, unless you think that _smpatch_ has better information on what patches are safe to install on live multiuser systems than is in the patch READMEs. (Hat tip to [[Matty's blog http://daemons.net/~matty/blog/]], where I read enough about _smpatch_ to make it worth checking out.)