I am seeking to understand the distinction between Automatic and Interactive patches, particularly in the context of the Solaris operating system.
For reference, here is an excerpt from "HP OpenView Patch Manager Using Radia":
----------------------------------------------- Patch Manager defines a patch as automatic if it does not require user interaction for deployment. A patch is defined as interactive if it requires user interaction for deployment. Patch Manager can detect vulnerabilities for both automatic and interactive patches. Patch Manager supports deployment of both interactive and automatic patches. However, those which the vendor has created as interactive will either require user intervention to be installed or will fail to be installed. -----------------------------------------------
My understanding is patches can be applied in one of three ways:
1. Automatic, "no reboot needed": Patches are downloaded and applied to the client 2. Automatic, "reboot needed": Patches are downloaded and applied upon reboot.. not sure exactly how this works, particularly in the Solaris environment 3. Interactive: Patches are downloaded to /opt/Novadigm/lib/PATCHES; it is the client user's responsibility to decompress and install them
Please correct any errors I have on all of this; I need to know all of this for accuracy.
It will download the patches from vendor site, package it in Radia Format & make it ready for distribution.
It would do the same as above & while deployment if the patch is interactive, then the interactive mode will start..like user has to click next..etc.. Expects user interactions for installations or else it will fail to install.
Reboot is required, to report full Compliance if some patches require re-boot.But can be suppressed using the notify command.
In Solaris, I can't seem to get this interactive functionality to work properly..
The process seems to be that the Notify is kicked off from the RMP, and I can see plenty of activity running on the Solaris client. However, it seems that patches marked as "INTERACTIVE" are downloaded but skipped by the Radia client..
My guess would be that the proper method would be for the interactive prompts to occur on the client's console; I have not yet seen this functionality though.
Check whether the catexp parameter is set in the radskman command line, this works in conjunction with the ZSERVICE RUNMODE attribute to control which patches are installed. The RPM User Guide states that if it is not set then all patches will be installed but then goes on to say that for Solaris catexp must be set to runmode=automatic which would exclude interactive patches
I've used both runmode=automatic and runmode=interactive; you are correct that "automatic" mode skips over the interactive patches... when "interactive" mode is selected, the patches only seem to download; nothing else..