Contributions
Some PCA users contribute modifications or own scripts wrapping
around PCA. I'm collecting them here for anybody who might be interested.
These are not officially part of PCA, and I cannot provide support for them.
Setup and Documentation
Laurent Blume has prepared a presentation introducing PCA.
You can
download the slides in PDF format. It has been updated in Jan 2008,
describing version 20080109-01 of PCA.
William Pool provides a description of his setup using PCA in an
environment with multiple data centers
(PDF). He's using
daisy-chained PCA proxies to limit network bandwidth.
Dan Shaw provided
documentation about his experience
when setting up PCA and a local caching proxy in his network for the
first time.
Wrappers
Ron Halstead has scripted a
pca proxy server setup, both the
server and the client side with supporting files and the httpd.conf
file, approved and to be used in his (very paranoid) company.
Dave Collodel has built a package around PCA to automate patch
installation, including the installation of deferred patches
during reboot. See
PCApatch.
For those of you who use Sun's EIS DVDs (containing frozen, stable
patch sets) Chris Reece's script
mkpcadir
might be worth to look at. It converts the patch set on the DVD into
a directory hierarchy which can be used with PCA.
Victor Feng has put up a collection of scripts for daily system checks on
BigAdmin. The checkpatch script uses PCA to report missing security
patches.
Helper scripts
The mkxref script creates a patchdiag.xref
from a custom set of patches, like the "Critical Patch Updates (CPU)"
or the Solaris Update patch cluster issued by Oracle.
With such an xref file you can test whether all of the patches from
the defined set are installed, and only download and install those which
are missing. Example output:
patchdiag.xref for CPU OS Cluster 2011/04 Solaris 10 SPARC.
chkmin will check the patches in its
argument list and show those which are not installed in the specified
revision or higher. Useful if you have e.g. a list of patches
required for a certain application to be installed and want to know
which of them are missing.
The directory in which a PCA local caching proxy stores downloaded patches
can become pretty large after some time. The clean
script will move all but the highest revision of each patch into a subdir
named BAK, which can then be removed to save space. It will also move
patch READMEs which can be extracted from existing patch ZIP files
to reduce the number of files. To be run as root or with appropriate
permissions in the directory containing the patches and patch READMEs.
The patchadd command in Solaris keeps backup copies of modified files
whenever installing patches. After some time this can fill up the
partition containing the /var/sadm/ directory. The
cleanup_sadm script from Jeff Earickson
will remove backup files from any installed patch which is obsolete or
older than 40 days. Attention: When backup files have been removed, you
will not be able to remove this patch later with patchrm! When you have
the chance, it's always better to make the partition containing /var/sadm/
big enough and not mess with the files in it.
|