#!/bin/ksh -p # patchcompare: from http://www.bolthole.com/solaris patchdir=`dirname $0` cd $patchdir CURR_LIST=/tmp/patchlist.$$ showrev -p >$CURR_LIST usage() { # print "patchcompare -- will print out list of patches not installed" print "patchcompare -v prints out install state of all patches in dir" print "patchcompare [-v] -l prints out details about needed patches" } # print out patches. if verbose var set, also print out # patches we know are installed. simplelist(){ for patch in 1?????-?? ; do nawk -v patch=$patch -v v="$verbose" ' $2 == patch { found=1; if(v) print $2" present"; exit; } END { if(found==0) print patch" not found"; }' $CURR_LIST done } # print a plain list of missing patches # In theory, we need to check to see if there is a higher rev of a patch # already installed, OR if a patch has been obsoleted. # (if obsolete, it should be removed from the patch dir and the # new one placed there) missingpatches(){ for patch in 1?????-?? ; do nawk -v patch=$patch ' $2 == patch { found=1; exit; } END { if(found==0) { print patch; } } ' $CURR_LIST done } #Given a specific patchID, print its synopsis, IFF we have one # or more of the component packages that it patches. printifneeded() { neededflag=0 shortpatch=${1:%-*} if [[ ! -z "$DIAGFILE" ]] ; then if grep '^'$shortpatch'.*OBSOLETED' $DIAGFILE >/dev/null ; then $dprint "$1 is an OBSOLETED patch" return fi fi # If we find even one package that might be updated by # the patch, then we potentially need the patch. # Otherwise... we dont! for ppatched in ` nawk -F= '$1 == "PKG" {print $2}' $1/*/pkginfo` do if pkgparam $ppatched PKG >/dev/null 2>&1; then neededflag=1 break fi done if [[ $neededflag -eq 0 ]] ; then $dprint $1 NOT needed. No applicable packages installed return fi # Check for a more recent version of the patch installed # But do this AFTER check for valid packages, since # sometimes people pkgrm packages, but stuff stays # around in /var/sadm/patch, apparently. latestrev=`nawk '$2 ~ /^'$shortpatch'/ { print $2}' $CURR_LIST| sort|tail -1` if [[ "$latestrev" != "" ]] ; then instrev=${latestrev#*-} newrev=${1#*-} #$dprint DEBUG $1: installed rev is $instrev, new rev is $newrev # Note: do NOT use -ge. # Sometimes, patches appear in /var/sadm/patch, but # not in showrev. Reinstall, to fix showrev if [[ $instrev -gt $newrev ]] ; then $dprint "Installed rev ($shortpatch-$instrev) is newer. $1 not needed" return fi fi sed -n 's/^Synopsis:/'$1:'/p' $1/README.$1 } # First get a list of all patches in the dir that are not present, # and dont have a newer rev installed. # THEN, check to see if neededpatches(){ for p in `missingpatches` ; do #sed -n 's/^Synopsis:/'$p:'/p' $p/README.$p printifneeded $p done } # cmd="grep Synopsis: "patch"/README."patch; if [[ "$1" = "-h" ]] || [[ "$1" = "" ]] ; then usage exit fi if [[ "$1" = "-v" ]] ; then dprint=print verbose=1 shift else dprint=: fi if [[ -f patchdiag.xref ]] ; then DIAGFILE=patchdiag.xref $dprint "Using $DIAGFILE to check for obsoleted patches" fi if [[ "$1" = "-l" ]] ; then neededpatches else simplelist fi rm $CURR_LIST