beeman000
asked on
Applying patches when /usr is ro
I have been thrust in to the role of sys admin on a ultra sparc 60 running solaris 9. The /usr file system is configured to be read only, which is what most hardening guides i have read suggest to do. However, a large number of the patches that i attempt to install will not go because of this. Is this ok? I am missing something.....anyone?
Thanks.
Thanks.
Are you installing as ROOT or as a User?
ASKER
I am attempting to install them as root...
What is the error message or what text shows to say that the patch was not applied?
ASKER
when i look at the log for the patch install it says that it cannot apply the patch because the /usr filesystem is read only.
I've never had problems with installing patches on read-only /usr. One solution might be to change the permissions for /usr while you apply the patches:
$chmod 066 -R /usr
this will recursivly change /usr to read-write. install the patches and then:
$chmod 444 -R /usr
to change it back to read only
read the man pages for chmod and chown, and also this post, which is not directly related to your situation, but might have useful informaiton is linked here-
http://www.netsys.com/sunmgr/1997-09/msg00087.html
Others might have different solutions, maybe wait and see if someone else comes up with something...
$chmod 066 -R /usr
this will recursivly change /usr to read-write. install the patches and then:
$chmod 444 -R /usr
to change it back to read only
read the man pages for chmod and chown, and also this post, which is not directly related to your situation, but might have useful informaiton is linked here-
http://www.netsys.com/sunmgr/1997-09/msg00087.html
Others might have different solutions, maybe wait and see if someone else comes up with something...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also check that /etc/vfstab has not set the read only option for the /usr mount (ro).