[csw-users] WARNING: upgrade problem with last openssh package under Solaris 10

Mike Watters mwatters at opencsw.org
Mon Feb 16 17:37:33 CET 2009

Hash: SHA1

the problem lies in the pre-remove although I don't have a copy for
solaris 8 I can look at.

The workaround I have used in the past for this problem is as follows:

first, ssh into the system, sudo root
cd /var/sadm/pkgs/CSWossh/install
cp preremove ~/  # to keep a copy for cleanup
edit the preremove script in install and before any other code
put exit 0  this will cause the package to skip the pre-remove as
successful. then you can pkgrm the new package without losing your ssh
connections.  before adding the "new" package, walk yourself through the
original pre-remove and cleanup the same things it did.  i.e.
/var/run/sshd.pid et.al.
then you can pkg-add your new version and as people disconnect and
re-connect their ssh version will be upgraded.

- -- Mike

Yann Rouillard wrote:
> Hi,
> The previous openssh packages were incorrectly pushed in the csw
> repository tree: the solaris 8 package was pushed in the solaris 10 tree
> instead of the solaris 10 one.
> As a side effect, with the current package, stopping openssh under
> Solaris 10 kills all ssh connections.
> The problem will be solved with the next package release, which will
> soon land in the repository, but the upgrade will not go smoothly as the
> previous ssh processes will be stopped during the operation, hence 
> killing all ssh connections.
> So if you perform the upgrade from an ssh connection, this connection
> will be killed, the ssh package will be left in a uninstalled state and
> you will not be able to log again on your server using ssh.
> To avoid this problem:
>   - either perform the upgrade from the console or using another remote
> shell
>   - or follow this procedure:
>     * launch manually the openssh daemon on a non-standard port:
>         /opt/csw/sbin/sshd -p 2022
>     * connect to your server by ssh on this port:
>         ssh -p 2022 yourserver
>     * perform the upgrade from this connection
>     The openssh daemon manually launched will not be killed allowing you
> to perform the upgrade safely.
> I apologize for any inconvenience caused by this bug.
> Yann
> _______________________________________________
> users mailing list
> users at lists.opencsw.org
> https://lists.opencsw.org/mailman/listinfo/users

- --

"Any intelligent fool can make things bigger, more complex,
and more violent.  It takes a touch of genius -- and a lot of courage --
to move in the opposite direction."

* Albert Einstein 1879 - 1955
    US German-born Theoretical Physicist
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


More information about the users mailing list