Managing Software (Overview)

The management of software involves adding and removing software from standalone systems, servers, and their clients. This chapter describes background and other information about the various tools available for installing and managing software.

This chapter does not describe installing the Solaris software on a new system, nor does it describe installing or upgrading a new version of the Solaris software. For information on installing or upgrading Solaris software, see Solaris 9 12/03 Installation Guide.

This is a list of the overview information in this chapter.

• What's New in Software Management in the Solaris 9 Update Releases?

• What's New in Software Management in the Solaris 9 Release?

• Where to Find Software Management Tasks

• Overview of Software Packages

• Tools for Managing Software Packages

• Adding or Removing a Software Package (pkgadd)

• Key Points for Adding Software Packages (pkgadd)

• Guidelines for Removing Packages (pkgrm)

• Avoiding User Interaction When Adding Packages (pkgadd)

For step-by-step instructions on managing software, see Chapter 23, Managing Software (Tasks).

What's New in Software Management in the Solaris 9 Update Releases?

This section describes a new software management feature in this Solaris release.

pkgadd and patchadd Support for Signed Packages and Patches

Solaris 9 12/03 - This Solaris release enables you to securely download Solaris packages and patches that include a digital signature by using the updated pkgadd and patchadd commands.

In previous Solaris releases, you could download the Solaris patch management tools and use the smpatch command with PatchPro to manage signed patches. For step-by-step instructions on using the smpatch command to manage signed patches, see "Managing Signed Patches by Using Solaris Patch Management Tools (Tasks)" in Signed Patches Administration Guide for PatchPro 2.2.

For overview information about signed packages, see Overview of Software Packages.

For step-by-step instructions on using the patchadd command to add signed patches, see Adding Signed Patches With patchadd Command (Task Map).

For step-by-step instructions on using the pkgadd command to add signed packages, see Adding and Removing Signed Packages (Task Map).

prodreg Command Enhancements

Solaris 9 4/03 - You can now use several options to the prodreg command to access and manage the Solaris Product Registry from the command line.

For information on using the prodreg command to administer software packages, see Managing Software With the Solaris Product Registry Command-Line Interface (Task Map).

What's New in Software Management in the Solaris 9 Release?

This section describes new software management features in the Solaris 9 release.

Signed Patches

All patches that are available for the Solaris 2.6, 7, 8, and 9 releases include a digital signature. A valid digital signature ensures that the patch has not been modified since the signature was applied.

Using signed patches is a secure method of downloading or applying patches because the patches include a digital signature that can be verified before the patch is applied to your system.

Signed patches are stored in Java™ archive format files (abc.jar) and are available from the SunSolve Online^SM Web site.

For information about adding signed patches with the smpatch command, see "Managing Signed Patches by Using Solaris Patch Management Tools (Tasks)" in Signed Patches Administration Guide for PatchPro 2.2.

Solaris Product Registry 3.0

The Solaris Product Registry 3.0 is a GUI tool that enables you to install and uninstall software packages.

For information on using this product to manage software packages, see Managing Software With the Solaris Product Registry GUI (Task Map).

Patch Analyzer

When you use the Solaris™ Web Start program to upgrade to a Solaris 9 Update Release, the patch analyzer performs an analysis on your system to determine which (if any) patches will be removed or downgraded by upgrading to the Solaris Update Release. You do not need to use the Patch Analyzer when you upgrade to the Solaris 9 release.

For information on using this tool when you are upgrading to a Solaris 9 update release, see "Upgrading to a Solaris Update Release (Tasks)" in Solaris 9 12/03 Installation Guide.

Solaris Management Console Patch Manager

The Solaris Management Console provides a new Patches Tool for managing patches. You can only use the Patches Tool to add patches to a system running the Solaris 9 release.

For information on starting the Solaris Management Console, see How to Start the Console as Superuser or as a Role.

Where to Find Software Management Tasks

Use this table to find step-by-step instructions for managing software.

Overview of Software Packages

Software management involves installing or removing software products. Sun and its third-party vendors deliver software products in a form called a package.

The term packaging generically refers to the method for distributing and installing software products to systems where the products will be used. A package is a collection of files and directories in a defined format. This format conforms to the application binary interface (ABI), which is a supplement to the System V Interface Definition. The Solaris operating environment provides a set of utilities that interpret this format and provide the means to install a package, to remove a package, or to verify a package installation.

A patch is a collection of files and directories that replace or update existing files and directories that are preventing proper execution of the existing software. For more information about patches, see Chapter 24, Managing Solaris Patches (Overview).

Signed Packages and Patches

Packages can include a digital signature. A package with a valid digital signature ensures that the package has not been modified since the signature was applied to the package. Using signed packages is a secure method of downloading or adding packages because the digital signature can be verified before the package is added to your system.

The same holds true for signed patches. A patch with a valid digital signature ensures that the patch has not been modified since the signature was applied to the patch. Using signed patches is a secure method of downloading or adding patches because the digital signature can be verified before the patch is added to your system.

For more information about adding signed patches to your system, see Adding Signed Patches With patchadd Command (Task Map).

For information about creating signed packages, see Application Packaging Developer's Guide.

A signed package is identical to an unsigned package, except for the digital signature. The package can be installed, queried, or removed with existing Solaris packaging tools. A signed package is also binary-compatible with an unsigned package.

Before you can add a package or patch with a digital signature to your system, you must set up a package keystore with trusted certificates. These certificates are used to identify that the digital signature on the package or patch is valid.

The following table describes the general terms associated with signed packages and patches.