VMware Cloud Community
MJKNIGHT
Hot Shot
Hot Shot

More ESX 3.0.1 03/05/07 Patches......

Anyone dived in and applied the new patches yet.....

....patch adds support for Microsoft Clustering Server (MSCS) with Windows 2003 Service Pack 1 (SP1) and R2 Guest Operating Systems (KB 2021).....[/i]

ESX-3199476 Patch | 03/05/07 | Critical Patch

ESX-5031800 Patch | 03/05/07 | Security Patch

ESX-5885387 Patch | 03/05/07 | Security Patch

ESX-6050503 Patch | 03/05/07 | General Patch

ESX-6856573 Patch | 03/05/07 | Security Patch

ESX-9865995 Patch | 03/05/07 | General Patch

Please provide feedback below if you have any issues....

Cheers,

Michael.

Reply
0 Kudos
104 Replies
Kindred_VMSuppo
Contributor
Contributor

I found this great script on a VMware Blog for using a web server to host the patches so you only have to copy a perl script to every esx server instead of all the files.

http://virtrix.blogspot.com/2007/03/vmware-autopatching-your-esx-host.html

I have had to modify the script that I am using to fit my needs but this is a good place to start if you do not want to spend all day scp'ing files across.

Reply
0 Kudos
vedeht
Hot Shot
Hot Shot

I edited your script a little bit to get it to pull all the patches from a single ftp server. I have about 200 esx hosts to keep patched. So far so good. Oh, and I did run all the patches with it and no problems so far. I added the ability to make sure the host is in maintenance mode prior to starting the script. I have too many hosts to keep track of before making any mistakes. Hope this helps someone.

#!/bin/bash

#

\# Purpose: Addon to Script to pull all updates from ftp server

\# Also adds a check to make sure the server is in Maintenance Mode

\# Author: VEDEHT

#

ftphostname="192.168.1.1"

username="ftpuser"

password="ftppassword"

echo Checking to see if host is in maintenance mode...

if \['vmish -n -e hostsvc/runtimeinfo | grep "inMaintenanceMode = false" | wc -l' -eq 0]

then

echo Host must be in Maintenance Mode before patching...

echo Now Exiting...

exit

fi

echo Host is in maintenance mode. Continuing patch script...

if \[ -e "/var/updates" ]

then

echo "Updates Directory Exists - purging directory"

cd /var/updates

rm -f *.tgz

else

echo "Updates Directory Not Found - Creating directory"

cd /var

mkdir updates

fi

echo "Now downloading files from ftp server"

echo "This may take a couple of minutes"

echo "starting..."

esxcfg-firewall -allowOutgoing

ftp -in $ftphostname <<EOF
quote USER $username
quote PASS $password
binary
lcd /var/updates
cd /esx3patches
mget *.tgz
quit
EOF

esxcfg-firewall -blockOutgoing

echo "completed..."
echo "Now Starting patching..."
#!/bin/sh
#
\# ESX 3.0.1
#
\# Purpose: Script to apply ESX 3.x patches
\# Author : MichaelJKnight@gmail.com
\# Version: 1.0
\# Release: 09/03/2007
\# No warranty is provided with this script, test and use at your own risk
\# This script is freeware, please contact me with any bugs.
#

\# Ensure ESX Patches have been MD5SUM checked and precopied into /var/updates.....

if \[`vmware -v | grep -i "Server 3." | wc -l` -eq 0 ]

then
echo
echo This script requires an ESX 3.x platform, this server is on
echo
vmware -v
echo
echo Exiting.
echo
exit
fi

esxpatches=`ls /var/updates/ESX*.tgz 2>/dev/null | wc -l`

echo

echo Found $esxpatches ESX patches in /var/updates/

echo

if \[ $esxpatches -ne "0" ]

then

pcount=0

cd /var/updates/

  1. Start creation of patch bundle script....

echo "#!/bin/bash" > /tmp/patchbundle.sh

echo "# Start of patch bundle of $esxpatches ESX Patches " >> /tmp/patchbundle.sh

for i in `ls -l ESX*.tgz 2>/dev/null | awk '\{ print $9} '`

do

  1. Now expand each patch found into its corresponding folder

let "pcount = $pcount + 1"

echo

echo Found patch $pcount / $esxpatches $i

echo Now Expanding....$i

echo

tar -xvzf "$i"

done

chmod +x /tmp/patchbundle.sh

rm -rf /var/updates/ESX*.tgz

  1. Cycle through patches and determine release date and then set datestamp on patch directory to ensure patch sequence is in release date order.

cd /var/updates/

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

tstamp=`cat /var/updates/$i/descriptor.xml | grep "" | cut -f1 -d"<"`

echo

echo Patch $i release date is $tstamp

echo

touch /var/updates/$i -d"$tstamp"

done

  1. Update patch bundle script with patches now in release date equence....

pcount=1

echo

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

echo Sequencing $i into patch bundle script

echo cd /var/updates/`echo $i |cut -f1 -d. `>> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` ` echo $pcount of $esxpatches ` Installation Started " >> /tmp/patchbundle.sh

echo "esxupdate -v 20 -n update" >> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` Installation Completed " >> /tmp/patchbundle.sh

let "pcount = $pcount + 1"

done

echo "# End of patch bundle" >> /tmp/patchbundle.sh

echo

echo Applying patches, please wait....

echo

/tmp/patchbundle.sh

\# Tidy up post installs

rm -rf /tmp/patchbundle.sh

rm -rf /var/updates/ESX*

echo

echo All $esxpatches patches applied. Schedule reboot asap..

echo

else

echo No ESX Patches to be applied...

fi

Try our VMWare View Demo on www.virtualdojo.com
Reply
0 Kudos
ehinkle
Enthusiast
Enthusiast

Finally have a fully patched esx box, and the order that I applied the patches are listed below:

ESX-2158032

ESX-1410076

ESX-1006511

ESX-9986131

ESX-8173580

ESX-6921838

ESX-2066306

ESX-6075798

ESX-5497987

ESX-3996003

ESX-2092658

ESX-2031037

ESX-1917602

ESX-1271657

ESX-9865995

ESX-6856573

ESX-6050503

ESX-5885387

ESX-5031800

ESX-3199476

ESX-9916286

ESX-2559638

ESX-2257739

ESX-1541239

ESX-6431040 I had to run the install script after untaring and it installed the below patches.

ESX-3416571

ESX-5011126

ESX-7737432

ESX-7780490

ESX-8174018

ESX-8852210

ESX-9617902

So now my system looks like this when doing an esxupdate -l query

Installed software bundles:

\---- Name \---- --- Install Date --- --- Summary ---

3.0.1-32039 03:01:57 04/13/07 Full 3.0.1 release of VMware ESX Server

ESX-2158032 10:04:17 04/13/07 Add LFENCE for RWO on AMD K8 before RevF

ESX-1410076 10:07:33 04/13/07 BSOD 0x109 during 64-bit Windows install

ESX-1006511 10:08:24 04/13/07 Fixing TX hang in 80003ES2LAN Controller

ESX-9986131 10:09:22 04/13/07 Updated openssh, python, and openssl

ESX-8173580 10:10:47 04/13/07 Fix COS Oops running Dell OM5 w/ QLogic

ESX-6921838 10:13:19 04/13/07 hot removal of a virtual disk thru SDK

ESX-2066306 10:14:01 04/13/07 Patch for VM crashes and possible freeze

ESX-6075798 10:15:07 04/13/07 Force vmxnet module to be installed 1st.

ESX-5497987 10:16:30 04/13/07 Fixes a misleading locking message.

ESX-3996003 10:17:12 04/13/07 To support the latest time zone rules.

ESX-2092658 10:18:19 04/13/07 SNMP agent returns full VM config file.

ESX-2031037 10:18:58 04/13/07 To provide LUN an unique ID Name

ESX-1917602 10:19:42 04/13/07 To improve compatibility for Windows NT.

ESX-1271657 10:20:34 04/13/07 Open IPMI improvement for slowness.

ESX-9865995 10:21:59 04/13/07 LUNs of MSA Array disappear and reappear

ESX-6856573 10:22:43 04/13/07 PhysMem_Get() accesses wrong pages

ESX-6050503 10:25:15 04/13/07 Error on "network adapters" tab in VC UI

ESX-5885387 10:25:53 04/13/07 RedHat Moderate: gzip security update

ESX-5031800 10:26:31 04/13/07 RHSA-2006:0749 tar security update

ESX-3199476 10:27:33 04/13/07 VMXNET shutdown may lead to BSOD

ESX-9916286 10:28:26 04/13/07 To update zlib library for ESX 3.0.1

ESX-2559638 10:29:34 04/13/07 Update info rpm for ESX 3.0.1.

ESX-2257739 10:30:58 04/13/07 To deliver several fixes in vmkernel.

ESX-1541239 10:31:54 04/13/07 Updates Emulex Fibre Channel driver.

ESX-1161870 11:25:57 04/13/07 Several bug fixes in vmware-vmx.

ESX-3416571 11:26:39 04/13/07 Potential Buffer Overflow.

ESX-5011126 11:27:22 04/13/07 Potential Buffer Overflow.

ESX-7737432 11:28:00 04/13/07 Potential Buffer Overflow.

ESX-7780490 11:28:39 04/13/07 Potential Buffer Overflow.

ESX-8174018 11:29:19 04/13/07 Potential Buffer Overflow.

ESX-8852210 11:31:33 04/13/07 Potential Buffer Overflow.

ESX-9617902 11:32:39 04/13/07 Potential Buffer Overflow.

and my version is build 42368 now.

Reply
0 Kudos
berlui
Contributor
Contributor

Hi,

i patched the original script of Michael to work also with patch bundle (like ESX-6431040)

It seems to work properly.

Thanks

LuiBer

\----


#!/bin/sh

#

\# ESX 3.0.1

#

\# Purpose: Script to apply ESX 3.x patches

#

\# Author : MichaelJKnight@gmail.com

\# Version: 1.0

\# Release: 09/03/2007

#

#

\# Purpose: Manage patch bundle

#

\# Patched: luigi.berengan@email.it

\# Version: 1.1

\# Release: 15/04/2007

\#

\# No warranty is provided with this script, test and use at your own risk

\# This script is freeware, please contact me with any bugs.

#

\# Ensure ESX Patches have been MD5SUM checked and precopied into /var/updates.....

if \[`vmware -v | grep -i "Server 3." | wc -l` -eq 0 ]

then

echo

echo This script requires an ESX 3.x platform, this server is on

echo

vmware -v

echo

echo Exiting.

echo

exit

fi

list=`ls /var/updates/ESX*.tgz 2>/dev/null | wc -l`

if \[ $list -ne "0" ]

then

pcount=0

cd /var/updates/

for i in `ls -l ESX*.tgz 2>/dev/null | awk '\{ print $9} '`

do

  1. Now expand each patch found into its corresponding folder

let "pcount = $pcount + 1"

echo

echo Found patch $pcount $i

echo Now expanding....$i

echo

tar -xvzf "$i"

dirpatch=`echo $i | awk -F\. '\{ print $1 }'`

nptchbnd=`ls $dirpatch | grep 'ESX-' | wc -l`

if \[ $nptchbnd -gt 0 ] ; then

echo

echo Now moving single patches from $i patch bundle

mv $dirpatch/ESX-* .

rm -rf $dirpatch

let "pcount = $pcount + $nptchbnd"

let "pcount = $pcount - 1"

fi

done

rm -rf /var/updates/ESX*.tgz

\# Start creation of patch bundle script....

esxpatches=`ls -d /var/updates/ESX* 2>/dev/null | wc -l`

echo "#!/bin/bash" > /tmp/patchbundle.sh

echo "# Start of patch bundle of $esxpatches ESX Patches " >> /tmp/patchbundle.sh

chmod +x /tmp/patchbundle.sh

echo

echo Found $esxpatches ESX patches in /var/updates/

echo

  1. Cycle through patches and determine release date and then set

  1. datestamp on patch directory to ensure patch sequence is in release date order.

cd /var/updates/

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

tstamp=`cat /var/updates/$i/descriptor.xml | grep "" | cut -f1 -d"<"`

echo

echo Patch $i release date is $tstamp

echo

touch /var/updates/$i -d"$tstamp"

done

  1. Update patch bundle script with patches now in release date equence....

pcount=1

echo

for i in `ls -ltr 2>/dev/null | awk '\{ print $9} '`

do

echo Sequencing $i into patch bundle script

echo cd /var/updates/`echo $i |cut -f1 -d. `>> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` ` echo $pcount of $esxpatches ` Installation Started " >> /tmp/patchbundle.sh

echo "esxupdate -v 20 -n update" >> /tmp/patchbundle.sh

echo echo ' `date +%e/%m/%y" "%H:%M:%S` ' "Patch `echo $i |cut -f1 -d. ` Installation Completed " >> /tmp/patchbundle.sh

let "pcount = $pcount + 1"

done

echo "# End of patch bundle" >> /tmp/patchbundle.sh

echo

echo Applying patches, please wait....

echo

/tmp/patchbundle.sh

\# Tidy up post installs

rm -rf /tmp/patchbundle.sh

rm -rf /var/updates/ESX*

echo

echo All $esxpatches patches applied. Schedule reboot asap..

echo

else

echo No ESX Patches to be applied...

fi

\----


Reply
0 Kudos
guser
Contributor
Contributor

vedeht, I think your script should read...

\# Check that the host is in maintenance mode

echo Checking to see if host is in maintenance mode...

if \[ `vimsh -n -e hostsvc/runtimeinfo | grep -i "inMaintenanceMode = false" | wc -l` -eq 1 ]

then

echo Host must be in Maintenance Mode before patching, exiting...

exit 1

fi

or

\# Check that the host is in maintenance mode

echo Checking to see if host is in maintenance mode...

if \[ `vimsh -n -e hostsvc/runtimeinfo | grep -i "inMaintenanceMode = true" | wc -l` -eq 0 ]

then

echo Host must be in Maintenance Mode before patching, exiting...

exit 1

fi

Reply
0 Kudos
GavinJ
Hot Shot
Hot Shot

Hi all,

I read a bit earlier in the thread that there would be interest if we could automatically download patches from the vmware site.

I've written a little Windows script which will do this and have put it up on my site: http://www.xtravirt.com in the downloads section.

It's only v1.0 but you can selectively batch download patches so you can maintain a local patch repository and don't have to download them individually.

Instructions are in the readme.txt but see what you think.

Cheers

Gavin

Reply
0 Kudos
berlui
Contributor
Contributor

Hi,

I verified that at the end of the esx upgrade and the vmware-tools update there is a mismatch infact :

1) esx server is in build 42368

2) vmware-tools are in build 41412

Is it a problem ?

What do you think about ?

Thank you very much

BerLui

Reply
0 Kudos
guser
Contributor
Contributor

Hi,

I just put all available patches into /var/updates/ and successfully ran MJKnights script. After, running vmware -v[/code] I get VMware ESX Server 3.0.1 build-42368[/b]

When I run esxupdate -l query[/code] I get the following:

3.0.1-32039 10:59:29 04/17/07 Full 3.0.1 release of VMware ESX Server

ESX-1006511 11:24:58 04/17/07 Fixing TX hang in 80003ES2LAN Controller

ESX-1161870 11:47:29 04/17/07 Several bug fixes in vmware-vmx.

ESX-1271657 11:35:06 04/17/07 Open IPMI improvement for slowness.

ESX-1541239 11:49:10 04/17/07 Updates Emulex Fibre Channel driver.

ESX-2031037 11:32:55 04/17/07 To provide LUN an unique ID Name

ESX-2066306 11:27:07 04/17/07 Patch for VM crashes and possible freeze

ESX-2092658 11:32:13 04/17/07 SNMP agent returns full VM config file.

ESX-2158032 11:26:20 04/17/07 Add LFENCE for RWO on AMD K8 before RevF

ESX-2257739 11:50:29 04/17/07 To deliver several fixes in vmkernel.

ESX-2559638 11:51:13 04/17/07 Update info rpm for ESX 3.0.1.

ESX-3199476 11:38:15 04/17/07 VMXNET shutdown may lead to BSOD

ESX-3416571 11:46:46 04/17/07 Potential Buffer Overflow.

ESX-3996003 11:31:04 04/17/07 To support the latest time zone rules.

ESX-5011126 11:43:27 04/17/07 Potential Buffer Overflow.

ESX-5031800 11:37:22 04/17/07 RHSA-2006:0749 tar security update

ESX-5497987 11:34:18 04/17/07 Fixes a misleading locking message.

ESX-5885387 11:36:39 04/17/07 RedHat Moderate: gzip security update

ESX-6050503 11:41:55 04/17/07 Error on "network adapters" tab in VC UI

ESX-6075798 11:35:59 04/17/07 Force vmxnet module to be installed 1st.

ESX-6856573 11:42:40 04/17/07 PhysMem_Get() accesses wrong pages

ESX-6921838 11:29:25 04/17/07 hot removal of a virtual disk thru SDK

ESX-7737432 11:48:11 04/17/07 Potential Buffer Overflow.

ESX-7780490 11:46:02 04/17/07 Potential Buffer Overflow.

ESX-8174018 11:44:11 04/17/07 Potential Buffer Overflow.

ESX-8852210 11:54:27 04/17/07 Potential Buffer Overflow.

ESX-9617902 11:45:20 04/17/07 Potential Buffer Overflow.

ESX-9865995 11:39:37 04/17/07 LUNs of MSA Array disappear and reappear

ESX-9916286 11:52:05 04/17/07 To update zlib library for ESX 3.0.1

ESX-9986131 11:30:22 04/17/07 Updated openssh, python, and openssl

Note: I've edited the order and added a few spaces so that the display falls in line with ehinkles post.[/i]

Reply
0 Kudos
VirtualKenneth
Virtuoso
Virtuoso

Hi guser,

You are missing a few updates in the list:

ESX1410076 and ESX1917602

I've ran the script and it works fine at my systems.

I think you have problems with the re-release of ESX1410076.

Check my posting in this thread, within there I discuss the issues with the ESX1410076

Reply
0 Kudos
guser
Contributor
Contributor

Hi Vliegenmepper

The descriptor in ESX-1410076 reads as follows:

[/b]

What did you change it to?

I'm going to take a guess that it you changed it to the following and then give it a go, but some reasuring confirmation would be great:

[/b]

Thanks,

guser

Reply
0 Kudos
VirtualKenneth
Virtuoso
Virtuoso

I've changed it into:

Reply
0 Kudos
dropadrop
Enthusiast
Enthusiast

I wish I would have noticed this thread earlier, but now I did this in a more ghetto way... I guess I could list it here, since it still works fine:

I downloaded untared all the updates (into a new folder):

for PACKAGE in *; do

tar -xzvf $PACKAGE

done

rm *.tgz

I made a text file containing all the names of the updates in the order they have been released by vmware. I called the file patch_list and put it in the same folder as the extracted updates (here's the current content of my list):

ESX-2158032

ESX-1410076

ESX-1006511

ESX-9986131

ESX-8173580

ESX-6921838

ESX-2066306

ESX-6075798

ESX-5497987

ESX-3996003

ESX-2092658

ESX-2031037

ESX-1917602

ESX-1271657

ESX-9865995

ESX-6856573

ESX-6050503

ESX-5885387

ESX-5031800

ESX-3199476

ESX-9916286

ESX-6431040

ESX-2559638

ESX-2257739

ESX-1541239

Then I wrote a small script which will go through the list and install mentioned updates one by one. It worked for all but one update, since that was a package containing several other updates (ESX-6431040). It's now updated so it installs everything, but the annoying package will ask you questions.

#! /bin/bash

\# I install vmware esx-server updates

for PATCH in `cat patch_list `; do

cd "$PATCH"

esxupdate -v 20 -n update

./install_patches

cd ..;

done

reboot

It would be a lot more elegant if it was not for ESX-6431040 which is installed differently (with the ./install_patches command). Now it tries esxupdate and ./install_patches in every folder, and one of them will work.

The stupid thing is that ./install_patches asks questions, but it's still a lot less work. I packed the whole folder to a .tgz file so I can easily distribute it to a new esx host, and when new patches are released I can just add them to the end of the list and create a new package with them included.

Reply
0 Kudos
APPB-VM
Contributor
Contributor

I followed the procedure exactly to apply all patches as instructed here:

http://www.vmwire.com/index.php?option=com_content&task=view&id=39&Itemid=44

Great process, but I've ran into one issue. ESX-1410076 doesn't seem to want to apply. It seems to be wanting to downgrade. I've change the release date and tried again, but I got the same thing -- wanting to downgrade.

Maybe I need to change the release date before applying ALL of the updates? Problem is they are all showing up except for ESX-1410076?

This is what I get when I run esxupate -l query

ESX-1006511 09:58:23 05/11/07 Fixing TX hang in 80003ES2LAN Controller

ESX-1161870 10:58:27 05/11/07 Several bug fixes in vmware-vmx.

ESX-1271657 10:11:52 05/11/07 Open IPMI improvement for slowness.

ESX-1541239 11:00:12 05/11/07 Updates Emulex Fibre Channel driver.

ESX-1917602 10:09:17 05/11/07 To improve compatibility for Windows NT.

ESX-2031037 10:08:33 05/11/07 To provide LUN an unique ID Name

ESX-2066306 10:02:21 05/11/07 Patch for VM crashes and possible freeze

ESX-2092658 10:07:50 05/11/07 SNMP agent returns full VM config file.

ESX-2158032 09:59:56 05/11/07 Add LFENCE for RWO on AMD K8 before RevF

ESX-2257739 11:01:46 05/11/07 To deliver several fixes in vmkernel.

ESX-2559638 11:02:29 05/11/07 Update info rpm for ESX 3.0.1.

ESX-3199476 10:15:06 05/11/07 VMXNET shutdown may lead to BSOD

ESX-3416571 10:57:40 05/11/07 Potential Buffer Overflow.

ESX-3996003 10:06:36 05/11/07 To support the latest time zone rules.

ESX-5011126 10:54:04 05/11/07 Potential Buffer Overflow.

ESX-5031800 10:14:10 05/11/07 RHSA-2006:0749 tar security update

ESX-5497987 10:10:56 05/11/07 Fixes a misleading locking message.

ESX-5885387 10:13:29 05/11/07 RedHat Moderate: gzip security update

ESX-6050503 10:19:15 05/11/07 Error on "network adapters" tab in VC UI

ESX-6075798 10:12:48 05/11/07 Force vmxnet module to be installed 1st.

ESX-6856573 10:19:59 05/11/07 PhysMem_Get() accesses wrong pages

ESX-6921838 10:04:55 05/11/07 hot removal of a virtual disk thru SDK

ESX-7737432 10:59:10 05/11/07 Potential Buffer Overflow.

ESX-7780490 10:56:55 05/11/07 Potential Buffer Overflow.

ESX-8173580 10:01:36 05/11/07 Fix COS Oops running Dell OM5 w/ QLogic

ESX-8174018 10:54:53 05/11/07 Potential Buffer Overflow.

ESX-8852210 11:05:13 05/11/07 Potential Buffer Overflow.

ESX-9617902 10:56:11 05/11/07 Potential Buffer Overflow.

ESX-9865995 10:16:39 05/11/07 LUNs of MSA Array disappear and reappear

ESX-9916286 10:20:57 05/11/07 To update zlib library for ESX 3.0.1

ESX-9986131 10:05:53 05/11/07 Updated openssh, python, and openssl

Reply
0 Kudos
VirtualKenneth
Virtuoso
Virtuoso

Have you changed it the way I did?

Try to run the 1410076 patch as a standalone patch and chech the releasedate (when installed) using esxupdate query. Maybe something went wrong while repackaging.

Reply
0 Kudos
APPB-VM
Contributor
Contributor

I had to run the 1410076 patch with the --force parameter and then re-run all of the patches (via update.sh script) again with the edited date in the 1410076 archive. Once I did that my build number shows as 42829.

Reply
0 Kudos
vedeht
Hot Shot
Hot Shot

Thanks!

Try our VMWare View Demo on www.virtualdojo.com
Reply
0 Kudos
vmtechie
Contributor
Contributor

how do we excute this script? from the esx server?

Reply
0 Kudos
guser
Contributor
Contributor

Hi dominic7,

Two questions...

1) I have un-packed ESX-6431040 into the following:

022,ESX-1161870,b52a12657327c5b3ffba9c6655af881d

023,ESX-3416571,c95a291575c4e10530ce38b451bc5a26

024,ESX-5011126,6bd8b7be05cb8aa96180d1f3dd52bda6

025,ESX-7737432,fbba4c793fe4cdcd551f8741f67ef1f8

026,ESX-7780490,71b4a24068cd2206382c1e4a30696fce

027,ESX-8174018,e30f2fa07cf2c6b259463a0606d14d1c

028,ESX-8852210,0135da91b87cb01688c47940a05fb124

029,ESX-9617902,c4e6edb33cdd99da39bd2ec6c47bb20a

... ESX-6431040.tgz does not exist in my updates; Will your script deal with that?

2) Every time I download a patch, I have renamed it to include the order that VMware listed it and I include the md5sum. For example.

001-ESX-2158032-c688275383addb789af1885ef4632b5f.tgz

Will your script deal with this naming convention or do I have to modify something?

Thank you

/guser

Reply
0 Kudos
dominic7
Virtuoso
Virtuoso

#1 should work ( provided that you repackage the updates into .tgz, or use one of the new options to not unpack updates ), #2 will break the script. You can edit the script if you want to deal with your naming convention. I'd suggest not renaming the packages if you want things to go smoother though.

Reply
0 Kudos
RobMokkink
Expert
Expert

This is a script i use.

For the ESX-6431040 bundled patches i just copy over the patches to the webroot and install them seperately, but in the same order as the patch install script does.

Here is my script:

#!/bin/bash

#DECLARE VARIABLES

REPO_URL="http://192.168.0.105/vmware/patches/"

GET="/usr/bin/lwp-download"

INST_LIST="install.txt"

ESXUPDATE="/usr/sbin/esxupdate"

REBOOT="/sbin/shutdown -r now"

UPDATE_COUNT=0

#FUNCTIONS

QUERY_UPDATE(){

$ESXUPDATE query | grep $UPDATE

#CHECK IF INSTALLED

if \[ $? -eq 0 ]; then

echo "$UPDATE IS ALREADY INSTALLED"

else

INSTALL_PATCH

fi

}

INSTALL_PATCH(){

$ESXUPDATE -v 30 -r $\{REPO_URL}$\{UPDATE} --noreboot update

#ERROR HANDLING

if \[ $? -ne 0 ]; then

echo "FAILED TO THE THE INSTALL $UPDATE"

echo "SCRIPT WILL QUIT!"

#RUN CLEANUP

CLEANUP

exit 192

else

echo "INSTALLED UPDATE: $UPDATE"

let UPDATE_COUNT=UPDATE_COUNT+1

fi

}

CLEANUP(){

#REMOVE INSTALL FILE

rm -rf $INST_LIST

}

CHECK_REBOOT(){

if \[ $UPDATE_COUNT -eq 0 ]; then

echo "THE NUMBER OF UPDATES INSTALLED IS: $UPDATE_COUNT"

echo "NO UPDATES ARE INSTALLED NO REBOOT REQUIRED"

else

echo "THE NUMBER OF UPDATES INSTALLED IS: $UPDATE_COUNT"

echo "A REBOOT IS REQUIRED"

sleep 20

$REBOOT

fi

}

#GET THE INSTALL LIST

$GET $\{REPO_URL}$\{INST_LIST}

#ERROR HANDLING

if \[ $? -ne 0 ]; then

echo "FAILED TO THE THE INSTALL LIST!"

echo "SCRIPT WILL QUIT!"

exit 192

fi

#READ THE INSTALL.TXT

exec < $INST_LIST

#ERROR HANDLING

if \[ $? -ne 0 ]; then

echo "FAILED TO READ THE INSTALL LIST!"

echo "SCRIPT WILL QUIT!"

#RUN CLEANUP

CLEANUP

exit 192

fi

#READ THE FILE ROW BY ROW

while read UPDATE

do

echo "TRYING TO INSTALL UPDATE: $UPDATE"

QUERY_UPDATE

done

#RUN CLEANUP

CLEANUP

#CHECK REBOOT

CHECK_REBOOT

exit 0

#END

Reply
0 Kudos