×
Steps for applying security patch updates for XenServer 7.2
Blog Technologies Virtualization

Steps for applying security patch updates for XenServer 7.2

In this blog, we will share the steps to apply the hotfix using  XenServer Command Line Interface (CLI)  for security patch updates for Xenserver 7.2

Installing the Hotfix by using the xe Command Line Interface

  1. First of all, we need to download the hotfix file to a known location from the URL https://support.citrix.com/article/CTX224692
  2. Extract the .iso file from the zip.
  3. Upload the .iso file to the Pool Master by entering the following commands:(Where -s is the Pool Master’s IP address or DNS name.)

    xe -s <server> -u <username> -pw <password> update-upload file-name=<filename>\XS72E011.iso


 

If you get below error in the above screenshot

        The uploaded update package is invalid. 
         info: Invalid signature 

 

The above error received due to the files pubring.gpg and secring.gpg were empty  under /opt/xensource/gpg/   directory

You need to Synchronize the ntp time by running the command ntpdate -u "SERVER IP" and restarted the             service 60-import-keys from /etc/firstboot.d/.

For example:-

ntpdate -u "SERVER IP"
/etc/firstboot.d/60-import-keys start

 

Reference URL  https://support.citrix.com/article/CTX231197

After that the files were pubring.gpg and secring.gpg were auto generated on location /opt/xensource/gpg/ directory

 

 

XenServer assigns the update file a UUID which is shown in the screenshot prints output of command.

 

 

4.  Apply the update to all hosts in the pool, specifying the UUID of the update:

                 xe update-pool-apply uuid=<UUID_of_file>

Run the following command if you would like to apply the hotfix for a individual host

               xe update-apply host=<UUID_of_host> uuid=<UUID_of_file>

Alternatively, if you need to update and restart hosts in a rolling manner, you can apply the update file to an                 individual host by running the following:

              xe upload-apply host=<UUID_of_host> uuid=<UUID_of_file>

5. Verify that the update was applied by using the update-list command.

             xe update-list -s <server> -u root -pw <password> name-label=XS72E011

If the update is successful, the hosts field contains the UUIDs of the hosts to which this patch was successfully applied. This should be a complete list of all hosts in the pool.

The screenshot shown as  list of security patches updated for XenServer 7.2

 

 

6. If the hotfix is applied successfully, carry out any specified post-update task on each host, starting with the                     master.

7.  Reboot the server to take effect the security patches updated.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.