In this blog, we will share the steps to apply the hotfix using XenServer Command Line Interface (CLI) for security patch updates for Xenserver 7.2
Installing the Hotfix by using the xe Command Line Interface
- First of all, we need to download the hotfix file to a known location from the URL https://support.citrix.com/article/CTX224692
- Extract the .iso file from the zip.
- Upload the .iso file to the Pool Master by entering the following commands:(Where -s is the Pool Master’s IP address or DNS name.)
xe -s <server> -u <username> -pw <password> update-upload file-name=<filename>\XS72E011.iso
If you get below error in the above screenshot
The uploaded update package is invalid.
info: Invalid signature
The above error received due to the files
secring.gpg were empty under
You need to Synchronize the ntp time by running the command
ntpdate -u "SERVER IP" and restarted the
service 60-import-keys from /etc/firstboot.d/.
ntpdate -u "SERVER IP"
Reference URL https://support.citrix.com/article/CTX231197
After that the files were
secring.gpg were auto generated on location
XenServer assigns the update file a UUID which is shown in the screenshot prints output of command.
4. Apply the update to all hosts in the pool, specifying the UUID of the update:
xe update-pool-apply uuid=<UUID_of_file>
Run the following command if you would like to apply the hotfix for a individual host
xe update-apply host=<UUID_of_host> uuid=<UUID_of_file>
Alternatively, if you need to update and restart hosts in a rolling manner, you can apply the update file to an individual host by running the following:
xe upload-apply host=<UUID_of_host> uuid=<UUID_of_file>
5. Verify that the update was applied by using the update-list command.
xe update-list -s <server> -u root -pw <password> name-label=XS72E011
If the update is successful, the hosts field contains the UUIDs of the hosts to which this patch was successfully applied. This should be a complete list of all hosts in the pool.
The screenshot shown as list of security patches updated for XenServer 7.2
6. If the hotfix is applied successfully, carry out any specified post-update task on each host, starting with the master.
7. Reboot the server to take effect the security patches updated.