[9000] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Checking for most recent Solaris Security Patches

daemon@ATHENA.MIT.EDU (Paul Brunk)
Fri Jan 8 18:31:21 1999

Date: 	Fri, 8 Jan 1999 09:56:21 -0500
Reply-To: pbrunk@arches.uga.edu
From: Paul Brunk <pbrunk@ARCHES.UGA.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <13972.33068.684571.265293@scratch.scope.ie>

On Thu, 7 Jan 1999, Ronan Waide wrote:

> On January 6, spamhater@GRYMOIRE.COM said:
> > Enclosed is a script that checks if your Solaris system has the
> > latest security patches applied.

> Funnily enough... :)
>
> I've a version of a similar program sitting on one of the Solaris
> boxen here for the last few months[...]

Even more hilarious:

W. Joseph Shamblin posted somewhere an excellent program for this about a
year ago.  Uses perl, many options.  Uses either "patchdiag.xref or"
"Solaris2.x.PatchReport".

--
Tired of the pretence,
Paul Brunk, Workstation Support Droid
"Hungry like the wolf"

#!/usr/local/bin/perl
# This program is intended to parse the patchdiag.xref file downloaded from
# the sunsolve ftp site. It parses the file, and returns a list of patches that
# need to be evalutated for installation.
# @(#) PatchReport 2.8@(#) (Shamblin) 01/24/98 21:54:04

# Copyright (c) 1997 by W. Joseph Shamblin.  All rights reserved.
# Permission is granted to reproduce and distribute this program
# with the following restrictions:
#   1) This copyright notice and the author identification below
#      must be left intact in the program and in any copies.
#   2) Any modifications to the program must be clearly identified
#      in the source file.
#
#   UNIX Systems Administrator
#   Department of Computer Science
#   Duke University, Durham, NC
#   Phone: 919.660.6582
#   Email: wjs@cs.duke.edu
#
#
# THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. YOU ARE RESPONSIBLE
# FOR ANY DAMAGE THIS MIGHT DO TO YOUR MACHINES!!! IN NO EVENT SHALL THE
# AUTHOR OF THIS PROGRAM BE LIABLE FOR DAMAGE THIS PROGRAM CAUSES.


# Load all needed modules
use English;
use MD5;
use Net::FTP;
use FileHandle;
use Getopt::Std;

autoflush STDERR 1;
autoflush STDOUT 1;

getopts('Aa:cdE:e:Ff:g:hiL:N:np:Q:qRrS:s:vX:Z:');

# account name, only users with contract accounts at sunsolve can get
# patchdiag.xref file. The account will be "ID/passwd".
!defined $opt_a
  ? ($account = "PUT YOUR ACCOUNT HERE")
  : ($account = $opt_a );

#version number
$version_number = "2.8";

# pase the options
$usage_message = qq|

    USAGE: patchreport [-A] [-a "ID/passwd"] [-cd]
                       [-E "/path/to/excluded_patches"]
                       [-e "103594 104117 105408 105616"]
                       [-Ffghi] [-N "/path/to/recommended_list"]
                       [-n] [-p "/path/to/patches"] [-Rr]
                       [-S "/path/to/CHECKSUMS"]
                       [-s "message"] [-X "/path/to/patchdiag.xref"]

                   -A     Prompt for account information
                   -a     SunSolve "ID/passwd"
                   -c     Prints patches which are current (UP)
                   -d     Debugging option
                   -E     "/path/to/excluded_patches"
                   -e     Exclude patch IDs (e.g. 103594 sendmail patch for sparcs)
                   -F     Force patch installation without any questions
                   -f     Arguments to fastpatch, i.e. -f nsI for -n -s -I ( see fastpatch documentation )
                          Defaults for fast patch are the following:
                           -n           Never call installpatch (by default, fastpatch will
                                        fall back to installpatch when it can't find package
                                        matches)
                           -s           Save old files so the patch can be backed out.
                                        (Works for new style patches)
                           -I           Ignore backoutpatch failures
                                        (instead, the system state is updated as if the patch
                                        has been backed out)
                   -g     Grace period for shutdown (in seconds)
                   -h     Prints this message and exits
                   -i     Install patches
                   -L     "/path/to/file_with_list_of_patches"
                   -N     "/path/to/recommended_list"
                   -n     No contract support (use Recommended patch list)
                   -p     "/path/to/patches" (default: /var/tmp/patches)
                   -Q     "/path/to/fastpatch"
                   -q     Use Casper Dik's fastpatch program to install patches
                   -R     Remove compressed patches and directories after installation,
                          but not if uncompressing to a different directory ( -Z option ).
                          In that case just clean up the uncompressed directory and leave
                          compressed patch in place.
                   -r     Retrieve patches
                   -S     "/path/to/CHECKSUMS"
                   -s     Shutdown with "Message"
                   -v     Version number
                   -X     "/path/to/patchdiag.xref"
                   -Z     "/path/to/uncompress_patches"\n
  |;

# If the program is called with the -h option simply print
# the usage message and exit.
if (defined $opt_h){
  print "$usage_message\n";
  exit 0;
}


# If the program is called with the -v option simply print
# the version, and the usage message and exit.
if (defined $opt_v) {
  print "\n\tPatchReport version $version_number\n";
  exit 0;
}
# If we are called with the -i (install option) make sure
# that we have the appropriate permissions
if ((defined $opt_i) and ($> or $< != 0)) {
  print "\n    You must be root to install patches.";
  print "$usage_message\n";
  exit 0;
}
# if the account is set to the default assume that we
# need to print an error message asking for an account.
if ($account eq "PUT YOUR ACCOUNT HERE" and !$opt_S and !$opt_X and !$opt_n and !$opt_A ) {
  print qq|
           You must have a SunSolve account to use this script. The
           -n option can be used to by-pass this check, and use the
           Recommended patch list instead of the patchdiag.xref file.
           You can hard code the account and ID into the script. |;
  print "$usage_message\n";
  exit 0;
}
# Let's figure out where fastpatch is located if possible. If not just exit.
if (defined $opt_q ) {
  if (defined $opt_Q) {
    $INSTALL_PATCH_PROG = $opt_Q;
    if ( ! -e $INSTALL_PATCH_PROG ) {
       print qq|
          Fastpatch was not found in that location. Please use -Q to
          the specify correct path to the fastpatch program.\n\n|;
       exit 1;
    }
  } elsif ( !defined $opt_Q) {
    $INSTALL_PATCH_PROG = `which fastpatch`;
    if ($INSTALL_PATCH_PROG =~ /no fastpatch in/) {
      print qq|
          Fastpatch program not found. Please use -Q to specify
          where the fastpatch program is located or add its
          directory to your path.\n\n|;
    exit 1;
    }
  }
} else {
  $INSTALL_PATCH_PROG = "./installpatch";
}

# When summomed with the -A option the user will be asked
# for the account name and password for SunSolve's FTP site
if ( defined $opt_A) {
  print qq|
          Please provide the account and password in the form "ID/passwd"
          \n\naccount/passwd? |;
  chomp($account = <STDIN>);
}
# The -p option allows for the output of the patches downloaded
# to go into another directory. This is good for large sites that
# share a common patch directory.
if (!defined $opt_p) {
  $patch_dir = "/var/tmp/patches";
} elsif (defined $opt_p) {
  $patch_dir = "$opt_p";
}

# Setp the arguments to fast patch. By default use -n -s -I
#       -n              Never call installpatch (by default, fastpatch will
#                       fall back to installpatch when it can't find package
#                       matches)
#       -s              Save old files so the patch can be backed out.
#                       (Works for new style patches)
#                       This should be optional for PatchReport
#
#       -I              Ignore backoutpatch failures
#                       (instead, the system state is updated as if the patch
#                       has been backed out)

if ( defined $opt_f and defined $opt_q ) {
  map {  $FAST_PATCH_ARGS = $FAST_PATCH_ARGS  . "-$_ " } split(//,$opt_f);
} elsif (defined $opt_q and !defined $opt_f ) {
  $FAST_PATCH_ARGS = "-n -s -I";
}

# Get some information about who we are
@uname = split ' ',`uname -a`;
$uname[2] =~ s/^5/2/ or die "can't convert SunOS-Solaris version number";
if ($uname[5] eq "i386") { $os = "$uname[2]_x86";} else { $os = "$uname[2]";}

# Print a nice little message to let the users know
# what is going on when the script first starts up
print qq|\n
       Analyzing needed patches on your machine, this might take
       a minute or two depending on the options you chose, and/or
       your net connection.\n\n|;

################################################
############## File Retrieval ##################
################################################

# If the -X option or the -S options are not used this means that
# the patchdiag.xref file and/or the CHECKSUMS file are not stored
# locally. Since this is the case we have to get the files from the net.
if ((!defined $opt_X or !defined $opt_S) and !$opt_n){
  $ftp = Net::FTP->new("sunsolve.sun.com", Debug => $opt_d ? 1 : 0);
  $ftp->login("sunsolve","sunmicro","$account") ;#or warn "can't login";
  # If the -n option is used then we need to go and get the Recommended
  # patch list. We need to do this in regular anonymous mode.
} elsif (defined $opt_n) {
  $ftp = Net::FTP->new("sunsolve.sun.com", Debug => $opt_d ? 1 : 0);
  $ftp->login() ;#or warn "can't login, bad password perhaps\?";
}

# If the -X option or the option is used this means that the
# patchdiag.xref file are stored locally. Since this is the
# case we do not have to get the files from the net.
if (defined $opt_X and !$opt_n) {
  $xref_fd = new FileHandle "$opt_X", "r";
} elsif (!defined $opt_X and !defined $opt_n) {
  # -X was not used so we need to get the file from
  # Sunsolve's site
  $xref_fd = new FileHandle "/tmp/patchdiag_$$", "w+";
  $ftp->get("patchdiag.xref", $xref_fd);
} elsif (defined $opt_n and !defined $opt_N) {
  # If -n was used, and not -N then we need to retrieve the
  # file from the net.
  $recommended_fd  = new FileHandle "/tmp/Recommended_$$", "w+";
  $ftp->cwd("/pub/patches");
  $ftp->get("$os\_Recommended.README", $recommended_fd);
} elsif (defined $opt_n and defined $opt_N) {
  # if -n is used with -N then that means that the file is
  # stored locally. Set the file handle to the argument
  # given to -N. This should be the path to the
  # Recommended list.
  $recommended_fd  = new FileHandle "$opt_N", "r";
}
if (!$opt_n) {
  # Make sure that we are not working in non-contract mode
  # if we are not, and the -S option is defined the
  # the path to the checksums file should be the argument
  # given to -S
  if (defined $opt_S) {
    $checksum_fd  = new FileHandle "$opt_S", "r";
  } else {
    $checksum_fd  = new FileHandle "/tmp/CHECKSUMS_$$", "w+";
    $ftp->get("CHECKSUMS", $checksum_fd);
  }
}

# play it again sam
# if the -n option was not used putting us into non-contract mode
# then we likely retreived the files from the net. We have to
# go to the beginning to read the entire contents of the file.
if (!defined $opt_n) {
  seek $xref_fd,0,0;
  seek $checksum_fd,0,0;
} elsif ($opt_n) {
  seek $recommended_fd,0,0;
}

################################################
############ Formatting and parsing ############
############ for the needed patches ############
################################################

format patch_top =

Patch-ID  Security Recommended ID Description
--------- -------- ----------- -- ------------------------
.
format patch_out =
@<<<<<<<< @<<<<<<< @<<<<<<<<<< @< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
"$x_id-$x_rev", $security, $recommended, $showrev{$x_id}, $x_desc
.

$^="patch_top";
$~="patch_out";

# We need to get the current patches on the machine. the command showrev -p
# will get the desired information. The map function will take every occurance
# found in the showrev -p and preform the block operation on it. In this case
# the operation is to double split the output, and then create an associative
# array.
map {($s_id,$s_rev) = split '-',(split)[1];$showrev{$s_id} = $s_rev} `showrev -p|sort`;

# Show patches taht apply to add-on programs like Disksuite and veritas if
# we are called with the -o option

# If we are in contract mode then we will need to take the output of the
# patchdiag.xref file. We split the file, and then test to see if we have
# the patch-id from the showrev -p array. We also do a little formatting
# depending on whether or not the file is recommended or a security patch
# or both. We also make use of the write function, to keep things formatted
# nicely.
if (!defined $opt_n) {
  while(<$xref_fd>){
    map {($x_id,$x_rev,$x_rec,$x_sec,$x_os,$x_arch,$x_desc) = (split(/\|/,$_))[0,1,3,4,7,8,10]} $_;
    if ((!defined $showrev{$x_id} or $showrev{$x_id} < $x_rev)
        and ($x_arch =~ /$uname[5]\;|$uname[5]\.$uname[4]\;|all\;$uname[5]\;|all\;/)
        and ($x_os eq "$os")) {
      if ($x_rec eq "R") { local $recommended = "Recommended ";} else {local $recommended = "     N/A    ";}
      if ($x_sec eq "S") { local $security    = "Security ";}    else {local $security    = "   N/A   ";}
      push @needed, "$x_id-$x_rev";
      $patch_description{"$x_id-$x_rev"} = "$x_desc";
      write;
    }
    # if we get a hit then that means we are current. So we should
    # print up in the patch revision place.
    elsif ((defined $showrev{$x_id} or $showrev{$x_id} = $x_rev)
           and ($x_arch =~ /$uname[5]\;|$uname[5]\.$uname[4]\;|all\;$uname[5]\;|all\;/)
           and ($x_os eq "$os") and defined $opt_c)  {
      if ($x_rec eq "R") { local $recommended = "Recommended ";} else {local $recommended = "     N/A    ";}
      if ($x_sec eq "S") { local $security    = "Security ";}    else {local $security    = "   N/A   ";}
      $showrev{$x_id} = "UP";
      write;
    }
  }
  # If we are using the -n non-contract mode then don't do too much.
  # just parse the file, and get the basics like the patch-id
} elsif (defined $opt_n) {
  while (<$recommended_fd>) {
    ($x_id,$x_rev) = map{split '-',(split)[0]}  grep /^\d{6}/,$_ or next;
    ($junk,@x_desc) = split;
    if (!$showrev{$x_id} or $showrev{$x_id} < $x_rev) {
      push @needed, "$x_id-$x_rev";
      $security = ""; $recommended = "";
      $x_desc = join ' ', @x_desc;
      $patch_description{"$x_id-$x_rev"} = $x_desc;
      write;
    }
    # if we get a hit then that means we are current. So we should
    # print up in the patch revision place.
    elsif ((defined $showrev{$x_id} or $showrev{$x_id} = $x_rev) and defined $opt_c) {
      $showrev{$x_id} = "UP";
      write;
    }
  }
}

################################################
############## MD5 checksum test ###############
################################################

# Now, if we weren't run with the -n option, we parse the checksums
# file making an array of the values of patch-id to the actual
# MD5 checksum as calculated by Sun. We need to go into the
# multiline mode so we set the record separator (RS).

if (!$opt_n) {
  $RS='';
  map {($patch_checksum_id) = /^(\d{6}-\d{2}).tar.Z/m;
       ($patch_checksum) = /MD5: (.*)/;
       if ($patch_checksum_id ne "") {
         $actual_checksum{$patch_checksum_id} = $patch_checksum;
       }
     } <$checksum_fd>;
  $RS="\n";
}

format get_top  =
Patch-ID    Checksum status       Description
---------   ------------------    --------------------
.
format get_out =
@<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$get_status, $checksum_status,$patch_description{$_}
.

# If we are called with the -r switch get the patches, and check the checksums
# for each file we will calculate our own checksums, and compare then. If they
# match then they can be installed. If not print an error message. This will
# be done for all of the needed patches from, as determined from above.

$md5 = new MD5;

if (defined @needed and defined $opt_r) {
  mkdir "$patch_dir",0755;
  print "\n**Retrieving Patches**\n";
  print "Patch-ID    Checksum status       Description\n---------   ------------------    --------------------\n";
  $^ = "get_top";
  $~ = "get_out";
  map {
    $get_status = "$_\t";
    $ftp->binary;
    $~ = "get_out";
    $ftp->get("$_.tar.Z","$patch_dir/$_.tar.Z");
    if (!defined $opt_n) {
      $subject = new FileHandle "$patch_dir/$_.tar.Z";
      if (!defined $opt_n) {
        $md5->reset();
        $md5->addfile($subject);
        $retrieved_checksum = $md5->hexdigest();
        $calculated_checksum{$_} = $retrieved_checksum;
        ($actual_checksum{$_} eq "$retrieved_checksum")
          ? ($checksum_status   = "checksum match")
          : ($checksum_status   = "*CHECKSUM FAILED*");
      }
    }
    write
  } @needed;
  # We also need to check the checksum if the file is stored on
  # a local file system, hence called without the -r option.
} elsif (defined @needed and defined $opt_i and !defined $opt_r) {
  map {
    $subject = new FileHandle "$patch_dir/$_.tar.Z";
    if (!defined $opt_n) {
      $md5->reset();
      $md5->addfile($subject);
      $retrieved_checksum = $md5->hexdigest();
      $calculated_checksum{$_} = $retrieved_checksum;
      ($actual_checksum{$_} eq "$retrieved_checksum")
        ? ($checksum_status   = "checksum match")
        : ($checksum_status   = "*CHECKSUM FAILED*");
    }
  } @needed;

}
# If we do not need patches, then you are pretty up on things.
# print a nice message.
if (!defined @needed) {
  print qq|

    Congratulations you do not need any patches installed.
    Send this note to your boss, and ask for a raise!!!

      |;
}

# This avoids an error if the ftp module was never opened.
if (!defined $opt_X or !defined $opt_S){
  $ftp->quit;
}
# Clean up the files that were downloaded from the net.
if (!defined $opt_n) {
  unlink "/tmp/patchdiag_$$", "/tmp/CHECKSUMS_$$";
} else {
  unlink "/tmp/Recommended_$$";
}

format install_top =
Patch-ID    Install status        Description
---------   ---------------       --------------------
.
format install_out =
@<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<  @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
$installing ,$patch_install_status, $patch_description{$patch_to_install}
.


################################################
############# Patch installation ###############
################################################

if (defined @needed and defined $opt_i and !defined $opt_n) {
  &question_patch_install_sub;
} elsif (defined $opt_n and defined $opt_i) {
  &question_patch_install_sub;
}

################################################
############# Shutdown message #################
################################################

if ( defined $opt_s) {
  print "\n\n**SHUTTING DOWN WITH MESSAGE: $opt_s\n\n";
  `/usr/sbin/shutdown -y -g$opt_g -i6 "$opt_s" &`;
}

sub question_patch_install_sub {
  if (!defined $opt_F) {
    # Print an ominous message to let the user know this might
    # be a bad idea. If they still want to do it, they probably
    # know what they are doing
    print qq|
            ** Installing all patches without checking them first **
            ** can have negative consequences. I am assuming that **
            ** you know this, and think that all of these patches **
            ** are a good idea. Using the -F option will turn off **
            ** this message.                                      **
        \n|;
    if (!defined $opt_L) {
      # Get a confirmation or a list of patches to install
      print "Which patches do you want to install (all/none/list of patches) ";
      chomp(local $answer_install_patch = <STDIN>);
      if ( $answer_install_patch eq "all") {
        &install_patch_sub;
      } elsif ($answer_install_patch eq "none") {
        print "\n\tExiting install procedure\n";
        exit 0;
      } elsif ($answer_install_patch =~ /^10/) {
        @needed = split ' ',$answer_install_patch;
        &install_patch_sub;
      } else {
        print "\n\tCan't determine answer, aborting installation procedure\n";
        exit 0;
      }
    }
    elsif ( defined $opt_L) {
      print "Would you like to install all patches listed in $opt_L? (yes/no)\n";
      chomp(local $answer_install_patch = <STDIN>);
      if ($answer_install_patch =~ "n") {
        print "\n\tExiting install procedure\n";
        exit 0;
      }
      elsif ($answer_install_patch =~ "y") {
        &install_patch_sub;
      }
    }
    # If called with the -F flag then skip the formality, and just install
    # the patches.
  } elsif (defined $opt_F) {
    &install_patch_sub;
  }
}

sub install_patch_sub {
 if (defined $opt_q ) {
  print "\n\n**Installing patches with fastpatch**\n";
  }
  else {
    print "\n**Installing Patches (this can take a while)**\n";
  }
  if (!defined $opt_q ) {
    print "\nPatch-ID    Install status        Description\n";
    print "---------   ---------------       -------------------- \n";
  }
  # for all of the patches left in the @needed array we do a regulat old
  # installation. Just uncompress the patch, cd into the directory and run
  # the installpatch program. Also check the return code of the installpatch
  # program. If the return code is something other than 0 then grep the error
  # code from the installpatch program and print it on the install status
  # column of the output.
  $^ = "install_top";
  $~ = "install_out";
  if (defined $opt_E) {
    $excluded_patches_fd = new FileHandle "$opt_E", "r";
    chomp(@excluded_patches = <$excluded_patches_fd>);
  }
  if (defined $opt_e) {
    push @excluded_patches,split ' ',$opt_e;
  }
  if (defined $opt_L) {
    $needed_patches_fd  = new FileHandle "$opt_L", "r";
    chomp(@needed = <$needed_patches_fd>);
    print "\n\nInstalling patches listed in $opt_L\n\n";
  }
  foreach $patch_to_install (@needed) {
    # Make sure that we do not have any white space in the patch-id from the
    # possible input on the command line.
    $patch_to_install =~ s/\s//g;
    $skip_this_patch = 0;
    if (defined $opt_e or defined $opt_E) {
          map { (substr($patch_to_install,0,6) eq substr($_,0,6)) ?  $skip_this_patch = 1 : ""} @excluded_patches;
    }
    if (($actual_checksum{$patch_to_install} eq $calculated_checksum{$patch_to_install}) and
           ($patch_to_install ne "") and ($skip_this_patch != 1)) {
      if (defined $opt_Z) {
        chdir "$opt_Z";
        `/usr/bin/uncompress < $patch_dir/$patch_to_install.tar.Z | /bin/tar xf -`;
        chdir "$opt_Z/$patch_to_install";
      }
      else {
        chdir "$patch_dir";
        `/usr/bin/uncompress < $patch_to_install.tar.Z | /bin/tar xf -`;
        chdir "$patch_dir/$patch_to_install";
      }
      $installing = "$patch_to_install";
      if (defined $opt_q and defined $opt_Z) {
        exec `$INSTALL_PATCH_PROG -p $opt_Z $FAST_PATCH_ARGS $patch_to_install`;
      } elsif (defined $opt_q and !defined $opt_Z ) {
        exec `$INSTALL_PATCH_PROG -p $patch_dir $FAST_PATCH_ARGS $patch_to_install`;
      } elsif (!defined $opt_q) {
        `$INSTALL_PATCH_PROG .`;
      }
      if ($? != 0 and !defined $opt_q){
        $error = $?/256;
        $installpatch_fd  = new FileHandle "./installpatch", "r";
        map { $patch_install_status = "$1" if /\#\t\t$error\t(.*)/} <$installpatch_fd>;
      }
      elsif ($? != 0 and defined $opt_q) {
        $patch_install_status = "*NOT INSTALLED*";
      } else {
        $patch_install_status = "Patch installed\t";
        if (defined $opt_R and !defined $opt_Z) {
          chdir "$patch_dir";
          `rm -rf $patch_to_install`;
          unlink "$patch_to_install.tar.Z";
        }
        elsif (defined $opt_R and defined $opt_Z) {
          chdir "$opt_Z";
          `rm -rf $patch_to_install`;
        }
      }
    } elsif ($actual_checksum{$patch_to_install} ne $calculated_checksum{$patch_to_install}
            and  ($skip_this_patch != 1) ) {
      $patch_install_status = "*NOT INSTALLED*"; $installing = "$patch_to_install";
    }
    elsif ($skip_this_patch == 1) {
      $patch_install_status = "*EXCLUDED PATCH*"; $installing = "$patch_to_install";
    }
    if (defined $opt_q and $skip_this_patch != 1){
      print "Fastpatch messages for $patch_to_install:\n-----------------------------------------\n\n";
      write;
    }
    elsif (!defined $opt_q) {
      write;
    }
  }
}

home help back first fref pref prev next nref lref last post