May the source be with you, but remember the KISS principle ;-)
Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and  bastardization of classic Unix

Applying Patches in SLES


Recommended Links

Configuring the Software Updater

Patching problems

SLES Service Packs


SLES Documentation

SLES Registration
SPident suse_register System information Startup and shutdown Kernel Updates Rug



Patches usually are applied via YAST.  The only exception are service Packs. It is safer to apply them using installation DVD: usually Novell does not debug application of service pack from YAST well and you can run into some unnecessary and difficult to resolve problems. It just not worth the risk to use YaST for service packs.

zypper is a command line tool to apply patches in SLES 11. Previously rug utility was used.

YaST Online Update has been integrated into the YaST Software Management module.

Software → Online Update opens the Software Management with the Patches filter applied, so you only see packages that should be updated.

Online Update Setup can configure automatic updates and Installation Source. See Start-Up, chapter System Configuration with YaST for more information.

Novell offers a continuous stream of software security updates for SUSE Linux and makes them available on an FTP server and its mirrors. These servers are called YUM services. If you have configured the update settings during installation, Software Updater gets one of these servers assigned and is ready for use immediately after installation. If you have skipped the update configuration, you need to set it up.

Getting Permissions

Installing packages requires root privileges. Software Updater and rug have their own user management system that allows regular users to install software updates. When a user first invokes an action that requires special privileges in Software Updater, a prompt for the root password appears. When the password has been verified, Software Updater automatically adds the user's account to the user management system with update permissions. To review or change these settings, use the rug user management commands (this requires root privileges).

Obtaining and Installing Software Updates

Once a day, Software Updater automatically checks whether updates for your system are available (right-click the application icon and choose Refresh to force an immediate check). The Software Updater resides in the notification area (GNOME) or the system tray (KDE) of your panel as an icon depicting a globe, which changes to an exclamation mark on an orange background when there are new updates available. Left-click the panel icon to open the updater window. It displays a list of patches available. Each patch has a short description and, if applicable, a category icon: Security patches are marked with a yellow shield. Optional patches are marked with a light blue circle. Recommended patches are not marked with an icon. Security patches are listed first, then recommended patches, and finally optional patches. To get details about a certain patch, mark it with the mouse and click the Details link under the list window. To select a patch for installation, mark the patch's check box. Use the links All and None to select or deselect all patches. Clicking Update installs the selected patches.

Configuring the Software Updater

To configure Software Updater, right-click the application icon and choose Configure. A window with three tabs opens:

  1. Services,
  2. Catalogs
  3. Preferences


Services are basically sources that provide software packages and information about these packages. The service tab lists all services available together with type and status information (if you cannot see the latter two, adjust the window size). Use Remove Service or Add Service to add or remove services. The following service types are available:


An HTTP, HTTPS, or FTP server using the RPM-MD format for the package data.

Novell provides updates for SUSE Linux exclusively as YUM services. If you configured update during installation, either the official Novell YUM server or one of its mirrors is already present in the list.

If you have skipped the update configuration during installation, run the command suse_register on the command line or call the YaST module Software → Product Registration as user root. A YUM server is automatically added to Software Updater.

To add a YUM service manually, you need to know its URI. See http://en for a list of official Novell YUM mirrors. It is also possible to use This link always redirects to a mirror in your vicinity.You can freely choose a name for the service-it is recommended to use a unique, descriptive name.

ZYPP services are the YaST installation sources added with Software → Installation

Source in YaST. Use the Software Updater or YaST to add installation sources. The source from which you initially installed (DVD or CD-ROM in most cases) is preconfigured. If you change or delete this source, replace it with another valid installation source (ZYPP service), because otherwise you cannot install new software. Terminology The terms YaST installation source, YaST package repository, and ZYPP service are the same name for a source from which you can install software.


With Mount, embed a directory mounted on your machine. This is useful if you are, for example, in a network that regularly mirrors the Novell YUM server and exports its content to the local network. To add the directory, provide the full path to the directory in Service URI. NU NU stands for Novell Update. This service is not available for SUSE Linux. RCE and ZENworks Opencarpet, Red Carpet Enterprise, or ZENworks services are only available if your company or organization has set up these services within your internal network. This may, for example, be the case if your organization is using third-party software for which updates are deployed on a single server.


After SUSE Linux is installed, two services are preconfigured: your installation source (DVD, CD-ROM, or network resource) as a ZYPP service and a SUSE Linux update server as YUM service, which was added during product registration. See Figure 2, "Preconfigured Services" (page 6). Normally there is no need to change these settings. If you do not see a YUM service, open a root shell and execute the command suse_register. A service is added automatically.


Services are able to provide packages for different pieces of software or for different software versions (typically RCE or ZENworks services do so). These are organized in different categories called catalogs. Subscribe or unsubscribe from a catalog by marking or unmarking the check box in front of it. At the moment, the SUSE Linux services (YUM and ZYPP) do not provide different catalogs. Each service only has one catalog. If the Software Updater was configured during installation or with suse_register, it subscribes to the YUM and ZYPP catalogs automatically. If you manually add a service, you must subscribe to its catalogs. Unsubscribing from Catalogs To be able to install packages from a catalog, you need to be subscribed to this catalog. If you unsubscribe, the packages from this catalog are still listed in the update window, but you can not install them.


On the Preferences tab, specify whether Software Updater should be launched at startup or not. As user root, you can also modify the Software Updater settings. As a nonprivileged user, you can only view the settings. Refer to the rug man page for an explanation of the settings.

Top Visited
Past week
Past month


Old News ;-)

[ Sep 20, 2012 ] Attempt to patch a SLES 10 SP3 returns a curl error 60

See also suse_register aborts with curl error 60 while trying to register against SMT server

For many SP3 systems the prerequisite package for installation of SP4 is RPM to upgrade certificates: openssl-certs-0.8.0-0.10.1 For many SP3 systems the prerequisite package for installation of SP4 is RPM to upgrade certificates: openssl-certs-0.8.0-0.10.1. You can download it using the following link:

# rpm -qi openssl-certs-0.8.0-0.10.1
Name        : openssl-certs                Relocations: (not relocatable)
Version     : 0.8.0                             Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany
Release     : 0.10.1                        Build Date: Wed Aug 31 09:36:18 2011
Install Date: Thu Sep 20 11:13:45 2012      Build Host: bax
Group       : Productivity/Networking/Security   Source RPM: openssl-certs-0.8.0-0.10.1.src.rpm
Size        : 207674                           License: BSD 3-Clause; "MPL 1.1/GPL 2.0/LGPL 2.1 ..."
Signature   : DSA/SHA1, Wed Aug 31 09:36:21 2011, Key ID a84edae89c800aca
Packager    :
URL         :
Summary     : CA certificates for OpenSSL
Description :
This package contains some CA root certificates for OpenSSL extracted
from MozillaFirefox
Distribution: SUSE Linux Enterprise 10
---Second External mailserver(RTP): /home/bezroun
You need to install it using the command
rpm -Uvh openssl-certs-0.8.0-0.10.1.noarch.rpm

[May 26, 2010] Never ever play lose with /boot partition.

Here is the recent story connected with the upgrade of the OS (in this case Suse 10) to a new service pack (SP3)

After the upgrade sysadmin discovered that instead of /boot partition mounted there is none but there is a /boot directory directory on the boot partition populated by the update. This is so called "split kernel" situation when one (older) version of kernel boots and then it finds different (more recent) modules in /lib/modules and complains. There reason of this strange behavior of Suse update was convoluted and connected with LVM upgrade it contained after which LVM blocked mounting of /boot partition.

Easy, he thought. Let's boot from DVD, mount boot partition to say /boot2 and copy all files from the /boot directory to the boot partition.

And he did exactly that. To make things "clean" he first wiped the "old" boot partition and then copied the directory.

After rebooting the server he see GRUB prompt; it never goes to the menu. This is a production server and the time slot for the upgrade was 30 min. Investigation that involves now other sysadmins and that took three hours as server needed to be rebooted, backups retrieved to other server from the tape, etc, reveals that /boot directory did not contain a couple of critical files such as /boot/message and /boot/grub/menu.lst. Remember /boot partition was wiped clean.

BTWs /boot/message is an executable and grub stops execution of stpped /boot/grub/menu.lst.when it encounted instruction

gfxmenu (hd0,1)/message

Here is an actual /boot/grub/menu.lst.

# Modified by YaST2. Last modification on Thu May 13 13:43:35 EDT 2010
default 0
timeout 8
gfxmenu (hd0,1)/message
##YaST - activate

###Don't change this comment - YaST2 identifier: Original name: linux###
title SUSE Linux Enterprise Server 10 SP3
root (hd0,1)
kernel /vmlinuz- root=/dev/vg01/root vga=0x317 splash=silent showopts
initrd /initrd-

###Don't change this comment - YaST2 identifier: Original name: failsafe###
title Failsafe -- SUSE Linux Enterprise Server 10 SP3
root (hd0,1)
kernel /vmlinuz- root=/dev/vg01/root vga=0x317 showopts ide=nodma apm=off acpi=off noresume edd=off 3
initrd /initrd-

Luckily there was a backup done before this "fix". Four hours later server was bootable again.

Recommended Links



Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy


War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes


Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law


Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haterís Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D

Copyright © 1996-2021 by Softpanorama Society. was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to to buy a cup of coffee for authors of this site


The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019