As per subject; with the new feature of "Exclusions" - it would be nice to be able to auto-load exclusion files straight from github...

We can happily maintain a single exclusions list i believe, and patches which don't relate to a particular version will just be ignored. Should be easy enough.

Ideally, this should be an option within the code which can be user defined to be either a URL or File Location. The "-e" argument will then append to this ideally. This works out for the best as the user can then set defaults to their choosing (or set it to null entirely), plus override on a per-node basis etc.

Hai, patcher.py isnt working for my anymore.
My problem is the same als #28 , but i have everything in lower case.

./patcher.py -e ./XS62_exclusions.py
Getting host list using: /opt/xensource/bin/xe host-list name-label=grep "^HOSTNAME=" /etc/sysconfig/network | awk -F= '{print$2}' params=uuid --minimal
Detected HOST UUID:
Error: Failed to obtain HOSTUUID from XE CLI

manualy running :
xe host-list name-label=grep "^HOSTNAME=" /etc/sysconfig/network | awk -F= '{print$2}' params=uuid --minimal
gives back nothing.
but running :
xe host-list --minimal gives back the UUID.

changing the line :
get_host_uuid_cmd = str(xecli) + str(' host-list name-label=grep "^HOSTNAME=" /etc/sysconfig/network | awk -F= \'{print$2}\' params=uuid --minimal')

to
get_host_uuid_cmd = str(xecli) + str(' host-list --minimal')

fixed it for me.

Hi,

It seems to me that the variable in the exclusions file (https://github.com/dalgibbard/citrix_xenserver_patcher/blob/master/exclusions/XS65_excludes.py#L2) should be named ´exclusions, and notautoexclusions`.. Else the patcher script won't interpret it correctly.

Tonight i was patching a Xenserver 6.2, and because the previous patch session was manual, the cleanup was not done. Somewhere in the middle of the 16 patch session the space got to 0 MB free, but the displayed log only showed this:

Downloading: XS62ESP1020.zip
Download Size: 115985387 Bytes > Applying: XS62ESP1020
Uncompressing...
Internal Upload...
Completed: 6057cfe5-811d-46f1-82e1-6da737a0a038

Applying Patch 6057cfe5-811d-46f1-82e1-6da737a0a038
Patch failed, code: 1
Command failed: /opt/xensource/bin/xe patch-apply uuid=6057cfe5-811d-46f1-82e1-6da737a0a038 > host-uuid=996b0fb4-c091-47f7-b540-93e99bea0ea4
Failed to apply patch: The patch apply failed. Please see attached output.
output:

Secondary validation check...
Patch apply failed for: XS62ESP1020.xsupdate

In order to prevent this, is it possible to predict the space needed to install a patch before "Applying Patch " got started, or better before download starts?

Tried to use this on a new xenserver 6.2 install. Received errors:

Would you like to install these items? [y/n]: y
Starting patching...
Downloading: XS62E001.zip
Traceback (most recent call last):
File "./patcher.py", line 384, in ?
file_name = str(download_patch(patch_url))
File "./patcher.py", line 96, in download_patch
u = urlopen(url)
File "/usr/lib/python2.4/urllib2.py", line 130, in urlopen
return _opener.open(url, data)
File "/usr/lib/python2.4/urllib2.py", line 364, in open
response = meth(req, response)
File "/usr/lib/python2.4/urllib2.py", line 471, in http_response
response = self.parent.error(
File "/usr/lib/python2.4/urllib2.py", line 402, in error
return self._call_chain(_args)
File "/usr/lib/python2.4/urllib2.py", line 337, in _call_chain
result = func(_args)
File "/usr/lib/python2.4/urllib2.py", line 480, in http_error_default
raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 403: Forbidden: body content-type denied

Performed the wget
performed the chmod
ran the patcher program and got :

Traceback (most recent call last):
File "./patcher.py", line 231, in ?
except (urllib2.HTTPError, urllib2.URLError):
NameError: name 'urllib2' is not defined

Was wondering if this would work with xenserver 6.5?

The script sounds like a good idea. Except - what is it and where is it? I am reasonable computer literate, but could you give the full command to run the script?

If xe-toolstack is dead, finding the UUID (and everything else) will fail.

Add detection of non-available xe client connectivity, and offer to restart xe-toolstack with:

xe-toolstack-restart

I've been testing this patcher and on my xenserver 6.1 pool I can't get the list of available patches, because it fails to get auto-exclusion list from: https://raw.githubusercontent.com/dalgibbard/citrix_xenserver_patcher/master/exclusions/XS61_excludes.py

If I use the option -l -E the result is the same.

I am getting error 404 codes for the XS62ESP1 update. I looked at the url and the one that is provided in the updates.xml file has the URL of
http://downloadns.citrix.com.edgesuite.net/akdlm/8707/XS62ESP1.zip
However the URL is supposed to be:
http://downloadns.citrix.com.edgesuite.net/8707/XS62ESP1.zip

This used to work so I do not know if the URL changed or if the updates.xml file changed. In either case can the updates.xml file be updated.

I am a complete noob, w/Xenserver as well as Linux in general, so apologies in advance for any particularly dense comments I might make. :)

In any case, fresh base install of Xenserver 6.0.2, to an old IBM iDataplex dx340, seemingly fully successful (can connect via XenCenter to it, access console remotely, as well the wget cmds to grab the script work fine, albeit requiring the SSL-related '--no-check-certificate' switch to successfully download, however after running patcher.py, after being apparently successful getting the list of patches, and then downloading them locally, it then errors out like so:

Would you like to install these items? [y/n]: y
Starting patching...
Downloading: XS602E005.zip
Download Size: 113841584 Bytes
113841584 [100.00%]
Applying: XS602E005
Uncompressing...
Internal Upload...
Patch internal upload failed for: XS602E005.xsupdate

You will note the above is referencing patch 5, after the first time it failed in the same way I learned a bit of VI (I know, hah...welcome to Linux ;) so I could edit up an exclusions file to tell it to not do either patch 3 or 4 (I had some thought maybe those patches were already included in a base 6.0.2 install) and although that successfully prevented the script from grabbing those patches...it then promptly failed in the same way when grabbing the next patch 5.

Its prob something dumb I am doing to cause this...if I knew where to look in Xenserver for logs of this, I would do so. Too new at the moment to know where those might be located.

Anyway, just was wondering whether this was definitely tested against 6.0.2, or not.

p.s., I have 2 iDataplex servers and a lot of time on my hands...if you need some grunt work to install/reinstall/test anything just let me know...happy to do it. (earn my keep, so to speak...)

Thanks!
Andy

When the 'name-label' which is displayed in the host-list is for example written in uppercase and the 'hostname' that is derived from /etc/sysconfig/network is written in lower-case then the script is not able to find the UUID. Changing the 'name-label' of the XenServer to lower-case by hand solved the issue. Proposal is to convert the 'name-label' and hostname to lowercase in the script.

I installed all patches already using the command line, but when I run patcher.py it tells me to install patches (6.2 SP1 is the latest I believe).

Is the script checking already installed patches?

I must tell you I only installed SP1, which included all previous patches according to Citrix...

Hi, in a few hosts I get the Error: Failed to obtain HOSTUUID from XE CLI error.

I change the get_host_uuid_cmd setting into:
get_host_uuid_cmd = str(xecli) + str(' host-list name-label=grep "^HOSTNAME=" /etc/sysconfig/network | awk -F= \'{print$2}\' params=uuid --minimal')

and it is working with all the hosts

Is it a good improvement?

Have a nice day,
Ivo

The Version of the script can only contain a single decimal point; eg: 1.4
Setting it higher than this causes an error, as it's interpreted as a float. Need to wrap the version in quotes so it's a string.

Why patcher tries to install "installed" patches?
xe patch-list:

xe patch-list
uuid ( RO): 4fc82e62-b938-407d-a2c6-68c8922f3ec2
  name-label ( RO): XS62ESP1014
name-description ( RO): Public Availability: security fixes to bash
size ( RO): 1851360
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): f4f66d0a-d408-446e-a014-8e793baccb07
  name-label ( RO): XS62ESP1015
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 18577686
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 1e11bede-e41f-402e-879b-1210fa779a68
  name-label ( RO): XS62E007
name-description ( RO): ioemu fixes for Windows 8.1
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 0850b186-4d47-11e3-a720-001b2151a503
  name-label ( RO): XS62ESP1
name-description ( RO): Public Availability: XenServer 6.2 Service Pack 1 (SP1)
size ( RO): 218600009
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 1c952800-c030-481c-a0c1-d1b45aa19fcc
  name-label ( RO): XS62ESP1005
name-description ( RO): Public Availability: fixes to Dom0 kernel
size ( RO): 37787132
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): aeff92a9-2c60-43eb-b34e-14e4132b411c
  name-label ( RO): XS62E005
name-description ( RO): Public Availability: Toolstack fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): 3c291f5f-103f-4c83-af64-353399c3defc
  name-label ( RO): XS62ESP1006
name-description ( RO): Fix to Toolstack
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): d9c753b9-a15b-4a31-897b-97fdae609031
  name-label ( RO): XS62E009
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): ff202d2d-2812-4c6b-b500-2f4701de7bc4
  name-label ( RO): XS62E011
name-description ( RO): Public Availability: Storage and ISCSI fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 5579f1f0-ff83-11e2-b778-0800200c9a66
  name-label ( RO): XS62E004
name-description ( RO): Public Availability: Fixes for Dom0 kernel issues
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): c8b9d332-30e4-4e5e-9a2a-8aaae6dee91a
  name-label ( RO): XS62E015
name-description ( RO): Public Availability: XenTools fixes
size ( RO): 115564441
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): d51db8df-0bde-48e8-93ab-bcc23971f1a9
  name-label ( RO): XS62E017
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 297f2f77-5603-4aaf-9e56-db49512d4592
  name-label ( RO): XS62ESP1002
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 1744985
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 83bca9f6-4ae5-45f9-9426-440216f73797
  name-label ( RO): XS62E010
name-description ( RO): Public Availability: Fix for GPU pass through
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): 


uuid ( RO): a4251789-ce6c-4726-942c-3cddbadcaca6
  name-label ( RO): XS62E012
name-description ( RO): Public Availability: Fixes for Dom0 kernel issues
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 78251ea4-e4e7-4d72-85bd-b22bc137e20b
  name-label ( RO): XS62E014
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 996dd2e7-ad95-49cc-a0be-2c9adc4dfb0b
  name-label ( RO): XS62ESP1004
name-description ( RO): Public Availability: Fixes to Toolstack, Xen and improved interface with Citrix CloudPlatform
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 7d670435-547c-419a-ab7e-296705a752b8
  name-label ( RO): XS62ESP1011
name-description ( RO): Public Availability: Toolstack, vGPU and Xen fixes
size ( RO): 18575598
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): dedcc0dd-d8f3-4f76-90ca-92697c7a44f0
  name-label ( RO): XS62E001
name-description ( RO): Public Availability: Xapi fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): b22d6335-823d-43a6-ba26-28793717125b
  name-label ( RO): XS62ESP1013
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 18576306
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 7d5a3a2f-e163-4f23-b8f7-929961eeeb2e
  name-label ( RO): XS62E008
name-description ( RO): XenTools fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): 53546429-4c4f-4e8a-ac11-b680aadab046
  name-label ( RO): XS62ESP1007
name-description ( RO): Public Availability: Storage Security fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
  name-label ( RO): XS62ESP1008
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 16584550
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): c208dc56-36c2-4e91-b8d7-0246575b1828
  name-label ( RO): XS62ESP1003
name-description ( RO): Public Availability: XenTools fixes
size ( RO): 115563025
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): 8b0518d8-3610-4b7f-8a31-0e02718d2f9f
  name-label ( RO): XS62E013
name-description ( RO): Limited Availability: Toolstack fixes
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartXAPI


uuid ( RO): 59128f15-92cd-4dd9-8fbe-a0115d1b07a2
  name-label ( RO): XS62E002
name-description ( RO): Public Availability: security fixes to Xen
size ( RO): 0
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost


uuid ( RO): a24d94e1-326b-4eaa-8611-548a1b5f8bd5
  name-label ( RO): XS62ESP1009
name-description ( RO): Public Availability: fixes to Dom0 kernel
size ( RO): 37800751
   hosts (SRO): f64355c6-1a19-408e-ac33-e248b66c953d, db6ac00d-2eed-48ce-9474-4e92f2128ff6
after-apply-guidance (SRO): restartHost

./patcher.py -e ./XS62_exclusions.py:

No local Patches are installed.
The following Patches are pending installation:

uuid: 0850b186-4d47-11e3-a720-001b2151a503
 url: http://support.citrix.com/article/CTX139788
 timestamp: 2013-12-16T00:00:00Z
 name_label: XS62ESP1
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/8707/XS62ESP1.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: XenServer 6.2 Service Pack 1 (SP1)

uuid: 297f2f77-5603-4aaf-9e56-db49512d4592
 url: http://support.citrix.com/article/CTX140051
 timestamp: 2014-01-22T00:00:00Z
 name_label: XS62ESP1002
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/8737/XS62ESP1002.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to Xen

uuid: c208dc56-36c2-4e91-b8d7-0246575b1828
 url: http://support.citrix.com/article/CTX140416
 timestamp: 2014-03-26T00:00:00Z
 name_label: XS62ESP1003
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/9031/XS62ESP1003.zip
 after_apply_guidance: restartXAPI
 name_description: Public Availability: XenTools fixes

uuid: 1c952800-c030-481c-a0c1-d1b45aa19fcc
 url: http://support.citrix.com/article/CTX140553
 timestamp: 2014-04-28T00:00:00Z
 name_label: XS62ESP1005
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/9058/XS62ESP1005.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: fixes to Dom0 kernel

uuid: c8b9d332-30e4-4e5e-9a2a-8aaae6dee91a
 url: http://support.citrix.com/article/CTX140808
 timestamp: 2014-05-28T00:00:00Z
 name_label: XS62E015
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/9279/XS62E015.zip
 after_apply_guidance: restartXAPI
 name_description: Public Availability: XenTools fixes

uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
 url: http://support.citrix.com/article/CTX141036
 timestamp: 2014-07-16T00:00:00Z
 name_label: XS62ESP1008
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/9491/XS62ESP1008.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to Xen

uuid: a24d94e1-326b-4eaa-8611-548a1b5f8bd5
 url: http://support.citrix.com/article/CTX141191
 timestamp: 2014-08-27T00:00:00Z
 name_label: XS62ESP1009
 patch_url: http://downloadns.citrix.com.edgesuite.net/9617/XS62ESP1009.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: fixes to Dom0 kernel

uuid: 7d670435-547c-419a-ab7e-296705a752b8
 url: http://support.citrix.com/article/CTX141472
 timestamp: 2014-09-30T00:00:00Z
 name_label: XS62ESP1011
 patch_url: http://downloadns.citrix.com.edgesuite.net/9698/XS62ESP1011.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: Toolstack
 vGPU and Xen fixes

uuid: b22d6335-823d-43a6-ba26-28793717125b
 url: http://support.citrix.com/article/CTX141480
 timestamp: 2014-10-01T00:00:00Z
 name_label: XS62ESP1013
 patch_url: http://downloadns.citrix.com.edgesuite.net/9703/XS62ESP1013.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to Xen

uuid: 4fc82e62-b938-407d-a2c6-68c8922f3ec2
 url: http://support.citrix.com/article/CTX141486
 timestamp: 2014-10-09T00:00:00Z
 name_label: XS62ESP1014
 patch_url: http://downloadns.citrix.com.edgesuite.net/9708/XS62ESP1014.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to bash

uuid: f4f66d0a-d408-446e-a014-8e793baccb07
 url: http://support.citrix.com/article/CTX141717
 timestamp: 2014-12-03T00:00:00Z
 name_label: XS62ESP1015
 patch_url: http://downloadns.citrix.com.edgesuite.net/10128/XS62ESP1015.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to Xen

uuid: a26964cf-a409-46a4-b94c-66bf6083690f
 url: http://support.citrix.com/article/CTX141845
 timestamp: 2014-12-21T00:00:00Z
 name_label: XS62ESP1012
 patch_url: http://downloadns.citrix.com.edgesuite.net/10134/XS62ESP1012.zip
 after_apply_guidance: restartXAPI
 name_description: Public Availability: XenTools fixes

uuid: 55444a02-4d97-4d6d-b076-ddbe8697244b
 url: http://support.citrix.com/article/CTX141779
 timestamp: 2015-01-09T00:00:00Z
 name_label: XS62ESP1016
 patch_url: http://downloadns.citrix.com.edgesuite.net/10174/XS62ESP1016.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: Storage
 Xen and Toolstack fixes

NOTE: Installation of these items will require a reboot!
  You will be prompted to reboot at the end.


Would you like to install these items? [y/n]: n
You didn't want to patch...

I have only two patches to install: XS62ESP1012 and XS62ESP1016 not all of them ;/

Hi,

I'm new to XenServer and this little utility is a beauty.
On XenServer 7 there is a bug though at file_name var construction as the url contains "&noauth=true" at the end.

On line 325:
file_name = url.split('/')[-1]
I've added
file_name = file_name('&')[0] just thereafter but I think a more proper test should be coded.
ex:
if file_name.find('&')
file_name = file_name('&')[0]

Thanks again.
Joseph.

I did a clean install of 6.5.0 and then ran the utility, and it did a great job, but i did notice it installed things in the following order:

SP1
SP1002
SP1004
SP1003
SP1005

I doubt it will be a major problem, as the RPM's should take care of this, but it would probably be best to do a sorted list of patches to allow "normal" dependency rules to work.

Confused as to what is going on here - could you please help me fix this as I would love to use your patcher

[root@xenserver ~]# chmod +x patcher.py
[root@xenserver ~]# ls
patcher.py support.tar.bz2 XS62_exclusions.py
[root@xenserver ~]# ./patcher.py -e ./XS62_exclusions.py
./patcher.py: line 6: syntax error near unexpected token newline' ./patcher.py: line 6:'
[root@xenserver ~]# ./patcher.py -a -r
./patcher.py: line 6: syntax error near unexpected token newline' ./patcher.py: line 6:'

It will be great that if you could add the xe patch-clean command so that we can avoid running out of disk space in the future.

I tried to run the script using the example arguments and it failed. Here is all of my output:

./patcher.py -e ./XS62_exclusions.py

No local Patches are installed.
The following Patches are pending installation:

uuid: 0850b186-4d47-11e3-a720-001b2151a503
url: http://support.citrix.com/article/CTX139788
timestamp: 2013-12-16T00:00:00Z
name_label: XS62ESP1
patch_url: http://downloadns.citrix.com.edgesuite.net/8707/XS62ESP1.zip
after_apply_guidance: restartHost
name_description: Public Availability: XenServer 6.2 Service Pack 1 (SP1)

uuid: 297f2f77-5603-4aaf-9e56-db49512d4592
url: http://support.citrix.com/article/CTX140051
timestamp: 2014-01-22T00:00:00Z
name_label: XS62ESP1002
patch_url: http://downloadns.citrix.com.edgesuite.net/8737/XS62ESP1002.zip
after_apply_guidance: restartHost
name_description: Public Availability: security fixes to Xen

uuid: c208dc56-36c2-4e91-b8d7-0246575b1828
url: http://support.citrix.com/article/CTX140416
timestamp: 2014-03-26T00:00:00Z
name_label: XS62ESP1003
patch_url: http://downloadns.citrix.com.edgesuite.net/9031/XS62ESP1003.zip
after_apply_guidance: restartXAPI
name_description: Public Availability: XenTools fixes

uuid: 1c952800-c030-481c-a0c1-d1b45aa19fcc
url: http://support.citrix.com/article/CTX140553
timestamp: 2014-04-28T00:00:00Z
name_label: XS62ESP1005
patch_url: http://downloadns.citrix.com.edgesuite.net/9058/XS62ESP1005.zip
after_apply_guidance: restartHost
name_description: Public Availability: fixes to Dom0 kernel

uuid: c8b9d332-30e4-4e5e-9a2a-8aaae6dee91a
url: http://support.citrix.com/article/CTX140808
timestamp: 2014-05-28T00:00:00Z
name_label: XS62E015
patch_url: http://downloadns.citrix.com.edgesuite.net/9279/XS62E015.zip
after_apply_guidance: restartXAPI
name_description: Public Availability: XenTools fixes

uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
url: http://support.citrix.com/article/CTX141036
timestamp: 2014-07-16T00:00:00Z
name_label: XS62ESP1008
patch_url: http://downloadns.citrix.com.edgesuite.net/9491/XS62ESP1008.zip
after_apply_guidance: restartHost
name_description: Public Availability: security fixes to Xen

NOTE: Installation of these items will require a reboot!
You will be prompted to reboot at the end.

Would you like to install these items? [y/n]: y
Starting patching...
Downloading: XS62ESP1.zip
Download Size: 311454853 Bytes
311454853 [100.00%]
Applying: XS62ESP1
Uncompressing...
Internal Upload...
Patch internal upload failed for: XS62ESP1.xsupdate

This line (currently line 522 in my code stream):
if inst_patch_list == [] or inst_patch_list == "" or inst_patch_list == ['']:
needs condensing to the null check which actually is needed. This was a dirty fix whilst I wasn't sure.

Examples requiring adding to code:

• "-a|--auto" - Apply patches automatically (Reboot not automatic though- see below)
• "-r|--reboot" - Automatically Reboot if/when required post-patching.
• "-q|--quiet" - Remove Verbose Output.
• "-l|--list" - List required Patches which are yet to be applied.

Therefore, someone running the following could patch a host hands-free:

./patcher.py -a -r

Or, Someone wanting to be notified of newly available, not yet applied patches could put this into Cron:

# Notify at 8am each day of pending patches.
0 8 * * * /path/to/patcher.py -l

Hi,
Script not download the latest patch for XS65SP1
Hotfix XS65ESP1016 - For XenServer 6.5.0 Service Pack 1 - https://support.citrix.com/article/CTX202619.

hi,

now we have the problem, that citrix built an authentication part, before you can download the files. is it possible to handle this? we can use our own credentials, maybe saved in a file or with parameters, or maybe you can create a user + pw for all and hard code it into the script?

Today i got this output:

Detected XenServer Version: 6.5.0

The following Patches are pending installation:

uuid: a2884e0b-ce29-4b9a-8ff5-419a867ee9d2
url: https://support.citrix.com/article/CTX219499
timestamp: 2016-12-21T00:00:00Z
name_label: XS65ESP1046
patch_url: https://support.citrix.com/supportkc/filedownload?uri=/filedownload/CTX219499/XS65ESP1046.zip
after_apply_guidance: restartHost
name_description: Public Availability: Security fixes to Xen

Downloading: XS65ESP1046.zip
Download Size: 6162 Bytes
Applying: XS65ESP1046
Uncompressing...
Error extracting compressed patchfile: XS65ESP1046.zip
Failed to locate unzipped patchfile: XS65ESP1046.xsupdate

Hai,
im trying to update my server and patcher wont work.

this is the console output:

./patcher.py -e ./XS62_exclusions.py
The following Patches are pending installation:

uuid: 78251ea4-e4e7-4d72-85bd-b22bc137e20b
url: http://support.citrix.com/article/CTX140052
timestamp: 2014-01-22T00:00:00Z
name_label: XS62E014
patch_url: http://downloadns.citrix.com.edgesuite.net/8736/XS62E014.zip
after_apply_guidance: restartHost
name_description: Public Availability: security fixes to Xen

uuid: 297f2f77-5603-4aaf-9e56-db49512d4592
url: http://support.citrix.com/article/CTX140051
timestamp: 2014-01-22T00:00:00Z
name_label: XS62ESP1002
patch_url: http://downloadns.citrix.com.edgesuite.net/8737/XS62ESP1002.zip
after_apply_guidance: restartHost
name_description: Public Availability: security fixes to Xen

NOTE: Installation of these items will require a reboot!
You will be prompted to reboot at the end.

Would you like to install these items? [y/n]: y
Starting patching...
Downloading: XS62E014.zip
Download Size: 9042981 Bytes Applying: XS62E0140%]
Uncompressing...
Internal Upload...
The uploaded patch file already exists
uuid: 78251ea4-e4e7-4d72-85bd-b22bc137e20b
Applying Patch...
The uploaded patch file is invalid. See attached log for more details.
log: error parsing patch precheck xml: expected one of these character sequence: "required", found "error" line 4
Patch apply failed for: XS62E014.xsupdate

Hi,

To start, thanks for this utility, it has helped enourmously for my Xen environment.

I am now running patcher.py on an HP DL360 with Xen 6.2 with one VM only. I've tried with the VM powered up and down but no difference. Responding yes or no to auto-unmount gives the same answer, i.e. it seems to be forcing unmount even if told not to. I have yet to examine python code.

Example output with Y for yes to auto-umount

CD images are currently mounted to one or more VMs.
These must be unmounted before starting the patching process.

Would you like to auto-umount these now? [y/n]: y

Unmounting CD Images from VMs

An error occured when attempting to unmount the CD Images.
Error is: Operation could not be performed because the drive is empty
vbd: 4986acf4-2830-8e6d-973f-f6387c2c08e7

Please manually unmount, and run the patcher again.

Example output with N for no to auto-umount

CD images are currently mounted to one or more VMs.
These must be unmounted before starting the patching process.

Would you like to auto-umount these now? [y/n]: n

Unmounting CD Images from VMs

An error occured when attempting to unmount the CD Images.
Error is: Operation could not be performed because the drive is empty
vbd: 4986acf4-2830-8e6d-973f-f6387c2c08e7

Please manually unmount, and run the patcher again.

mount shows as:
mount
/dev/cciss/c0d0p1 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
none on /dev/pts type devpts (rw)
none on /dev/shm type tmpfs (rw)
/opt/xensource/packages/iso/XenCenter.iso on /var/xen/xc-install type iso9660 (ro,loop=/dev/loop0)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

umount /var/xen/xc-install does umount the only .iso listed above

xe vbd-list
uuid ( RO) : 4986acf4-2830-8e6d-973f-f6387c2c08e7
vm-uuid ( RO): 572656b5-3e05-e864-1f25-c34ed0a06b58
vm-name-label ( RO): MyServerName
vdi-uuid ( RO):
empty ( RO): true
device ( RO): hdd
Appears to show that the vbd is not available.

I suspect it may be a raid rebuild in progress rather than a removable drive issue and I'll check it again in a few hours to see if the drive becomes available.

The purpose of the post is to check if there is anything in the patcher.py that needs to be reviewed to address the Y / N umount getting the same response. I would have expected N to just move on.

Thanks again.

Tony

Uploaded patch was missing host information, so the verification failed:

uuid ( RO)                    : 0850b186-4d47-11e3-a720-001b2151a503
              name-label ( RO): XS62ESP1
        name-description ( RO): Public Availability: XenServer 6.2 Service Pack 1 (SP1)
                    size ( RO): 218600009
                   hosts (SRO): 
    after-apply-guidance (SRO): restartHost

Tested on XenServer 6.2 build 70446c. Worked around by disabling host parameter in query.

Detected XenServer Version: 6.0.2

Failed to locate Auto Exclusions file: XS602_excludes.py
Checking for presence of Parent version file: XS60_excludes.py ...

Failed to read Auto-Exclusion List from: https://raw.githubusercontent.com/dalgibbard/citrix_xenserver_patcher/master/exclusions/XS60_excludes.py
Check the URL is available, and connectivity is OK.

Error: HTTP Error 404: Not Found

NOTE: To proceed without downloading the Auto-Excludes file (not recommended), pass the "-E" flag.

• Files are downloaded from Citrix in .zip format. These are decompressed, and the .zip version deleted.
• After patching, the non-compressed patch files still remain...
• A flag for --no-delete or -d or something should be made available for stopping this deletion process.

Current print output:

Would you like to install these items? [y/n]: y
Starting patching...
CD images are currently mounted to one or more VMs.
These must be unmounted before starting the patching process.

Would you like to auto-umount these now? [y/n]: y

Unmounting CD Images from VMs
Downloading: XS62ESP1008.zip
Download Size: 35501014 Bytes
   35501014  [100.00%]

'Starting patching...' should appear post-CD unmount, and line returns need cleaning up.

Hello there - new at this entirely - sure this is a Johnny newboy question - just trying to find best way around 6.2 model for Citrix Licensing. This looks good but I fell at first hurdle. I got a security failure when i ran wget -O patcher.py https://raw.github.com/dalgibbard/citrix_xenserver_patcher/master/patcher.py
I have detailed the message below - anyone tell me the best way to get around this.
Also does anyone sell a commercial GUI product that does this (other than Citrix's core based model)?

Thanks
K

MESSAGE

ERROR: certificate common name www.github.com' doesn't match requested host nameraw.github.com'.

To connect to raw.github.com insecurely, use `--no-check-certificate'.
-bash: www.github.com doesnt: command not found

Need to re-evaluate how Patches to be applied are sorted, as at current it is possible that patches released to the public later than others could still be applied first; based on patch naming convention (and the fact that Citrix haven't maintained it...)

Downloading: XS65E010.zip
Download Size: 14336386 Bytes
14336386 [100.00%]
Applying: XS65E010
Uncompressing...
Internal Upload...
XE Error detected: The uploaded patch file already exists
uuid: 1a559b8c-6d84-4a5f-b2d6-c8a2eafa2fc6

Return code is: 1
Patch previously uploaded, attempting to reapply 1a559b8c-6d84-4a5f-b2d6-c8a2eafa2fc6
Applying Patch 1a559b8c-6d84-4a5f-b2d6-c8a2eafa2fc6
Patch failed, code: 1
Command failed: /opt/xensource/bin/xe patch-apply uuid=1a559b8c-6d84-4a5f-b2d6-c8a2eafa2fc6 host-uuid=9304e60b-cc9b-4720-97c3-70f48e97c4cd
Failed to apply patch: The patch precheck stage failed: the server is of an incorrect version.
patch: 1a559b8c-6d84-4a5f-b2d6-c8a2eafa2fc6 (XS65E010)
found_version: XS65ESP1 - Public Availability: XenServer 6.5 Service Pack 1 (SP1)
required_version: 6.5

Secondary validation check...
Patch apply failed for: XS65E010.xsupdate

Running patcher.py on a new XenServer 6.2 install ended up with the following error msg with no real details as to why it failed:

Starting patching...
Downloading: XS62ESP1.zip
Download Size: 311454853 Bytes
  311454853  [100.00%]
Applying: XS62ESP1
Uncompressing...
Internal Upload...
Patch internal upload failed for: XS62ESP1.xsupdate

I had to try to install the patch manually using:

xe patch-apply host-uuid=a1abb0a20-xxxx-xxxx-9d0b-4c8b15212392 uuid=0850b186-4d47-11e3-a720-001b2151a503
The patch precheck stage failed with an unknown error.  See attached info for more details.
patch: 0850b186-4d47-11e3-a720-001b2151a503 (XS62ESP1)
info: XenServer Tools ISO must be ejected from all running VMs.

Problem was fairly easily to resolve by doing a :

xe vm-cd-eject --multiple

Maybe part of the patch process should be to eject the CDs first from all vms?

A try aply the patches, but i receive this error:

Starting patching...

Downloading: XS65ESP1010.zip
...ERR: Failed to Download Patch!
Error: HTTP Error 401: Unauthorized

Here the URL that the script uses to make the dowload:
http://support.citrix.com/filedownload/CTX201974/XS65ESP1010.zip

I used this script today to install

XS62ESP1011
XS62ESP1013
XS62ESP1014

The patches were applied to the dom0 host and it claimed that it did a patch-pool apply while running it, but after rebooting the dom0 host it was apparent from the XenCenter console that the patches were not applied to any host other than the dom0 machine.

Actually, I don't know how the script could do the patch-pool-apply when it doesn't know the root password and there is no prompt to provide it. This is a required parameter when doing it manually like the following..

xe -s xs6hostname.com -u root -pw %%%%%%% patch-pool-apply uuid=4fc82e62-b938-407d-a2c6-68c8922f3ec2

I had to re-run the patch pool applications for each patch and reboot the 2nd host in the cluster and then the cluster was happy.

If you can figure out how to do the patch-pool-apply and then reboot all the hosts that were affected by it then you've got something great here.

While I'm at it, it would be good to detect any running VMs in the cluster and prompt the user to shut them all down before rebooting all hosts.

The current code is heavily functional, and fairly mixed around - It can be quite hard for someone to follow; particularly those new to python etc.

Provide better annotation on the code to encourage others to read into the code.

Consider requirements to notify user if VMs are running on the host - most notably before rebooting.

[root@x ~]# ./patcher.py -l
Error: Failed to obtain HOSTUUID from XE CLI

This may be related to having more than one IP on the host.

If I run the command that's failing I get:
[root@x ~]# xe host-list address=ip addr show | awk /"scope global"/\'{print$2}\' | awk -F/ \'{print$1}\' | head -n1 params=uuid --minimal
awk: awk: '{print}'
/scope global/'{print}'awk:
^ invalid char ''' in expressionawk:
^ invalid char ''' in expression

List of IPs:
[root@x ~]# ip addr show | awk /"scope global"/{print$2}
inet 10.47.77.78/24 brd 10.47.77.255 scope global xenbr1
inet 10.47.47.22/24 brd 10.47.47.255 scope global xenbr0
inet 10.253.1.161/24 brd 10.253.1.255 scope global xapi0

If I clean up the line I get:
[root@x ~]# xe host-list address=ip addr show | awk /"scope global"/{print$2} | awk -F/ {print$1} | head -n1 params=uuid --minimal
[root@x ~]#

Not all IPs will give a UUID:
[root@xstest1005 ~]# xe host-list address=10.47.47.22 params=uuid --minimala091610e-e4f3-4935-93cb-1c2382f40707
[root@xstest1005 ~]# xe host-list address=10.47.77.78 params=uuid --minimal

So should we change how UUID is found, or add an optional parameter to set UUID?

Script shouldn't really throw a traceback when a user presses Ctrl+C !

Hello,

Have downloaded the latest version of patcher.py

However, when it goes to download them, it appends &noAuth=true to the end of the file time.

Downloading: XS65ESP1042.zip&noAuth=true
Download Size: 21226813 Bytes
21226813 [100.00%]
Applying: XS65ESP1042
Uncompressing...
Error extracting compressed patchfile: XS65ESP1042.zip&noAuth=true
Failed to locate unzipped patchfile: XS65ESP1042.xsupdate

In the "updates available list"

The following Patches are pending installation:

uuid: c4c18230-eb09-4cba-aefb-b232e5e23564
url: https://support.citrix.com/article/CTX218898
timestamp: 2016-11-22T00:00:00Z
name_label: XS65ESP1042
patch_url: https://support.citrix.com/supportkc/filedownload?uri=/filedownload/CTX218898/XS65ESP1042.zip&noAuth=true
after_apply_guidance: restartHost
name_description: Public Availability: Security fixes to Xen

Can you advise how this would be resolved?

Thanks in advance.

Hi

When a patch had already been downloaded I get this:

# ./patcher.py 
Getting host list using: /opt/xensource/bin/xe host-list name-label=`grep "^HOSTNAME=" /etc/sysconfig/network | awk -F= '{print$2}'` params=uuid --minimal
Detected HOST UUID: a091610e-e4f3-4935-93cb-1c2382f40707
Get patch list using: /opt/xensource/bin/xe patch-list hosts="a091610e-e4f3-4935-93cb-1c2382f40707" --minimal
The following Patches are pending installation:

uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
 url: http://support.citrix.com/article/CTX141036
 timestamp: 2014-07-16T00:00:00Z
 name_label: XS62ESP1008
 patch_url: http://downloadns.citrix.com.edgesuite.net/akdlm/9491/XS62ESP1008.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: security fixes to Xen

uuid: a24d94e1-326b-4eaa-8611-548a1b5f8bd5
 url: http://support.citrix.com/article/CTX141191
 timestamp: 2014-08-27T00:00:00Z
 name_label: XS62ESP1009
 patch_url: http://downloadns.citrix.com.edgesuite.net/9617/XS62ESP1009.zip
 after_apply_guidance: restartHost
 name_description: Public Availability: fixes to Dom0 kernel

NOTE: Installation of these items will require a reboot!
      You will be prompted to reboot at the end.


Would you like to install these items? [y/n]: y
Starting patching...
CD images are currently mounted to one or more VMs.
These must be unmounted before starting the patching process.

Would you like to auto-umount these now? [y/n]: y

Unmounting CD Images from VMs
Downloading: XS62ESP1008.zip
Download Size: 35501014 Bytes
   35501014  [100.00%]
Applying: XS62ESP1008
Uncompressing...
Internal Upload...
XE Error detected: The uploaded patch file already exists
uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47

Return code is: 1
Patch previously uploaded, attempting to reapply 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
Applying Patch uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47
Patch failed, code: 1
Command failed: /opt/xensource/bin/xe patch-apply uuid=uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47 host-uuid=a091610e-e4f3-4935-93cb-1c2382f40707
Failed to apply patch: The uuid you supplied was invalid.
type: pool_patch
uuid: uuid:

Secondary check...
Patch apply failed for: XS62ESP1008.xsupdate

As you can see the line /opt/xensource/bin/xe patch-apply uuid=uuid: 59a75271-12f9-4e6a-8ba2-325c2f5b0b47 host-uuid=a091610e-e4f3-4935-93cb-1c2382f40707 has an "uuid: " too much. Works fine if run with that part removed.

Hi,
It's possible to add script a option -> download only a patch without patching?

Example output which requires cleaning up:

Downloading: XS61E028.zip
Downloading: XS61E028.zip Bytes: 3661595
 Applying: XS61E0280%]
Uncompressing...
Internal Upload...
Applying Patch...
Downloading: XS61E029.zip
Downloading: XS61E029.zip Bytes: 115573681
  107405312  [92.93%]

• Remove duplicated "Downloading <Patch_File>
• Cleanup Overlaid download progress/"Applying:" text.

Running on a test XS7 host:

HOSTUUID: 2689cea4-66f0-4e87-9ccd-c02406945143
Installed Patches: ['561b0a27-f37e-4a91-9823-56c8597f8161']
Trying to establish which 'null' is correct. If you see an 'X MATCHED' message, please notify me on Github via an Issue!

Failed to read Auto-Exclusion List from: https://raw.githubusercontent.com/dalgibbard/citrix_xenserver_patcher/master/exclusions/XS70_excludes.py
Check the URL is available, and connectivity is OK.

Error: HTTP Error 404: Not Found

Hi,
I use your script for install patches for XS 6.x and it's work great, but I don't know why it download
Starting patching...

Downloading: XS65E013.zip
Download Size: 14336251 Bytes Applying: XS65E0130%]
Uncompressing...
Internal Upload...
XE Error detected: The uploaded patch file already exists
uuid: e30c4671-54bb-4272-8ff8-a1276b705da2

Other question is, why it doesn't download patches XS61SP1005 and 1008, I see it on citrix updates site.

Hi,

When I install patches I have that issue:

Traceback (most recent call last):
File "./patcher.py", line 894, in ?
file_name = str(download_patch(patch_url))
File "./patcher.py", line 286, in download_patch
file_size = int(meta.getheaders("Content-Length")[0])
IndexError: list index out of range

I must again run a script to install a patches.

The hostname on my machine seems to be invalid and the patcher could not get the hosts uuid, because the call to hostname -f failes.

"get_host_uuid_cmd = str(xecli) + str(" host-list hostname=`hostname -f` params=uuid --minimal")

[root@myhost patcher]# ./patcher.py
hostname: Unknown host
Error: Failed to obtain HOSTUUID from XE CLI

[root@myhost patcher]# hostname -f
hostname: Unknown host

Could not reboot the server machine right now, so i don't know if setting the hostname with "xe host-set-hostname-live uuid= host-name=example" will resolve that issue. I'll inform you later about this.