Solution IDsk91060
ProductSecurity Gateway, Security Management, Cluster - 3rd party, VSX
VersionR70, R70.1, R70.20, R70.30, R70.40, R70.50, R71, R71.10, R71.20, R71.30, R71.40, R71.45, R71.50, R75, R75.10, R75.20, R75.30, R75.40, R75.40VS, R75.45, R75.46, R75.47, R76, R77, R77.10, R77.20, R77.30
OSSecurePlatform 2.6, Gaia

Platform / Model

2000, 4000, 12000, 12000 VSX, 13000, 21000, 21000 VSX, Intel/PC, Power-1, UTM-1, VSX-1, Smart-1

CP升级后,不管是通过web UI,还是命令行升级的,其下载的补丁包是不会自动删除的,为了避免硬盘空间不足,所以需要手工删除这些不用的补丁包。

使用check point 提供的专用脚本即可。

Solution


A new script was developed in order to remove all old packages and files from the upgraded machine (R70 GA and above).

Important Notes:

The script can be used only on SecurePlatform OS and on Gaia OS running Check Point R70 and higher versions.

On Linux OS and on Solaris OS, the users should use the official "Uninstall" procedure documented in the relevant R7x Installation and Upgrade Guide (R70, R70.20, R70.30, R71, R75, R75.20, R75.40, R75.40VS, R76, R77 Gaia, R77 Non-Gaia).

On Windows OS, there is no automated way to remove old files from the previous installations. Users can only uninstall old SmartConsole packages. Manual deletion (or uninstalling) of previous versions' folders should not be performed.

For Provider-1 / Multi-Domain Management Server, refer to sk65330 - Removing old installations on Provider-1 / Multi-Domain Management Server.

 

Follow these steps to remove all old packages and files:

Download the TAR file with the shell script - RemoveOldVersion.tar.

Transfer the RemoveOldVersion.tar file to the relevant machine (for example, /var/log/ directory).

Connect to the command line on the machine.

Log in to Expert mode.

Extract the shell script:

[Expert@HostName]# cd /var/log/
[Expert@HostName]# tar xvf RemoveOldVersion.tar

Assign the execute permissions to the script:

[Expert@HostName]# chmod u+x /var/log/RemoveOldVersion.sh

Execute the script:

[Expert@HostName]# ./RemoveOldVersion.sh

The script performs the following operations:



/opt/<package>

/var/opt/<package>

/var/OPT/<package>

/opt/CPshrd-*

/var/log/CPsuite-*

CPrt (Eventia products)

CPinfo (CPinfo utility)

CPuepm (Endpoint Security Server)

CPda (Deployment Agent)

CPSmartLog (SmartLog)

CPmds (Multi-Domain Security Management Server)

Creates a detailed log file:
/var/log/RemoveOldVersion.elg

Uninstalls all old RPM packages, except these:

Deletes all directories and files that were installed by old RPM packages (except those mentioned above):

Restores '/sysimg' location (if created directory/symlink) after installation.

Restores links for old FW-1 log folders that exist in '/var/log'.

Once the script completes its job, the user will get the prompt back.

To verify that the script has finished successfully, run the following commands:

[Expert@HostName]# rpm -qa | grep CP
[Expert@HostName]# ls -l /opt/CP*
[Expert@HostName]# ls -l /var/opt/CP*
[Expert@HostName]# ls -l /var/log/CPsuite-*

Notes:

  • The outputs should show only the latest version (to which the system was upgraded).

  • These directories are not deleted:


  1.  CPrt (Eventia products)

  2. CPinfo (CPinfo utility)

  3. CPuepm (Endpoint Security Server)

  4. CPda (CPUSE Deployment Agent)

  5. CPSmartLog (SmartLog)

  6. CPmds (Multi-Domain Security Management Server)


脚本见附件: