SAM(1) SAM Documentation SAM(1)NAME
SAM - Supportability Analysis Module
SYNOPSISsam [options...] [root_dir]
DESCRIPTION
A tool to check status of installed packages and products for
supportability. Generates a report to sam.report. More detailed
information is written to sam.log file. Summarized report of per-
package supportability status is written to sam.html file.
OPTIONS
General options
If root_path is specified, it will be used as the path to the root of
the installation to verify. This means: RPM database, zypper config,
repositories. External commands and temporary directory are not
affected.
Note: if not run under root, additional --noscripts option is passed to
"rpm" to skip running verification scripts, because it involves chroot
and sam would not be able to proceed.
Note: root of the checked filesystem must be writable, this is required
by RPM.
-o dir | --outdir dir
output directory for log and report files, default is the current
directory
-t dir | --tmpdir dir
write temporary files to tmpdir
The environment variable "TMPDIR" is evaluated first. If it is not
set, the built-in default /tmp is used. Last command line value of
-t is used.
-r dir | --refdata dir
specify directory with reference data, default is
/usr/share/suse-sam
--sysarch arch
specify system architecture of the checked system
By default, the architecture of baseproduct is taken. All installed
products must have compatible architectures, according to list
given in /usr/lib/rpm/rpmrc.
-h | --help
print this help message
--man
print help as a man page
-d | --debug
increase debug level (development only)
Check options
Options to switch off or on various performed checks. Note, that for
full supportability status you should not specify options which switch
checks off! In usage scenarios where execution time matters AND eg.
origin of packages is verified beforehand, some of these options come
handy.
--no-header-sig-check
skip checking GPG signature of package headers
If specified, package vendors are classified by vendor string in
rpm header, which may be inaccurate.
--no-rpm-verify
skip verifying installed files against the RPM database
All packaged files are checked for integrity against RPM database.
Changes to owner, group and modification time are not considered
significant for supportability and do not show up in reports.
--no-rpm-verify-md5
do not check MD5 when running "rpm --verify"
This option speeds up runtime by 70% at the cost of low accuracy of
found results and your system may not be in supportable state.
--orphan-search
search for orphaned files (not part of any package)
Traverse root partition and match against list of files from RPM
database. Does not enter directories like /proc, /home, /tmp,
/root, /man/whatis*
--skip-unmatched-prod
skip repositories for not installed products (not skipped by
default)
Match only repositories whose "distribution" field matches at least
one installed SUSE/Novell product and repository servicepack level
is not greater than product level.
--strict-repo-description
skip repositories with unfilled required description fields
(default)
Repository description is expected to contain these fields: name,
label, distribution. If one of them is empty, the repository is
skipped. You can override this behaviour by
--no-strict-repo-description.
Configuration settings
--dir type=path
set configuration directory type to path, where type is one of:
solv - directory with repository solv files
keys - directory with GPG keys, files matching *.asc or *.key are
considered
repos - directory with *.repo files
Solvfiles and metadata directories further expect directories named
after repositories (the repository id) in which solv and repository
metadata are found. For example see structure of zypp in
/etc/zypp/repos.d and /var/cache/zypp. This option is useful when
sam is run on an image where no zypper has been run yet and solv
files do not exist yet. Then, you specify external directories
instead.
Output
Options which affect amount or level of detail of printed information.
--pkg-summary
print per-package problem summary to screen as well (always printed
to sam.log)
--spreport
print report of service pack coverage (always printed to sam.log)
Example:
Product SP Exclusive / % Shared / % Total / %
-----------------------------------------------------------------------
SUSE_SLED 11 GA 1 0.2% 424 64.6% 425 64.79%
SUSE_SLED 11 SP1 166 25.3% 424 64.6% 590 89.94%
SUSE_SLES 11 GA 1 0.2% 478 72.9% 479 73.02%
SUSE_SLES 11 SP1 177 27.0% 479 73.0% 656 100.00%
other 0 0.00%
Installed system is recognized as covered by SLES 11 SP1. Category
'other' contains all packages which are not found in reference
repositories. Coverage below 100% does not directly mean the system
is unsupported, logfiles need to be consulted.
--no-log-timestamp
do not write log/report/html to timestamped file names, by default
files are named like sam-20090323-15:09.log etc.
--log-commands
log executed commands and output in logfile
-v | --verbose
generally log even more messages, can be specified multiple times
to increase verbosity
Experimental options
Options not yet stable for general use. May change in the future.
--exp name
switch option 'name' on:
schema-zypper - select zypper as default repo setup schema
schema-studio - select studio schema; needs additional --dir
arguments for metadata directories
schema-none - use just repos from reference directory, no local
will be found; do not expect zypper repo, do not require --dir ...
FILES AND DIRECTORIES
sam.report
Supportability report containing product summary, repository list
and final summary with recommendations.
Exact copy of what is printed on screen.
sam.log
Log of events during sam execution. As individual checks go,
results are printed with various details which are not suitable for
quick overview, but are useful to find exact reason why package is
unsupported.
sam.html
List of packages divided into sections: SUSE/Novell packages
without any problems (supported), our packages with some problems
with descriptions (unsupported), the rest are non-SUSE/Novell
packages (unsupported by definition).
sam.xml
Log file enhanced with tags.
/usr/share/sam-data
Directory with package reference data of latest released media, and
signature keys.
CHECKS
Performed checks in detail.
find products
Look into /etc/products.d directory for installed products. Third
party products are skipped and if no SUSE/Novell product is found,
sam exits with error. At least one SUSE/Novell package must be
installed.
find repositories
Search for all local repositories, filter only relevant for later
use.
check package signatures
Verify package header signatures stored in RPM database and
identify SUSE/Novell and non-SUSE/Novell packages. Use signature
keys from reference data.
unsupportable: non-SUSE/Novell
packages
check package dependencies I
Check SUSE/Novell packages for broken dependencies.
unsupportable: SUSE/Novell packages with unsatisfied dependencies
proposed fix: reinstall the missing packages
check package dependencies II
Look for SUSE/Novell packages which depend on non-SUSE/Novell
packages.
proposed fix: check package origin and vendors, and look for
corresponding packages in SUSE/Novell repositories
find packages with an update available
Scan all available repository metadata for newer versions.
Repository is considered up-to-date if it's not older than 7 days.
Reference repositories ensure minimal product versions.
unsupportable: SUSE/Novell packages with newer version available
proposed fix: refresh repositories and update
verify package files by rpm
Run rpm --verify on SUSE/Novell packages and find changes mainly in
MD5 checksums, file types and if all packaged files are present.
Configuration files are not taken into account for obvious reasons.
However, it is possible that the check gives some false positives.
Clarify supportability status with your support contact if not
sure.
Note: when a package is installed with --excludepath option, the
excluded files should not be included during "rpm --verify" checks,
however rpm does not behave like this. Sam only verifies files from
the "rpm -ql" list. In other cases, false positives may be
reported.
EXAMPLES
"sam"
basic run, on-screen report summary, all checks performed, output
to sam-TIMESTAMP.log .html/.report/.xml files
"sam -o ~/sam-logs"
the report files are created inside the ~/sam-logs directory
"sam --no-rpm-verify-md5"
quick run
"sam -o ~/sam-logs --sysarch x86_64 /mnt/product-image"
check mounted image of some product, explicitly saying it's
architecture (eg. if running sam from i386 or ia64)
"sam -o ~/sam-logs --sysarch x86_64 --refdata ~/sam-prod-metadata
/mnt/product-image"
like above but supply your reference metadata, which are related to
the product-image
"sam --sysarch x86_64 --spreport"
print service pack report on screen too
COPYRIGHT
2009, 2010 SuSE Linux AG, Nuernberg, Germany.
0.8.4 2012-05-29 SAM(1)
