Changes to "23-FEB-2011: Solaris package management is broken" between r0 and r4

Changes to 23-FEB-2011: Solaris package management is broken between r0 and r4

'''It's simple, you see -- just remove all the patches you have ever applied before installing any new packages. Duh!'''

~~More failure on the Solaris front.~~ --> More failure on the Solaris front.  Package management on Solaris (10 and older) systems is completely broken.  If you have have to install a vendor package after the system has been installed you must first back-out all patches.
(blank line)
''What ?  That can't be right... I install packages all the time without backing out all my patches.  You're crazy!''
(blank line)
Sure, you CAN install packages without backing out all the patches but it's not a good idea.  The central issues here are that:
   1. A single Solaris patch provides updates for multiple packages; and
   2. Solaris patches are sparse
(blank line)
So when you patch a system, all the packages that are installed get patched and the bits for packages that are not installed get ignored.  Thus, if you later install package that was patched by a patch you have already installed, you cannot then re-apply the patch (because you already have it, and you may even have a newer patch that overlaps some of the packages so you cannot simply re-install the patch as you may end up downgrading things that have been patched).
(blank line)
''What ?''
(blank line)
Let's work from a recent example.  I got a request to install TFTP on 2 existing servers.  These servers are running Solaris 10 Update 5.  They have, of course, had all relevant patches applied to them.  They did not have the `SUNWtftp` package installed.  That made me sad.  But I endeavored to persevere and decided to install the `SUNWtftp` package despite not being able to take the systems down for several hours to patch them.  So I installed the `SUNWtftp` package from Solaris 10 Update 5 from the original installation media.  I ended up with the package `SUNWtftp` version `11.10.0,REV=2005.01.21.15.53` installed.
(blank line)
Good to go.
(blank line)
Well, not quite.  I tried to actually USE the tftp service and it ended up failing with:
Feb 23 22:42:27 nx tftpd[14237]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:32 nx tftpd[14278]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:37 nx tftpd[14317]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:42 nx tftpd[14388]: [ID 659407 daemon.error] socket (main): Permission denied
Feb 23 22:42:47 nx tftpd[14458]: [ID 659407 daemon.error] socket (main): Permission denied
(blank line)
Well...  That sucks.  I do some research and find out that this is a bug in older tftp daemons with newer kernels.  Well, I did just install some old software.  Maybe I just need to patch it up.
(blank line)
Let's see, according to the documentation I will need the patches:
   1. `142909-17` (obsoletes `140169-01`, which obsoletes `123332-02`, which obsoletes `123332-01`)
(blank line)
That should be easy enough!  Just one patch.  Let's get to it.
(blank line)
# scp user@jumpstart:/jumpstart/Patches/142909-17.zip /var/tmp
# cd /var/tmp
# unzip 142909-17.zip
# patchadd 142909-17
...
(blank line)
''This story is still in progress, I need to gather more details before I can complete it.''

Legend

     Only in r0
     Only in r4
     -->      Modified slightly between r0 and r4