The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Removing old Check Point packages and files after an upgrade on Security Gateway / Security Management Server
Technical Level
Solution ID
sk91060
Technical Level
Product
Quantum Security Management, Cluster - 3rd party, VSX, Quantum Appliances, Quantum Security Gateways
Version
R75, R75.10, R75.20, R75.30, R75.40, R75.40VS, R75.45, R75.46, R75.47, R76, R77, R77.10, R77.20, R77.30
OS
SecurePlatform 2.6, Gaia
Platform / Model
2000, 3000, 4000, 5000, 12000, 13000, 15000, 21000, 23000, Power-1, UTM-1, VSX-1, Intel/PC
Date Created
08-Jan-2013
Last Modified
09-Jul-2020
Solution
Note: This issue does not apply to R80.xx. When you upgrade to R80.xx, the new version is installed on a new partition. As a result, there are no leftover hotfixes.
Background:
After an upgrade, the packages of the old version are not deleted automatically.
For example, when upgrading from R71 to R75, the old R71 packages and files remain in the system. This could lead to a disk space issue, especially after several upgrades.
A new shell script was developed in order to remove all old packages and files from the upgraded machine (R70 GA and higher).
Important Notes:
The script can be used only
The script can be used only
On Linux OS and on Solaris OS, the users should use the official "Uninstall" procedure documented in the relevant R7x Installation and Upgrade Guide (R70 , R70.20 , R70.30 , R71 , R75 , R75.20 , R75.40 , R75.40VS , R76 , R77 Gaia , R77 Non-Gaia ).
On Windows OS, there is no automated way to remove old files from the previous installations. Users can only uninstall old SmartConsole packages. Manual deletion (or uninstalling) of previous versions' folders should not
For Provider-1 / Multi-Domain Management Server , refer to sk65330 - Removing old installations on Provider-1 / Multi-Domain Management Server running on SecurePlatform / Linux / Solaris OS .
Follow these steps to remove all old packages and files:
Download the TAR file with the shell script - RemoveOldVersion.tar
Transfer the RemoveOldVersion.tar file to the relevant machine (for example, /var/log/ directory).
Connect to the command line on the machine.
Log in to Expert mode.
Extract the shell script:
[Expert@HostName]# cd /var/log/ [Expert@HostName]# tar xvf RemoveOldVersion.tar
Assign the execute permissions to the script:
[Expert@HostName]# chmod u+x /var/log/RemoveOldVersion.sh
Execute the script:
[Expert@HostName]# ./RemoveOldVersion.sh
The script performs the following operations:
Creates a detailed log file:/var/log/RemoveOldVersion.elg
Uninstalls all old RPM packages, except these:
CPrt (Eventia products)CPinfo (CPinfo utility)CPuepm (Endpoint Security Server)CPda (Deployment Agent)CPSmartLog (SmartLog)CPmds (Multi-Domain Security Management Server)
Deletes all directories and files that were installed by old RPM packages (except those mentioned above):
/opt/ <package>/var/opt/ <package>/var/OPT/ <package>/opt/CPshrd-* /var/log/CPsuite-*
Restores '/sysimg ' location (if created directory/symlink) after installation.
Restores links for old FW-1 log folders that exist in '/var/log '.
Once the script completes its job, the user will get the prompt back.
To verify that the script has finished successfully, run the following commands:
[Expert@HostName]# rpm -qa | grep CP [Expert@HostName]# ls -l /opt/CP* [Expert@HostName]# ls -l /var/opt/CP* [Expert@HostName]# ls -l /var/log/CPsuite-*
Notes:
The outputs should show only the latest version (to which the system was upgraded).
These directories are not deleted:
CPrt (Eventia products)CPinfo (CPinfo utility)CPuepm (Endpoint Security Server)CPda (CPUSE Deployment Agent)CPSmartLog (SmartLog)CPmds (Multi-Domain Security Management Server)
Related solutions:
This solution is about products that are no longer supported and it will not be updated
Applies To:
