SVS Packaging Best Practices, Part 3: Update Existing Layer

Almost daily, I receive email from Juice readers with SVS questions. A lot of these questions are about updating an existing layer. In this chapter I'm going to describe some methods that can be used to update a existing layer with patches and/or updates.

Software applications use various methods to update and/or patch themselves. Most of the time you will get a message box popping up stating that there is a new update available. Sometimes you get an email notification with a link to the newest versions. Some software gets updated by Microsoft update. Different updates need a variety of tricks to get inside a layer. Mostly the questions are, how to update Adobe Acrobat, or Office 2003 but sometimes it's an application I've never heard of.

First you need to see what kind of an update you have.

Did you receive a message that asks you to go to a certain web site to download the newest patches and/or updates, or does the application have a update mechanism like your virus scanner has? These is important information to have before you start. Please be aware that this is an update and/or patch and not a newer version. If it is a newer version, you have to build a new layer instead of updating the existing layer.

Once you know what kind of a update you have, you will start updating the existing layer.

Updating an existing layer can be done by three methods:

• The first is when the patch or update is an executable or a MSI.
• Start the option Update existing layer.
• Select the layer you need to update. Select the update.
• Click start, and the update will be installed in the read only layer.

  This is the easy method.

  Most applications use the method that the update and/or patch needs to be deployed from within the application itself.

• When you start file, update existing layer, and then want to start the application that is in the layer, you will notice that the application is not there. This behavior is caused by the fact that the application is de-activated until you click finish. After you have selected the application that you need to update, and you click yes, the installation starts at the same time as the original application gets activated.
• To do this task, you have to choose what is the easiest for you.
• The first option you have is to get a clean machine, and install the original application local on that machine.
• When you select update layer, you can select the application because it is locally installed.

  All updates will be in the layer.

  The biggest problem is that you have to be absolutely sure you have installed the exact same version with the exact same patchlevel as the application you wish to update.

  When you have a newer version installed locally, the update will see it, and you will get a corrupted VSA package. It simply misses files that are needed.

In the above case you also need a packaging machine for every single application. When you have 30 or 40 applications virtualized, then you need 30 or 40 virtual packaging machines.

The second option you have is an often used method.

• Select update existing layer.
• Then select c:\windows\system32\cmd.exe as the application to package.\
• When you click finish, the dos prompt will appear.

  The application is activated, and you can browse to the executable that you need to start.

  In the case of Adobe acrobat, you will find the original executable in c:\program files\adobe\acrobat 8\reader\reader.exe.

• Copy and paste the executable into the dos box.
• The application will start, and then you can go to update Adobe.
• After finishing the update, you can close the application.
• Go to the dos box, and click exit.

There is also a third method.

This is the method I normally use, because it is fast, simple, and minimizes the risk of failure.

• Activate the application that you wish to update.

  In the case of Adobe, then you go to c:\program files.

  • Select the folder Adobe, and right click on it.
  • Go to the security tab, and give all users read/write rights.
  • It does not matter what you are changing here, you need to change something.
• When you then go to the layer, de-activate it.

  You will notice that all files will stay in c:\program files.

  This behavior is caused by the filter driver that will see that one or more of the files and folders have different attributes, and it will keep them resident.

  Remember that even though you see the layer is not activated, the original software still resides in the FSLRDR folder and not in the C:\program files. It could be considered as a bug, but I see it as a big advantage.

• Now when you go to update existing layer, you can choose the executable in c:\program files. You will notice that the application will start. Now you can update the layer. De-activate the layer, and delete all files in c:\program files where you previously changed the permissions.

Last but not least: Package Windows updates.

This can be done on the following method:

• Go to Windows update in the start menu.
• The web site opens, and searches for the updates that are available.
• After it finds the available updates, you can do two things:

  You can update the existing layer for the Office patches and updates or and do a global capture.

• All updates will be captured inside the Office layer. Windows also updates when available at that time.

  By doing the advanced method you can actually select what patches you want and what you do not want.

• You can also select create new layer, give it the name you desire, and do a global capture. Then all updates are captured inside the new layer.

Remember which updates are in a version. I have a machine where I have a layer named patch, that when activated shows Windows Xp as a SP3 machine, and while de-activated it shows a Windows XP sp2 machine. This can cause unpredictable behavior.

SVS Packaging Best Practices, Part 2: Packaging Daemon Tools

SVS Packaging Best Practices, Part 4: Exclusions