Patch or upgrade the SMC Appliance on the command line

You can use the appliance maintenance and bug remediation (AMBR) patching utility to patch or upgrade the SMC Appliance on the command line.

Before you begin

In environments without Internet connectivity, you must download the SMC Appliance patch file from https://update.stonesoft.com/download/appliance/patches/, then transfer the files to the SMC Appliance.

If you do not have physical access to the SMC Appliance, use SSH to access the SMC Appliance remotely.

Note: In FIPS mode, SSH access to the SMC Appliance command line is not supported.

You must have SMC Appliance Superuser permissions to log on to the SMC Appliance command line. Administrators with unrestricted permissions (superusers) are allowed to log on to the SMC Appliance command line only if there are no administrators with Console Superuser permissions.

Use sudo if you need elevated privileges. For a list of available sudo commands, enter the following command:

sudo -l

Steps

From the command line, log on to the SMC Appliance.
To update the list of available remote patches from the download server, enter the following command:
```
sudo ambr-query -u
```
To show all local and remote patches, enter the following command:
```
sudo ambr-query -a
```
To automatically download a patch, or to load a patch that you manually downloaded, enter the following command:
```
sudo ambr-load <patch>
```
Note: If you manually downloaded the patch and transferred it to the SMC Appliance, append the command with the -f option and specify the full path to the patch file.
Example:
```
sudo ambr-load –f /var/tmp/6.5.0P001.sap
```
To activate the patch, enter the following command:
```
sudo ambr-install <patch>
```

Result

The SMC Appliance patch is installed on the SMC Appliance.

If you installed an SMC Appliance upgrade patch, the installation process restarts the appliance and installs the patch. When the upgrade is finished, the appliance restarts again.