Fwd: Pkgadd seeing the wrong user id

From: Sun List (magnet@mailbag.com)
Date: Sat Oct 09 2004 - 22:53:10 EDT

• Next message: John DiMarco: "IMPORTANT: Read this before posting to Sun-Managers"
• Previous message: Roy W. Erickson: "Auto shut down"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks to Simon Burr for pointing me to the answer:

  Its due to pkgadd running the request script as the install user if it
  exists; if the install user does not exist then the nobody user is used
  instead. Basically this is a bug in the package you've got - its not going
  to work at all.

  See page 63 of "Application Packaging Developer's Guide", available from:
  http://docs-pdf.sun.com/806-7008/806-7008.pdf

I was able to weasel around this by adding the install user with an uid of 0,
and installing the package. In the interest of paranoia, I deleted the install
user afterwards.

I'm sure that I could have figured out how to alter the package or the
installation process, but in the interest of expediency I took the easy way out.

A couple of others asked some good questions. In particular, was an NFS mount
involved? The answer is no. Someone else asked what id said, which I idiotically
 did not mention. Nor did I mention that neither NIS nor NIS+ were involved.

Much to my embarassment, this is in the FAQ. In my defense, the symptoms it
mentions are a bit different.

http://www.science.uva.nl/pub/solaris/solaris2/Q5.59.html

The original message:

I would like to install a package. When I run pkgadd, it claims I have an
effective uid of 60001 (nobody) even though I'm running as root:

You must be superuser to run this script!
Your current effective uid is 60001!
pkgadd: ERROR: request script did not complete successfully
 
It's Solaris 9, and as far as I can tell all the RBAC stuff is in order:
 
# roles root.
 
No roles
# profiles root
All
Basic Solaris User
# auths root
solaris.*
 
# egrep root /etc/user_attr
root::::auths=solaris.*,solaris.grant;profiles=All

# egrep pkgadd /etc/security/exec_attr
Software Installation:suser:cmd:::/usr/sbin/pkgadd:uid=0;gid=bin

# egrep -i software /etc/security/prof_attr
Software Installation:::Add application software to the
system:help=RtSoftwareInstall.html;auths=solaris.admin.prodreg.read,solaris.admin.prodreg.modify,solaris.admin.prodreg.delete,solaris.admin.dcmgr.admin,solaris.admin.dcmgr.read,solaris.admin.patchmgr.*

 
Before I pull out what's left of my hair, what am I missing here?
 _______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: John DiMarco: "IMPORTANT: Read this before posting to Sun-Managers"
• Previous message: Roy W. Erickson: "Auto shut down"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:29:33 EDT