Custom package incomplete when new Solaris 10 zone is created

Custom package incomplete when new Solaris 10 zone is created

Post by Richard5 » Wed, 17 Aug 2005 11:29:20



I have created a custom pkgadd package that installs correctly in the
global zone as well as any existing non-global zones.  The problem is
that when I create a new non-global zone the package says it is
installed correctly but isn't.  The details are as follows:

In the preinstall script I create a new group and a new user

groupadd -g 54321 groupxxx
useradd -d /mypath/userxxx -u 12345 -g 54321 -s /bin/false userxxxx
(additional /usr/bin/ed command that edits /etc/shadow changing
userxxx:*LK*: to userxxx:NP:)

in the prototype file I have
i pkginfo=/tmp/Infofiles/pkginfo
d none mypath/userxxx 0755 userxxx groupxxx
i preinstall
i depend

When I install it in the global zone and have it propogate to the
existing zones it installs correctly and I see userxxx in /etc/passwd
and the new directory /mypath/userxxx gets created and has the correct
owner and group.

When I create a new zone /mypath/userxxx gets created but the
/etc/passwd, /etc/group and /etc/shadow entries do not exist.  The
interesting part is that the owner and group of /mypath/userxxx is
12345 and 54321 even though they don't exist in the passwd or group
file.

Since the prototype file references the name and not the number I am
guessing that during the zone installation my preinstall script ran
successfully and created the users but later on some other package
completely clobbered the /etc/passwd, group and shadow files.  So I
added the following to depend

P SUNWcsu Core Solaris, (Usr)

thinking this might be clobbering the passwd file it but it didn't
work.

The /var/sadm/system/logs/install_log shows my package being installed
before SUNWcsu so it still might the problem.  How do I get my package
to install after this one?  Or am I on the wrong track here?

Thanks,
Richard

 
 
 

Custom package incomplete when new Solaris 10 zone is created

Post by Stefan Jankowsk » Wed, 17 Aug 2005 18:28:45


[...]

Quote:> Since the prototype file references the name and not the number
> I am guessing that during the zone installation my preinstall
> script ran successfully and created the users but later on some
> other package completely clobbered the /etc/passwd, group and
> shadow files.  So I added the following to depend

> P SUNWcsu Core Solaris, (Usr)

          ^               ^^^^^

Just a side note: SUNWcs/u/ contains Core Solaris files in the
/usr-hierarchy, Core Solaris stuff for the root-fs is found in
SUNcsr:

,----
| # pkgchk -l SUNWcsu | grep passwd
| Pathname: /usr/bin/passwd
| # pkgchk -l SUNWcsr | grep passwd
| Pathname: /etc/default/passwd
| Pathname: /etc/passwd
| #
`----

Quote:> thinking this might be clobbering the passwd file it but it didn't
> work.

Hm, '/etc/passwd' is marked as 'e' (editable) in SUNWcsr's 'pkgmap'
file and at a quick glance I don't see anything in the 'i.passwd' file
that could cause random uid's to be removed (as indeed it should be!)
so I'd think the cause of your problem is somewhere else.

Just my EUR 0.02,
Stefan

--
Stefan Jankowski
Sysadmin, University of Freiburg, CS Dpt.
s/spambucket//
s/dave\.null/${FORENAME}.${LASTNAME}/

 
 
 

Custom package incomplete when new Solaris 10 zone is created

Post by Richard5 » Thu, 18 Aug 2005 02:02:15


It looks like it might the sysidtool that is resetting the password
file.  The timestamp on the /etc/passwd file is 5 minutes after the
timestamp on /mypath/userxxx and since it only takes a minute to create
a zone but quite a bit more time for the zone to configure itself
(using zlogin -C zonename to look at the console output) I think this
is the problem.

Richard

 
 
 

1. Package exclude when creating a Solaris 10 Zone

I would like to exlude certain packages when creating a zone, I have
checked the docs/newgroups and web and have not been able to find a
way of doing this.

I have a custom package which has been used for several years, it
installs fine for my Sol 10 build but when creating a zone I end up
with truncated passwd/shadow and group files. The package sets up
various local configuration items.

Can anyone help ?

Regards,

Carl.

2. why suid'ed shutdown refuses to run?

3. Why are some packages installed in all zones for Solaris 10, but some packages are not ?

4. Network/Ethernet, still need help, more information this time.

5. Solaris 10 zones - communication between zones

6. NIC for buzy firewall

7. New to Solaris 10 Zones - Any known problems/limitations?

8. Tips from experianced admins wanted

9. solaris 10 zone / container question (or Solaris 9)

10. How can I create devices for a new tape drive in Solaris 10

11. Networking, Zones, & Firewall Question w/ Solaris 10+

12. Problem installing oracle in Solaris 10 zone

13. Hands off application installations on Solaris 10 zones