Anurag S. Maskey wrote: > recreated the problem and found the bug. > > The bug is in "destroy -a" and not on reading configuration from a > file using -f. I had been testing with a file that created an enm and > that was behaving as expected. > > With "destroy -a", each type is walked and each object destroyed. The > return values were being ignored, and thus it appeared as if "destroy > -a" was always working. Great! > > Thanks for catching this Lizhong and thanks again for putting up with > the barrage of emails to figure it out. You are welcome :-) > > Anurag > > > Lizhong Li wrote: >> Renee and Anurag, >> >> I checked it again, I used this command to create the test user >> 'nwamtest' >> >> useradd -m -b /var/tmp nwamtest >> And I changed the file /etc/user_attr to assign different auth to >> nwamtest. >> >> I noticed that I used 'su - ' while Anurag used 'su ', is it relating >> with this issue ? >> >> Please look at the following comments: >> >> Renee Danson wrote: >>> Hi Lizhong, >>> >>> On Tue, Mar 17, 2009 at 11:34:17AM +0800, Lizhong Li wrote: >>> >>>> Renee and Anurag, >>>> >>>> I found the issues in bits Mar 12, too. Please check the following >>>> description. >>>> >>>> The difference is that you are using the user with >>>> "defaultpriv=basic", >>>> I'm trying the one with "auths=solaris.network.autoconf.read" or >>>> "auths=solaris.network.autoconf.write" >>>> "auths=solaris.network.autoconf.read,auths=solaris.network.autoconf.write" >>>> >>>> >>>> * Here is the result for user with >>>> "auths=solaris.network.autoconf.read" >>>> >>>> # firering:exp# su - nwamtest >>>> Sun Microsystems Inc. SunOS 5.11 nwam1-build:2009-03-12 Mar. >>>> 12, 2009 >>>> SunOS Internal Development: am223141 2009-03-12 [nwam1-build] >>>> bfu'ed from >>>> >>>> /net/zhadum.east/export/ws/am223141/nwam1-build/archives/sparc/nightly.2009-03-12 >>>> >>>> >>>> on 2009-03-15 >>>> Sun Microsystems Inc. SunOS 5.11 snv_107 November 2008 >>>> >>>> bash-3.2$ /usr/sbin/nwamcfg list >>>> NCPs: >>>> User >>>> Automatic >>>> Locations: >>>> myloc1 >>>> ENMs: >>>> myenm1 >>>> myenm2 >>>> >>>> bash-3.2$ /usr/sbin/nwamcfg -f nwamcfg_destroy_a.s >>>> Configuration read. >>>> >>>> bash-3.2$ echo $? >>>> 0 >>>> >>>> This shouldn't be 0. >>>> >>>> bash-3.2$ cat /etc/user_attr | grep nwamtest >>>> nwamtest::::type=normal;auths=solaris.network.autoconf.read >>>> >>>> bash-3.2$ /usr/sbin/nwamcfg list >>>> NCPs: >>>> User >>>> Automatic >>>> Locations: >>>> myloc1 >>>> ENMs: >>>> myenm1 >>>> myenm2 >>>> >>> >>> What exactly should nwamcfg_destroy_a.s do? >> bash-3.2$ cat nwamcfg_destroy_a.s >> destroy -a >> end >> >> I think this needs the writing auth. >>> It does look like no profiles >>> were removed, based on the before and after 'nwamcfg list' >>> commands. I'm >>> trying to understand why you're seeing such different results from >>> Anurag. >>> >>> It would also be helpful if you could show the output of the 'auths' >>> command, >>> to make sure that the user_attr entry is being interpreted as expected. >>> >> bash-3.2$ auths >> solaris.network.autoconf.read,solaris.device.cdrw,solaris.profmgr.read,solaris.mail.mailq,solaris.device.mount.removable,solaris.admin.usermgr.read,solaris.admin.logsvc.read,solaris.admin.fsmgr.read,solaris.admin.serialmgr.read,solaris.admin.diskmgr.read,solaris.admin.procmgr.user,solaris.compsys.read,solaris.admin.printer.read,solaris.admin.prodreg.read,solaris.admin.dcmgr.read,solaris.snmp.read,solaris.project.read,solaris.admin.patchmgr.read,solaris.network.hosts.read,solaris.admin.volmgr.read >> >> >> >>> >>>> * Here is the result for user with >>>> "auths=solaris.network.autoconf.write" >>>> >>>> bash-3.2$ cat /etc/user_attr | grep nwamtest >>>> >>>> nwamtest::::type=normal;auths=solaris.network.autoconf.read,solaris.network.autoconf.write >>>> >>>> >>>> >>> >>> I think this user_attr entry is at least part of the problem. As I >>> mentioned in the mail I sent last week, I believe the correct syntax >>> is >>> >>> >>> nwamtest::::type=normal;auths=solaris.network.autoconf.read,solaris.network.autoconf.write >>> >>> >>> >>> That is, there is no "auths=" before the second authorization name. >>> It should be 'auths=AUTH1,AUTH2 rather than 'auths=AUTH1,auths=AUTH2'. >>> >> Sorry for that I misunderstood your last email, now it is: >> >> nwamtest::::type=normal;auths=solaris.network.autoconf.read,solaris.network.autoconf.write >> >> >> >> >> And the result is right for user with >> 'auths=solaris.network.autoconf.read,solaris.network.autoconf.write', >> while it seems wrong for just 'solaris.network.autoconf.write' : >> >> # /usr/sbin/nwamcfg list >> NCPs: >> User >> Automatic >> Locations: >> myloc1 >> ENMs: >> myenm1 >> >> # bash-3.2$ auths >> solaris.network.autoconf.write,solaris.device.cdrw,solaris.profmgr.read,solaris.mail.mailq,solaris.device.mount.removable,solaris.admin.usermgr.read,solaris.admin.logsvc.read,solaris.admin.fsmgr.read,solaris.admin.serialmgr.read,solaris.admin.diskmgr.read,solaris.admin.procmgr.user,solaris.compsys.read,solaris.admin.printer.read,solaris.admin.prodreg.read,solaris.admin.dcmgr.read,solaris.snmp.read,solaris.project.read,solaris.admin.patchmgr.read,solaris.network.hosts.read,solaris.admin.volmgr.read >> >> >> bash-3.2$ /usr/sbin/nwamcfg -f nwamcfg_destroy_a.s >> Configuration read. >> bash-3.2$ echo $? >> 0 >> bash-3.2$ /usr/sbin/nwamcfg list >> List error: Insufficient permissions for action >> >> firering:nwam# nwamcfg list >> NCPs: >> User >> Automatic >> Locations: >> myloc1 >> ENMs: >> myenm1 >> >> The configuration is not really destroyed. >>
-- Thanks, Lizhong
