Re: [pkg-discuss] adding users, groups, authorizations to go with image-update

Wed, 05 Aug 2009 12:04:20 -0700 


Danek Duvall wrote:

RBAC data isn't handled very well at the moment; Casper put back a service
to manipulate these entries, but I think there are still unresolved
problems with that, so for now I think you'll need to continue doing this

by hand.  

In some src/util/distro-import/<build#>/ directories, I see exec_attr,
prof_attr, auth_attr, user_attr files.  Let's say I am running "make
119/redist_import", if I add modified version of the *_attr files in
src/util/distro-import/119/, would that work?

    

Yes.

  

Need a little more help on this.   I'll explain below what I have done 
to get new users, groups and authorizations.  I'm sure there's a more 
"correct" way to do this, but I'm hacking around.



To add the new users and groups, I've modified 00/common/SUNWcnetr to 
add the following lines:


   add group groupname=netadm gid=65
   add user username=netadm uid=16 group=netadm gos-field="Network Admin" \
          home-dir=/ ftpuser=true
   add user username=netcfg uid=17 group=netadm \
          gos-field="Network Configuration Admin" home-dir=/


I added the 4 new *_attr files to the 119 directory.  I copied 
111/common/SUNWcs to 119/common/SUNWcs, but did not make any changes to 
that file.


I modified 119/SUNWfixes.prototype and added

   e none etc/security/auth_attr 0644 root sys
   e none etc/security/exec_attr 0644 root sys
   e none etc/security/prof_attr 0644 root sys
   e none etc/user_attr 0644 root sys


I also modified src/util/distro-import/Makefile so that CACHED_FILES_119 
contains the for *_attr files.


   CACHED_FILES_119 = etc/user_attr etc/security/auth_attr
   etc/security/prof_attr etc/security/exec_attr


My repository is being fine.  image-update complete, but authorizations 
are missing.  In the new BE (created by image-update), I see that 
etc/passwd, etc/shadow, etc/group, and etc/security/auth_attr have been 
updated.  But etc/user_attr, etc/security/prof_attr and 
etc/security/exec_attr have not been updated with the new profiles and 
authorizations.


What's going wrong? What am I missing?

Thanks,
Anurag

_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss






















					Reply via email to