Hi all,
I've created a shell-script "application" which runs from a miniroot
started from the network. The scripts sometimes uses this construct for
commands that read from stdin:
somecommand < /dev/null
This worked from solaris 8 to 10 and early (say < 80) Nevada builds. I'm
now with build 115 and "it" doesn't work anymore.
When started from local disk, "it" works:
# su bin
$ dd if=/dev/null of=/tmp/1
0+0 records in
0+0 records out
$
When started from the miniroot on the network, it doesn't work:
# reboot -- net -s
...
Configured interface eri0
ERROR: bpgetfile unable to access network install information
# pkill dial
# su bin
$ cat < /dev/null
/dev/null: cannot open
$ /usr/bin/dd if=/dev/null of=/tmp/1
dd: /dev/null: open: Permission denied
$ truss -f /usr/bin/dd if=/dev/null of=/tmp/1
<...>
111: open64("/dev/null", O_RDONLY) Err#13 EACCES [ALL]
<...>
$ id -a
uid=2(bin) gid=2(bin) groups=2(bin),3(sys)
$ ppriv -eD /usr/bin/dd if=/dev/null of=/tmp/1
dd[120]: missing privilege "ALL" (euid = 2, syscall = 225) for
"devpolicy" needed at spec_open+0xd0
dd: /dev/null: open: Permission denied
I tried to grant bin the ALL privilege by adding the user to a profile
with ":privs=all" but the issue remains. Any pointers on how to debug
this further are appreciated.
Thanks much, Joost
--
Joost Mulders + email: joost.mulders at sun.com
Technical Specialist + phone: +31-33-45-15701
Client Solutions + fax: +31-33-45-15734
Sun Microsystems + mobile: +31-6-5198-7268
-= Anything not done right, has to be done again =-
