SOLVED.
Turned out that the system was not fully started when I did my testing.
After a (long) wait for the "SINGLE USER MODE" message, thing work as
expected:
ERROR: bpgetfile unable to access network install information
# Requesting System Maintenance Mode
SINGLE USER MODE
# su bin
Jun 11 14:10:00 su: 'su bin' succeeded for root on /dev/console
$ dd if=/dev/null of=/tmp/1
0+0 records in
0+0 records out
My apologies, Joost
Joost Mulders wrote:
> Hi all,
>
> I've created a shell-script "application" which runs from a miniroot
> started from the network. The scripts sometimes uses this construct for
> commands that read from stdin:
> somecommand < /dev/null
> This worked from solaris 8 to 10 and early (say < 80) Nevada builds. I'm
> now with build 115 and "it" doesn't work anymore.
>
> When started from local disk, "it" works:
>
> # su bin
> $ dd if=/dev/null of=/tmp/1
> 0+0 records in
> 0+0 records out
> $
>
> When started from the miniroot on the network, it doesn't work:
>
> # reboot -- net -s
> ...
> Configured interface eri0
> ERROR: bpgetfile unable to access network install information
> # pkill dial
> # su bin
> $ cat < /dev/null
> /dev/null: cannot open
>
> $ /usr/bin/dd if=/dev/null of=/tmp/1
> dd: /dev/null: open: Permission denied
>
> $ truss -f /usr/bin/dd if=/dev/null of=/tmp/1
> <...>
> 111: open64("/dev/null", O_RDONLY) Err#13 EACCES [ALL]
> <...>
>
> $ id -a
> uid=2(bin) gid=2(bin) groups=2(bin),3(sys)
> $ ppriv -eD /usr/bin/dd if=/dev/null of=/tmp/1
> dd[120]: missing privilege "ALL" (euid = 2, syscall = 225) for
> "devpolicy" needed at spec_open+0xd0
> dd: /dev/null: open: Permission denied
>
> I tried to grant bin the ALL privilege by adding the user to a profile
> with ":privs=all" but the issue remains. Any pointers on how to debug
> this further are appreciated.
>
> Thanks much, Joost
--
Joost Mulders + email: joost.mulders at sun.com
Technical Specialist + phone: +31-33-45-15701
Client Solutions + fax: +31-33-45-15734
Sun Microsystems + mobile: +31-6-5198-7268
-= Anything not done right, has to be done again =-
