On Thu, Mar 08, 2007 at 10:03:45AM -0500, Christine Tran wrote: > przemolicc at poczta.fm wrote: > >Hello, > > > >I am going to change some properties of one service by: > >svccfg -s <service> > >svc ... >setprop ... > >svc ... >setprop ... > >... > >svcadm -v refresh <service> > > > >There might be some problems after the change so in order to have > >possibility to give up I would like to save the last working state of > >this particular service. In short: > > > >[0] <current state> > >[1] save the current state > >[2] make changes > >[3] if there is a problem with the service, change to state [1] > > > >What is the proper way (SMF-way) to do that ? > > > > Here ya go: > > http://docs.sun.com/app/docs/doc/819-2379/6n4m1vlgm?a=view > > Although I'll add that you should see something called "previous" after > listsnap as well. "previous" is the state immediately before the > changes you made. I'd revert to that. > > There is no current ability to take snapshot at will, although I filed > an RFE for it.
Hello Christine, I wanted to test the whole procedure (changing service properties and revert) so I did changes from page http://www.sun.com/software/solaris/howtoguides/s10securityhowto.jsp#5 It went ok (the whole apache2 service was running as webservd) but wanted to revert to previous state. What I did is: svccfg -s apache2 ... revert initial ... quit svcadm -v refresh apache2 (also removed the changes from /etc/apache2/http.conf) Now I have the following problem: bash-3.00# tail -f /var/apache2/logs/error_log [Mon Mar 12 11:30:10 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 [Mon Mar 12 11:30:11 2007] [notice] Digest: generating secret for digest authentication ... [Mon Mar 12 11:30:11 2007] [notice] Digest: done [Mon Mar 12 11:30:12 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 [Mon Mar 12 11:30:12 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 [Mon Mar 12 11:30:12 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 [Mon Mar 12 11:30:12 2007] [notice] Apache/2.0.58 (Unix) DAV/2 configured -- resuming normal operations [Mon Mar 12 11:30:12 2007] [alert] Child 1878 returned a Fatal error... Apache is exiting! [Mon Mar 12 11:30:12 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 [Mon Mar 12 11:30:12 2007] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 ... Indeed: bash-3.00# dtrace -n 'syscall::setgid:entry /execname == "httpd"/ {trace (arg0);}' dtrace: description 'syscall::setgid:entry ' matched 1 probe CPU ID FUNCTION:NAME 0 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 2 92 setgid:entry 4294967295 2 92 setgid:entry 4294967295 0 92 setgid:entry 4294967295 0 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 2 92 setgid:entry 4294967295 0 92 setgid:entry 4294967295 0 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 1 92 setgid:entry 4294967295 2 92 setgid:entry 4294967295 And: bash-3.00# svcprop -v -p start apache2 start/exec astring /lib/svc/method/http-apache2\ start start/timeout_seconds count 60 start/type astring method Where is the problem ? Regards przemol ---------------------------------------------------------------------- Jestes kierowca? To poczytaj! >>> http://link.interia.pl/f199e
