Hi. We are running Solaris 10 11/06 release on some of our servers. The servers have multiple zones each running a JBoss instance.
In each zone, we are running the Nagios NRPE application to remotely monitor our servers. Nagios is configured to run as an SMF service. It runs as user 'nagios' in group 'nagios'. While trying to perform one of the monitoring checks, it fails to run properly. The error message is Feb 2 11:21:11 appsrv2 genunix: [ID 702911 kern.notice] jstat[17878]: missing privilege "file_dac_read" (euid = 5500, syscall = 5) needed at tmp_taccess+0x8b User nagios has the file_dac_read privilege assigned to it in the /etc/user_attr file. The service manifest contains the file_dac_read privilege as well: <method_credential user='nagios' group='nagios' privileges='basic,!file_dac_read' /> When I do a ppriv -v on the process, the file_dac_read privilege is not available. How do I make it so the service starts and runs with the file_dac_read privilege automatically? I thought adding it to the manifest and user would do the trick, but it doesn't look like that's working. Any help would be appreciated. Thanks, Matt This message posted from opensolaris.org
