Matt Cohen wrote: > Hi. > > We are running Solaris 10 11/06 release on some of our servers. The servers > have multiple zones each running a JBoss instance. > > In each zone, we are running the Nagios NRPE application to remotely monitor > our servers. > > Nagios is configured to run as an SMF service. It runs as user 'nagios' in > group 'nagios'. > > While trying to perform one of the monitoring checks, it fails to run > properly. The error message is Feb 2 11:21:11 appsrv2 genunix: [ID 702911 > kern.notice] jstat[17878]: missing privilege "file_dac_read" (euid = 5500, > syscall = 5) needed at tmp_taccess+0x8b > > User nagios has the file_dac_read privilege assigned to it in the > /etc/user_attr file. > > The service manifest contains the file_dac_read privilege as well: > <method_credential user='nagios' group='nagios' > privileges='basic,!file_dac_read' /> >
Matt, privileges=basic,!file_dac_read *removes* the file_dac_read privilege.
