Re: [Solaris-Users] Problem using `id` in the shell script

Fri, 13 May 2005 20:47:14 -0700 

Interestingly. The pkgadd itself is setting the uid.

5432/1:          3.3609 setuid(60001)                                   = 0
5432/1:          3.3635 execve("/sbin/sh", 0xFFBFEA84, 0x0013F7B0)  argc = 3
5432/1:             *** SUID: ruid/euid/suid = 60001 / 60001 / 60001  ***
5432/1:          3.3644 getpid()                                        =
5432 [5426]
5432/1:          3.3645 getpgid(5432)                                   =
5424
5432/1:          3.3648 getsid(5432)                                    =
5219

But this didn't happen in previously. Its happening now after trying to
install the latest version of our software.

Why is it setting the user as nobody(60001)?

is there a way we can force the user to be root.

Regards,
Mayuresh
----- Original Message ----- 
From: "Darren Dunham" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Friday, May 13, 2005 8:46 PM
Subject: Re: [Solaris-Users] Problem using `id` in the shell script


> > i am facing a problem here,
> >
> > pkgadd command installs packages, and executes any installation scripts.
So
> > when i execute pkgadd, as ROOT and when the pkgadd reads the
installation
> > scripts,
> >
> > inside the script the id command returns nobody inspite of the pkgadd
being
> > run as ROOT
> >
> > `id` returns nobody,
> >
> > Any idea why?
>
> Very likely its a security concern.  It's not in the pkgadd man page,
> but the patchadd man page has these NOTES.  You'll see they apply to
> pkgadd also.
>
> man patchadd
> [...]
>      pkgadd is invoked by patchadd and executes the  installation
>      scripts  in  the  pkg/install  directory.  The  checkinstall
>      script is executed with its ownership set to  user  install,
>      if  there  is no user install then pkgadd executes the chec-
>      kinstall script as nobody. The  SVR4  ABI  states  that  the
>      checkinstall  shall only be used as an information gathering
>      script. If the permissions for the checkinstall  script  are
>      changed to something other than the initial settings, pkgadd
>      may not be able to open the file for reading,  thus  causing
>      the patch installation to abort with the following error:
>      pkgadd: ERROR: checkinstall script did not complete successfully.
>
>      The permission for the checkinstall  script  should  not  be
>      changed.
> [...]
>
> -- 
> Darren Dunham                                           [EMAIL PROTECTED]
> Senior Technical Consultant         TAOS            http://www.taos.com/
> Got some Dr Pepper?                           San Francisco, CA bay area
>          < This line left intentionally blank to confuse you. >
> _______________________________________________
> Solaris-Users mailing list
> [email protected]
> http://www.filibeto.org/mailman/listinfo/solaris-users

_______________________________________________
Solaris-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/solaris-users

Reply via email to