SUNWcsr pkgmap defines /etc/pam.conf as a 'e' (editable) type file with a class
action script 'pamconf'. In this situation, when you install a new zone, when
it comes to install the SUNWcsr package, the class action script will just copy
the file from /var/sadm/pkg/SUNWcsr/save/... to [ZONEROOTPATH]/etc.

After that, it's possible that some packages need to modify the pam.conf
(eg. SUNWtnetr), to add new entries for example, then they do so in their
postinstall script.

You could find all the files on both systems that manipulate pam.conf and compare them.


# find /var/sadm/pkg/SUNWcsr -type f -exec /usr/xpg4/bin/grep -q pam.conf {} \; -print

-- Renaud

Brian Kolaci wrote:

I'm still having zone creation issues where my /etc/pam.conf is corrupt.

I have 2 machines, one works fine, the other always creates the
zone with a bad /etc/pam.conf.

I used the Dtrace toolkit "opensnoop" program to watch on both machines.
I see on the "good" machine, where it creates the /etc/pam.conf correctly
that a process properly copies the file from the pspool directory:

0 29509 cp 4 /var/sadm/pkg/SUNWcsr/save/pspool/SUNWcsr/reloc/etc/pam.conf This happens during the "Initializing package <x> of <y>: percent complete: ??%" phase.
I never see this on the machine having issues.  In fact what I do see is:

0 16561 cat -1 /pool1/zones/bktest2/root/etc/pam.conf 0 16564 grep 7 /pool1/zones/bktest2/root/etc/pam.conf 0 16565 sh 7 /pool1/zones/bktest2/root/etc/pam.conf 0 17485 cat 6 /pool1/zones/bktest2/root/etc/pam.conf 0 17487 cat 6 /tmp/pam.conf.17484 0 17489 grep 6 /pool1/zones/bktest2/root/etc/pam.conf 0 17490 sh 6 /pool1/zones/bktest2/root/etc/pam.conf 0 17491 grep 6 /pool1/zones/bktest2/root/etc/pam.conf 0 17492 sh 6 /pool1/zones/bktest2/root/etc/pam.conf
so it appears to be trying to manipulate the file rather than just copy it.

What determines whether a file is copied from the save/pspool/... directory
rather than just a postinstall script trying to manipulate it?

I've even upgraded the system to the latest U3 beta and the problem persists.

Is the process flow for creating zones documented somewhere?
zones-discuss mailing list

zones-discuss mailing list

Reply via email to