Thank you all for you input.
The problem certainly does have something to do with installing OpenHA
packages and subsequently creating/removing BEs, but unfortunately
it's hard to track back as the problem occurred a while back and I
have upgraded to build 127 since. But I'm pretty sure the problem did
not surface immediately after installing OpenHA. But then again, there
is the possibility that I did not notice the shutdown menu button
missing right away as I rarely use the desktop or pfexec. I'm guessing
that it had to be a combination of installing OpenHA and later
updating and creating/removing BEs, although I have no idea how.
Scott, here are the pkg outputs on the affected BE.
# pkg search -l /etc/security/prof_attr
INDEX ACTION VALUE PACKAGE
path file etc/security/prof_attr pkg:/SUNWcs at 0.5.11-0.111
# grep prof_attr /var/sadm/install/contents
#
On Thu, Nov 19, 2009 at 10:41 PM, Darren Kenny <Darren.Kenny at sun.com> wrote:
> Hi Dennis,
>
> That sounds like a package was installed (maybe cluster related) that
> overwrote
> the default /etc/security/{user,prof}_attr.
>
> SVR4 packages usually include a version of files like these that only contains
> the definitions they want to add or modify (hence the reason I think this is
> related to cluster installation). These are usually then merged into the
> existing file using action scripts like :
>
> ? ? ? ?/usr/sadm/install/scripts/i.rbac
>
> the entries in the pkgmap would usually read something like:
>
> ? ? ? ?1 e rbac etc/security/prof_attr 0644 root sys ...
>
> if it doesn't contain the rbac element of the above line, it will most likely
> just replace the existing one.
>
> IPS doesn't use these action scripts, and AFAIK such files are merged before
> being pushed into the repository, if you then install something from another
> repo, it's possible that it will simply over-write this file, causing the
> effect
> that you see.
>
> Can you provide more information about what you may have installed recently
> which could help you track down when this happened.
>
> HTH,
>
> Darren.
>
> On 11/19/09 05:05 AM, dennis mathews wrote:
>> Has anyone come across their RBAC files ( 200906 - 111b ) being reduced from
>> around 60-odd entries to less than 5 ? Are these files auto-generated now by
>> any chance ?
>>
>> Below is the full contents of the files. Incidentally exec_attr still has
>> all it's contents. I know this because I've got the fresh installs bootenv.
>>
>> $ cat /etc/security/auth_attr
>> solaris.cluster.admin:::Manage Quorum Server Daemons::
>> solaris.cluster.read:::Print Quorum Server Configuration::
>> solaris.smf.manage.zfs-auto-snapshot:::Manage the ZFS Automatic Snapshot
>> Service::
>>
>> $ cat /etc/security/prof_attr
>> Basic Solaris User::::auths=solaris.cluster.read
>> Quorum Server Management::::auths=solaris.cluster.admin
>>
>> Looks very strange. I can't run pfexec anymore
>>
>> pfexec /usr/bin/cat /etc/shadow
>> /usr/bin/cat: can't get execution attributes
>>
>> $profiles
>> Primary Administrator
>> Console User
>> Basic Solaris User
>> ?.. but none of these profiles have any entries in /etc/security/prof_attr
>>
>> $auths
>> solaris.device.cdrw,solaris.cluster.read
>>
>> auths on the fresh install was solaris.*
>>
>> I have never tried directly editing these files nor have I changed any
>> default profiles, or RBAC settings, so I'm confused how this might have
>> happened. Could an update has caused this ?
>>
>> Possibly related to this is that my shutdown option from the menu has
>> dissappeared.
>
