On Sun 04 May 2008 at 03:12AM, Jason King wrote:
> On Sun, May 4, 2008 at 2:56 AM, Dan Price <[EMAIL PROTECTED]> wrote:
> > On Sat 03 May 2008 at 07:10PM, Danek Duvall wrote:
> >
> > > On Sat, May 03, 2008 at 06:54:40PM -0700, Dan Price wrote:
> > >
> > > > +sed '/^jack:.*$/D' $zoneroot/etc/shadow \
> > > > + > $zoneroot/etc/shadow.new && \
> > > > + mv -f $zoneroot/etc/shadow.new $zoneroot/etc/shadow
> > >
> > > This doesn't appear to preserve the mode of the original /etc/shadow,
> > > unless you're setting umask somewhere else in the script. We see this
> > sort
> > > of bug a lot in SVr4 packages that edit files with sed in their class
> > > action or postinstall scripts. Use ed instead, or touch an empty file,
> > > chmod it to 600, overwrite it with your sed script, and chmod it to 400
> > > before moving it back into place (all that dance so that the copy of the
> > > shadow file isn't ever readable by a non-root user).
> >
> > Here's a second try. I also noticed and corrected perms problems on
> > /etc/passwd, /etc/user_attr, and the SMF repository DB (filed as 1778).
> > With this fix, a freshly installed zone passes 'pkg verify' cleanly:
> >
> > # pkg -R /zones/foo/root verify
> >
> > #
> >
> > Of course, once you boot it, you'll get the stupid mkdtab verification
> > error, but hey, you can't have everything.
> >
> > Fix is a little longer; posted at
> > http://cr.opensolaris.org/~dp/fixes-1756
>
> Perhaps a stupid question, is there a reason the messages on lines 107
> & 123 of pkgcreatezone don't appear to be localized? Am I just not
> seeing something?
Well, the first is essentially an assertion which would be failing--
the zones infrastructure will ensure these arguments are passed in,
so this is just a double-check that that is true.
The second is just a bug; I'll clean it up. Actually-- I'm not sure
the 'refresh' is needed at all, since we're creating a new image here.
I'll take a look.
-dp
--
Daniel Price - Solaris Kernel Engineering - [EMAIL PROTECTED] - blogs.sun.com/dp
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
