Thanks for your informative response and for pointing me over to the right forum.
I had been using smc to manage the rights profile. Looking at /etc/security/exec_attr, I had been missing the uid=0 on the end of the entry. In smc, it looks like this is added through the "Set Security Attributes..." pane. I was still getting a "you must run pkgadd as root" error message, but once I added pkgadd to "Commands Permitted", it worked fine. I'm really liking the idea of RBAC. I can see, for instance, making a new role that can only start and stop mongrel and the postgresql server and perform other common web application related admin tasks. Thanks, again. This message posted from opensolaris.org
