Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 10 Patches not running
Operating Systems Solaris Solaris 10 Patches not running Post 302398701 by incredible on Thursday 25th of February 2010 10:11:22 AM
Old 02-25-2010
Again.. can you check ownership and permissions of the directory and the patches within it?
 

10 More Discussions You Might Find Interesting

1. Filesystems, Disks and Memory

Solaris and Cluster Patches

Simple question: After applying a cluster patch to a sun solaris box I am left with a root volume 81% full. I could run through the hassle of resizing the slices which is way too much work for a Ultra 5 running DNS only. Is there a way to clean up the /var/sadm/pkg area, aka dump the save info. (5 Replies)
Discussion started by: edkung
5 Replies

2. Solaris

Solaris 10 patches

"Solaris 10 is here and so are the latest patches. For a limited time SunSolve will provide access to all Solaris 10 patches. Download the latest Solaris 10 patches using Patchfinder and find updated support content using the SunSolve Knowledgebase. After this promotion ends, Solaris 10 security... (2 Replies)
Discussion started by: busta
2 Replies

3. Solaris

Solaris Patches

Is there any way to show the patches that have been installed in what order, or by date? For example, we have servers, we run the sun patch cluster on them every so often. but then we have some 1zee 2zee's which id like to identify. do i ahve to go into each directory and look at time stamps?... (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies

4. Solaris

How to update patches to Solaris 10?

I am seeking help to add patches to Solaris 10 on 64 bit Sparc server. This is to prepare the server for the installation of Oracle 10g. Please list command and specific directory that patches should be added to. Thanks (4 Replies)
Discussion started by: duke0001
4 Replies

5. UNIX for Dummies Questions & Answers

How to add patches to solaris 10?

I am seeking help to add patches to Sloris 10 on 64 bit Sparc server. This is to prepare the server for the installation of oracle 10g. Please list command and the directory (If needed). Thanks. (7 Replies)
Discussion started by: duke0001
7 Replies

6. Solaris

Solaris 10 Recommended Patches

Does anyone get the following error message below when trying to download solaris 10 recommended patch? End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and... (8 Replies)
Discussion started by: Sarccastik Dude
8 Replies

7. Solaris

Solaris patches

Hi Friends... can some one tel me any tool for analysing patch on solaris, then download n install it wit all dependency patches???? (3 Replies)
Discussion started by: sudhan143
3 Replies

8. Solaris

Solaris Patches

Hello all, I wanted to check in Solaris 10 machine whether it has got all the required patches . Is there any way to find out. Rgds Rj (6 Replies)
Discussion started by: jegaraman
6 Replies

9. Solaris

Solaris 10 Patches

Can anyone link me to where I can get solaris 10 patches, since now sunsolve.sun.com redirects to some useless oracle support page? (1 Reply)
Discussion started by: goodvikings
1 Replies

10. Solaris

Understanding Patches on Solaris-10

Hi, From security guy, I was told to install below three patches on Solaris-10 (Sparc) server 120272-31 124393-12 125731-11 Here is output from server - # showrev -p | grep 120272-31 # showrev -p | grep 120272 Patch: 120011-14 Obsoletes: 116781-02, 117447-01, 117463-05, 118371-10,... (3 Replies)
Discussion started by: solaris_1977
3 Replies

LEARN ABOUT OPENDARWIN

exec_attr

exec_attr(4)															      exec_attr(4)

NAME

       exec_attr - execution profiles database

SYNOPSIS

       /etc/security/exec_attr

       /etc/security/exec_attr	is  a  local  database that specifies the execution attributes associated with profiles. The exec_attr file can be
       used with other sources for execution profiles, including the exec_attr NIS map and NIS+ table. Programs use the  getexecattr(3SECDB)  rou-
       tines to access this information.

       The  search  order for multiple execution profile sources is specified in the /etc/nsswitch.conf file, as described in the nsswitch.conf(4)
       man page. The search order follows the entry for prof_attr(4).

       A profile is a logical grouping of authorizations and commands that is interpreted by a profile shell to form a secure  execution  environ-
       ment. The shells that interpret profiles are pfcsh, pfksh, and pfsh. See the pfsh(1) man page. Each user's account is assigned zero or more
       profiles in the user_attr(4) database file.

       Each entry in the exec_attr database consists of one line of text containing seven fields separated by colons (:). Line continuations using
       the backslash (fR) character are permitted. The basic format of each entry is:

	      name:policy:type:res1:res2:id:attr

       name

	   The name of the profile. Profile names are case-sensitive.

       policy

	   The	security  policy that is associated with the profile entry. The valid policies are suser (standard Solaris superuser) and solaris.
	   The solaris policy recognizes privileges (see privileges(5)); the suser policy does not.

	   The solaris and suser policies can coexist in the same exec_attr database, so that Solaris releases prior to the  current  release  can
	   use the suser policy and the current Solaris release can use a solaris policy. solaris is a superset of suser; it allows you to specify
	   privileges in addition to UIDs. Policies that are specific to the current release of Solaris or  that  contain  privileges  should  use
	   solaris. Policies that use UIDs only or that are not specific to the current Solaris release should use suser.

       type

	   The type of object defined in the profile. The only valid type is cmd.

       res1

	   Reserved for future use.

       res2

	   Reserved for future use.

       id

	   A string that uniquely identifies the object described by the profile. For a profile of type cmd, the id is either the full path to the
	   command or the asterisk (*) symbol, which is used to allow all commands. An asterisk that replaces the filename component in a pathname
	   indicates all files in a particular directory.

	   To  specify arguments, the pathname should point to a shell script that is written to execute the command with the desired argument. In
	   a Bourne shell, the effective UID is reset to the real UID of the process when the effective UID is less than 100 and not equal to  the
	   real  UID. Depending on the euid and egid values, Bourne shell limitations might make other shells preferable. To prevent the effective
	   UIDs from being reset to real UIDs, you can start the script with the -p option.

	   #!/bin/sh -p

       attr

	   An optional list of semicolon-separated (;) key-value pairs that describe the security attributes to apply to the  object  upon  execu-
	   tion.  Zero	or  more  keys	may  be specified. The list of valid key words depends on the policy enforced. The following key words are
	   valid: euid, uid, egid, gid, privs, and limitprivs.

	   euid and uid contain a single user name or a numeric user ID. Commands designated with euid run with the effective UID indicated, which
	   is  similar	to  setting  the setuid bit on an executable file. Commands designated with uid run with both the real and effective UIDs.
	   Setting uid may be more appropriate than setting the euid on privileged shell scripts.

	   egid and gid contain a single group name or a numeric group ID. Commands designated with egid run with  the	effective  GID	indicated,
	   which  is  similar to setting the setgid bit on a file. Commands designated with gid run with both the real and effective GIDs. Setting
	   gid may be more appropriate than setting guid on privileged shell scripts.

	   privs contains a privilege set which will be added to the inheritable set prior to running the command.

	   limitprivs contains a privilege set which will be assigned to the limit set prior to running the command.

	   privs and limitprivs are only valid for the solaris policy.

       Example 1: Using Effective User ID

       The following example shows the audit command specified in the Audit Control profile to execute with an effective user ID of root(0):

       Audit Control:suser:cmd:::/usr/sbin/audit:euid=0

       /etc/nsswitch.conf

       /etc/user_attr

       /etc/security/exec_attr

CAVEATS

       When deciding which authorization source to use (see ), keep in mind that NIS+ provides stronger authentication than NIS.

       Because the list of legal keys is likely to expand, any code that parses this database must be written to ignore  unknown  key-value  pairs
       without error. When any new keywords are created, the names should be prefixed with a unique string, such as the company's stock symbol, to
       avoid potential naming conflicts.

       The following characters are used in describing the database format and must be escaped with a backslash if used as data: colon (:),  semi-
       colon (;), equals (=), and backslash (fR).

       auths(1),  profiles(1),	roles(1),  sh(1),  makedbm(1M), getauthattr(3SECDB), getauusernam(3BSM), getexecattr(3SECDB), getprofattr(3SECDB),
       getuserattr(3SECDB), kva_match(3SECDB), auth_attr(4), prof_attr(4), user_attr(4), privileges(5)

								    25 Feb 2005 						      exec_attr(4)
All times are GMT -4. The time now is 06:38 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy