|
|
Sponsored Content
Operating Systems
Solaris
Patching utility?
Post 302478314 by solarisx86 on Tuesday 7th of December 2010 03:46:02 PM
12-07-2010
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I would like to ask if anyone knows of a Unix program that is like patch(1), but applies each diff interactively so I can decide on whether to apply a particular diff.
This is my situation: someone has made certain changes to a file I created, sent me the modified copy and I would like the... (2 Replies)
Discussion started by: cbkihong
2 Replies
2. Solaris
Last night I installed some patches by using update manager on my solaris 10 on AMD 64. Now I cannot boot. It is keep failing. I am able to go to failsafe and I am able ot update the boot archieve file but I am not sure what to do after this. I think it is not boot problem, I think my kernel is... (5 Replies)
Discussion started by: saif
5 Replies
3. Solaris
Hi all,
I'm new to Solaris. How can i make sure that all my servers are patched to the same level. When i do a uname -a, i see different level. How can i make sure that they are having the same patches. Any expert to guide me through pls?
eg.
ServerA#uname -a
SunOS ServerA 5.10... (0 Replies)
Discussion started by: ahlude
0 Replies
4. Solaris
Hi Folks,
I new to SunOs, mostly used to HP-UX and AIX way of patching. I'm trying to bring my two 420R test blades to the same patch level as my two prod ones. I've been reading a lot on how to patch SunOs but I'm still not sure how to achieve this. Both prod boxes says SunOs 5.8 Generic Patch... (2 Replies)
Discussion started by: supergumby
2 Replies
5. Solaris
Hi all
Ive got 12 odd sun servers, running solars 8, 9 and soon 10. Have to admit I havent patched for years. Infact the last time I did patch a load of servers, sun provided you will a small script which would review the current patch levels, create a xml file that you would use on sunsolve... (3 Replies)
Discussion started by: sbk1972
3 Replies
6. Shell Programming and Scripting
Hi,
I need to zip/compress a data file and send to a vendor. The vendor does have only unzip utility and can accept only .ZIP files. I do not have zip utility in my server.
How do I zip/compress the file so that it can be deflated using unzip command ? I tried gzip & compress commands, but... (1 Reply)
Discussion started by: Sabari Nath S
1 Replies
7. Solaris
Hi Gurus,
I am new to solaris patching.. while doing the patching do we need to have the root previligies and also need help while doing patching work if the server has veritas on it........
Thanks in advance.......... (10 Replies)
Discussion started by: samanth009
10 Replies
8. Solaris
Hi All,
I have a question ? Which all patches need to be applied in single user mode and which all not .Is there any rule all patches need to be applied in /var/tmp.Thanks in advance for answers.:) (1 Reply)
Discussion started by: rama krishna
1 Replies
9. Solaris
what are prerequisites or precautions we take before we install a patch in a zone.what if zone fails to boot after patching.How to recover form this situation.?
Thanks in advance..:) (1 Reply)
Discussion started by: ravijanjanam12
1 Replies
10. Solaris
OK, finally managed to get root access to the machines.
Now running
# uname -a
SunOS unknown 5.8 Generic_108528-22 sun4u sparc SUNW,UltraAX-e2
# showrev -p
Patch: 112668-01 Obsoletes: Requires: Incompatibles: Packages: SUNWgzip
Patch: 109889-01 Obsoletes: 109353-04 Requires: ... (2 Replies)
Discussion started by: Norman Khine
2 Replies
LEARN ABOUT OSX
user_attr
user_attr(4) File Formats user_attr(4) NAME
user_attr - extended user attributes database SYNOPSIS
/etc/user_attr DESCRIPTION
/etc/user_attr is a local source of extended attributes associated with users and roles. user_attr can be used with other user attribute sources, including the LDAP people container, the user_attr NIS map, and the user_attr NIS+ table. Programs use the getuserattr(3SECDB) routines to gain access to this information. The search order for multiple user_attr sources is specified in the /etc/nsswitch.conf file, as described in the nsswitch.conf(4) man page. The search order follows that for passwd(4). Each entry in the user_attr databases consists of a single line with five fields separated by colons (:). Line continuations using the backslash () character are permitted. Each entry has the form: user:qualifier:res1:res2:attr user The name of the user as specified in the passwd(4) database. qualifier Reserved for future use. res1 Reserved for future use. res2 Reserved for future use. attr An optional list of semicolon-separated (;) key-value pairs that describe the security attributes to apply to the object upon execu- tion. Zero or more keys may be specified. The following keys are currently interpreted by the system: auths Specifies a comma-separated list of authorization names chosen from those names defined in the auth_attr(4) database. Authorization names may be specified using the asterisk (*) character as a wildcard. For example, solaris.printer.* means all of Sun's printer authorizations. profiles Contains an ordered, comma-separated list of profile names chosen from prof_attr(4). Profiles are enforced by the profile shells, pfcsh, pfksh, and pfsh. See pfsh(1). A default profile is assigned in /etc/security/policy.conf (see policy.conf(4)). If no pro- files are assigned, the profile shells do not allow the user to execute any commands. roles Can be assigned a comma-separated list of role names from the set of user accounts in this database whose type field indicates the account is a role. If the roles key value is not specified, the user is not permitted to assume any role. type Can be assigned one of these strings: normal, indicating that this account is for a normal user, one who logs in; or role, indicat- ing that this account is for a role. Roles can only be assumed by a normal user after the user has logged in. project Can be assigned a name of one project from the project(4) database to be used as a default project to place the user in at login time. For more information, see getdefaultproj(3PROJECT). defaultpriv The default set of privileges assigned to a user's inheritable set upon login. limitpriv The maximum set of privileges a user or any process started by the user, whether through su(1M) or any other means, can obtain. The system administrator must take extreme care when removing privileges from the limit set. Removing any basic privilege has the abil- ity of crippling all applications; removing any other privilege can cause many or all applications requiring privileges to malfunc- tion. See privileges(5) for a description of privileges. The command ppriv -l (see ppriv(1)) produces a list of all supported privileges. Note that you specify privileges as they are displayed by ppriv. In privileges(5), privileges are listed in the form PRIV_<privi- lege_name>. For example, the privilege file_chown, as you would specify it in user_attr, is listed in privileges(5) as PRIV_FILE_CHOWN. lock_after_retries Specifies whether an account is locked after the count of failed logins for a user equals or exceeds the allowed number of retries as defined by RETRIES in /etc/default/login. Possible values are yes or no. The default is no. Account locking is applicable only to local accounts. Except for the type key, the key=value fields in /etc/user_attr can be added using roleadd(1M) and useradd(1M). You can use rolemod(1M) and usermod(1M) to modify key=value fields in /etc/user_attr. Modification of the type key is restricted as described in rolemod and usermod. EXAMPLES
Example 1: Assigning a Profile to Root The following example entry assigns to root the All profile, which allows root to use all commands in the system, and also assigns two authorizations: root::::auths=solaris.*,solaris.grant;profiles=All;type=normal The solaris.* wildcard authorization shown above gives root all the solaris authorizations; and the solaris.grant authorization gives root the right to grant to others any solaris authorizations that root has. The combination of authorizations enables root to grant to others all the solaris authorizations. See auth_attr(4) for more about authorizations. FILES
/etc/nsswitch.conf See nsswitch.conf(4). /etc/user_attr Described here. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
auths(1), pfcsh(1), pfksh(1), pfsh(1), ppriv(1), profiles(1), roles(1), roleadd(1M), rolemod(1M), useradd(1M), usermod(1M), getdefault- proj(3PROJECT), getuserattr(3SECDB), auth_attr(4), exec_attr(4), nsswitch.conf(4), passwd(4), policy.conf(4), prof_attr(4), project(4), attributes(5), privileges(5) NOTES
When deciding which authorization source to use, if you are not using LDAP, keep in mind that NIS+ provides stronger authentication than NIS. The root user is usually defined in local databases for a number of reasons, including the fact that root needs to be able to log in and do system maintenance in single-user mode, before the network name service databases are available. For this reason, an entry should exist for root in the local user_attr file, and the precedence shown in the example nsswitch.conf(4) file entry under EXAMPLES is highly recommended. Because the list of legal keys is likely to expand, any code that parses this database must be written to ignore unknown key-value pairs without error. When any new keywords are created, the names should be prefixed with a unique string, such as the company's stock symbol, to avoid potential naming conflicts. In the attr field, escape the following symbols with a backslash () if you use them in any value: colon (:), semicolon (;), carriage return ( ), equals (=), or backslash (). SunOS 5.10 16 Mar 2004 user_attr(4)