admin(4) File Formats admin(4)
admin - installation defaults file
admin is a generic name for an ASCII file that defines default installation actions by
assigning values to installation parameters. For example, it allows administrators to
define how to proceed when the package being installed already exists on the system.
/var/sadm/install/admin/default is the default admin file delivered with this release. The
default file is not writable, so to assign values different from this file, create a new
admin file. There are no naming restrictions for admin files. Name the file when
installing a package with the -a option of pkgadd(1M). If the -a option is not used, the
default admin file is used.
Each entry in the admin file is a line that establishes the value of a parameter in the
All of the parameters listed below can be defined in an admin file, but it is not required
to assign values to all of these. If a value is not assigned, pkgadd(1M) asks the install-
er how to proceed.
The valid parameters and their possible values are shown below except as noted. They can
be specified in any order. Any of these parameters (except the mail and proxy parameters)
can be assigned the value ask, which means that, when the parameter is reached during the
installation sequence, the installer is notified and asked to supply instructions (see
basedir Indicates the base directory where relocatable packages are
to be installed. If there is no basedir entry in the file,
the installer will be prompted for a path name, as if the
file contained the entry basedir=ask. This parameter can
also be set to default (entry is basedir=default). In this
instance, the package is installed into the base directory
specified by the BASEDIR parameter in the pkginfo(4) file.
mail Defines a list of users to whom mail should be sent follow-
ing installation of a package. If the list is empty, no mail
is sent. If the parameter is not present in the admin file,
the default value of root is used. The ask value cannot be
used with this parameter.
runlevel Indicates resolution if the run level is not correct for the
installation or removal of a package. Options are:
nocheck Do not check for run level.
quit Abort installation if run level is not met.
conflict Specifies what to do if an installation expects to overwrite
a previously installed file, thus creating a conflict
between packages. Options are:
nocheck Do not check for conflict; files in conflict
will be overwritten.
quit Abort installation if conflict is detected.
nochange Override installation of conflicting files; they
will not be installed.
setuid Checks for executables which will have setuid or setgid bits
enabled after installation. Options are:
nocheck Do not check for setuid executables.
quit Abort installation if setuid processes are
nochange Override installation of setuid processes; pro-
cesses will be installed without setuid bits
action Determines if action scripts provided by package developers
contain possible security impact. Options are:
nocheck Ignore security impact of action scripts.
quit Abort installation if action scripts may have a
negative security impact.
partial Checks to see if a version of the package is already par-
tially installed on the system. Options are:
nocheck Do not check for a partially installed package.
quit Abort installation if a partially installed pack-
instance Determines how to handle installation if a previous version
of the package (including a partially installed instance)
already exists. Options are:
quit Exit without installing if an instance of the
package already exists (does not overwrite
overwrite Overwrite an existing package if only one
instance exists. If there is more than one
instance, but only one has the same architec-
ture, it overwrites that instance. Otherwise,
the installer is prompted with existing
instances and asked which to overwrite.
unique Do not overwrite an existing instance of a
package. Instead, a new instance of the package
is created. The new instance will be assigned
the next available instance identifier.
idepend Controls resolution if the package to be installed depends
on other packages and if other packages depend on the one to
be installed. Options are:
nocheck Do not check package dependencies.
quit Abort installation if package dependencies are
rdepend Controls resolution if other packages depend on the package
to be removed. Also determines behavior if registered prod-
ucts components to be removed. See libwsreg(3LIB) and pro-
dreg(1M) for a definition of product components. Options
nocheck Do not check package or product dependencies.
quit Abort removal if package or product dependencies
are not met.
space Controls resolution if disk space requirements for package
are not met. Options are:
nocheck Do not check space requirements (installation
fails if it runs out of space).
quit Abort installation if space requirements are not
authentication Controls resolution when a datastream package with signature
is to be installed. Options are:
nocheck Do not verify package signature. This also dis-
ables the use of the Online Certificate Status
Protocol (OCSP) to validate the package's signing
quit Abort installation if package signature cannot be
networktimeout Number of seconds to wait before giving up a network connec-
tion when downloading a package. This entry must be a posi-
tive integer. If not present, the default value of 60 is
networkretries Number of times to retry a failed network connection when
downloading a package. This entry must be a positive inte-
ger. If not present, the default value of 5 is used.
keystore Location of trusted certificates used when downloading pack-
ages over SSL and when verifying signatures on packages.
This is the base directory of the certificate location for
trusted certificates used when validating digital signatures
on packages. For example, if this setting is /var/sadm/secu-
rity, then pkgadd will use /var/sadm/security/pkgadd/trust-
store, then /var/sadm/security/truststore when searching for
trusted certificates. See KEYSTORE LOCATIONS and KEYSTORE
AND CERTIFICATE FORMATS in pkgadd(1M) for details on cer-
tificate store format and usage.
proxy The default proxy to use when installing packages from the
network. Currently, only HTTP or HTTPS proxies are sup-
ported. If this field is blank or nonexistent, then no proxy
will be used.
rscriptalt=root | noaccess Determines the user that will run request scripts. This
parameter can have either of the values described below. See
pkgadd(1M) for details on the conditions under which this
parameter is useful.
root Run request script as user install, if such a
user exists, with the privileges of that user.
Otherwise, run script as user root, with UID
equal to 0 and with all/zone privileges. (See
noaccess Run request script as user install, if such a
user exists, with the privileges of that user.
Otherwise, run script as user noaccess, with the
basic privileges of the unprivileged user noac-
If this parameter is not present or has a null value, the
user noaccess is assumed. Likewise, if this parameter is set
to anything other than the values described here, a warning
is issued, and noaccess is assumed. rscriptalt is not
present in the default admin file,
/var/sadm/install/admin/default. In this case, request
scripts are run as the user noaccess.
Example 1 Default admin File
The default admin file, named default, is shipped with user-, group-, and world-read priv-
ileges(444). Its contents are as follows:
Example 2 Sample admin file.
Below is a sample admin file.
The default admin file is consulted during package installation when no other admin file
default admin file
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|Availability |SUNWpkgcmdsr |
|Interface Stability |Evolving |
pkgadd(1M), prodreg(1M), libwsreg(3LIB), pkginfo(4), attributes(5), zones(5)
The value ask should not be defined in an admin file that will be used for non-interactive
installation (because, by definition, there is no installer interaction). Doing so causes
installation to fail at the point when input is needed.
SunOS 5.11 20 Dec 2004 admin(4)