Hi all, does anybody know what the reason is that all directories in /var/sadm/patch have the permission 0754. Like this it is impossible to grep for the Synopsis of the patches in the README files as a normal user. Like this you can only look at the patchids, which give a user who wants to hack a system enough information about missing patches that might offer opportunities to attack. So what is the point not setting the default permission to either 0750 (including the directory /var/sadm/patch) or to 0755 and give users the oportunity to read the README files of the installed patches? TIA, Tom
default permission in /var/sadm/patch
4 posts
• Page 1 of 1
- virus
- Simulator
- editor
- Microsoft OFFICE
- Windows XP
- Sinclair computer
- MS WORD
- IBM PC
- c++ builder
- Visual Studio .Net
Jump to:
- 1. Graphics utility
Hi I'm looking for some utility that can convert a standard text file into a graphic file from a command line. i.e. Put standard text input into text.file then run command to convert to graphics.file Anyone any ideas? Thanks in advance Alan -- - 2. OT My old neighborhood
On Thu, 11 Dec 2003 13:31:19 GMT, XXXX@XXXXX.COM wrote: >Don't youz mean Villiamsboig, kike? That is the yiddish name, yes. > >Vince wrote: >> >> My old neighborhood East Williamsberg was on the TV news this afternoon. >> Something about a half way house that opened on the corner of Grattan St and >> Porter Ave. >> I lived at 89 Grattan St (Between Knickerblocker and Porter) from 1960 till I >> was drafted into the army in 1966. My grandmother worked at the shoe factory in >> the above building. >> >> Just wanted to share. >> >> Vince >> Take out words goodguy to e-mail >> Check out new listings on e-bay under BOOKMAGS >> ------------------------------------------------------- > - 3. Seen For What They Are In Europe
On 11 Dec 2003 22:57:39 GMT, "Guy Polis is a Proud Gay Male" < XXXX@XXXXX.COM > wrote: >The Revd Terence Fformby-Smythe < XXXX@XXXXX.COM > wrote: >> On 11 Dec 2003 20:05:54 GMT, "Guy Polis is a Proud Gay Male" >> < XXXX@XXXXX.COM > wrote: >> >> >The Revd Terence Fformby-Smythe < XXXX@XXXXX.COM > wrote: >> >> >> >> I love Kosher food! Even Krispy Kreme doughnuts have that 'K'! >> > >> >Stuff yerself, Razzy! >> > >> >The more Kosher food in youz, the better person you'll be. >> >> blah blah blah blah > >Hey, XXXX@XXXXX.COM , don't you get tired of making the >same posts over and over again? Hey, XXXX@XXXXX.COM , don't youse get tired of changing your handle to avoid being forged? Wun wabbit, wun wabbit, wun wun wun.... BWAHAHAHAHAHAHAHAHAAAAAA!!!!
Next
default permission in /var/sadm/patch
by Thomas Maier-Komor » Fri, 16 Dec 2005 20:27:16 GMT
Re: default permission in /var/sadm/patch
by Martin Paul » Tue, 20 Dec 2005 18:48:01 GMT
I guess it's one of the things that were implemented long ago, and never have been re-thought. I see no technical reason either why the READMEs shouldn't be accessible to anybody. On the other hand, I don't really care. pca runs as a regular user, and (using patchdiag.xref), shows much more information about installed patches than showrev -p or grepping through the READMEs ever would reveal: % pca -i Patch IR CR RS Age Synopsis ------ -- - -- -- --- -------------------------------------------------------- 111711 14 = 14 R 56 SunOS 5.9: 32-bit Shared library patch for C++ 111712 14 = 14 R 56 SunOS 5.9: 64-Bit Shared library patch for C++ 111722 04 = 04 956 SunOS 5.9: Math Library (libm) patch 112233 12 = 12 RS 607 SunOS 5.9: Kernel Patch 112617 02 = 02 RS 999 CDE 1.5: rpc.cmsd patch 112622 18 < 19 112 SunOS 5.9: M64 Graphics Patch ... It should be noted that /var/sadm/patch won't contain all patch READMEs anyway if patches have been pre-integrated by Sun, as it is the case for all update (non-FCS) releases of Solaris. mp. -- Systems Administrator | Institute of Scientific Computing | Univ. of Vienna
Re: default permission in /var/sadm/patch
by Thomas Maier-Komor » Thu, 22 Dec 2005 18:06:21 GMT
Thanks Martin for the hint. I gave it a try and it really shows everything one needs to know. But I am wondering why do I get lines like this: 116302 02 > -- 999 NOT FOUND IN CROSS REFERENCE FILE! It occures on n a standard Solaris 10 system. What is the reason that it shows much more patches that need to be updated than updatemanager. Are updatemanager and smpatch broken or is it telling me about updates which really should not be installed? Tom
Re: default permission in /var/sadm/patch
by Martin Paul » Thu, 22 Dec 2005 19:41:39 GMT
This happens when a patch is installed which is not listed in Sun's patch database (patchdiag.xref). This patch can't be found via the patchfinder on sunsolve.com either. It's an error on Sun's side. At the end it's more of a cosmetic issue. 116302-02 is for SUNWxrpcrt (JAX-RPC Runtime, part of the Sun One Application Server), BTW. You will notice that this patch isn't listed in /var/sadm/patch either. Other pre-integrated patches in Solaris 10 3/05 are 113886/113887 for OpenGL, and 116298-08 for Java API for XML Parsing. Judging from the problems people had with updatemanager, "broken" might be a word that could well be used. Fact is that there is no clearly documented definition for which patches updatemanager will show as uninstalled. As far as pca is concerned, by default it will show all patches which are marked either "Recommended" or "Security" by Sun, and all patches they depend on. The installation of all R/S patches is what Sun usually recommended, and what was promoted with the "Recommended Patch Cluster". When run as "pca -u" it will show *all* patches that can be applied to an OS installation. mp. -- Systems Administrator | Institute of Scientific Computing | Univ. of Vienna
Similar Threads:
1.for huge "recommended" patch, not enough room in /var/sadm/patch
Not enough room in /var/sadm/patch, the install-script says. But on other partitions and disks I have *lots* of space available. Just not on the root partition, which contains /var/sadm/patch (among much else, of course). Might this work. Rename /var/sadm/patch to eg /var/sadm/patch2-original, then create a patch dir in some partition that had logs of space, and then make /var/sadm/patch a symlink to there. Or should I symlink either higher up the var/sadm tree, or symlink *several* of those directories? And is there any reason to *copy* those directories to where I'm going to symlink to, so that if there's already some contents, they'll still be "there"? (That install-script doesn't explicitly check for this trick -- I hope not.) ----- Or is there maybe some better way to do surmount this not-enough-disk pbm? ---------- Of course I do down to single-user before doing the ./install_cluster, but any reason I can't leave everything else mounted? I mean, in recent years, has anyone *ever* gotten hurt by doing that? (If so, please say how, so we can all get wised-up on this, uh, danger.) Thanks!!! David
2.Solaris Live upgrade: questions about /var/sadm/patch
According to the solaris FAQ:--------8<-----------------|3.40) Why does installing patches take so much space in /var/sadm? All the files that are replaced by a patch are stored under /var/sadm/patch/<patch-id>/save so the patch can be safely backed out. Newer patches will save the old files under /var/sadm/pkg/<pkg>/save/<patch-id>/undo.Z, for each package patches. You can remove the <patchdir>/save directory provided you also remove the <patchdir>/.oldfilessaved file. Newer patches will not install a .oldfilessaved file. Alternatively, you can install a patch w/o saving the old files by using the "-d" flag to installpatch.|3.41) Do I need to back out previous versions of a patch? No, unless otherwise stated in the patch README. If the previous patch installation saved the old files, you may want to reclaim that space. Patches can be backed out with (Solaris 2.6+): patchrm <patch-id> or in earlier releases: /var/sadm/patch/<patch-id>/backoutpatch <patch-id> Backoutpatch can take an awful long time, especially when the patch contained a lot of files. This is fixed in later versions of backoutpatch.---------------->8---------------------------Prior to doing the live upgrade, I would like to minimize the size of my root partition (containing /var in my case) Can I safely remove all patches (not just the save directories)from /var/sadm/patches or will live upgrade do it automatically ? I presume that after a solaris upgrade, the liste of installed patches on the system will be NULL ?Another last point, does "back out patch" mean to go back to the state BEFORE the patch was applied ? I don't understand the 3.41 paragraph. What does it mean ? It seems to mean that whenever you apply a newpatch, you should go back to the previous version before installing ?Ex: Original package = blabla-01Apply patch blabla-02 (BlaBla-01 saved)You now want to apply patch blabla-03.Does question 3.41 ask: "if you need to install patch blabla-03 you should first back ou to blabla-01 ?" If so, what do you do if the README tells you that you have to, but you REMOVED the save directory ?Thanks !
3.Repost: Solaris Live Upgrade: questions about /var/sadm
Sorry for the report, seems like my news reader misbehaved (Ah, MSFT!)
According to the solaris FAQ:
--------8<-----------------
|3.40) Why does installing patches take so much space in /var/sadm?
All the files that are replaced by a patch are stored under
/var/sadm/patch/<patch-id>/save so the patch can be safely
backed out. Newer patches will save the old files
under /var/sadm/pkg/<pkg>/save/<patch-id>/undo.Z, for each package
patches.
You can remove the <patchdir>/save directory provided you also
remove the <patchdir>/.oldfilessaved file. Newer patches will not
install a .oldfilessaved file.
Alternatively, you can install a patch w/o saving the old
files by using the "-d" flag to installpatch.
|3.41) Do I need to back out previous versions of a patch?
No, unless otherwise stated in the patch README.
If the previous patch installation saved the old
files, you may want to reclaim that space.
Patches can be backed out with (Solaris 2.6+):
patchrm <patch-id>
or in earlier releases:
/var/sadm/patch/<patch-id>/backoutpatch <patch-id>
Backoutpatch can take an awful long time, especially when the
patch contained a lot of files. This is fixed in later versions
of backoutpatch.
---------------->8---------------------------
Prior to doing the live upgrade, I would like to minimize the size of my
root partition
(containing /var in my case) Can I safely remove all patches (not just the
save directories)
from /var/sadm/patches or will live upgrade do it automatically ?
I presume that after a solaris upgrade, the liste of installed patches on
the system will be NULL ?
Another last point, does "back out patch" mean to go back to the state
BEFORE the patch was applied ?
I don't understand the 3.41 paragraph. What does it mean ? It seems to mean
that whenever you apply a new
patch, you should go back to the previous version before installing ?
Ex: Original package = blabla-01
Apply patch blabla-02 (BlaBla-01 saved)
You now want to apply patch blabla-03.
Does question 3.41 ask: "if you need to install patch blabla-03 you should
first back ou to blabla-01 ?"
If so, what do you do if the README tells you that you have to, but you
REMOVED the save directory ?
Thanks !
Hello. I noticed that my /var/sadm/pkg is rather big. It's currently about 1.7g. Can I deleted no longer required "save" directories from there (like /var/sadm/pkg/SUNWzfsu/save)? Thanks, Alexander Skwar
7. frequency alphabet for files in /var/sadm/install/contents
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 38 guest