Cannot run privoxy as non-root user
Hi all,
I am having some problems running privoxy as a non-root user. I am not quite sure where to look as I simply get a return / exit status of 1. I didn't see what that maps to on privoxy's site. As an aside, privoxy works fine in my regular install, but in my USB thumbdrive install with AUFS overlay, that is where I am having issues. It might be a filesystem permission issue, but I don't see anything with journalctl -xn or dmesg or privoxy's logs that tells me anything.
Does anyone have any ideas what else to look for?
Thanks,
Walter
Hi,
Thanks for your reply - AUFS is a filesystem (I am running ArchLinux off of an SD card where the rootfs is squashfs with an AUFS overlay). I've had issues with it in the past which turned out to really be permission issues. I had an issue before where CUPS was unable to print because of the permissions, but it fixed itself after an upgrade.
I don't have any error messages to review to make solving the problem any easier. The only thing I verified was I took the systemd unit file and ran the same command as root and privoxy and it worked under root, but failed under privoxy.
Walter
Similar Messages
-
Cannot run tmux as non-root user.
I'm not certain if this is the correct section for this.
I have a cloud server that I recently created that doesn't have a swap partition. I migrated the home directory for this user from another server to this new server. The appropriate permissions are set.
I attempted to strace this to look at the system calls for this when running it.
strace -fs 4000 -o strace.txt tmux.
I'm abridging some of this. These are part of the last 50 lines.
5758 close(10) = 0
5758 close(9) = 0
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 poll([?] 0x1c33820, 4, 995) = 2
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 writev(8, [?] 0x7ffffe287c80, 1) = 73
5758 sendmsg(7, 0x7ffffe284460, 0) = 8236
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 poll([?] 0x1c33820, 4, 994 <unfinished ...>
5756 <... poll resumed> ) = 1 ([{fd=6, revents=POLLIN}])
5756 clock_gettime(CLOCK_MONOTONIC, {521260, 588392101}) = 0
5756 gettimeofday({1384888944, 278223}, NULL) = 0
5756 recvmsg(6, {msg_name(0)=NULL, msg_iov(1)=[{"\323\0\0\0\30 \0\0\10\0\0\0\377\377\377\3771\0\0\0\0\0\0\0create session failed: : Operation not permitted\n\fi\200v\177\0\0\36\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0\300\247\301\1\0\0\0\0\2701\303\1\0\0\0\0\300\247\301\1\0\0\0\0P\3146\200v\177\0\0@\5\304\1\0\0\0\0\260](\376\377\177\0\0000M(\376\377\177\0\0 \1\304\1\0\0\0\0 \1\304\1\0\0\0\0@\5\304\1\0\0\0\0\260L(\376\377\177\0\0A\334A\0\0\0\0\0"..., 65535}], msg_controllen=0, msg_flags=0}, 0) = 8236
5756 write(2, "create session failed: : Operation not permitted\n", 49) = 49
5756 poll([{fd=4, events=POLLIN}], 1, 0) = 0 (Timeout)
5756 clock_gettime(CLOCK_MONOTONIC, {521260, 588816739}) = 0
5756 gettimeofday({1384888944, 278647}, NULL) = 0
5756 fcntl(0, F_GETFL) = 0x8c02 (flags O_RDWR|O_APPEND|O_NONBLOCK|O_LARGEFILE)
5756 fcntl(0, F_SETFL, O_RDWR|O_APPEND|O_LARGEFILE) = 0
5756 exit_group(1) = ?
5758 <... poll resumed> ) = 1
5758 clock_gettime(CLOCK_MONOTONIC, {...}) = 0
5758 gettimeofday({...}, NULL) = 0
5758 recvmsg(7, 0x7ffffe2863a0, 0) = 0
5758 ioctl(8, TIOCGWINSZ, 0x7ffffe288450) = 0
5758 ioctl(8, SNDCTL_TMR_START or SNDRV_TIMER_IOCTL_TREAD or TCSETS, 0x7ffffe288400) = 0
5758 write(8, 0x1c412a0, 7) = 7
5758 write(8, 0x1c3d340, 3) = 3
5758 write(8, 0x1c3d440, 6) = 6
5758 write(8, 0x1c3d380, 7) = 7
5758 write(8, 0x1c38ca0, 7) = 7
5758 write(8, 0x1c3d610, 6) = 6
5758 write(8, 0x1c38cc0, 12) = 12
5758 write(8, 0x46c5dc, 24) = 24
5758 write(8, 0x1c3d360, 8) = 8
5758 fcntl(8, F_GETFL) = 0x8402 (flags O_RDWR|O_APPEND|O_LARGEFILE)
5758 fcntl(8, F_SETFL, O_RDWR|O_APPEND|O_LARGEFILE) = 0
5758 close(8) = 0
5758 close(5) = 0
5758 close(7) = 0
5758 exit_group(0) = ?
5758 +++ exited with 0 +++
5756 +++ exited with 1 +++
So I see that a write on a certain file was supposed to happen but it failed due to the operation not being permitted. I speculated that the tmp folder for that tmux session for that user may have not had the correct permissions.
drwx------ 2 sword sword 60 Nov 19 19:22 tmux-1000/
I was incorrect about that. Is there something else I'm missing here?alphaniner wrote:Is this relevant?
Yes. That worked actually. Thanks. Solved. -
Creating a package such that its postinstall script runs as a non-root user
The pkgmap(4) man page I have (says "Last change: 30 Apr 1999"; from SUNWman 42.6,REV=6.1) says of the owner and group fields in a pkgmap entry line:
"This field is not used for linked files or non-installable files. It is used optionally with a package information file. If used, it indicates with what [owner/group] an installation script will be executed."
The pkgmap file I get after running pkgmk on my prototype file contains a line like
1 i postinstall 292 23672 1166416139for the postinstall script. The man page quote above suggests that if I want the script to be run with user and group fred/staff (say), I can hand-edit this line to instead be
1 i postinstall fred staff 292 23672 1166416139However, pkgadd doesn't like this, complaining and failing thus:
pkgadd: ERROR: bad entry read in pkgmap
pathname=postinstall
problem=extra tokens on input line
pkgadd: ERROR: unable to process pkgmapFurthermore, there doesn't seem to be anything I can put in my prototype file to get these fields into the generated pkgmap. The corresponding owner/group fields are syntax errors for a package information file in a prototype file.
All this, and the wording in the Application Packaging Developer's Guide, suggest that the pkgmap man page is wrong and there isn't a way to specify a non-root user and group as which you want your package's install scripts to run.
On the other hand, the pkgadd confirmation "This package contains scripts which will be executed with super-user permission during the process of installing this package. / Do you want to continue with the installation of <PCBBserv> [y,n,?]" suggests that there might be some way to make a package such that it contains scripts which will be executed with ordinary user permissions, and thus not warrant a confirmation.
Any suggestions?
Thanks,
Johntpolich wrote:One more quick question, is rc.local run the backround or say if I asked for input would the system boot hang?
Yes, rc.local itself would hang, but if you background the process inside rc.local using the '&' symbol at the end of the command, then that command will be backgrounded and rc.local can continue. -
I have a fresh install of Arch Linux that is working great except I cannot run xorg as my normal login, only root.
When I attempt to start X with either startxfce4 or startx, I get
xf68openconsole: cannot open virtual console 1 (permission denied)
XFCE is installed and works fine as root. I've done a lot of searching and I've found a lot of other people having this problem but none of their solutions have worked for me. I tried reinstalling xorg, checking my user permissions (I'm in the wheel group), and adding vt$XDG_VTNR to the end of my xserverrc file.
I haven't used arch in a long time (before systemd) and I feel like a rank newbie! Nothing I have read suggests any need for permissions changes when installing X so I don't know why it's not working out of the box. I feel like it must be an obvious answer but I need someone to slap me in the face with it, obviously.
Appreciate any help in advance-karol wrote:
Post your ~/.xinitrc and the exact command you use e.g. 'startx' or 'startx -- :1 vt$XDG_VTNR -keeptty' etc. Make sure e.g. 'startx' is not aliased to something.
Have you tried starting it from another tty? Do you run the stock linux console in the tty or e.g. tmux?
Post the output of
uname -a
What's your hardware and graphics drivers?
xinitrc here
I am using startxfce4:
[root@ninja-laptop /]# type startxfce4
startxfce4 is /usr/bin/startxfce4
I haven't made any changes to the console or tty so I'm assuming I'm running it in stock. I haven't tried starting from another tty.
[root@ninja-laptop /]# uname -a
Linux ninja-laptop 3.19.3-3-ARCH #1 SMP PREEMPT Wed Apr 8 14:10:00 CEST 2015 x86_64 GNU/Linux
Thanks- -
Cannot start X11 as non-root user
Yes I know, there are about a billion threads about this issue, but I'm afraid none of them have helped me so far.
So, basically as root I can startx just fine. But when I try to startx as my user "hb", I see the Nvidia logo and it jumps back to the console. It doesn't display any real errors, apart from some font and keyboard stuff, which isn't fatal to starting the X server as far as I know. The Xorg.0.log doesn't display any errors at all. So I really don't have a clue what the problem is.
I've installed Arch Linux just a week ago on this laptop and I didn't have any problems whatsoever, but I've tried to reinstall 3 times today and X11 keeps refusing to work...
I've used nvidia-xconfig to configure xorg.conf and I followed the wiki instructions (which worked for me the last time). But considering X11 works for root, the config file should be okay, right?
Last edited by HyperBaton (2008-02-03 12:50:11)I don't have a window manager installed yet. Seemed rather pointless when X wasn't working yet. The .xinitrc is there, but doesn't exec anything. But in the previous install I installed xfce4 and had .xinitrc do "exec xfce4-session", and the result was the same as now: X starts then jumps back to console.
-
Setting previleges to a non-root user account to access ports
Hello ,
I am tring to do an icmp-ping to a machine in the network from an application by connecting to icmp port through a raw socket.
My question is i am able to connect to icmp port using raw socket only in root user account. But my application should run under a non root user account and do the ping for me.
1)How do i set previleges to a particular user to access icmp port?
I am running the application on solaris 9
2)I read a paper on net saying ports from 0 to 1024 can only be accessed by a root user account?
Why is this and what can be done for a non-root user account to access these ports.
3) Is this possible in solaris 9.
Thanks in Advance,
cheers,
palThere is only one solution: create a new Standard user account and set it as your auto login account, if you use that feature.
Using what you describe is mostly a false sense of security. Were someone to hack into the computer they could hack into the standard account, so you would not wish to keep any sensitive data in that account. Other things to consider:
Turn on your Firewall in Security & Privacy preference panel.
Use software to mask your online presence such as ProxyCap 2.03, MacProxy, Proxifier, or Hotspot Shield. -
Getting file descriptor counts as a non-root user
I have a number of scripts running on Solaris 8 and Solaris 10 systems that currently run as root in order to read file descriptor counts from various processes. currently they do something like: ls /proc/$PID/fd | wc -l to get a count of file descriptors for a given process $PID.
These scripts need to be migrated to run as a non-root user. This means that my method for obtaining file descriptors will only work if the script owner and process owner are the same - this is not always the case however.
For Solaris 10, I can assign the privilege proc_owner to the script owner - this works fine.
For Solaris 8 I'm stuck.
Does anyone have any idea how I can read a file descriptor count from an arbitrary process as a non-root user on Solaris 8 ?
Thanks,
NickFor Solaris 8 I'm stuck.
Does anyone have any idea how I can read a file descriptor count from an
arbitrary process as a non-root user on Solaris 8 ?As I'm sure you suspect there isn't a way to get around the all privileges
or none arrangement in Solaris 8. One workaround option though is the
recently announced Solaris 8 Migration Assistant 1.0 which allows you to
run a Solaris 8 container on Solaris 10 SPARC systems. A good collection
of the relevant links are here:
http://blogs.sun.com/dp/entry/solaris_8_migration_assistant_1
With this option your Solaris 10 script process with the proc_owner
privilege could also be run against the processes in the Solaris 8
container.
Hope this helps.
Brent -
Install AM in JES WS container with JES WS installed using non-root user
Does anyone know how to make Access Manager work when the Sun JES Web Server is installed using a non-root user? Is this even possible?
Basically it is documented in JES install guide
Sun Java Enterprise System 2005Q1
Access Manager Configured to Run as a Non-root User Example . . . . . . . . . . . . . . . . . . . . . . . . . 120 -
Running VMware Server 2 services as a non-root user
Hello,
I have switched from VirtualBox to VMware Server 2 on my Arch64 server and the transition has been relatively painless. I am at the point now where I want to run VMware's services as a non-root user account (I have a service account called "svc-vmadmin" that I'd like to use). I'm generally not comfortable running services as root, but at the same time I'm conscious of the time and effort required vs. overall benefits.
I've done the usual Google searches and even checked the VMware Server 2 user guide and the VMware community, but I can't find specific details on how to achieve this.
Is this even plausible in a Linux environment? I used to run VMware Server 1 under the SYSTEM account on Windows Server, so I'm hopinga similar thing can be done on Arch.
I would greatly appreciate any information or personal experience that fellow Archers can share.
Thanks,
ThomSystem services are handled by launchd.
If you look in /System/Library/LaunchDaemons/ you'll see a plist file for each service including org.isc.named.plist, the plist for named.
If you edit this file you'll see it's an XML document that describes the service and how the OS should handle it, including the part:
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/named</string>
<string>-f</string>
</array>
Just append another entry in the array that says <string>-u nobody</string> (or whatever username you want to run as. -
Problem in running servlets over the net & in non-root user mode(FC-4)
I have installed Tomcat 5.0.28 and it is running
successfully in Fedora core 4,I wrote a servlet,to access a mysql database and it is running correctly,but when i logged
onto non-root user, when i call the servlet through the
html page i get "page not found error" .This is happening even when i do it from other system.
I thank in advance if any could help me in this caseDid you try using %20 instead of a space? I know it works for URLs...worth a shot.
-
[Solved] Non-root user cannot access mounted ntfs filesystem
Hi -,
i have a dualboot system (arch/xfce + win7) and i use a ntfs partition /dev/sda2 to store files i use with both operating systems. I added the partition to fstab and it gets mounted, but i cannot access it with my non-root user. With root it works fine...
My fstab:
# cat /etc/fstab
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
LABEL=home /home ext4 defaults 0 1
LABEL=root / ext4 defaults 0 1
LABEL=swap swap swap defaults 0 0
/dev/sda2 /media/sda2 ntfs defaults 0 2
Is there any option that allows all users to use the mounted device? Or how is this usually done ...
Last edited by muzzel (2012-05-30 20:39:58)See: NTFS-3G for important setup information.
My fstab line looks like:
/dev/sdb1 /media/Win_USB ntfs-3g uid=1000,gid=users,fmask=113,dmask=0022 0 0
This sets up some important parameters which the NTFS-3G Wiki Page covers. Basically, "ntfs" is only a basic driver and is built into the kernel. "ntfs-3g" is a much better, and less disk-eating, driver that you should install and use if you need the drive in Linux any more than occasionally. My fstab line makes my user (1000) the owner and the masks lets me write and etc to it. When you install NTFS-3G it is automatically used when you use the mount command to mount NTFS drives. In fstab, as above, you would specify it explicitly.
You can find your own user number by entering "id" at a terminal. -
ZSNES fails to run as non-root user (X BadAlloc Error) [Solved]
Recently, I noticed that ZSNES failed to start unless it was run by root. The program, when called by a non-root user, would hang after generating the error:
X Error of failed request: BadAlloc (insufficient resources for operation)
Major opcode of failed request: 153 (GLX)
Minor opcode of failed request: 3 (X_GLXCreateContext)
Serial number of failed request: 25
Current serial number in output stream: 26
Does anyone know what permissions need to be fixed to resolve this?
Though I'm not sure if it's useful, here's a backtrace of the error:
#0 0xb79eeab5 in _XReply () from /usr/lib/libX11.so.6
#1 0xb79ea10b in XSync () from /usr/lib/libX11.so.6
#2 0xb7f50cd4 in ?? () from /usr/lib/libSDL-1.2.so.0
#3 0xb7f5920a in ?? () from /usr/lib/libSDL-1.2.so.0
#4 0xb7f46e7b in SDL_VideoQuit () from /usr/lib/libSDL-1.2.so.0
#5 0xb7f1d7dd in SDL_QuitSubSystem () from /usr/lib/libSDL-1.2.so.0
#6 0x082f6994 in ?? ()
#7 0xb7b59611 in __run_exit_handlers () from /usr/lib/libc.so.6
#8 0xb7b5969d in exit () from /usr/lib/libc.so.6
#9 0xb79f0dde in _XDefaultError () from /usr/lib/libX11.so.6
#10 0xb7f59002 in ?? () from /usr/lib/libSDL-1.2.so.0
#11 0xb79f0f16 in _XError () from /usr/lib/libX11.so.6
#12 0xb79ede8e in ?? () from /usr/lib/libX11.so.6
#13 0xb79edee7 in ?? () from /usr/lib/libX11.so.6
#14 0xb79eebe0 in _XReply () from /usr/lib/libX11.so.6
#15 0xb79ea10b in XSync () from /usr/lib/libX11.so.6
#16 0xb7f50cd4 in ?? () from /usr/lib/libSDL-1.2.so.0
#17 0xb7f54ca7 in ?? () from /usr/lib/libSDL-1.2.so.0
#18 0xb7f5ad77 in ?? () from /usr/lib/libSDL-1.2.so.0
#19 0xb7f5b3b0 in ?? () from /usr/lib/libSDL-1.2.so.0
#20 0xb7f47502 in SDL_SetVideoMode () from /usr/lib/libSDL-1.2.so.0
#21 0x082f77c4 in ?? ()
#22 0x082f5997 in ?? ()
#23 0x082f5e41 in ?? ()
#24 0x082f3ab4 in ?? ()
Thanks for any help in this matter.
Last edited by szim90 (2012-11-20 04:52:23)May I completely change the subject and ask why you might need ZSNES specifically?
Personally I can recommend using something that is actively maintained and updated such as retroarch (wiki) combined with the snes9x-next module (the module is actively maintained).
Another good alternative is mednafen, although it does a lot more than just SNES emulation. -
Non-root user cannot umount a SAMBA share if there is "SPACE" with the
I already post this to the bugs report http://bugs.archlinux.org/task/9672, but I would like to see if someone in the forum can help.
Description:
If there are "SPACE" in the SAMBA share name. Then, a non-root user can mount that share, but cannot umount it with "umount" command. It gives "mount desagrees with the fstab" error. root can mount/umount without any problem.
Also, user can umount the share by "smbumount" without any problem.
Additional info:
* package version(s)
samba 3.0.28A-1
util-linux-ng 2.13.0.1-2
* config and/or log files etc.
/etc/fstab
Steps to reproduce:
1. Add a line in /etc/fstab as the following
//QNAP-500GB/USB\040Disk\0401 /mnt/eBooks smbfs workgroup=GROUPNAME,username=xxxxxx,ip=xxxxxxxx,password=xxxxxx,noauto,noatime,users,rw 0 0
as you can see that SAMBA share name "USB Disk 1" was replace by "USB\040Disk\0401".
2. Change UID of/usr/bin/smbmnt and /usr/bin/smbumount by
chmod u+s /usr/bin/smbmnt
chmod u+s /usr/bin/smbumount
3. Change the ownership of the mount path for this SAMBA share to a non-root user by
chown username:users /mnt/eBooks
4. mount as a non-root user (username)
mount /mnt/eBooks
5. ERROR! if umount as a non-root user; NO ERROR if umount as root.
[ning@HP-m8100y ~]$ umount /mnt/eBooks/
umount: /mnt/eBooks mount disagrees with the fstab
6. This SAMBA share can be umounted by
smbumount /mnt/eBooksDid you try using %20 instead of a space? I know it works for URLs...worth a shot.
-
How do I run the application server instance as non-root user on port <= 1024?
I am using Sun One Application Server 7.0
Thanks in advance
Sri.Two options:
1) Start an instance using the root user, but configure the instance to switch to a non-root user upon startup. Use the "User" directive in the init.conf file of an instance to specify the user
http://docs.sun.com/source/816-7155-10/crinit.html#17116
You should also see the "Run As" setting of an instance in the administrative GUI.
2) Via the ndd command, you can set the smallest non-priveleged port number. See ndd documentation concerning the following setting:
tcp_smallest_nonpriv_port
Once you make the ndd setting, you can use a non-root user to listen on a port number that is equal to or greater than the value of the tcp_smallest_nonpriv_port setting.
Chris -
Non root user can delete root files, bug?
We're having an odd permissions based problem on Solaris 10 u5 x86_64, (new install, fully patched as of 2 days ago) It means that non root users can delete root owned files, which is something I've never seen before, and I've been doing this for almost 10 years.
We're installing into an 80Gb container on VMware ESX server 3.0.1. The OS takes 20Gb (2 processors, 4Gb memory, 8Gb swap) most of the remaining 60Gb is being used as both file systems and raw devices under disksuite as soft partitions. It's one of the file systems, /apps (where we plan to install sybase) that is giving us "issues"
Essentially:
# more /etc/vfstab |grep apps
/dev/md/dsk/d0 /dev/md/rdsk/d0 /apps ufs 2 yes -
# newfs -v /dev/md/rdsk/d0
/dev/md/rdsk/d0: Unable to find Media type. Proceeding with system determined parameters.
newfs: /dev/md/rdsk/d0 last mounted as /apps
newfs: construct a new file system /dev/md/rdsk/d0: (y/n)? y
mkfs -F ufs /dev/md/rdsk/d0 20971520 -1 -1 8192 1024 264 1 546 8192 t 0 -1 8 7 n
/dev/md/rdsk/d0: Unable to find Media type. Proceeding with system determined parameters.
Warning: 4096 sector(s) in last cylinder unallocated
/dev/md/rdsk/d0: 20971520 sectors in 3414 cylinders of 48 tracks, 128 sectors
10240.0MB in 214 cyl groups (16 c/g, 48.00MB/g, 5824 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 98464, 196896, 295328, 393760, 492192, 590624, 689056, 787488, 885920,
20055584, 20154016, 20252448, 20350880, 20449312, 20547744, 20646176,
20744608, 20843040, 20941472
# mount /apps
# ls -al /apps
total 20
drwxr-xr-x 3 root root 512 Sep 10 12:31 .
drwxr-xr-x 38 root root 1024 Sep 10 12:09 ..
drwx------ 2 root root 8192 Sep 10 12:31 lost+found
# su - sybase
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
sol10% cd /apps
sol10% rm *
rm: lost+found is a directory
sol10% rm -rf *
rm: cannot read directory lost+found: Permission denied
sol10% ls -al
total 20
drwxr-xr-x 3 root root 512 Sep 10 12:31 .
drwxr-xr-x 38 root root 1024 Sep 10 12:09 ..
drwx------ 2 root root 8192 Sep 10 12:31 lost+found
sol10% exit
sol10% logout
# chgrp sybase /apps
# chmod g+w /apps
# ls -ald /apps
drwxrwxr-x 3 root sybase 512 Sep 10 12:31 /apps
# ls -al /apps
total 20
drwxrwxr-x 3 root sybase 512 Sep 10 12:31 .
drwxr-xr-x 38 root root 1024 Sep 10 12:09 ..
drwx------ 2 root root 8192 Sep 10 12:31 lost+found
# su - sybase
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
sol10% cd /apps
sol10% rm -rf *
sol10% ls -al
total 4
drwxrwxr-x 2 root sybase 512 Sep 10 12:34 .
drwxr-xr-x 38 root root 1024 Sep 10 12:09 ..
sol10% id
uid=***(sybase) gid=***(sybase)
sol10% exit
sol10% logout
# pwd
# ls -ald /apps
drwxrwxr-x 2 root sybase 512 Sep 10 12:34 /apps
# ls -al /apps
total 4
drwxrwxr-x 2 root sybase 512 Sep 10 12:34 .
drwxr-xr-x 38 root root 1024 Sep 10 12:09 ..
It's a new "bare metal" (in as much as there is no metal) install. I created the sybase user from scratch by hand editing passwd, group and shadow, buy copying and pasting the data out of the NIS maps. All I've done besides the install & patch is setup networking manually, and created the metadb's and the soft partitions and the mount points & newfs'ed & mounted three of them . I then changed ownership of /apps to be sybase:sybase, and handed it to the database team for the sybase install. they came back and said "should we be able to do this?" as they habitually run rm rf * knowing they can't delete root owned files, only now they can... This is true even if I just chgrp the directory and give them group write permissions. They can still delete anything owned by root, even if it doesn't have group permissions just like the lost+found directory. No other "real" machine we have, x86 or SPARC does this, but we've never installed u5 before either.
As you can imagine losing the lost+found directory is a bit of a problem, however what's really worrying me is if they can do that, what happens when they run sybase as the sybase user? If it borks can they trash the OS and write/overwrite random files?
It's a VM, so in as much that's not a problem, but the reason it's a VM is somebody wants to send a VM to a client as a demo, and at present it's highly unstable IMO.
Does anyone have any idea where to start? My thoughts are that it may be a VMware issue, (though the hardware and the guest OS is supported) it could be a bug, because I've never seen that weird newfs error before, and then I found this:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6622243
Or it could be me, and the fact that I'm hand configuring it, and u5 now requires I do it "properly" with useradd, etc. I'd like to test, but the guy wants it built, and wants it now, so I patched it up, and gave it back to the database team and told them to be careful.
I'd be interested in you opinions regardless.
The full spec of the "machine" is below, sol10 is not it's name for obvious reasons, and I've hashed out the ID & GIUD for similar reasons.
# uname -a
SunOS sol10 5.10 Generic_127128-11 i86pc i386 i86pc
# prtdiag
System Configuration: VMware, Inc. VMware Virtual Platform
BIOS Configuration: Phoenix Technologies LTD 6.00 09/06/2007
==== Processor Sockets ====================================
Version Location Tag
Pentium(R) Pro CPU socket #0
Pentium(R) Pro CPU socket #1
==== Memory Device Sockets ================================
Type Status Set Device Locator Bank Locator
DRAM in use 0 RAM slot #0 RAM slot #0
DRAM in use 0 RAM slot #1 RAM slot #1
DRAM in use 0 RAM slot #2 RAM slot #2
DRAM in use 0 RAM slot #3 RAM slot #3
==== On-Board Devices =====================================
VMware SVGA II
ES1371
==== Upgradeable Slots ====================================
ID Status Type Description
0 unknown ISA ISA Slot J8
0 unknown ISA ISA Slot J9
0 unknown ISA ISA Slot J10
1 in use PCI PCI Slot J11
2 in use PCI PCI Slot J12
3 in use PCI PCI Slot J13
4 available PCI PCI Slot J14
# dmesg
Wednesday, 10 September 2008 15:33:35 BST
Sep 10 10:17:44 sol10 busra: [ID 490441 kern.info] NOTICE: ndi_ra_free: bad free, dip ffffffff803807a8, resource type memory
Sep 10 10:17:44 sol10 busra: [ID 883242 kern.info] NOTICE: ndi_ra_free: freeing base 0xe0000, len 0x4000 overlaps with existing resource base 0x0, len 0xf4000000
Sep 10 10:17:44 sol10 rootnex: [ID 349649 kern.info] pci0 at root: space 0 offset 0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] pci0 is /pci@0,0
Sep 10 10:17:44 sol10 scsi: [ID 365881 kern.info] /pci@0,0/pci1000,30@10 (mpt0):
Sep 10 10:17:44 sol10 Rev. 1 LSI, Inc. 1030 found.
Sep 10 10:17:44 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: pci1000,30 (mpt) instance 0 vector 0x11 ioapic 0x2 intin 0x11 is bound to cpu 0
Sep 10 10:17:44 sol10 scsi: [ID 365881 kern.info] /pci@0,0/pci1000,30@10 (mpt0):
Sep 10 10:17:44 sol10 mpt0 Firmware version v0.0.0.0 (?)
Sep 10 10:17:44 sol10 scsi: [ID 365881 kern.info] /pci@0,0/pci1000,30@10 (mpt0):
Sep 10 10:17:44 sol10 mpt0: IOC Operational.
Sep 10 10:17:44 sol10 pci: [ID 370704 kern.info] PCI-device: pci1000,30@10, mpt0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] mpt0 is /pci@0,0/pci1000,30@10
Sep 10 10:17:44 sol10 scsi: [ID 193665 kern.info] sd0 at mpt0: target 0 lun 0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] sd0 is /pci@0,0/pci1000,30@10/sd@0,0
Sep 10 10:17:44 sol10 genunix: [ID 408114 kern.info] /pci@0,0/pci1000,30@10/sd@0,0 (sd0) online
Sep 10 10:17:44 sol10 unix: [ID 190185 kern.info] SMBIOS v2.31 loaded (1695 bytes)
Sep 10 10:17:44 sol10 genunix: [ID 408114 kern.info] /cpus (cpunex0) online
Sep 10 10:17:44 sol10 pseudo: [ID 129642 kern.info] pseudo-device: dld0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] dld0 is /pseudo/dld@0
Sep 10 10:17:44 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: i8042 (i8042) instance 0 vector 0x1 ioapic 0x2 intin 0x1 is bound to cpu 1
Sep 10 10:17:44 sol10 pcplusmp: [ID 398438 kern.info] pcplusmp: i8042 (i8042) instance #0 vector 0xc ioapic 0x2 intin 0xc is bound to cpu 1
Sep 10 10:17:44 sol10 i8042: [ID 526150 kern.info] 8042 device: keyboard@0, kb8042 # 0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] kb80420 is /isa/i8042@1,60/keyboard@0
Sep 10 10:17:44 sol10 i8042: [ID 526150 kern.info] 8042 device: mouse@1, mouse8042 # 0
Sep 10 10:17:44 sol10 genunix: [ID 936769 kern.info] mouse80420 is /isa/i8042@1,60/mouse@1
Sep 10 10:17:44 sol10 unix: [ID 950921 kern.info] cpu0: x86 (GenuineIntel family 6 model 15 step 8 clock 2000 MHz)
Sep 10 10:17:44 sol10 unix: [ID 950921 kern.info] cpu0: Intel(r) Xeon(r) CPU E5335 @ 2.00GHz
Sep 10 10:17:47 sol10 unix: [ID 950921 kern.info] cpu1: x86 (GenuineIntel family 6 model 15 step 8 clock 2000 MHz)
Sep 10 10:17:47 sol10 unix: [ID 950921 kern.info] cpu1: Intel(r) Xeon(r) CPU E5335 @ 2.00GHz
Sep 10 10:17:47 sol10 unix: [ID 557827 kern.info] cpu1 initialization complete - online
Sep 10 10:17:47 sol10 rootnex: [ID 349649 kern.info] iscsi0 at root
Sep 10 10:17:47 sol10 genunix: [ID 936769 kern.info] iscsi0 is /iscsi
Sep 10 10:17:52 sol10 genunix: [ID 454863 kern.info] dump on /dev/dsk/c1t0d0s1 size 8197 MB
Sep 10 10:17:53 sol10 pci: [ID 370704 kern.info] PCI-device: pci8086,7191@1, pci_pci0
Sep 10 10:17:53 sol10 genunix: [ID 936769 kern.info] pci_pci0 is /pci@0,0/pci8086,7191@1
Sep 10 10:17:54 sol10 mac: [ID 469746 kern.info] NOTICE: e1000g0 registered
Sep 10 10:17:54 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: pci8086,100f (e1000g) instance 0 vector 0x12 ioapic 0x2 intin 0x12 is bound to cpu 0
Sep 10 10:17:54 sol10 e1000g: [ID 766679 kern.info] Intel(R) PRO/1000 Network Connection, Driver Ver. 5.1.11
Sep 10 10:17:54 sol10 pseudo: [ID 129642 kern.info] pseudo-device: zfs0
Sep 10 10:17:54 sol10 genunix: [ID 936769 kern.info] zfs0 is /pseudo/zfs@0
Sep 10 10:17:55 sol10 pseudo: [ID 129642 kern.info] pseudo-device: pm0
Sep 10 10:17:55 sol10 genunix: [ID 936769 kern.info] pm0 is /pseudo/pm@0
Sep 10 10:17:55 sol10 pseudo: [ID 129642 kern.info] pseudo-device: power0
Sep 10 10:17:55 sol10 genunix: [ID 936769 kern.info] power0 is /pseudo/power@0
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: devinfo0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] devinfo0 is /pseudo/devinfo@0
Sep 10 10:17:56 sol10 rootnex: [ID 349649 kern.info] xsvc0 at root
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] xsvc0 is /xsvc
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: pseudo1
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] pseudo1 is /pseudo/zconsnex@1
Sep 10 10:17:56 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: lp (ecpp) instance 0 vector 0x7 ioapic 0x2 intin 0x7 is bound to cpu 1
Sep 10 10:17:56 sol10 isa: [ID 202937 kern.info] ISA-device: ecpp0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] ecpp0 is /isa/lp@1,378
Sep 10 10:17:56 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: asy (asy) instance 0 vector 0x4 ioapic 0x2 intin 0x4 is bound to cpu 0
Sep 10 10:17:56 sol10 isa: [ID 202937 kern.info] ISA-device: asy0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] asy0 is /isa/asy@1,3f8
Sep 10 10:17:56 sol10 pcplusmp: [ID 398438 kern.info] pcplusmp: asy (asy) instance #1 vector 0x3 ioapic 0x2 intin 0x3 is bound to cpu 0
Sep 10 10:17:56 sol10 isa: [ID 202937 kern.info] ISA-device: asy1
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] asy1 is /isa/asy@1,2f8
Sep 10 10:17:56 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: ide (ata) instance 0 vector 0xe ioapic 0x2 intin 0xe is bound to cpu 1
Sep 10 10:17:56 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: ide (ata) instance 0 vector 0xe ioapic 0x2 intin 0xe is bound to cpu 0
Sep 10 10:17:56 sol10 genunix: [ID 640982 kern.info] ATAPI device at targ 0, lun 0 lastlun 0x0
Sep 10 10:17:56 sol10 genunix: [ID 846691 kern.info] model VMware Virtual IDE CDROM Drive
Sep 10 10:17:56 sol10 genunix: [ID 479077 kern.info] ATA/ATAPI-4 supported, majver 0x1e minver 0x17
Sep 10 10:17:56 sol10 pci: [ID 370704 kern.info] PCI-device: ide@0, ata0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] ata0 is /pci@0,0/pci-ide@7,1/ide@0
Sep 10 10:17:56 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:17:56 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:17:56 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:17:56 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:17:56 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:17:56 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:17:56 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:17:56 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:17:56 sol10 scsi: [ID 193665 kern.info] sd1 at ata0: target 0 lun 0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] sd1 is /pci@0,0/pci-ide@7,1/ide@0/sd@0,0
Sep 10 10:17:56 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: fdc (fdc) instance 0 vector 0x6 ioapic 0x2 intin 0x6 is bound to cpu 1
Sep 10 10:17:56 sol10 isa: [ID 202937 kern.info] ISA-device: fdc0
Sep 10 10:17:56 sol10 fdc: [ID 114370 kern.info] fd0 at fdc0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] fd0 is /isa/fdc@1,3f0/fd@0,0
Sep 10 10:17:56 sol10 genunix: [ID 314293 kern.info] device pciclass,030000@f(display#0) keeps up device sd@0,0(sd#1), but the latter is not power managed
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: nvidia255
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] nvidia255 is /pseudo/nvidia@255
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: ramdisk1024
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] ramdisk1024 is /pseudo/ramdisk@1024
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lockstat0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] lockstat0 is /pseudo/lockstat@0
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: llc10
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] llc10 is /pseudo/llc1@0
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lofi0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] lofi0 is /pseudo/lofi@0
Sep 10 10:17:56 sol10 pseudo: [ID 129642 kern.info] pseudo-device: dtrace0
Sep 10 10:17:56 sol10 genunix: [ID 936769 kern.info] dtrace0 is /pseudo/dtrace@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: profile0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] profile0 is /pseudo/profile@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: systrace0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] systrace0 is /pseudo/systrace@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fbt0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] fbt0 is /pseudo/fbt@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: sdt0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] sdt0 is /pseudo/sdt@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fasttrap0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] fasttrap0 is /pseudo/fasttrap@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fcp0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] fcp0 is /pseudo/fcp@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fcsm0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] fcsm0 is /pseudo/fcsm@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lx_systrace0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] lx_systrace0 is /pseudo/lx_systrace@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: ucode0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] ucode0 is /pseudo/ucode@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fssnap0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] fssnap0 is /pseudo/fssnap@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: winlock0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] winlock0 is /pseudo/winlock@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: vol0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] vol0 is /pseudo/vol@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: rsm0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] rsm0 is /pseudo/rsm@0
Sep 10 10:17:57 sol10 pseudo: [ID 129642 kern.info] pseudo-device: pool0
Sep 10 10:17:57 sol10 genunix: [ID 936769 kern.info] pool0 is /pseudo/pool@0
Sep 10 10:17:57 sol10 ipf: [ID 774698 kern.info] IP Filter: v4.1.9, running.
Sep 10 10:18:05 sol10 nfs4cbd[395]: [ID 867284 daemon.notice] nfsv4 cannot determine local hostname binding for transport tcp - delegations will not be available on this transport
Sep 10 10:18:10 sol10 sendmail[598]: [ID 702911 mail.crit] My unqualified host name (localhost) unknown; sleeping for retry
Sep 10 10:18:10 sol10 sendmail[600]: [ID 702911 mail.crit] My unqualified host name (localhost) unknown; sleeping for retry
Sep 10 10:18:17 sol10 mac: [ID 736570 kern.info] NOTICE: e1000g0 unregistered
Sep 10 10:19:10 sol10 sendmail[598]: [ID 702911 mail.alert] unable to qualify my own domain name (localhost) -- using short name
Sep 10 10:19:10 sol10 sendmail[600]: [ID 702911 mail.alert] unable to qualify my own domain name (localhost) -- using short name
Sep 10 10:20:10 sol10 pseudo: [ID 129642 kern.info] pseudo-device: devinfo0
Sep 10 10:20:10 sol10 genunix: [ID 936769 kern.info] devinfo0 is /pseudo/devinfo@0
Sep 10 10:24:54 sol10 mac: [ID 469746 kern.info] NOTICE: e1000g0 registered
Sep 10 10:24:54 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: pci8086,100f (e1000g) instance 0 vector 0x12 ioapic 0x2 intin 0x12 is bound to cpu 0
Sep 10 10:24:54 sol10 e1000g: [ID 766679 kern.info] Intel(R) PRO/1000 Network Connection, Driver Ver. 5.1.11
Sep 10 10:24:59 sol10 e1000g: [ID 801725 kern.info] NOTICE: pci8086,100f - e1000g[0] : Adapter 1000Mbps full duplex copper link is up.
Sep 10 10:28:21 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
Sep 10 10:35:17 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:35:17 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:35:17 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:35:17 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:35:17 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:35:17 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:35:17 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:35:17 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:35:17 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: lp (ecpp) instance 0 vector 0x7 ioapic 0x2 intin 0x7 is bound to cpu 1
Sep 10 10:35:17 sol10 isa: [ID 202937 kern.info] ISA-device: ecpp0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] ecpp0 is /isa/lp@1,378
Sep 10 10:35:17 sol10 pcplusmp: [ID 637496 kern.info] pcplusmp: asy (asy) instance 0 vector 0x4 ioapic 0x2 intin 0x4 is bound to cpu 0
Sep 10 10:35:17 sol10 isa: [ID 202937 kern.info] ISA-device: asy0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] asy0 is /isa/asy@1,3f8
Sep 10 10:35:17 sol10 pcplusmp: [ID 398438 kern.info] pcplusmp: asy (asy) instance #1 vector 0x3 ioapic 0x2 intin 0x3 is bound to cpu 0
Sep 10 10:35:17 sol10 isa: [ID 202937 kern.info] ISA-device: asy1
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] asy1 is /isa/asy@1,2f8
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: nvidia255
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] nvidia255 is /pseudo/nvidia@255
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: ramdisk1024
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] ramdisk1024 is /pseudo/ramdisk@1024
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lockstat0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] lockstat0 is /pseudo/lockstat@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: llc10
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] llc10 is /pseudo/llc1@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lofi0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] lofi0 is /pseudo/lofi@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: profile0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] profile0 is /pseudo/profile@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: systrace0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] systrace0 is /pseudo/systrace@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fbt0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] fbt0 is /pseudo/fbt@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: sdt0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] sdt0 is /pseudo/sdt@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fcp0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] fcp0 is /pseudo/fcp@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fcsm0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] fcsm0 is /pseudo/fcsm@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: lx_systrace0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] lx_systrace0 is /pseudo/lx_systrace@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: ucode0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] ucode0 is /pseudo/ucode@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: fssnap0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] fssnap0 is /pseudo/fssnap@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: winlock0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] winlock0 is /pseudo/winlock@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: pm0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] pm0 is /pseudo/pm@0
Sep 10 10:35:17 sol10 pseudo: [ID 129642 kern.info] pseudo-device: rsm0
Sep 10 10:35:17 sol10 genunix: [ID 936769 kern.info] rsm0 is /pseudo/rsm@0
Sep 10 10:55:50 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:55:50 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:55:50 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:55:50 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:55:50 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:55:50 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 10:55:50 sol10 genunix: [ID 935449 kern.info] ATA DMA off: disabled. Control with "atapi-cd-dma-enabled" property
Sep 10 10:55:50 sol10 genunix: [ID 882269 kern.info] PIO mode 4 selected
Sep 10 11:28:55 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
Sep 10 12:28:56 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
Sep 10 13:29:01 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
Sep 10 14:29:10 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
Sep 10 15:29:38 sol10 in.routed[502]: [ID 798604 daemon.error] empty response from 129.0.1.124
# prtconf
System Configuration: Sun Microsystems i86pc
Memory size: 4132 Megabytes
System Peripherals (Software Nodes):
i86pc
scsi_vhci, instance #0
isa, instance #0
i8042, instance #0
keyboard, instance #0
mouse, instance #0
lp, instance #0
asy, instance #0
asy, instance #1
fdc, instance #0
fd, instance #0
pci, instance #0
pci15ad,1976 (driver not attached)
pci8086,7191, instance #0
pci15ad,1976 (driver not attached)
pci-ide, instance #0
ide, instance #0
sd, instance #1
ide (driver not attached)
pci15ad,1976 (driver not attached)
display, instance #0
pci1000,30, instance #0
sd, instance #0
pci15ad,750, instance #0
iscsi, instance #0
pseudo, instance #0
options, instance #0
agpgart, instance #0
xsvc, instance #0
objmgr, instance #0
acpi (driver not attached)
used-resources (driver not attached)
cpus, instance #0
cpu (driver not attached)
cpu (driver not attached)
# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c1t0d0 <DEFAULT cyl 10440 alt 2 hd 255 sec 63>
/pci@0,0/pci1000,30@10/sd@0,0
Specify disk (enter its number): 0
selecting c1t0d0
[disk formatted]
Warning: Current Disk has mounted partitions.
/dev/dsk/c1t0d0s0 is currently mounted on /. Please see umount(1M).
/dev/dsk/c1t0d0s1 is currently used by swap. Please see swap(1M).
/dev/dsk/c1t0d0s3 is currently mounted on /usr. Please see umount(1M).
/dev/dsk/c1t0d0s4 is currently mounted on /var. Please see umount(1M).
/dev/dsk/c1t0d0s5 is currently mounted on /opt. Please see umount(1M).
/dev/dsk/c1t0d0s6 is part of SVM volume sp:d8. Please see metaclear(1M).
/dev/dsk/c1t0d0s7 contains an SVM mdb. Please see metadb(1M).
FORMAT MENU:
disk - select a disk
type - select (define) a disk type
partition - select (define) a partition table
current - describe the current disk
format - format and analyze the disk
fdisk - run the fdisk program
repair - repair a defective sector
label - write label to the disk
analyze - surface analysis
defect - defect list management
backup - search for backup labels
verify - read and display labels
save - save new disk/partition definitions
inquiry - show vendor, product and revision
volname - set 8-character volume name
!<cmd> - execute <cmd>, then return
quit
format> p
PARTITION MENU:
0 - change `0' partition
1 - change `1' partition
2 - change `2' partition
3 - change `3' partition
4 - change `4' partition
5 - change `5' partition
6 - change `6' partition
7 - change `7' partition
select - select a predefined table
modify - modify a predefined partition table
name - name the current table
print - display the current table
label - write partition map and label to the disk
!<cmd> - execute <cmd>, then return
quit
partition> p
Current partition table (original):
Total disk cylinders available: 10440 + 2 (reserved cylinders)
Part Tag Flag Cylinders Size Blocks
0 root wm 1 - 131 1.00GB (131/0/0) 2104515
1 swap wu 132 - 1176 8.01GB (1045/0/0) 16787925
2 backup wm 0 - 10439 79.97GB (10440/0/0) 167718600
3 usr wm 1177 - 1829 5.00GB (653/0/0) 10490445
4 var wm 1830 - 2091 2.01GB (262/0/0) 4209030
5 unassigned wm 2092 - 2614 4.01GB (523/0/0) 8401995
6 unassigned wm 2617 - 10439 59.93GB (7823/0/0) 125676495
7 unassigned wm 2615 - 2616 15.69MB (2/0/0) 32130
8 boot wu 0 - 0 7.84MB (1/0/0) 16065
9 unassigned wm 0 0 (0/0/0) 0
partition> quit
FORMAT MENU:
disk - select a disk
type - select (define) a disk type
partition - select (define) a partition table
current - describe the current disk
format - format and analyze the disk
fdisk - run the fdisk program
repair - repair a defective sector
label - write label to the disk
analyze - surface analysis
defect - defect list management
backup - search for backup labels
verify - read and display labels
save - save new disk/partition definitions
inquiry - show vendor, product and revision
volname - set 8-character volume name
!<cmd> - execute <cmd>, then return
quit
format> q
# metastat -p
d8 -p c1t0d0s6 -o 109973513 -b 61440
d7 -p c1t0d0s6 -o 109461512 -b 512000
d6 -p c1t0d0s6 -o 109051911 -b 409600
d5 -p c1t0d0s6 -o 88080390 -b 20971520
d4 -p c1t0d0s6 -o 67108869 -b 20971520
d3 -p c1t0d0s6 -o 46137348 -b 20971520
d2 -p c1t0d0s6 -o 41943043 -b 4194304
d1 -p c1t0d0s6 -o 20971522 -b 20971520
d0 -p c1t0d0s6 -o 1 -b 20971520An easy way to think of it is this -- everything in Unix is a file. Including directories; they are just a file which contains a list of the files in that directory, and pointers to them.
If the 'sybase' user has write permission on the directory, they have permission to edit that "list", and can add or remove files to the list. It doesn't matter who the files on the list belong to, because the files are not what is being modified. Only the list of files is being modified. (Of course, in Unix, if you erase the file's listing from all of the lists it's on, the file itself goes away for housekeeping purposes.)
One thing that would have stopped the 'sybase' user from removing the lost+found directory is if that directory itself had files in it -- without write permission to the lost+found directory, that user could not have removed those files, and since one cannot remove a non-empty directory, that operation would have failed. Since lost+found was empty in this case, it could be removed simply by having permission to write to the /apps directory.
This behavior does change if you set the sticky bit on the directory -- in that case, files may only be removed by the owner of the file or directory, or if the user has write permission to the file. This would have prevented the sybase user from removing the lost+found directory. (Note, this also applies to the 'rename' function call.) This would probably be the best way to handle your situation, since you apparently do want the sybase user to be able to add files to /apps, but do not want them to be able to remove lost+found.
Edited by: MadBishop on Sep 12, 2008 7:46 AM
Maybe you are looking for
-
Getting the value of a child node in an array
How do you get the value of a child node in an array titled "entries"? I used to do this in AS2, and now I'm trying in AS3. To top it off, I'm forced to use an XML format I'm unfamiliar with. So I'm not sure how to access these nodes in AS3. An e
-
My itunes wont update it says i need to find a alternate path to install package but the package is not there
-
Hi, I have a string like title-name. i want to capture only title into another string. how can i do it. kindly suggest.
-
Several of my apps on my 2nd gen iPod touch will only open for a split second before closing again, Yet, others work fine. Any solutions? (Maybe it's jealous I just got a new iPod touch running iOS 5.1.- I wanted the camera/scanner.) H
-
Is transport possible w/o implementing Solman Charm
Is transport in satellite system can be managed by solman w/o implementing Solman Charm? If so then how..it can be activated. Thanks in advance for your help.