| We have seen that as well as the files that are installed by a package, a package also contains files that are executed during the installation process and files that provide information about the package, such as how it should be installed and removed, and also checksum information. When a package has been installed the files that provide information about the package are stored under the directory /var/sadm/packages. This directory is called the software package management database. A subdirectory exists for each package that has been installed using the pkgadd command. Some packages do not conform to the Solaris package standards and are installed by a proprietary method. This is not the recommended way for packages to be delivered, as they cannot be managed effectively after they have been installed. As well as /var/sadm holding the information about the packages installed, it also holds some files that control the way packages in general are installed. The most important file that manages this is the package administration file. This is located in the file /var/sadm/install/admin/default. The contents of the default administration file are as follows: #ident "@(#)default 1.4 92/12/23 SMI" /* SVr4.0 1.5.2.1 */ mail= instance=unique partial=ask runlevel=ask idepend=ask rdepend=ask space=ask setuid=ask conflict=ask action=ask basedir=default Each option in the package administration file tells pkgadd how to behave in certain circumstances. In all cases, apart from the mail entry, the value may be set to "ask," which will cause pkgadd to ask the person installing the package what to do. Table 8.4 describes each variable and shows the additional values that may be assigned to them. Leaving a variable unassigned has the same effect as setting it to "ask." Table 8.4. Package Administration File ContentsVariable Name | Description |
|---|
mail | If this value is set, it should be set to a list of users who should receive an email message from pkgadd each time a package is installed. If the entry is left unassigned, no mail message will be sent. | instance | This tells pkgadd how to act if a previous version of the package is already installed. The valid values for this entry are: quit (will cause pkgadd to quit) overwrite (will cause the installed version to be overwritten) unique (the new version of the package will be installed as a separate instance, thus preserving the original)
| partial | This tells pkgadd what to do if the package being installed has been partially installed previously. The valid entries are: | runlevel | This tells pkgadd what to do if the packages run-level requirements are not met. The following two options are valid: | idepend | This tells pkgadd whether to check for package dependencies. The valid options are: | rdepend | This tells pkgrm whether to check for dependencies when a package is being removed. The available options are the same as for idepend. | space | This tells pkgadd what to do if the packages disk space requirements are not met. The valid options are: quit (pkgadd will abort the installation) nocheck (pkgadd will not bother checking, but the installation will fail if it runs out of space)
| setuid | This tells pkgadd what to do if it finds any setuid or setgid files in the package it is installing. Here are the valid alternatives: quit (pkgadd will abort the installation if any are found) nocheck (pkgadd will not bother to check) nochange (will cause pkgadd to carry on with the installation, while removing any setuid or setgid bits from the permissions)
| conflict | This tells pkgadd what to do if a package tries to install a file that already exists (i.e., if it was installed by a different package). The available options are: quit (pkgadd will abort the installation) nocheck (pkgadd will not bother checking and the file in question will be overwritten) nochange (pkgadd will carry on with the installation without installing the conflicting file)
| action | Pkgadd checks action scripts contained in packages to see if they do anything that could have a negative impact on system security. The following may be set to control this: | basedir | This tells pkgadd how to determine the package base directory. It can be set to "ask" or "default." If set to "ask," the person installing the package will be asked to supply a base directory. If it is set to "default," the base directory supplied with the package (i.e., BASEDIR in the pkginfo file) will be used instead. |
Earlier in the chapter, we mentioned that it is possible to install a package without any user interaction so that a package could be installed from within a script or unattended. You may have surmised that this is achieved by altering the administration file. It could be done this way, but as this file affects the way that all packages are installed a better way is to create a different administration file and tell pkgadd to look in that one instead of the default one. The following could be used as an administration file that will cause pkgadd to install a package without asking any questions: hydrogen# cat local_admin mail= instance=unique partial=nocheck runlevel=quit idepend=quit rdepend=quit space=quit setuid=nocheck conflict=nochange action=nocheck basedir=default hydrogen# The values we have chosen for the local administration file are not the only ones that will allow an unattended install. We have chosen the ones that we feel will not cause too big a problem in the event that some of the conditions checked for actually exist. For example, we have chosen "quit" as the option for space, because if we set it to "nocheck" and the filesystem filled during the install we would be left with the package in an unpredictable state. The basic rule is that if you want to perform an automated install you should set the variables to anything other than "ask." This is how we could install the System Accounting package (sar) without pkgadd asking for any input from the user: hydrogen# pkgadd -a local_admin -d sar.pkg all Processing package instance <SUNWaccr> from </export/packages/sar.pkg> System Accounting, (Root) (sparc) 11.7.0,REV=1998.09.01.04.16 Copyright 1998 Sun Microsystems, Inc. All rights reserved. Using </> as the package base directory. ## Processing package information. ## Processing system information. 10 package pathnames are already properly installed. ## Verifying package dependencies. ## Verifying disk space requirements. Installing System Accounting, (Root) as <SUNWaccr> ## Installing part 1 of 1. [ verifying class <preserve> ] [ verifying class <initd> ] /etc/rc2.d/S21perf <linked pathname> Installation of <SUNWaccr> was successful. Processing package instance <SUNWaccu> from </export/packages/sar.pkg> System Accounting, (Usr) (sparc) 11.7.0,REV=1998.09.01.04.16 Copyright 1998 Sun Microsystems, Inc. All rights reserved. Using </> as the package base directory. ## Processing package information. ## Processing system information. 4 package pathnames are already properly installed. ## Verifying package dependencies. ## Verifying disk space requirements. Installing System Accounting, (Usr) as <SUNWaccu> ## Installing part 1 of 1. Installation of <SUNWaccu> was successful. hydrogen# The "-a" option tells pkgadd to use an alternative administration file and the package now installs without any input required from the installer. When a package is installed, the information that was in the pkgmap file is added to the software product database contents file. This file is located in the directory /var/sadm/install in a file called contents. This file can be very large since it could contain a very large percentage of the files on your system (depending how they were installed). This file is used by the pkgchk command to verify packages and tell you which package a file belongs to. In addition to the contents file being updated, a directory is created under /var/sadm/pkg for each package installed. The name of the directory is the same as the package name (i.e., the pkg entry of the pkginfo file), and pkgadd places the pkginfo file along with any of the files under the package install directory that may be needed later. This includes the copyright and depend files along with any postremove and preremove scripts. This method of automating the installation of a package will work in most cases, but occasionally a package will ask the user a question that cannot be covered by use of the administration file alone. One such example is the sunforum package SUNWdat, which asks the user which directory it should be installed in (with a default of /opt). In such cases, it is not possible to automate the installation using an administration file alone, but some input redirection is also required. The following command shows one way of getting around this issue. It is not particularly elegant, and if you want to install a package like this on many servers you may choose to write your own installation script that actually contains a pkgadd command similar to this one: hydrogen# echo "/usr/local/opt" | pkgadd -a local_admin -d SUNWdat all <lines removed for clarity> hydrogen# | 
