1admin(4) File Formats admin(4)
2
6 admin - installation defaults file
7
9 admin is a generic name for an ASCII file that defines default instal‐
10 lation actions by assigning values to installation parameters. For
11 example, it allows administrators to define how to proceed when the
12 package being installed already exists on the system.
13 /var/sadm/install/admin/default is the default admin file delivered
16 with this release. The default file is not writable, so to assign val‐
17 ues different from this file, create a new admin file. There are no
18 naming restrictions for admin files. Name the file when installing a
19 package with the -a option of pkgadd(1M). If the -a option is not used,
20 the default admin file is used.
21 Each entry in the admin file is a line that establishes the value of a
24 parameter in the following form:
25 param=value
28 All of the parameters listed below can be defined in an admin file, but
31 it is not required to assign values to all of these. If a value is not
32 assigned, pkgadd(1M) asks the installer how to proceed.
33 The valid parameters and their possible values are shown below except
36 as noted. They can be specified in any order. Any of these parameters
37 (except the mail and proxy parameters) can be assigned the value ask,
38 which means that, when the parameter is reached during the installation
39 sequence, the installer is notified and asked to supply instructions
40 (see NOTES).
41 basedir Indicates the base directory where relo‐
43 catable packages are to be installed. If
44 there is no basedir entry in the file,
45 the installer will be prompted for a path
46 name, as if the file contained the entry
47 basedir=ask. This parameter can also be
48 set to default (entry is
49 basedir=default). In this instance, the
50 package is installed into the base direc‐
51 tory specified by the BASEDIR parameter
52 in the pkginfo(4) file.
53 mail Defines a list of users to whom mail
56 should be sent following installation of
57 a package. If the list is empty, no mail
58 is sent. If the parameter is not present
59 in the admin file, the default value of
60 root is used. The ask value cannot be
61 used with this parameter.
62 runlevel Indicates resolution if the run level is
65 not correct for the installation or
66 removal of a package. Options are:
67 nocheck Do not check for run level.
69 quit Abort installation if run
72 level is not met.
73 conflict Specifies what to do if an installation
77 expects to overwrite a previously
78 installed file, thus creating a conflict
79 between packages. Options are:
80 nocheck Do not check for conflict;
82 files in conflict will be
83 overwritten.
84 quit Abort installation if con‐
87 flict is detected.
88 nochange Override installation of con‐
91 flicting files; they will not
92 be installed.
93 setuid Checks for executables which will have
97 setuid or setgid bits enabled after
98 installation. Options are:
99 nocheck Do not check for setuid exe‐
101 cutables.
102 quit Abort installation if setuid
105 processes are detected.
106 nochange Override installation of
109 setuid processes; processes
110 will be installed without
111 setuid bits enabled.
112 action Determines if action scripts provided by
116 package developers contain possible secu‐
117 rity impact. Options are:
118 nocheck Ignore security impact of
120 action scripts.
121 quit Abort installation if action
124 scripts may have a negative
125 security impact.
126 partial Checks to see if a version of the package
130 is already partially installed on the
131 system. Options are:
132 nocheck Do not check for a partially
134 installed package.
135 quit Abort installation if a par‐
138 tially installed package
139 exists.
140 instance Determines how to handle installation if
144 a previous version of the package
145 (including a partially installed
146 instance) already exists. Options are:
147 quit Exit without installing if
149 an instance of the package
150 already exists (does not
151 overwrite existing pack‐
152 ages).
153 overwrite Overwrite an existing pack‐
156 age if only one instance
157 exists. If there is more
158 than one instance, but only
159 one has the same architec‐
160 ture, it overwrites that
161 instance. Otherwise, the in‐
162 staller is prompted with
163 existing instances and asked
164 which to overwrite.
165 unique Do not overwrite an existing
168 instance of a package.
169 Instead, a new instance of
170 the package is created. The
171 new instance will be
172 assigned the next available
173 instance identifier.
174 idepend Controls resolution if the package to be
178 installed depends on other packages and
179 if other packages depend on the one to be
180 installed. Options are:
181 nocheck Do not check package dependen‐
183 cies.
184 quit Abort installation if package
187 dependencies are not met.
188 rdepend Controls resolution if other packages
192 depend on the package to be removed. Also
193 determines behavior if registered prod‐
194 ucts components to be removed. See libws‐
195 reg(3LIB) and prodreg(1M) for a defini‐
196 tion of product components. Options are:
197 nocheck Do not check package or prod‐
199 uct dependencies.
200 quit Abort removal if package or
203 product dependencies are not
204 met.
205 space Controls resolution if disk space
209 requirements for package are not met.
210 Options are:
211 nocheck Do not check space require‐
213 ments (installation fails if
214 it runs out of space).
215 quit Abort installation if space
218 requirements are not met.
219 authentication Controls resolution when a datastream
223 package with signature is to be
224 installed. Options are:
225 nocheck Do not verify package signa‐
227 ture. This also disables the
228 use of the Online Certificate
229 Status Protocol (OCSP) to val‐
230 idate the package's signing
231 certificate.
232 quit Abort installation if package
235 signature cannot be verified.
236 networktimeout Number of seconds to wait before giving
240 up a network connection when downloading
241 a package. This entry must be a positive
242 integer. If not present, the default
243 value of 60 is used.
244 networkretries Number of times to retry a failed network
247 connection when downloading a package.
248 This entry must be a positive integer. If
249 not present, the default value of 5 is
250 used.
251 keystore Location of trusted certificates used
254 when downloading packages over SSL and
255 when verifying signatures on packages.
256 This is the base directory of the cer‐
257 tificate location for trusted certifi‐
258 cates used when validating digital signa‐
259 tures on packages. For example, if this
260 setting is /var/sadm/security, then
261 pkgadd will use /var/sadm/secu‐
262 rity/pkgadd/truststore, then
263 /var/sadm/security/truststore when
264 searching for trusted certificates. See
265 KEYSTORE LOCATIONS and KEYSTORE AND CER‐
266 TIFICATE FORMATS in pkgadd(1M) for
267 details on certificate store format and
268 usage.
269 proxy The default proxy to use when installing
272 packages from the network. Currently,
273 only HTTP or HTTPS proxies are supported.
274 If this field is blank or nonexistent,
275 then no proxy will be used.
276 rscriptalt=root | noaccess Determines the user that will run request
279 scripts. This parameter can have either
280 of the values described below. See
281 pkgadd(1M) for details on the conditions
282 under which this parameter is useful.
283 root Run request script as user
285 install, if such a user
286 exists, with the privileges
287 of that user. Otherwise, run
288 script as user root, with UID
289 equal to 0 and with all/zone
290 privileges. (See zones(5).)
291 noaccess Run request script as user
294 install, if such a user
295 exists, with the privileges
296 of that user. Otherwise, run
297 script as user noaccess, with
298 the basic privileges of the
299 unprivileged user noaccess.
300 If this parameter is not present or has a
302 null value, the user noaccess is assumed.
303 Likewise, if this parameter is set to
304 anything other than the values described
305 here, a warning is issued, and noaccess
306 is assumed. rscriptalt is not present in
307 the default admin file,
308 /var/sadm/install/admin/default. In this
309 case, request scripts are run as the user
310 noaccess.
311
314 Example 1 Default admin File
315 The default admin file, named default, is shipped with user-, group-,
318 and world-read privileges (444). Its contents are as follows:
319 mail=
322 instance=unique
323 partial=ask
324 runlevel=ask
325 idepend=ask
326 rdepend=ask
327 space=ask
328 setuid=ask
329 conflict=ask
330 action=ask
331 basedir=default
332 authentication=quit
333 networktimeout=10
334 networkretries=3
335 keystore=/var/sadm/security
336 proxy=
337 Example 2 Sample admin file.
341 Below is a sample admin file.
344 basedir=default
347 runlevel=quit
348 conflict=quit
349 setuid=quit
350 action=quit
351 partial=quit
352 instance=unique
353 idepend=quit
354 rdepend=quit
355 space=quit
356 authentication=quit
357 networktimeout=10
358 networkretries=5
359 keystore=/opt/certs
360 proxy=syrinx.eng.example.com:8080
361
365 The default admin file is consulted during package installation when no
366 other admin file is specified.
367 /var/sadm/install/admin/default
369 default admin file
371
374 See attributes(5) for descriptions of the following attributes:
375 ┌─────────────────────────────┬─────────────────────────────┐
380 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
381 ├─────────────────────────────┼─────────────────────────────┤
382 │Availability │SUNWpkgcmdsr │
383 ├─────────────────────────────┼─────────────────────────────┤
384 │Interface Stability │Evolving │
385 └─────────────────────────────┴─────────────────────────────┘
386
388 pkgadd(1M), prodreg(1M), libwsreg(3LIB), pkginfo(4), attributes(5),
389 zones(5)
390
392 The value ask should not be defined in an admin file that will be used
393 for non-interactive installation (because, by definition, there is no
394 installer interaction). Doing so causes installation to fail at the
395 point when input is needed.
396SunOS 5.11 20 Dec 2004 admin(4)