admin(4) File Formats admin(4)NAMEadmin - installation defaults file
DESCRIPTIONadmin is a generic name for an ASCII file that defines default instal‐
lation actions by assigning values to installation parameters. For
example, it allows administrators to define how to proceed when the
package being installed already exists on the system.
/var/sadm/install/admin/default is the default admin file delivered
with this release. The default file is not writable, so to assign val‐
ues different from this file, create a new admin file. There are no
naming restrictions for admin files. Name the file when installing a
package with the -a option of pkgadd(1M). If the -a option is not used,
the default admin file is used.
Each entry in the admin file is a line that establishes the value of a
parameter in the following form:
param=value
All of the parameters listed below can be defined in an admin file, but
it is not required to assign values to all of these. If a value is not
assigned, pkgadd(1M) asks the installer how to proceed.
The valid parameters and their possible values are shown below except
as noted. They can be specified in any order. Any of these parameters
(except the mail and proxy parameters) can be assigned the value ask,
which means that, when the parameter is reached during the installation
sequence, the installer is notified and asked to supply instructions
(see NOTES).
basedir
Indicates the base directory where relocatable packages are to be
installed. If there is no basedir entry in the file, the installer
will be prompted for a path name, as if the file contained the
entry basedir=ask. This parameter can also be set to default (entry
is basedir=default). In this instance, the package is installed
into the base directory specified by the BASEDIR parameter in the
pkginfo(4) file.
mail
Defines a list of users to whom mail should be sent following
installation of a package. If the list is empty, no mail is sent.
If the parameter is not present in the admin file, the default
value of root is used. The ask value cannot be used with this
parameter.
runlevel
Indicates resolution if the run level is not correct for the
installation or removal of a package. Options are:
nocheck Do not check for run level.
quit Abort installation if run level is not met.
conflict
Specifies what to do if an installation expects to overwrite a pre‐
viously installed file, thus creating a conflict between packages.
Options are:
nocheck Do not check for conflict; files in conflict will
be overwritten.
quit Abort installation if conflict is detected.
nochange Override installation of conflicting files; they
will not be installed.
setuid
Checks for executables which will have setuid or setgid bits
enabled after installation. Options are:
nocheck Do not check for setuid executables.
quit Abort installation if setuid processes are
detected.
nochange Override installation of setuid processes; pro‐
cesses will be installed without setuid bits
enabled.
action
Determines if action scripts provided by package developers contain
possible security impact. Options are:
nocheck Ignore security impact of action scripts.
quit Abort installation if action scripts may have a
negative security impact.
partial
Checks to see if a version of the package is already partially
installed on the system. Options are:
nocheck Do not check for a partially installed package.
quit Abort installation if a partially installed package
exists.
instance
Determines how to handle installation if a previous version of the
package (including a partially installed instance) already exists.
Options are:
quit Exit without installing if an instance of the pack‐
age already exists (does not overwrite existing
packages).
overwrite Overwrite an existing package if only one instance
exists. If there is more than one instance, but
only one has the same architecture, it overwrites
that instance. Otherwise, the installer is prompted
with existing instances and asked which to over‐
write.
unique Do not overwrite an existing instance of a package.
Instead, a new instance of the package is created.
The new instance will be assigned the next avail‐
able instance identifier.
idepend
Controls resolution if the package to be installed depends on other
packages and if other packages depend on the one to be installed.
Options are:
nocheck Do not check package dependencies.
quit Abort installation if package dependencies are not
met.
rdepend
Controls resolution if other packages depend on the package to be
removed. Also determines behavior if registered products components
to be removed. See libwsreg(3LIB) and prodreg(1M) for a definition
of product components. Options are:
nocheck Do not check package or product dependencies.
quit Abort removal if package or product dependencies
are not met.
space
Controls resolution if disk space requirements for package are not
met. Options are:
nocheck Do not check space requirements (installation fails
if it runs out of space).
quit Abort installation if space requirements are not
met.
authentication
Controls resolution when a datastream package with signature is to
be installed. Options are:
nocheck Do not verify package signature. This also disables
the use of the Online Certificate Status Protocol
(OCSP) to validate the package's signing certifi‐
cate.
quit Abort installation if package signature cannot be
verified.
networktimeout
Number of seconds to wait before giving up a network connection
when downloading a package. This entry must be a positive integer.
If not present, the default value of 60 is used.
networkretries
Number of times to retry a failed network connection when download‐
ing a package. This entry must be a positive integer. If not
present, the default value of 5 is used.
keystore
Location of trusted certificates used when downloading packages
over SSL and when verifying signatures on packages. This is the
base directory of the certificate location for trusted certificates
used when validating digital signatures on packages. For example,
if this setting is /var/sadm/security, then pkgadd will use
/var/sadm/security/pkgadd/truststore, then /var/sadm/secu‐
rity/truststore when searching for trusted certificates. See KEY‐
STORE LOCATIONS and KEYSTORE AND CERTIFICATE FORMATS in pkgadd(1M)
for details on certificate store format and usage.
proxy
The default proxy to use when installing packages from the network.
Currently, only HTTP or HTTPS proxies are supported. If this field
is blank or nonexistent, then no proxy will be used.
rscriptalt=root | noaccess
Determines the user that will run request scripts. This parameter
can have either of the values described below. See pkgadd(1M) for
details on the conditions under which this parameter is useful.
root
Run request script as user install, if such a user exists, with
the privileges of that user. Otherwise, run script as user
root, with UID equal to 0 and with all/zone privileges. (See
zones(5).)
noaccess
Run request script as user install, if such a user exists, with
the privileges of that user. Otherwise, run script as user
noaccess, with the basic privileges of the unprivileged user
noaccess.
If this parameter is not present or has a null value, the user
noaccess is assumed. Likewise, if this parameter is set to anything
other than the values described here, a warning is issued, and
noaccess is assumed. rscriptalt is not present in the default
admin file, /var/sadm/install/admin/default. In this case, request
scripts are run as the user noaccess.
EXAMPLES
Example 1: Default admin File
The default admin file, named default, is shipped with user-, group-,
and world-read privileges (444). Its contents are as follows:
mail=
instance=unique
partial=ask
runlevel=ask
idepend=ask
rdepend=ask
space=ask
setuid=ask
conflict=ask
action=ask
basedir=default
authentication=quit
networktimeout=10
networkretries=3
keystore=/var/sadm/security
proxy=
Example 2: Sample admin file.
Below is a sample admin file.
basedir=default
runlevel=quit
conflict=quit
setuid=quit
action=quit
partial=quit
instance=unique
idepend=quit
rdepend=quit
space=quit
authentication=quit
networktimeout=10
networkretries=5
keystore=/opt/certs
proxy=syrinx.eng.example.com:8080
FILES
The default admin file is consulted during package installation when no
other admin file is specified.
/var/sadm/install/admin/default
default admin file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWpkgcmdsr │
├─────────────────────────────┼─────────────────────────────┤
│Interface Stability │Evolving │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOpkgadd(1M), prodreg(1M), libwsreg(3LIB), pkginfo(4), attributes(5),
zones(5)NOTES
The value ask should not be defined in an admin file that will be used
for non-interactive installation (because, by definition, there is no
installer interaction). Doing so causes installation to fail at the
point when input is needed.
SunOS 5.10 20 Dec 2004 admin(4)