These issues are well known, and generally the only issue that is
outstanding would be creating an install user via the following
information. The general practice would be install Solaris, then install
the Solaris 8/9 recommended patches, then create an install user and install
the product. Uninstallation of packages are no longer necessary.
useradd -c "pkgadd installer" -s /bin/false -d / install
Change the "install" UID to 0 with:
usermod -o -u 0 install
Install/upgrade Check Point software.
Delete the install user so that it doesn't give us problems in the future
userdel install
Jason
On 1/31/06, Andrew W Barkley <abarkle3 AT csc DOT com> wrote:
>
> Et al ...
>
>
> I've detailed proposed solutions for later patches (i.e. 110934-24) which
> I've found to work, and also referenced known solutions. Please let me
> know if this works for you and also correct me where I'm wrong
>
>
> Problem
> Executing the UnixInstallScript fails with CPshrd-54 permission/access
> errors (even with installation directory: chown -R root:root *). The
> reason is due to modifications on the program pkgadd done by patch
> 110934-20 and later ) for Solaris 8 (later patches execute request scripts
> as "noaccess". Patch 110934-20 (pkgadd) executes request scripts as
> "noaccess", previous packaging patch used to run scripts as "nobody"
>
>
> I've found the following solution works with later patches i.e. 110934-24.
> i.e. Temporarily make the following modifications to the "noaccess" entry
> and restore original entry after the installation of VPN-1/FireWall-1 NG
> with AI
> vi /etc/passwd
> noaccess:x:0:1:No Access User:/:
> Complete the installation of VPN-1/FireWall-1 NG with AI
> vi /etc/passwd
> noaccess:x:60002:60002:No Access User:/:
>
>
> Regarding older patches i.e. 110934-20, the following solution is a
> workaround, however, this solution does not seem to work for newer patches
> to pkgadd
>
> https://secureknowledge.checkpoint.com/SecureKnowledge/login.do?OriginalAction=solution&id=sk30333
> Remove patch 110934-20 by running the command:
> patchrm 110934-20
> Reboot the machine
> Complete the installation of VPN-1/FireWall-1 NG with AI
> Reboot the machine
> Reinstall patch 110934-20 by running the command:
> patchadd 110934-20
> Reboot the machine
>
>
> Regards
>
> Andrew
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
