admin(4) File Formats admin(4)NAMEadmin - installation defaults file
DESCRIPTIONadmin is a generic name for an ASCII file that defines default instal‐
lation actions by assigning values to installation parameters. For
example, it allows administrators to define how to proceed when the
package being installed already exists on the system.
/var/sadm/install/admin/default is the default admin file delivered
with this release. The default file is not writable, so to assign val‐
ues different from this file, create a new admin file. There are no
naming restrictions for admin files. Name the file when installing a
package with the -a option of pkgadd(1M). If the -a option is not used,
the default admin file is used.
Each entry in the admin file is a line that establishes the value of a
parameter in the following form:
param=value
All of the parameters listed below can be defined in an admin file, but
it is not required to assign values to all of these. If a value is not
assigned, pkgadd(1M) asks the installer how to proceed.
The valid parameters and their possible values are shown below except
as noted. They can be specified in any order. Any of these parameters
(except the mail and proxy parameters) can be assigned the value ask,
which means that, when the parameter is reached during the installation
sequence, the installer is notified and asked to supply instructions
(see NOTES).
basedir Indicates the base directory where relo‐
catable packages are to be installed. If
there is no basedir entry in the file,
the installer will be prompted for a path
name, as if the file contained the entry
basedir=ask. This parameter can also be
set to default (entry is
basedir=default). In this instance, the
package is installed into the base direc‐
tory specified by the BASEDIR parameter
in the pkginfo(4) file.
mail Defines a list of users to whom mail
should be sent following installation of
a package. If the list is empty, no mail
is sent. If the parameter is not present
in the admin file, the default value of
root is used. The ask value cannot be
used with this parameter.
runlevel Indicates resolution if the run level is
not correct for the installation or
removal of a package. Options are:
nocheck Do not check for run level.
quit Abort installation if run
level is not met.
conflict Specifies what to do if an installation
expects to overwrite a previously
installed file, thus creating a conflict
between packages. Options are:
nocheck Do not check for conflict;
files in conflict will be
overwritten.
quit Abort installation if con‐
flict is detected.
nochange Override installation of con‐
flicting files; they will not
be installed.
setuid Checks for executables which will have
setuid or setgid bits enabled after
installation. Options are:
nocheck Do not check for setuid exe‐
cutables.
quit Abort installation if setuid
processes are detected.
nochange Override installation of
setuid processes; processes
will be installed without
setuid bits enabled.
action Determines if action scripts provided by
package developers contain possible secu‐
rity impact. Options are:
nocheck Ignore security impact of
action scripts.
quit Abort installation if action
scripts may have a negative
security impact.
partial Checks to see if a version of the package
is already partially installed on the
system. Options are:
nocheck Do not check for a partially
installed package.
quit Abort installation if a par‐
tially installed package
exists.
instance Determines how to handle installation if
a previous version of the package
(including a partially installed
instance) already exists. Options are:
quit Exit without installing if
an instance of the package
already exists (does not
overwrite existing pack‐
ages).
overwrite Overwrite an existing pack‐
age if only one instance
exists. If there is more
than one instance, but only
one has the same architec‐
ture, it overwrites that
instance. Otherwise, the in‐
staller is prompted with
existing instances and asked
which to overwrite.
unique Do not overwrite an existing
instance of a package.
Instead, a new instance of
the package is created. The
new instance will be
assigned the next available
instance identifier.
idepend Controls resolution if the package to be
installed depends on other packages and
if other packages depend on the one to be
installed. Options are:
nocheck Do not check package dependen‐
cies.
quit Abort installation if package
dependencies are not met.
rdepend Controls resolution if other packages
depend on the package to be removed. Also
determines behavior if registered prod‐
ucts components to be removed. See libws‐
reg(3LIB) and prodreg(1M) for a defini‐
tion of product components. Options are:
nocheck Do not check package or prod‐
uct dependencies.
quit Abort removal if package or
product dependencies are not
met.
space Controls resolution if disk space
requirements for package are not met.
Options are:
nocheck Do not check space require‐
ments (installation fails if
it runs out of space).
quit Abort installation if space
requirements are not met.
authentication Controls resolution when a datastream
package with signature is to be
installed. Options are:
nocheck Do not verify package signa‐
ture. This also disables the
use of the Online Certificate
Status Protocol (OCSP) to val‐
idate the package's signing
certificate.
quit Abort installation if package
signature cannot be verified.
networktimeout Number of seconds to wait before giving
up a network connection when downloading
a package. This entry must be a positive
integer. If not present, the default
value of 60 is used.
networkretries Number of times to retry a failed network
connection when downloading a package.
This entry must be a positive integer. If
not present, the default value of 5 is
used.
keystore Location of trusted certificates used
when downloading packages over SSL and
when verifying signatures on packages.
This is the base directory of the cer‐
tificate location for trusted certifi‐
cates used when validating digital signa‐
tures on packages. For example, if this
setting is /var/sadm/security, then
pkgadd will use /var/sadm/secu‐
rity/pkgadd/truststore, then
/var/sadm/security/truststore when
searching for trusted certificates. See
KEYSTORE LOCATIONS and KEYSTORE AND CER‐
TIFICATE FORMATS in pkgadd(1M) for
details on certificate store format and
usage.
proxy The default proxy to use when installing
packages from the network. Currently,
only HTTP or HTTPS proxies are supported.
If this field is blank or nonexistent,
then no proxy will be used.
rscriptalt=root | noaccess Determines the user that will run request
scripts. This parameter can have either
of the values described below. See
pkgadd(1M) for details on the conditions
under which this parameter is useful.
root Run request script as user
install, if such a user
exists, with the privileges
of that user. Otherwise, run
script as user root, with UID
equal to 0 and with all/zone
privileges. (See zones(5).)
noaccess Run request script as user
install, if such a user
exists, with the privileges
of that user. Otherwise, run
script as user noaccess, with
the basic privileges of the
unprivileged user noaccess.
If this parameter is not present or has a
null value, the user noaccess is assumed.
Likewise, if this parameter is set to
anything other than the values described
here, a warning is issued, and noaccess
is assumed. rscriptalt is not present in
the default admin file,
/var/sadm/install/admin/default. In this
case, request scripts are run as the user
noaccess.
EXAMPLES
Example 1 Default admin File
The default admin file, named default, is shipped with user-, group-,
and world-read privileges (444). Its contents are as follows:
mail=
instance=unique
partial=ask
runlevel=ask
idepend=ask
rdepend=ask
space=ask
setuid=ask
conflict=ask
action=ask
basedir=default
authentication=quit
networktimeout=10
networkretries=3
keystore=/var/sadm/security
proxy=
Example 2 Sample admin file.
Below is a sample admin file.
basedir=default
runlevel=quit
conflict=quit
setuid=quit
action=quit
partial=quit
instance=unique
idepend=quit
rdepend=quit
space=quit
authentication=quit
networktimeout=10
networkretries=5
keystore=/opt/certs
proxy=syrinx.eng.example.com:8080
FILES
The default admin file is consulted during package installation when no
other admin file is specified.
/var/sadm/install/admin/default
default admin file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │package/svr4 │
├─────────────────────────────┼─────────────────────────────┤
│Interface Stability │Committed │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOpkgadd(1M), prodreg(1M), libwsreg(3LIB), pkginfo(4), attributes(5),
zones(5)NOTES
The value ask should not be defined in an admin file that will be used
for non-interactive installation (because, by definition, there is no
installer interaction). Doing so causes installation to fail at the
point when input is needed.
SunOS 5.11 20 Dec 2004 admin(4)