Skip to content

RBAC oddity.

December 16, 2005

In common with Darren’s script my zfs_create script does a pfexec dance so that is can be run by anyone without them having to type "pfexec …..". however after slurping the script onto another system, my laptop, where all is not quite the same as in the lab the script stopped working. This was because my shell is pfksh (so I can generally avoid the very dance in scripts). This has the unexpected or at least to me unexpected result of making $0 the name of the interpreter which was /bin/ksh. The solution was to change the dance to be:

if [[ "$_" != "/bin/ksh" && "$_" != "/usr/bin/pfexec" && -x /usr/bin/pfexec ]]; then         exec /usr/bin/pfexec $0 $@ fi 

Also the move showed up an assumption in the original script that the pool would be mounted in the root file system. So now the bit that does all the work becomes:

                        zfs create $name${DIR#${mpt}} && chown $uid $DIR && \                                 zfs set quota=${quota} $name${DIR#${mpt}}

That is getting to the point of being unreadable, so it is probably a good job that only I read this. The final fix is one of the errors messages is not redirected to stderr.

Tags: topic:[shell scripts] topic:[OpenSolaris] topic:[Solaris] topic:[ZFS] topic:[RBAC]


From → Solaris

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: