Партнёры:
Хостинг:
pkgadd - transfer software packages to the system
pkgadd [-nv] [-a admin] [-G] [-x proxy]
[ [-M] -R root_path] [-r response] [-k keystore]
[-P passwd] [-V fs_file]
[-d device | -d datastream pkginst | all]
[pkginst | -Y category [, category]...]
pkgadd -s [-d device | -d datastream pkginst | all]
[pkginst | -Y category [, category]...]
pkgadd transfers the contents of a software package from the distribution medium or directory to install it onto the system. Used without the -d device source specifier, pkgadd looks in the default spool directory (/var/spool/pkg) for the package. Used with the -s option, it writes the package to a spool directory instead of installing it.
The pkgadd utility requires an amount of temporary space the size of the package that is being installed. pkgadd determines which temporary directory to use by checking for the existance of the $TMPDIR environment variable. If $TMPDIR is not defined, pkgadd uses P_tmpdir from stdio.h. P_tmpdir has a default of /var/tmp/.
Certain unbundled and third-party packages are no longer entirely compatible with the latest version of pkgadd. These packages require user interaction throughout the installation and not just at the very beginning, or require that their request scripts be run as the root user.
To install these older packages (released prior to Solaris 2.4), set the following environment variable: NONABI_SCRIPTS=TRUE
As long as this environment variable is set, pkgadd permits keyboard interaction throughout the installation and package request scripts are run as root.
If you have package request scripts that require running as user root (instead of noaccess [the default] or user install), use the rscript_alt parameter in the admin(4) file to make an appropriate selection. See admin(4).
Note that, in Solaris 8 and Solaris 9, the default user when running a request script was either root or nobody, depending on the operating system's patch level. In the current release, the default user is noaccess.
When running pkgadd in the global zone (see zones(5)), a package that contains a request script (see pkgask(1M)) is added only to the global zone. The package is not propagated to any current or yet-to-be-installed non-global zone. This behavior mimics the effect of the -G option, described below.
Package commands are largefile(5)-aware. They handle files larger than 2 GB in the same way they handle smaller files. In their current implementations, pkgadd, pkgtrans(1) and other package commands can process a datastream of up to 4 GB.
The -d, -Y, and pkginst arguments shown in the SYNOPSIS are described under OPERANDS, following OPTIONS.
The supported options are described as follows. The -d device source specifier is described under OPERANDS, below.
-a admin
-G
This option causes package installation to fail if, in the pkginfo file for a package, SUNW_PKG_ALLZONES is set to true. See pkginfo(4).
-k keystore
-M
-n
-P passwd
-r response
-R root_path
Note -
-s spool
-v
-V fs_file
-x proxy
When executed without options or operands, pkgadd uses /var/spool/pkg (the default spool directory).
The following operands are supported:
By default, pkgadd looks in the /var/spool/pkg directory when searching for instances of a package to install or spool. Optionally, the source for the package instances to be installed or spooled can be specified using:
-d device
-d datastream pkgname,... | all
By default, pkgadd searches the specified source, and presents an interactive menu allowing the user to select which package instances found on the source are to be installed. As an alternative, the package instances to be installed can be specified using:
pkginst
The asterisk character (*) is a special character to some shells and may need to be escaped. In the C-Shell, the asterisk must be surrounded by single quotes (') or preceded by a backslash (\).
-Y category[,category...]
Package and patch tools such as pkgadd or patchadd use a set of trusted certificates to perform signature validation on any signatures found within the packages or patches. If there are no signatures included in the packages or patches then signature validation is skipped. The certificates can come from a variety of locations. If -k keystore is specified, and keystore is a directory, then keystore is assumed to be the base directory of the certificates to be used. If keystore is a file, then the file itself is assumed to have all required keys and certificates. When -k is not specified, then /var/sadm/security is used as the base directory.
Within the specified base directory, the store locations to be searched are different based on the application doing the searching and the type of store being searched for. The following directories are searched in the specified order:
Where <store_dir> is the directory specified by -k, <app_name> is the name of the application doing the searching, and <store_type> is one of keystore (for private keys), certstore (for untrusted public key certificates), or truststore (for trusted certificate authority certificates).
For example, when pkgadd is run with -k /export/certs, then the following locations are successively searched to find the trust store:
This searching order enables administrators to have a single location for most applications, and special certificate locations for certain applications.
The packaging and patching utilities, such as pkgtrans and patchadd, require access to a set of keys and certificates in order to sign, and optionally verify, packages and patches.
The keystore files found by following the search pattern specified in KEYSTORE LOCATIONS must each be a self-contained PKCS#12-format file.
When signing a package with pkgtrans, if a certstore has more than one public key certificate, then each public key must have a friendlyName attribute in order to be identifiable and selectable with the -a option when signing packages or patches. In addition, the public key certificate selected with -a and found in the certstore must have an associated private key in the keystore.
Several browsers and utilities can be used to export and import certificates and keys into a PKCS#12 keystore. For example, a trusted certificate can be exported from Mozilla, and then imported into a PKCS#12 keystore for use with pkgadd with the OpenSSL Toolkit.
pkgtrans and pkgadd accept password arguments, typically using -p to specify the password. These allow the password to be obtained from a variety of sources. Both of these options take a single argument whose format is described below. If no password argument is given and a password is required then the user is prompted to enter one: this will typically be read from the current terminal with echoing turned off.
pass:password
env:var
file:pathname
console
Example 1 Installing a Package from a Solaris DVD
The following example installs a package from a Solaris DVD. You are prompted for the name of the package you want to install.
example# pkgadd -d /cdrom/cdrom0/s0/Solaris_10/Product
Example 2 Installing a Set of Packages from a Datastream
The example command shown below installs all of the packages in the datastream specified by the -d source specifier. Prior to this command, this datastream must have been created with the pkgtrans(1) command.
example# pkgadd -d /var/tmp/datastream all
The keyword all specifies that all of the packages found in the designated datastream will be installed.
0
1
2
3
4
5
10
20
HTTPPROXY
HTTPPROXYPORT
http_proxy
/var/sadm/install/logs/
See attributes(5) for descriptions of the following attributes:
| |||||||||
pkginfo(1), pkgmk(1), pkgparam(1), pkgproto(1), pkgtrans(1), installf(1M), pkgadm(1M), pkgask(1M), pkgchk(1M), pkgrm(1M), removef(1M), admin(4), pkginfo(4), attributes(5), largefile(5), zones(5)
When transferring a package to a spool directory, the -r, -n, and -a options cannot be used.
The -r option can be used to indicate a directory name as well as a filename. The directory can contain numerous response files, each sharing the name of the package with which it should be associated. This would be used, for example, when adding multiple interactive packages with one invocation of pkgadd. In this situation, each package would need a response file. If you create response files with the same name as the package (for example, pkinst1 and pkinst2), then name the directory in which these files reside after the -r.
The -n option causes the installation to halt if any interaction is needed to complete it.
If the default admin file is too restrictive, the administration file may need to be modified to allow for total non-interaction during a package installation. See admin(4) for details.
If a package stream is specified with -d, and a digital signature is found in that stream, the default behavior is to attempt to validate the certificate and signature found. This behavior can be overridden with admin file settings. See admin(4) for more information.
|
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |