On Solaris 8 or Solaris 9, installing Check Point package fails with either :
/var/opt/cp_tmp/CPsuite-R65/install/request: /var/opt/cp_tmp/CPsuite-R65/install/request: cannot open
pkgadd: ERROR: request script did not complete successfully
Installation of <CPsuite-R65> failed.
or
/opt/CPInstLog/Wrapper_R65.elg contains
[25/02 11:52:36] Installing “Primary SmartCenter”
[25/02 11:52:55] Installing of “Primary SmartCenter” failed !
[25/02 11:52:57] Fail to install: Primary SmartCenter! See application usage format.
[25/02 11:52:57] Wrapper completed with error code 239
Solution
This error is due to permissions changes to the “pkgadd” script.
On Sun Solaris 9, the relevant patch number is 113713(SPARC) or 114568(x86).
- With patch 113713-16 and below, pkgadd scripts ran as the current user (typically “root”).
- With patch version 113713-17 through 113713-19, these scripts were run as user “nobody”.
- With 113713-20 and above, they are run as user “noaccess”.
The 2 solutions for this are:
1. Backout of the patch, run the upgrade, and re-apply the patch.
This is not always possible – as if the patch was in the initial build, there will be no backout files.
or
2. Modify the permissions of the users “noaccess” and “nobody”, run the upgrade, and then adjust them back again.
You can check the permissions of the users by running the following:
root@fw1 # grep ^no /etc/passwd
nobody:x:60001:60001:Nobody:/:/sbin/noshell
noaccess:x:60002:60002:No Access User:/:/sbin/noshell
To modify them to work for the upgrade run these commands:
root@fw1 # usermod -u 0 -o noaccess
root@fw1 # usermod -u 0 -o nobody
Check they were successful:
root@fw1 # grep ^no /etc/passwd
nobody:x:0:60001:Nobody:/:/sbin/noshell
noaccess:x:0:60002:No Access User:/:/sbin/noshell
For all info – see SK39956 on the CheckPoint site.
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial