HomeForumsLuminis Platform / System

Running $CP_ROOT/bin/rc scripts via sudo not working

Mon, 2008-04-28 20:04 — ahoward

We are running on Solaris 10 in whole root zones, and have configured sudo (per FAQ 1-28QBD1) so we can run the commands to start/stop the luminis services without entering a password. This had been working fine.

Our sysadmin installed stunnel via pkg-get in the global zone, which installed a lot of dependent packages too. Now all the sudden, running the start/stop commands doesn't work. For example:

bash-3.00$ $CP_ROOT/bin/rc/70-webserver stop
Internal Error: /bin/tomcat-conf is missing

So the variable $CP_ROOT is blank instead of /opt/luminis. I don't think anything else has changed on the server, it hasn't even been restarted since the last time I successfully started/stopped the webserver. Why then would it start acting like this, and where is the right place to put back the call to ". /opt/luminis/.cprc"? I tried adding it to /.profile but that didn't change anything. Any ideas? Thanks!

0
No votes yet
‹ Getting errors with the custom channel Lum IV custom role problem ›

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Mon, 2008-05-05 19:10 — ahoward

not sure what the problem is yet -- now I am

Still haven't figured this one out yet, but sudo was one of the packages (CSWsudo) that was updated, to version 1.6.9p8. I'll post an answer if I find it...

[updated]
Ok, it looks like this was due to a change in sudo. The changelog for sudo shows for version 1.6.9 "The env_reset option is now enabled by default."

Adding in this defaults line in sudoers makes it work again for us:

Defaults:CPUSER !env_reset

So add that to the instructions that come with Sungard FAQ 1-28QBD1.

Tue, 2008-05-06 11:55 — rwest

Alternatively: Defaults:CPUSE

Alternatively:

Defaults:CPUSER env_keep+="CP_ROOT"

The startcp/stopcp scripts restore the .cprc environment, all they need is CP_ROOT. Probably doesn't work for running the individual services in bin/rc though, so your solution is probably better.