Tuesday 2 October 2007

5.10 Kernel Patch 120011-14 breaks JASS enable-bart.fin script

A recent kernel patch, 120011-14, delivers a number of the updates that were also delivered in Solaris 10 8/07. If you are applying this patch (it is part of the latest recommended patch bundle) in a JASS/SST driven jumpstart installation of an earlier Solaris 10 release such as 11/06 then you will get an error like this when the enable-bart.fin script is run:
==============================================================================
secure.driver: Finish script: enable-bart.fin
==============================================================================

Enabling the function: Basic Auditing and Reporting Tool (BART)

[NOTE] Copying /a/var/opt/SUNWjass/BART/rules from /tmp/install_config/Files/var/opt/SUNWjass/BART/rules.
[NOTE] Setting path /a/var/opt/SUNWjass/BART/rules permissions to 444.
[NOTE] Setting path /a/var/opt/SUNWjass/BART/rules owner to 0.
[NOTE] Setting path /a/var/opt/SUNWjass/BART/rules group to 0.
Running bart create -r /a/var/opt/SUNWjass/BART/rules.
ld.so.1: bart: fatal: libmd.so.1: open failed: No such file or directory
DEBUG: matched ignored error message
[ERR ] BART create failed; return code 1. Manifest file
/a/var/opt/SUNWjass/BART/manifests/20071002094411.failed.txt.

[NOTE] Removing saved file, /a/var/opt/SUNWjass/BART/rules.JASS.20071002095649
The cause of the problem lies in how BART is executed in a mini-root environment. The BART executable does not exist in the Solaris 10 mini-root so JASS runs it from the system being installed i.e. /a/usr/bin/bart. The newly patched /a/usr/bin/bart is now linked against the new /lib/libmd.so.1 library delivered by this patch, which is also not present in the mini-root of older Solaris 10 releases (though it is in 8/07).

The fix is simple enough:
Index: Finish/enable-bart.fin
===================================================================
--- Finish/enable-bart.fin (revision 666)
+++ Finish/enable-bart.fin (working copy)
@@ -44,6 +44,8 @@
# file is deleted after Solaris is first booted.
#
logMessage 'Running bart create -r ${JASS_ROOT_DIR}${RULES}.'
+ LD_LIBRARY_PATH=${JASS_ROOT_DIR}/lib
+ export LD_LIBRARY_PATH
${BART} create -R "${JASS_ROOT_DIR}" -r "${JASS_ROOT_DIR}${RULES}" \
| egrep -v '^/var/|^/etc/rc2.d/S82mkdtab' \
> "${CONTROL_MANIFEST_FILE}"