Check Point VPN-1/FireWall-1

NG AI install fails on patched Sun Solaris 

AERAsec Network Services and Security GmbH

 

Platform:  Sun Solaris 8 and Sun Solaris 9 with latest recommended patches
Product: Check Point Next Generation 
Problem: The installation of NG AI is stopped with an error after the installation of SVN. When attempting to install the package CPfw1 there is a message, that CPShared (SVN foundation) isn't installed - but it is.
The scripts for installing CPfw1 don't have the right to access the CPShared directory - even if it's world-accessible. 
Workaround/Fix:

The reason is a modification on the program pkgadd, done by the patch
 110934-21 for Sun Solaris 8
 113713-17 for Sun Solaris 9
By these patches pkgadd is setuid 'nobody' while executing the Check Point install scripts. Before, it ran as 'root'. Exactly that's what the scripts need, because most of the Check Point packages are owned by 'root' with 700 permissions. 
To install the package CPfw1, we recommend to de-install the patch listed above. After the installation, the patches should be re-installed. 

 

No warranty at all, your Feedback is welcome!
© 2004-2010 AERAsec Network Services and Security GmbH, last change 2005-04-09
back to http://www.vpn-1.de/aerasec/