Configuring Sun WebServer as SMF service on solaris 10 as non root user
Monday Aug 04, 2008
It is quite easy to configure Sun Web server 7.0 as SMF service on solaris 10 that could be operated by non root user.
Below are the steps defined to do that.
1. edit /etc/security/auth_attr file to authorize non root user
ex:- add following line:-
solaris.smf.manage.network/http:::Manage Web Server Service States::
Also make sure this file has below line:-
Note: solaris.smf.manage.:::Manage All SMF Service States::help=SmfManageHeader.html
2. Run following command to grant access to webservd
usermod -A solaris.smf.manage.network/http webservd
3. You can check property running following command:-
svcprop -p general network/http
output of this command in my system is:-
general/entity_stability astring Evolving
general/action_authorization astring solaris.smf.manage.network/http
general/value_authorization astring solaris.smf.manage.network/http
4. configure using svccfg as below:-
svccfg -s network/http setprop general/action_authorization=astring:"solaris.smf.manage.network/http"
5. Make configuration active using following command:-
bash-3.00# svcadm refresh network/http
output of this command in my system is:-
svcadm: Pattern 'network/http' matches multiple instances:
svc:/network/http:space1_ranajit_ws7_0_instance1_https-shaula
svc:/network/http:space1_ranajit_ws7_0_instance1_admin-server
svc:/network/http:https-shaula
svc:/network/http:admin-server
svc:/network/http:apache2
Now configuration is complete. So user (here webservd) should be able to start/stop service
as below:-
/usr/sbin/svcadm enable svc:/network/http:space1_ranajit_ws7_0_instance1_https-shaula
