Vous êtes ici : Formations en Ligne Gratuites » Catalogue » workbooks » Solaris » Solaris 10 » Solaris - Administration Système » SO202 - Gestion des Paquets

Ceci est une ancienne révision du document !

Table des matières

Dernière mise-à-jour : 2020/01/30 03:36

SO211 - Gestion des Paquets

Les commandes pkg*

Afin de faciliter l'installation, la désinstallation et la gestion des logiciels (appelés paquets) sous Solaris, celui-ci fournit les commandes suivantes :

  • pkginfo,
    • fournit des informations sur les paquets,
  • pkgadd,
    • permet d'installer un paquet,
  • pkgchk,
    • permet de vérifier un paquet,
  • pkgrm
    • permet de supprimer un paquet.

pkginfo

Afin de connaître la liste des paquets installés sur la machine, il convient de saisir la commande suivante dans une fenêtre de console en tant que root : 

# pkginfo | more
system      BRCMbnx                          Broadcom NetXtreme II Gigabit Ethernet Adapter Driver
system      BRCMbnxe                         Broadcom NetXtreme II 10GbE NIC Driver
system      CADP160                          Adaptec Ultra160 SCSI Host Adapter
Driver
system      CPQary3                          HP Smart Array HBA Driver 2.4.4.1
system      HPFC                             Agilent Fibre Channel HBA Driver
system      NCRos86r                         NCR Platform Support, OS Functionality (Root)
system      NVDAgraphics                     NVIDIA Graphics System Software
system      NVDAgraphicsr                    NVIDIA Graphics System Device Driver
system      SK98sol                          SysKonnect SK-NET Gigabit Ethernet
Adapter SK-98xx
system      SKfp                             SysKonnect PCI-FDDI Host Adapter
system      SUNW1251f                        Russian 1251 fonts
system      SUNW1394                         Sun IEEE1394 Framework
system      SUNW1394h                        Sun IEEE1394 Framework Header FilesALE         SUNW5ttf                         Traditional Chinese (BIG5) True Type Fonts Package
ALE         SUNW5xmft                        Traditional Chinese (BIG5) X Window--A suivre--
--A suivre--

Afin de connaître le nombre total de paquets installés sur la machine, utilisez la commande suivante : 

# pkginfo | wc -l
    1182

Imaginons maintenant que vous souhaitez vérifier si un paquet, tel make, est déjà installé sur la machine. Dans ce cas, il convient d'utiliser la commande suivante : 

# pkginfo | grep -i make
system      SUNWgm4                          gmake - GNU m4
system      SUNWgmake                        gmake - GNU make
system      SUNWxcu4t                        XCU4 make and sccs utilities

Afin de connaître les détails du paquet SUNWgmake, il convient de saisir la commande suivante : 

# pkginfo -l SUNWgmake
   PKGINST:  SUNWgmake
      NAME:  gmake - GNU make
  CATEGORY:  system
      ARCH:  i386
   VERSION:  11.10.0,REV=2005.01.08.01.09
   BASEDIR:  /
    VENDOR:  Oracle Corporation
      DESC:  GNU make - A utility used to build software (gmake) 3.81
    PSTAMP:  sfw10-patch-x20110415095755
  INSTDATE:  Jun 02 2013 14:27
   HOTLINE:  Please contact your local service provider
    STATUS:  Installation complète.
     FILES:        4 chemins d'accès installés
                   3 chemins d'accès partagés
                   3 répertoires
                   1 exécutables
                 499 blocs utilisés (env.)

Options de la Commande

Les options de cette commande sont : 

# pkginfo --help
pkginfo: option non admise -- help
syntaxe :
pkginfo [-q] [-pi] [-x|l] [options] [pkg ...]
pkginfo -d périph [-q] [-x|l] [options] [mod ...]
où
  -q #quiet mode
  -p #select partially installed packages
  -i #select completely installed packages
  -x #extracted listing
  -l #long listing
  -r #relocation base
et options pouvant être :
  -c catégorie, [catégorie...]
  -a architecture
  -v version

pkgchk

La commande pkgchk retourne tout paquet contenant la chaîne recherchée. Si vous souhaitez savoir quel paquet a installé un fichier spécifique tel /usr/sfw/bin/gmake, utilisez donc la commande suivante : 

# pkgchk -lP /usr/sfw/bin/gmake > gmake.pkgchk; cat gmake.pkgchk
Pathname: /usr/sfw/bin/gmake
Type: regular file
Expected mode: 0555
Expected owner: root
Expected group: bin
Expected file size (bytes): 255276
Expected sum(1) of contents: 41798
Expected last modification: déc  15 12:13:11 2009
Referenced by the following packages:
        SUNWgmake
Current status: installed

Options de la Commande

Les options de cette commande sont : 

# pkgchk --help
pkgchk: option non admise -- help
syntaxe :
        pkgchk [-l|vqacnxf] [-R répert_racine] [-p chemin[, ...] | -P chemin[, ...]]
                [-i fichier] [options]
        pkgchk -d périphérique [-f][-l|v] [-p chemin[, ...] | -P chemin[, ...]]
                [-V ...] [-M] [-i fichier] [-Y catégorie[, ...] | pkginst [...]]        les options peuvent inclure l'UNE des options suivantes :
                -m pkgmap [-e envfile]
                pkginst [...]
                -Y catégorie[, ...]

pkgadd

Pour ajouter un paquet en ligne de commande en mode intéractif, on utilise la commande suivante : 

# pkgadd -d /chemin_vers_le(s)_paquet(s) [Entrée]

Options de la Commande

Les options de cette commande sont : 

# pkgadd --help
pkgadd: option non admise -- help
syntaxe :
        pkgadd [-nvi] [-d périphérique] [[-M] -R chemin_hôte] [-V fichier_fs] [-a fichier_admin] [-r réponse] [-x proxy] [-k base_clés] [-G] [ -P mot_de_passe] [-Y catégorie[,catégorie ...] | pkg [pkg ...]]
        pkgadd -s dir [-d périphérique] [-x proxy] [-k base_clés] [-G] [-P mot_de_passe] [-Y catégorie[,catégorie ...] | pkg [pkg ...]]

pkgrm

Pour désinstaller un paquet, il convient d'utiliser la commande pkgrm : 

# pkgrm nom_du_paquet

Options de la Commande

Les options de cette commande sont : 

# pkgrm --help
pkgrm: option non admise -- help
syntaxe :
        pkgrm [-a admin] [-n] [[-M|-A] -R chemin_machine-hôte] [-V fichier_fs] [-v] [-Y catégorie[,catégorie ...] | pkg [pkg ...]]
        pkgrm -s spool [-Y catégorie[,catégorie ...] | pkg [pkg ...]]

pkgutil

La commande pkgutil permet d'installer des paquets à partir des dépôts https://www.opencsw.org.

Commencez par installer le paquet pkgutil : 

# pkgadd -d http://get.opencsw.org/now

## Downloading...
..............25%..............50%..............75%..............100%
## Download Complete


The following packages are available:
  1  CSWpkgutil     pkgutil - Installs Solaris packages easily
                    (all) 2.6.7,REV=2014.10.16

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1

Traitement de la copie du module <CSWpkgutil> à partir de <http://get.opencsw.org/now> en cours...

pkgutil - Installs Solaris packages easily(all) 2.6.7,REV=2014.10.16
Please see /opt/csw/share/doc/pkgutil/license for license information.
## Traitement des données du module en cours...
## Traitement des données système en cours...
## Vérification des fichiers dépendants du module en cours...
## Vérification de l'espace disque requis
## Checking for conflicts with packages already installés.
## Vérification des programmes setuid/setgid en cours...

Ce module contient des scripts qui seront exécutés avec les
autorisations de superutilisateur lors du processus d'installation.

Souhaitez-vous poursuivre l'installation de <CSWpkgutil> ? [y,n,?] y

Installation de pkgutil - Installs Solaris packages easily en <CSWpkgutil> en cours...
## Intallation de l'élément 1 de 1 en cours...
/etc/opt/csw/pkgutil.conf.CSW
/etc/opt/csw <répertoire implicite>
/opt/csw/bin/pkgutil
/opt/csw <répertoire implicite>
/opt/csw/bin <répertoire implicite>
/opt/csw/etc/pkgutil.conf.CSW
/opt/csw/etc <répertoire implicite>
/opt/csw/libexec/pkgutil/wget-i386
/opt/csw/libexec/pkgutil/wget-sparc
/opt/csw/share/doc/pkgutil/license
/opt/csw/share/doc/pkgutil/readme
/opt/csw/share/man/man1/pkgutil.1
/opt/csw/var/pkgutil/admin.CSW
[ vérification de la classe <none> en cours...]
## Exécution du script de post-installation

Copying sample pkgutil.conf to /opt/csw/etc.
Copying sample pkgutil.conf to /etc/opt/csw.
Copying sample admin from /opt/csw/var/pkgutil to /var/opt/csw/pkgutil.

NOTE!
NOTE! Make sure to check out any changes in /etc/opt/csw/pkgutil.conf.CSW.
NOTE!


L'installation de <CSWpkgutil> a abouti.

Il convient ensuite de chercher le catalogue de pkgutil : 

# /opt/csw/bin/pkgutil -U
=> Fetching new catalog and descriptions (http://mirror.opencsw.org/opencsw/testing/i386/5.10) if available ...
==> 3772 packages loaded from /var/opt/csw/pkgutil/catalog.mirror.opencsw.org_opencsw_testing_i386_5.10

Installez maintenant le paquet vim : 

# /opt/csw/bin/pkgutil -a vim
common               package              catalog                        size
gvim                 CSWgvim              7.4.801,REV=2015.08.12       1.1 MB
vim                  CSWvim               7.4.801,REV=2015.08.11       1.0 MB
vimrt                CSWvimrt             7.4.801,REV=2015.08.11       8.4 MB

# /opt/csw/bin/pkgutil -y -i vim
Solving needed dependencies ...
Solving dependency order ...
Install 13 NEW packages:
        CSWcommon-1.5,REV=2010.12.11 (opencsw/testing)
        CSWggettext-data-0.18.1.1,p,REV=2011.03.15 (opencsw/testing)
        CSWiconv-1.14,REV=2011.08.08 (opencsw/testing)
        CSWlibcharset1-1.14,REV=2011.08.07 (opencsw/testing)
        CSWlibgcc-s1-4.9.2,REV=2014.11.07 (opencsw/testing)
        CSWlibiconv2-1.14,REV=2011.08.07 (opencsw/testing)
        CSWlibintl8-0.18.1.1,p,REV=2011.03.15 (opencsw/testing)
        CSWlibncurses5-5.9,REV=2011.11.21 (opencsw/testing)
        CSWlibpython2-7-1-0-2.7.8,REV=2014.09.23 (opencsw/testing)
        CSWterminfo-5.9,REV=2014.11.28 (opencsw/testing)
        CSWterminfo-rxvt-unicode-9.20,REV=2014.10.31 (opencsw/testing)
        CSWvim-7.4.801,REV=2015.08.11 (opencsw/testing)
        CSWvimrt-7.4.801,REV=2015.08.11 (opencsw/testing)
Total size: 15.0 MB
=> Fetching CSWcommon-1.5,REV=2010.12.11 (1/13) ...
=> Fetching CSWterminfo-rxvt-unicode-9.20,REV=2014.10.31 (2/13) ...
=> Fetching CSWlibiconv2-1.14,REV=2011.08.07 (3/13) ...
=> Fetching CSWlibcharset1-1.14,REV=2011.08.07 (4/13) ...
=> Fetching CSWlibgcc-s1-4.9.2,REV=2014.11.07 (5/13) ...
=> Fetching CSWterminfo-5.9,REV=2014.11.28 (6/13) ...
=> Fetching CSWggettext-data-0.18.1.1,p,REV=2011.03.15 (7/13) ...
=> Fetching CSWiconv-1.14,REV=2011.08.08 (8/13) ...
=> Fetching CSWvimrt-7.4.801,REV=2015.08.11 (9/13) ...
=> Fetching CSWlibpython2-7-1-0-2.7.8,REV=2014.09.23 (10/13) ...
=> Fetching CSWlibncurses5-5.9,REV=2011.11.21 (11/13) ...
=> Fetching CSWlibintl8-0.18.1.1,p,REV=2011.03.15 (12/13) ...
=> Fetching CSWvim-7.4.801,REV=2015.08.11 (13/13) ...

=> Installing CSWcommon-1.5,REV=2010.12.11 (1/13) ...

L'installation de <CSWcommon> a abouti.

=> Installing CSWterminfo-rxvt-unicode-9.20,REV=2014.10.31 (2/13) ...
Please see /opt/csw/share/doc/terminfo_rxvt_unicode/license for license information.

L'installation de <CSWterminfo-rxvt-unicode> a abouti.

...

L'installation de <CSWvim> a abouti.

Les fichiers de configuration de pkgutil sont /opt/csw/etc/pkgutil.conf et /etc/opt/csw/pkgutil.conf : 

# ls -l /opt/csw/etc
total 20
-rw-r--r--   1 root     bin         4529 oct  16  2014 pkgutil.conf
-rw-r--r--   1 root     bin         4529 oct  16  2014 pkgutil.conf.CSW
# ls -l /etc/opt/csw/
total 22
drwxr-xr-x  14 root     bin          512 nov  17 07:47 pkg-hooks
-rw-r--r--   1 root     bin         4529 oct  16  2014 pkgutil.conf
-rw-r--r--   1 root     bin         4529 oct  16  2014 pkgutil.conf.CSW
# cat /opt/csw/etc/pkgutil.conf
# Configuration file for pkgutil

# $Id: pkgutil.conf 448 2012-02-04 14:22:21Z bonivart $

# Master configuration file is placed in /opt/csw/etc. Place a pkgutil.conf
# file in /etc/opt/csw if you want a local override setting-by-setting.

# Nothing below is mandatory to change, pkgutil will use the default values
# noted below for each option unless something is uncommented.

# Catalog not cached
# Tells your proxy server to disable caching during fetching
# of the catalog and descriptions.
# Default: true
#catalog_not_cached=true

# Catalog update interval
# Number of days between automatic catalog updates. Special cases are -1
# if you want to disable automatic updates and 0 if you always want to
# update the catalog.
# Default: 14
#catalog_update=14

# Filter out CSWcommon from --deptree output
# Set this to true if you don't want to see lots of lines with CSWcommon.
# Default: false
#deptree_filter_common=true

# Exclude pattern
# Space separated list of simple patterns that will exclude matching packages
# when updating or installing.
# Default: blank
#exclude_pattern=

# gpg homedir
# The path to the gpg directory (instead of ~/.gnupg) when verifying the
# catalogs integrity.
# NOTE: we recommend you install the CSWcswpki package for
#       easiest handling of the keys
# Default: blank
#gpg_homedir=

# Max package list length
# During dependency calculation the recursive algorithm needs to be protected
# against cyclic dependencies in the catalog (packages that list each other
# as dependencies) or pkgutil will not stop until memory is exhausted.
# Default: 100000
#maxpkglist=100000

# Mirror to use for downloads
# See http://www.opencsw.org/mirrors for alternative mirrors.
# NOTE: remember to include distribution (e.g. testing) at the end of the url.
# NOTE: you can have multiple mirrors by defining multiple mirror lines.
# Default: http://mirror.opencsw.org/opencsw/testing
#mirror=http://mirror.opencsw.org/opencsw/testing

# Support non-CSW packages
# If you have your own packages that have a different prefix that you want
# to use with pkgutil you must enable this otherwise pkgutil will skip every
# package not prefixed by CSW.
# NOTE: this also affects options like -c/C, however it's easy to filter the
#       output if wanted, e.g. "pkgutil -C CSW".
# Default: false
#noncsw=true

# Options to use for pkgadd
# You can set it to -S to skip displaying the license during install.
# Solaris 10: If you wish to limit pkgutil to installing packages
#             only to the global zone, set it to -G. Note that pkgrm
#             does not have the same option.
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#pkgaddopts=-G -S

# Style of package list when installing/upgrading packages
# 0 is the one used since the first version of pkgutil, it's space efficient
# but less readable. 1 is the one introduced in v1.7, it's one package per
# line which is easier to read. 2 is the same as 1 but also displays which
# distribution a package comes from, e.g. unstable or stable.
# Default: 2
#pkgliststyle=2

# Options to use for pkgrm
# Solaris 10: If you wish to limit pkgutil to removing packages
#             only in the global zone, set it to -O nozones.
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#pkgrmopts=-O nozones

# Root path to use
# WARNING: do not modify this unless you know what you're doing.
# Default: /
#root_path=/a

# Show the current list of packages or not
# You can choose to not show the list of current packages to get less output
# when doing operations.
# Default: true
#show_current=true

# How to handle soft errors from hooks that are called
# A hook that exits with code 1 will cause pkgutil to stop. If this value is
# true, exit code 2 will also cause pkgutil to stop. Exit code 2 is a non-fatal
# error condition from a hook and it is a site dependent choice whether or
# not to honour this condition. Set to true to enable# Default: false
#stop_on_hook_soft_error=false

# Use of gpg, md5
# To enable use of gpg or md5, uncomment these
# NOTE: it doesn't make sense to use md5 but not gpg so your options should be:
#       1. both disabled, 2. gpg enabled, 3. both enabled.
# Default: false, false
#use_gpg=true
#use_md5=true

# Options to use for wget
# You can also use any option from wgetrc with --execute, e.g.
# "--execute http_proxy=http://proxy.foo.bar".
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#wgetopts=-U pkgutil
#
# cat /etc/opt/csw/pkgutil.conf
# Configuration file for pkgutil

# $Id: pkgutil.conf 448 2012-02-04 14:22:21Z bonivart $

# Master configuration file is placed in /opt/csw/etc. Place a pkgutil.conf
# file in /etc/opt/csw if you want a local override setting-by-setting.

# Nothing below is mandatory to change, pkgutil will use the default values
# noted below for each option unless something is uncommented.

# Catalog not cached
# Tells your proxy server to disable caching during fetching
# of the catalog and descriptions.
# Default: true
#catalog_not_cached=true

# Catalog update interval
# Number of days between automatic catalog updates. Special cases are -1
# if you want to disable automatic updates and 0 if you always want to
# update the catalog.
# Default: 14
#catalog_update=14

# Filter out CSWcommon from --deptree output
# Set this to true if you don't want to see lots of lines with CSWcommon.
# Default: false
#deptree_filter_common=true

# Exclude pattern
# Space separated list of simple patterns that will exclude matching packages
# when updating or installing.
# Default: blank
#exclude_pattern=

# gpg homedir
# The path to the gpg directory (instead of ~/.gnupg) when verifying the
# catalogs integrity.
# NOTE: we recommend you install the CSWcswpki package for
#       easiest handling of the keys
# Default: blank
#gpg_homedir=

# Max package list length
# During dependency calculation the recursive algorithm needs to be protected
# against cyclic dependencies in the catalog (packages that list each other
# as dependencies) or pkgutil will not stop until memory is exhausted.
# Default: 100000
#maxpkglist=100000

# Mirror to use for downloads
# See http://www.opencsw.org/mirrors for alternative mirrors.
# NOTE: remember to include distribution (e.g. testing) at the end of the url.
# NOTE: you can have multiple mirrors by defining multiple mirror lines.
# Default: http://mirror.opencsw.org/opencsw/testing
#mirror=http://mirror.opencsw.org/opencsw/testing

# Support non-CSW packages
# If you have your own packages that have a different prefix that you want
# to use with pkgutil you must enable this otherwise pkgutil will skip every
# package not prefixed by CSW.
# NOTE: this also affects options like -c/C, however it's easy to filter the
#       output if wanted, e.g. "pkgutil -C CSW".
# Default: false
#noncsw=true

# Options to use for pkgadd
# You can set it to -S to skip displaying the license during install.
# Solaris 10: If you wish to limit pkgutil to installing packages
#             only to the global zone, set it to -G. Note that pkgrm
#             does not have the same option.
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#pkgaddopts=-G -S

# Style of package list when installing/upgrading packages
# 0 is the one used since the first version of pkgutil, it's space efficient
# but less readable. 1 is the one introduced in v1.7, it's one package per
# line which is easier to read. 2 is the same as 1 but also displays which
# distribution a package comes from, e.g. unstable or stable.
# Default: 2
#pkgliststyle=2

# Options to use for pkgrm
# Solaris 10: If you wish to limit pkgutil to removing packages
#             only in the global zone, set it to -O nozones.
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#pkgrmopts=-O nozones

# Root path to use
# WARNING: do not modify this unless you know what you're doing.
# Default: /
#root_path=/a

# Show the current list of packages or not
# You can choose to not show the list of current packages to get less output
# when doing operations.
# Default: true
#show_current=true

# How to handle soft errors from hooks that are called
# A hook that exits with code 1 will cause pkgutil to stop. If this value is
# true, exit code 2 will also cause pkgutil to stop. Exit code 2 is a non-fatal
# error condition from a hook and it is a site dependent choice whether or
# not to honour this condition. Set to true to enable.
# Default: false
#stop_on_hook_soft_error=false

# Use of gpg, md5
# To enable use of gpg or md5, uncomment these
# NOTE: it doesn't make sense to use md5 but not gpg so your options should be:
#       1. both disabled, 2. gpg enabled, 3. both enabled.
# Default: false, false
#use_gpg=true
#use_md5=true

# Options to use for wget
# You can also use any option from wgetrc with --execute, e.g.
# "--execute http_proxy=http://proxy.foo.bar".
# WARNING: do not modify this unless you know what you're doing.
# Default: blank
#wgetopts=-U pkgutil
#

La raison de cette duplicité est liée à l'utilisation des zones. Dans le cas d'une Small ou Sparse zone le répertoire /opt est partagé avec la zone Globale. Pour cette raison les directives propre à la Small ou Sparse zone sans stockée dans le fichier /etc/opt/csw/pkgutil.conf.

Les binaires téléchargés se trouvent dans le répertoire /opt/csw/bin : 

# ls -l /opt/csw/bin
total 4936
drwxr-xr-x   2 root     bin          512 nov  17 07:47 amd64
lrwxrwxrwx   1 root     root           3 nov  17 07:48 ex -> vim
drwxr-xr-x   2 root     bin          512 nov  17 07:47 i486
drwxr-xr-x   2 root     bin          512 nov  17 07:47 pentium
-rwxr-xr-x   1 root     bin       106397 oct  16  2014 pkgutil
lrwxrwxrwx   1 root     root           3 nov  17 07:48 rview -> vim
lrwxrwxrwx   1 root     root           3 nov  17 07:48 rvim -> vim
lrwxrwxrwx   1 root     root           3 nov  17 07:48 view -> vim
-rwxr-xr-x   1 root     bin      2375548 août 11 17:28 vim
lrwxrwxrwx   1 root     root           3 nov  17 07:48 vimdiff -> vim
-rwxr-xr-x   1 root     bin         2084 août 11 17:28 vimtutor
-rwxr-xr-x   1 root     bin        17300 août 11 17:28 xxd

Les manuels se trouvent dans le répertoire /opt/csw/share/man : 

# ls -l /opt/csw/share/man
total 26
drwxr-xr-x   3 root     bin          512 nov  17 07:48 fr
drwxr-xr-x   3 root     bin          512 nov  17 07:48 fr.ISO8859-1
drwxr-xr-x   3 root     bin          512 nov  17 07:48 fr.UTF-8
drwxr-xr-x   3 root     bin          512 nov  17 07:48 it
drwxr-xr-x   3 root     bin          512 nov  17 07:48 it.ISO8859-1
drwxr-xr-x   3 root     bin          512 nov  17 07:48 it.UTF-8
drwxr-xr-x   3 root     bin          512 nov  17 07:48 ja
drwxr-xr-x   2 root     bin          512 nov  17 07:48 man1
drwxr-xr-x   3 root     bin          512 nov  17 07:48 pl
drwxr-xr-x   3 root     bin          512 nov  17 07:48 pl.ISO8859-2
drwxr-xr-x   3 root     bin          512 nov  17 07:48 pl.UTF-8
drwxr-xr-x   3 root     bin          512 nov  17 07:48 ru.KOI8-R
drwxr-xr-x   3 root     bin          512 nov  17 07:48 ru.UTF-8

Afin de prendre en compte ces réperoires lors de l'appel des binaires et des manuels, éditez le fichier /etc/default/login ainsi : 

...
# PATH sets the initial shell PATH variable
#
PATH=/opt/csw/bin:/usr/bin:

# SUPATH sets the initial shell PATH variable for root
#
SUPATH=/opt/csw/bin:/usr/sbin:/usr/bin
MANPATH=/opt/csw/share/man:/usr/dt/man:/usr/man:/usr/openwin/share/man
...

Afin que ces modifications soient prises en compte, déconnectez-vous puis reconnectez-vous à votre VM.

Chaque paquet est livré avec une signature digital. Il convient maintenant d'installer cswpki pour pouvoir les vérifier : 

# pkgutil -y -i cswpki
Solving needed dependencies ...
Solving dependency order ...
10 CURRENT packages:
        CSWcommon-1.5,REV=2010.12.11
        CSWggettext-data-0.18.1.1,p,REV=2011.03.15
        CSWiconv-1.14,REV=2011.08.08
        CSWlibcharset1-1.14,REV=2011.08.07
        CSWlibgcc-s1-4.9.2,REV=2014.11.07
        CSWlibiconv2-1.14,REV=2011.08.07
        CSWlibintl8-0.18.1.1,p,REV=2011.03.15
        CSWlibncurses5-5.9,REV=2011.11.21
        CSWterminfo-5.9,REV=2014.11.28
        CSWterminfo-rxvt-unicode-9.20,REV=2014.10.31
Install 16 NEW packages:
        CSWcacertificates-20120511,REV=2012.05.11 (opencsw/testing)
        CSWcas-migrateconf-1.50,REV=2015.01.17 (opencsw/testing)
        CSWcas-preserveconf-1.50,REV=2015.01.17 (opencsw/testing)
        CSWcas-texinfo-1.50,REV=2015.01.17 (opencsw/testing)
        CSWcswpki-1.1,REV=2013.01.11 (opencsw/testing)
        CSWgnupg-1.4.16,REV=2014.05.09 (opencsw/testing)
        CSWisaexec-0.2,REV=2009.03.26 (opencsw/testing)
        CSWlibbz2-1-0-1.0.6,REV=2011.08.18 (opencsw/testing)
        CSWlibcurl4-7.45.0,REV=2015.10.07 (opencsw/testing)
        CSWlibidn11-1.26,REV=2013.01.01 (opencsw/testing)
        CSWliblber2-4-2-2.4.40,REV=2015.06.23 (opencsw/testing)
        CSWlibldap2-4-2-2.4.40,REV=2015.06.23 (opencsw/testing)
        CSWlibreadline6-6.3,REV=2015.10.19 (opencsw/testing)
        CSWlibsasl2-2-2.1.25,REV=2012.05.06 (opencsw/testing)
        CSWlibssl1-0-0-1.0.1p,REV=2015.07.09 (opencsw/testing)
        CSWlibz1-1.2.8,REV=2013.09.23 (opencsw/testing)
Total size: 6.7 MB
=> Fetching CSWcas-preserveconf-1.50,REV=2015.01.17 (1/16) ...
=> Fetching CSWcas-migrateconf-1.50,REV=2015.01.17 (2/16) ...
=> Fetching CSWliblber2-4-2-2.4.40,REV=2015.06.23 (3/16) ...
=> Fetching CSWlibssl1-0-0-1.0.1p,REV=2015.07.09 (4/16) ...
=> Fetching CSWlibsasl2-2-2.1.25,REV=2012.05.06 (5/16) ...
=> Fetching CSWcacertificates-20120511,REV=2012.05.11 (6/16) ...
=> Fetching CSWlibz1-1.2.8,REV=2013.09.23 (7/16) ...
=> Fetching CSWlibldap2-4-2-2.4.40,REV=2015.06.23 (8/16) ...
=> Fetching CSWlibreadline6-6.3,REV=2015.10.19 (9/16) ...
=> Fetching CSWlibbz2-1-0-1.0.6,REV=2011.08.18 (10/16) ...
=> Fetching CSWisaexec-0.2,REV=2009.03.26 (11/16) ...
=> Fetching CSWcas-texinfo-1.50,REV=2015.01.17 (12/16) ...
=> Fetching CSWlibidn11-1.26,REV=2013.01.01 (13/16) ...
=> Fetching CSWlibcurl4-7.45.0,REV=2015.10.07 (14/16) ...
=> Fetching CSWgnupg-1.4.16,REV=2014.05.09 (15/16) ...
=> Fetching CSWcswpki-1.1,REV=2013.01.11 (16/16) ...

=> Installing CSWcas-preserveconf-1.50,REV=2015.01.17 (1/16) ...
Please see /opt/csw/share/doc/cas_preserveconf/license for license information.

L'installation de <CSWcas-preserveconf> a abouti.

=> Installing CSWcas-migrateconf-1.50,REV=2015.01.17 (2/16) ...
Please see /opt/csw/share/doc/cas_migrateconf/license for license information.

L'installation de <CSWcas-migrateconf> a abouti.

=> Installing CSWliblber2-4-2-2.4.40,REV=2015.06.23 (3/16) ...
Please see /opt/csw/share/doc/liblber2_4_2/license for license information.

L'installation de <CSWliblber2-4-2> a abouti.

=> Installing CSWlibssl1-0-0-1.0.1p,REV=2015.07.09 (4/16) ...
Please see /opt/csw/share/doc/libssl1_0_0/license for license information.

L'installation de <CSWlibssl1-0-0> a abouti.

=> Installing CSWlibsasl2-2-2.1.25,REV=2012.05.06 (5/16) ...
Please see /opt/csw/share/doc/libsasl2_2/license for license information.

L'installation de <CSWlibsasl2-2> a abouti.

=> Installing CSWcacertificates-20120511,REV=2012.05.11 (6/16) ...
Copying sample config to /etc/opt/csw/ca-certificates.conf

Updating certificates in /etc/opt/csw/ssl/certs...done.

L'installation de <CSWcacertificates> a abouti.

=> Installing CSWlibz1-1.2.8,REV=2013.09.23 (7/16) ...
Please see /opt/csw/share/doc/libz1/license for license information.

L'installation de <CSWlibz1> a abouti.

=> Installing CSWlibldap2-4-2-2.4.40,REV=2015.06.23 (8/16) ...
Please see /opt/csw/share/doc/libldap2_4_2/license for license information.

L'installation de <CSWlibldap2-4-2> a abouti.

=> Installing CSWlibreadline6-6.3,REV=2015.10.19 (9/16) ...
Please see /opt/csw/share/doc/libreadline6/license for license information.

L'installation de <CSWlibreadline6> a abouti.

=> Installing CSWlibbz2-1-0-1.0.6,REV=2011.08.18 (10/16) ...
Please see /opt/csw/share/doc/libbz2_1_0/license for license information.

L'installation de <CSWlibbz2-1-0> a abouti.

=> Installing CSWisaexec-0.2,REV=2009.03.26 (11/16) ...
This interesting packaging hack is copyrighted by Philip Brown,
phil@bolthole.com
You may copy, install, and otherwise redistribute this package as you like,
without having to pay any fee, so long as it remain unchanged, and this notice
remain intact as the copyright notice.
Copying /usr/lib/isaexec to /opt/csw/bin/isaexec

L'installation de <CSWisaexec> a abouti.

=> Installing CSWcas-texinfo-1.50,REV=2015.01.17 (12/16) ...
Please see /opt/csw/share/doc/cas_texinfo/license for license information.

L'installation de <CSWcas-texinfo> a abouti.

=> Installing CSWlibidn11-1.26,REV=2013.01.01 (13/16) ...
Please see /opt/csw/share/doc/libidn11/license for license information.

L'installation de <CSWlibidn11> a abouti.

=> Installing CSWlibcurl4-7.45.0,REV=2015.10.07 (14/16) ...
Please see /opt/csw/share/doc/libcurl4/license for license information.

L'installation de <CSWlibcurl4> a abouti.

=> Installing CSWgnupg-1.4.16,REV=2014.05.09 (15/16) ...
Please see /opt/csw/share/doc/gnupg/license for license information.
Installing class <cswtexinfo> ...
/opt/csw/share/info/gnupg1.info (texinfo will be registered when CSWtexinfo is installed)

L'installation de <CSWgnupg> a abouti.

=> Installing CSWcswpki-1.1,REV=2013.01.11 (16/16) ...
Please see /opt/csw/share/doc/cswpki/license for license information.



pki_auto was not set to 'yes' in /etc/opt/csw/csw.conf
so the OpenCSW GPG keys are not being automatically managed.
eg: echo 'pki_auto=yes' >> /etc/opt/csw/csw.conf

If this variable had been set, we would have run:
/opt/csw/bin/cswpki --import --force

See /opt/csw/bin/cswpki --help for more information on
handling this manually.




L'installation de <CSWcswpki> a abouti.

Ensuite, téléchargez et installez la clef en utilisant gpg : 

# cswpki --import
Do you want to import the key used for: catalog signing 2011-09?
Yes/No: Yes

Importing the key used for: catalog signing 2011-09

gpg: le porte-clefs « /var/opt/csw/pki//secring.gpg » a été créé
gpg: le porte-clefs « /var/opt/csw/pki//pubring.gpg » a été créé
gpg: /var/opt/csw/pki//trustdb.gpg : base de confiance créée
gpg: clef 9306CC77 : clef publique « OpenCSW catalog signing <board@opencsw.org> » importée
gpg:       Quantité totale traitée : 1
gpg:                     importées : 1
gpg: aucune clef de confiance ultime n'a été trouvée


Do you want to import the key used for: legacy catalog verification?
Yes/No: Yes

Importing the key used for: legacy catalog verification

gpg: clef E12E9D2F : clef publique « Distribution Manager <dm@blastwave.org> » importée
gpg:       Quantité totale traitée : 1
gpg:                     importées : 1
gpg: aucune clef de confiance ultime n'a été trouvée

Vérifiez que la clef a bien été importée : 

# gpg --homedir=/var/opt/csw/pki/ --fingerprint board@opencsw.org
pub   1024D/9306CC77 2011-08-31
 Empreinte de la clef = 4DCE 3C80 AAB2 CAB1 E60C  9A3C 05F4 2D66 9306 CC77
uid                  OpenCSW catalog signing <board@opencsw.org>
sub   2048g/971EDE93 2011-08-31

Indiquez a gpg que vous accordez une confiance ultime à la clef : 

# gpg --homedir=/var/opt/csw/pki --edit-key board@opencsw.org trust
gpg (GnuPG) 1.4.16; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


pub  1024D/9306CC77  créé : 2011-08-31  expire : jamais      utilisation : SC
                     confiance : inconnu       validité : inconnu
sub  2048g/971EDE93  créé : 2011-08-31  expire : jamais      utilisation : E
[ inconnue] (1). OpenCSW catalog signing <board@opencsw.org>

pub  1024D/9306CC77  créé : 2011-08-31  expire : jamais      utilisation : SC
                     confiance : inconnu       validité : inconnu
sub  2048g/971EDE93  créé : 2011-08-31  expire : jamais      utilisation : E
[ inconnue] (1). OpenCSW catalog signing <board@opencsw.org>

Décidez maintenant de la confiance que vous portez en cet utilisateur pour
vérifier les clefs des autres utilisateurs (en regardant les passeports, en
vérifiant les empreintes depuis diverses sources, etc.)

  1 = je ne sais pas ou n'ai pas d'avis
  2 = je ne fais PAS confiance
  3 = je fais très légèrement confiance
  4 = je fais entièrement confiance
  5 = j'attribue une confiance ultime
  m = retour au menu principal

Quelle est votre décision ? 5
Voulez-vous vraiment attribuer une confiance ultime à cette clef ? (o/N) o

pub  1024D/9306CC77  créé : 2011-08-31  expire : jamais      utilisation : SC
                     confiance : ultime        validité : inconnu
sub  2048g/971EDE93  créé : 2011-08-31  expire : jamais      utilisation : E
[ inconnue] (1). OpenCSW catalog signing <board@opencsw.org>
Veuillez remarquer que la validité affichée pour la clef n'est pas
forcément correcte avant d'avoir relancé le programme.

gpg> quit

Editez /opt/csw/etc/pkgutil.conf et /etc/opt/csw/pkgutil.conf ainsi afin d'activer l'utilisation de gpg et MD5 : 

...
use_gpg=true
use_md5=true

Vous pouvez vérifier la prise en compte de ces directives avec la commande suivante : 

# pkgutil -V
- System -
Pkgutil         2.6.7
Arch            i386
Solaris         5.10
Pkg patch       119318 (119318-01 installed)
GPG binary      /opt/csw/bin/gpg
Gzip binary     /bin/gzip
Mailx binary    /bin/mailx
MD5 binary      not found (suggestion: install CSWcoreutils)
MD5 module      2.33 (primary choice for MD5)
Perl            5.008004
Perl binary     /bin/perl
Wget binary     /usr/sfw/bin/wget
PATH            /usr/sbin:/bin:/usr/bin:/opt/csw/bin

- Configuration -
catalog_not_cached      true (default: true)
catalog_update          14 (default: 14)
deptree_filter_common   false (default: false)
exclude_pattern         not set (default: none)
gpg_homedir             not set (default: none)
maxpkglist              100000 (default: 10000)
mirror                  not set
                        (default: http://mirror.opencsw.org/opencsw/testing)
noncsw                  false (default: false)
pkgaddopts              not set (default: none)
pkgliststyle            2 (default: 0)
pkgrmopts               not set (default: none)
root_path               not set (default: /)
show_current            true (default: true)
stop_on_hook_soft_error not set (default: false)
use_gpg                 true (default: false)
use_md5                 true (default: false)
wgetopts                not set (default: none)

Dernièrement téléchargez de nouveau le catalogue afin de vérifier le bon fonctionnement de gpg et MD5 : 

# pkgutil -U
=> Fetching new catalog and descriptions (http://mirror.opencsw.org/opencsw/testing/i386/5.10) if available ...
Checking integrity of /var/opt/csw/pkgutil/catalog.mirror.opencsw.org_opencsw_testing_i386_5.10 with gpg.
gpg: Signature faite le 13 novembre 2015 22:10:48 CET avec la clef DSA d'identifiant 9306CC77
gpg: vérification de la base de confiance
gpg: 3 marginale(s) nécessaire(s), 1 complète(s) nécessaire(s),
     modèle de confiance PGP
gpg: profondeur : 0  valables :   1  signées :   0
     confiance : 0 i., 0 n.d., 0 j., 0 m., 0 t., 1 u.
gpg: Bonne signature de « OpenCSW catalog signing <board@opencsw.org> »
==> 3772 packages loaded from /var/opt/csw/pkgutil/catalog.mirror.opencsw.org_opencsw_testing_i386_5.10

LAB #1 - Installer ClamAV

Utilisez pkgutil pour installer le paquet clamav, un anti-virus pour Unix : 

# pkgutil -i -y clamav
Checking integrity of /var/opt/csw/pkgutil/catalog.mirror.opencsw.org_opencsw_testing_i386_5.10 with gpg.
gpg: Signature faite le 13 novembre 2015 22:10:48 CET avec la clef DSA d'identifiant 9306CC77
gpg: Bonne signature de « OpenCSW catalog signing <board@opencsw.org> »
Solving needed dependencies ...
Solving dependency order ...
10 CURRENT packages:
        CSWcas-migrateconf-1.50,REV=2015.01.17
        CSWcommon-1.5,REV=2010.12.11
        CSWlibbz2-1-0-1.0.6,REV=2011.08.18
        CSWlibgcc-s1-4.9.2,REV=2014.11.07
        CSWlibiconv2-1.14,REV=2011.08.07
        CSWlibncurses5-5.9,REV=2011.11.21
        CSWlibssl1-0-0-1.0.1p,REV=2015.07.09
        CSWlibz1-1.2.8,REV=2013.09.23
        CSWterminfo-5.9,REV=2014.11.28
        CSWterminfo-rxvt-unicode-9.20,REV=2014.10.31
Install 8 NEW packages:
        CSWcas-cpsampleconf-1.50,REV=2015.01.17 (opencsw/testing)
        CSWcas-initsmf-1.50,REV=2015.01.17 (opencsw/testing)
        CSWcas-usergroup-1.50,REV=2015.01.17 (opencsw/testing)
        CSWclamav-0.98.7,REV=2015.04.30 (opencsw/testing)
        CSWlibclam6-0.98.7,REV=2015.04.30 (opencsw/testing)
        CSWlibltdl7-2.4.5,REV=2015.02.05 (opencsw/testing)
        CSWlibstdc++6-4.9.2,REV=2014.11.07 (opencsw/testing)
        CSWlibxml2-2-2.9.2,REV=2015.10.23 (opencsw/testing)
Total size: 11.5 MB
=> Fetching CSWlibxml2-2-2.9.2,REV=2015.10.23 (1/8) ...
MD5 for CSWlibxml2-2-2.9.2,REV=2015.10.23 matched.
=> Fetching CSWlibstdc++6-4.9.2,REV=2014.11.07 (2/8) ...
MD5 for CSWlibstdc++6-4.9.2,REV=2014.11.07 matched.
=> Fetching CSWlibltdl7-2.4.5,REV=2015.02.05 (3/8) ...
MD5 for CSWlibltdl7-2.4.5,REV=2015.02.05 matched.
=> Fetching CSWlibclam6-0.98.7,REV=2015.04.30 (4/8) ...
MD5 for CSWlibclam6-0.98.7,REV=2015.04.30 matched.
=> Fetching CSWcas-usergroup-1.50,REV=2015.01.17 (5/8) ...
MD5 for CSWcas-usergroup-1.50,REV=2015.01.17 matched.
=> Fetching CSWcas-initsmf-1.50,REV=2015.01.17 (6/8) ...
MD5 for CSWcas-initsmf-1.50,REV=2015.01.17 matched.
=> Fetching CSWcas-cpsampleconf-1.50,REV=2015.01.17 (7/8) ...
MD5 for CSWcas-cpsampleconf-1.50,REV=2015.01.17 matched.
=> Fetching CSWclamav-0.98.7,REV=2015.04.30 (8/8) ...
MD5 for CSWclamav-0.98.7,REV=2015.04.30 matched.

=> Installing CSWlibxml2-2-2.9.2,REV=2015.10.23 (1/8) ...
Please see /opt/csw/share/doc/libxml2_2/license for license information.

L'installation de <CSWlibxml2-2> a abouti.

=> Installing CSWlibstdc++6-4.9.2,REV=2014.11.07 (2/8) ...
Please see /opt/csw/share/doc/libstdc++6/license for license information.

L'installation de <CSWlibstdc++6> a abouti.

=> Installing CSWlibltdl7-2.4.5,REV=2015.02.05 (3/8) ...
Please see /opt/csw/share/doc/libltdl7/license for license information.

L'installation de <CSWlibltdl7> a abouti.

=> Installing CSWlibclam6-0.98.7,REV=2015.04.30 (4/8) ...
Please see /opt/csw/share/doc/libclam6/license for license information.

L'installation de <CSWlibclam6> a abouti.

=> Installing CSWcas-usergroup-1.50,REV=2015.01.17 (5/8) ...
Please see /opt/csw/share/doc/cas_usergroup/license for license information.

L'installation de <CSWcas-usergroup> a abouti.

=> Installing CSWcas-initsmf-1.50,REV=2015.01.17 (6/8) ...
Please see /opt/csw/share/doc/cas_initsmf/license for license information.

L'installation de <CSWcas-initsmf> a abouti.

=> Installing CSWcas-cpsampleconf-1.50,REV=2015.01.17 (7/8) ...
Please see /opt/csw/share/doc/cas_cpsampleconf/license for license information.

L'installation de <CSWcas-cpsampleconf> a abouti.

=> Installing CSWclamav-0.98.7,REV=2015.04.30 (8/8) ...
Please see /opt/csw/share/doc/clamav/license for license information.
Installing class <cswusergroup> ...
Group clamav has been added
User clamav has been added

Copying sample config to /etc/opt/csw/clamav-milter.conf
Copying sample config to /etc/opt/csw/clamd.conf
Copying sample config to /etc/opt/csw/freshclam.conf

Installing class <cswinitsmf> ...
Creating /var/opt/csw/svc/manifest/network ...
Creating service script in /var/opt/csw/svc/method/svc-cswclamav-milter ...
Creating manifest ...
Configuring service in SMF ...
CSWclamav is using Service Management Facility. The FMRI is svc:/network/cswclamav-milter:default
Clearing svc:/network/cswclamav-milter in case it's in the maintenance state...
Enabling svc:/network/cswclamav-milter ...
Creating service script in /var/opt/csw/svc/method/svc-cswclamd ...
Creating manifest ...
Configuring service in SMF ...
CSWclamav is using Service Management Facility. The FMRI is svc:/network/cswclamd:default
Clearing svc:/network/cswclamd in case it's in the maintenance state...
Enabling svc:/network/cswclamd ...

L'installation de <CSWclamav> a abouti.

A l'issu de l'installation, il convient de mettre à jour les définitions anti-virales de clamav. Pour accomplir cette tâche, un binaire dénommé freshclam a été installé en même temps que clamav.

En saisissant la commande /opt/csw/bin/freshclam, vous obtiendrez un résultat similaire à celui-ci : 

# freshclam
ClamAV update process started at Tue Nov 17 08:51:52 2015
Downloading main.cvd [100%]
main.cvd updated (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Downloading daily.cvd [100%]
daily.cvd updated (version: 21062, sigs: 1687373, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 270, sigs: 46, f-level: 63, builder: shurley)
Database updated (4111644 signatures) from database.clamav.net (IP: 150.214.142.197)

A l'issu de la mise à jour, lancez clamscan pour scanner le répertoire /home : 

# clamscan -r /home

----------- SCAN SUMMARY -----------
Known viruses: 4106103
Engine version: 0.98.7
Scanned directories: 1
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 31.449 sec (0 m 31 s)

Clamav est maintenant installé et fonctionnel.

Références

<html> <center> Copyright © 2011-2018 I2TCH LIMITED.<br><br> </center> </html>

Piste : LCF302 - Comprendre le Réseau TCPv4 Topic 200: Capacity Planning SO202 - Gestion des Paquets

Menu