Sebastien Roy wrote: > On Wed, 2009-06-03 at 22:02 -0400, Sowmini.Varadhan at Sun.COM wrote: >> On (06/03/09 17:50), Sebastien Roy wrote: >>> Your materials state that you're modifying nwamd in the first phase. >>> Presumably, you're integrating after NWAM Phase 1, which has already >>> stated that nwamd will not run with uid=0. Is the plan to have it run >>> with file_dac_write? >>> >> nwamd (by its design) has its own repository for tracking persistent >> configuration based on different profiles, so it doesn't really need >> to use libipadm functions with write access to the repository. > > Ah, okay. Its use of the API is restricted to tweaking the running > system based on its own configuration data. Got it.
Correct. nwamd wouldn't need ipadm persistence. However, on a related note, last time when I ran 'ppriv' on a running instance of 'nwamd', it already had 'file_dac_write' privilege. ~Girish
