On (03/02/09 17:17), Girish M G wrote: > (b) the file permission of the data store itself. > In the case of 'libipadm' model, there will be user called 'ipadm' who > owns the 'datastore'. Read/Write to this data store will be done through > 'libipadm' after donning that role.
read access to the datastore should not require privileged access. It's only the write access that should be controlled. In the case of dladm (and in the "persistence" model offered by /etc/hostname.intf) and flowadm, root privilege is required to first set the property and to then subsequently update the datastore. What other role-donning is needed? --Sowmini
