Folks, Background: ------------ The transport modules tcp/udp/sctp support addition or deletion of privileged ports using extra_priv_ports_add and extra_priv_ports_delete. Both the properties are 'write' only properties and there is a 3rd 'read' only property extra_priv_ports to display the configured ports.
Problem: ----------- So in ndd separate properties were used to add/delete ports. In the new world, having separate properties to perform operation isn't elegant because the show-prop of these properties will display '?' for all the columns. Solution: -------------------- I think we need 'qualifiers' to perform add/delete/assign 'aka' +/-/= and just one property 'privilege-ports'. + => adds the given port to the current list - => removes the given port from the current list = => makes a new assignment and removes all the current ports. Ex: bash# ipadm set-prop -p privilege-ports=1048 tcp -- assign 1048 as privilege port bash# ipadm set-prop -p privilege-ports+=1049 tcp -- add 1049 as privilege port bash# ipadm set-prop -p privilege-ports-=1048 tcp -- remove 1048 as privilege port bash# ipadm show-prop -p privilege-ports tcp /* displays all the privilege ports */ This model is also used by 'ppriv(1M)' to add/delete/assign privileges to running process. I also remember Meem talking about this with regard to en-mii. Will the above model be helpful and nice thing to have in our framework?
