Darren J Moffat wrote: > Sebastien Roy wrote: >> I'm sponsoring this case for Cathy Zhou. I've marked the case closed >> approved automatic, as the interfaces being modified are private, and >> the changes are minor and fairly obvious. >> >> >> 1 Introduction >> ============== >> >> This case proposes two changes related to the dlmgmtd daemon: >> >> 1) Change the dlmgmtd daemon to be run by the "dladm" user. >> >> 2) Create a /etc/svc/volatile/dladm directory and change the >> dlmgmtd door file location from /etc/.dlmgmt_door to >> /etc/svc/volatile/dladm/dlmgmt_door. Remove the >> /etc/.dlmgmt_door file from the SUNWcsr package. > > Doing this means that dlmgmtd will need to start up with all privileges > so that it can write to /etc/svc/volatile to create the dladm subdir, it > can then drop the privileges what it doesn't need. However this > complicates the cleanup of the door file on exit. [I've been through > this with kcfd because it has a similar issue]. > dlmgmtd started with all privileges and create the "dladm" subdir, it then drops priviledges and setuid to dladm. Only after that, the door file is created and converted to a door file by fattach().
The cleanup only does fdetach(). It does not and (there is no need to) delete the "dladm" subdir. > Unless there is a real need for this to be on tmpfs I would recommend > putting the door file in /etc/dladm/ since that is already owned and > writtable by the dladm user. This should mean that dlmgmtd could be > started by SMF as the dladm user with only the privs it needs. Aside from the door related operation, the dlmgmtd daemon needs to open the dld control node when it starts, which also needs root privileges. > Note > that I'm not suggesting the door file be packaged - it shouldn't be it > is a Project Private communication channel. > It it is not packaged, then there is the problem that we are not be able to create the door file under /etc/dladm because dlmgmtd starts before the root FS becomes read-write. > As a side note I've looked at the current privilege code for dlmgtd and > it needs a little work as it isn't safe for extensions to the basic set > - contact me or Casper offline for what needs to be done here. Will do. Thanks - Cathy
