hi folks in a recent changeset I pushed changes that cause nwamd and netcfgd to run as user "netcfg", group "netadm", as per the spec. In doing so I noticed a few things:
- libsysevent calls fail if the uid is not the root user. I've wrapped these calls only in calls to setuid(0) - is there a better way to do this? - the netcfg user doesn't seem to have authorizations to modify SMF properties (nwamd needs to alter its own "upgraded" property after upgrading config) - the netcfg user doesn't seem to have authorizations to read/write NWAM config solaris.network.autoconf.[read|write] I got round these latter two by modifying usr/src/lib/libsecdb/user_attr.txt to add those authorizations to the netcfg user, but I suspect the right answer is to assign a profile in this file instead. Does anyone have any thoughts on this? Thanks! Alan
