http://defect.opensolaris.org/bz/show_bug.cgi?id=11321
Anurag S. Maskey <Anurag.Maskey at Sun.COM> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ACCEPTED |FIXINPROGRESS
--- Comment #4 from Anurag S. Maskey <Anurag.Maskey at Sun.COM> 2010-01-07
21:40:17 UTC ---
The new authorizations added are solaris.network.autoconf.select and
solaris.network.autoconf.wlan.
* solaris.network.autoconf.select is required to enable/disable profiles by
nwamadm.
* solaris.network.autoconf.wlan is required to do any action related to Known
WLANs (create, modify, destroy, scan-wifi, select-wifi, etc).
* The other libnwam objects require solaris.network.autoconf.write to be
created, modified, or destroyed.
Implementation details:
* When profiles are enabled/disabled, the "enabled" property has to be modified
and the object committed. The NWAM_FLAG_ENTITY_ENABLE flag is passed to
nwam_commit() which is then passed to nwam_check_auths(). It checks for the
solaris.network.autoconf.select authorization.
* Known WLAN actions pass the NWAM_FLAG_ENTITY_KNOWN_WLAN flag to nwam_commit()
and nwam_destroy(). nwam_check_auths() then thecks for the
solaris.network.autoconf.wlan authorization.
* The door server in nwamd also checks to make sure that the requests and
actions have the proper authorizations.
The Network Autoconf profile has been split to Network Autoconf User and
Network Autoconf Admin. Network Autoconf User has
solaris.network.autoconf.read, solaris.network.autoconf.refresh,
solaris.network.autoconf.select, solaris.network.autoconf.wlan authorizations.
These allow this profile to read objects, get their state, enable/disable
profiles and all actions in Known WLANs. The Network Autoconf Admin has all
the authorization of Network Autoconf User along with
solaris.network.autoconf.write.
--
Configure bugmail: http://defect.opensolaris.org/bz/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
