> We have other requests coming from our customers to have a per-user > fine-grained policy of whether they can do read-only or read-write > mounts. The current design supports this because the authorizations > for each device are configurable and extensible. We can create > separate authorizations for read-only and read-write mounts, and > assign one or the other to individual users. The device_clean > script can check the authorizations (using auths(1)) and set the > appropriate mount options.
Is there a policy documented on what authorization names are usable (i.e. if customers add finer-grained authorizations following the naming examples they may end up with things like solaris.device.cdrom.ro/solaris.device.cdrom.rw/...) so that there won't be conflicts with (similar) authorizations we may add later? (auth_attr(4) implies that another top level name-space should be used instead of 'solaris.', but that seems somewhat unfortunate, as it prevents solaris.* or solaris.device.* from having the expected effect). Regarding the use of auths(1) in scripts: it currently seems to be unsuited for that (even though the man-page recommends this use), as its output is not guaranteed to contain the complete authorization name (e.g. auths output as root is "solaris.*", so grepping for "solaris.device.something" won't give the expected result); CR 6251549 documents this. Bart
