Dean Roehrich wrote: > On Mon, May 19, 2008 at 07:43:53PM +0100, Darren J Moffat wrote: >>>> What is the method_credential that these new services run the start/stop >>>> methods with ? Do the services need to run as root with all privilege >>>> or can they run with less ? >>> sam-fsd is run with root permissions. >> uid == 0 or privs=all or both ? >> >> Does it actually need all that privilege ? > > So far there has been no effort to make SAM-QFS work with Trusted Solaris or > Trusted Extensions. Is that what you're asking?
Not it is not. I'm asking how it works with standard Solaris 10. Solaris 10 kernel is always privilege aware regardless of wither or not Trusted Extensions is installed or enabled. Please check if the daemon actually needs to run with uid==0 and privs=all by reviewing http://www.sun.com/blueprints/0206/819-5507.pdf -- Darren J Moffat
