On Mon, May 19, 2008 at 08:47:08PM +0100, Darren J Moffat wrote: > Dean Roehrich wrote: > >On Mon, May 19, 2008 at 07:43:53PM +0100, Darren J Moffat wrote: > >>>>What is the method_credential that these new services run the > >>>>start/stop methods with ? Do the services need to run as root with all > >>>>privilege or can they run with less ? > >>>sam-fsd is run with root permissions. > >>uid == 0 or privs=all or both ? > >> > >>Does it actually need all that privilege ? > > > >So far there has been no effort to make SAM-QFS work with Trusted Solaris > >or > >Trusted Extensions. Is that what you're asking? > > Not it is not. I'm asking how it works with standard Solaris 10. > Solaris 10 kernel is always privilege aware regardless of wither or not > Trusted Extensions is installed or enabled. > > Please check if the daemon actually needs to run with uid==0 and > privs=all by reviewing http://www.sun.com/blueprints/0206/819-5507.pdf
I spent some time with this today. It's not clear to me that I'm exercising all parts of just this daemon, and I'm concerned about the other SAM-QFS daemons spawned by this one and the number of different team members who have to be involved to ensure we cover all paths. If it is necessary to muzzle SAM-QFS daemons then I'd prefer that we address this in a different case. So, yes, we'd prefer to run as uid==0 and privs=all. Dean
