> > Preciesly because Xen has no delegated admin system of its own there
> > should be an RBAC execution profile for running the Xen admin commands
> > and the rights profile should contain the RBAC authorisations used to
> > control the SMF services.
> >
> > For example if there is an admin command that needs to be run with all
> > privilege then that should be in an RBAC profile.
>
> If it's seen as useful to have an RBAC profile that gets pretty close to
> complete control over the machine (reducing available memory, allowing any
> remote machine to migrate a guest to it, complete control over any/all hosted
> domains), then sure, we can have this.
>
> > This should have been covered in the main Xen case, for me though this
> > case makes it very clear that was probably missed.
>
> The current situation was identified in the materials.
While I'd really like the situation to be better, however,
IMO at this point in time, without an effective plan to manage
Dom0, it doesn't make much sense to follow enforce the SMF policy
for manage/modify/value authorizations on this case.
As I outlined in the main Xen case, administration of Dom0 is
a challenge that will require significant work.
Gary..
