James Carlson wrote: > Darren J Moffat writes: > >> Darren Reed wrote: >> >>> James Carlson wrote: >>> >>>> ... >>>> >>>>> Some other questions.... >>>>> What is the rights profile for bridging? >>>>> >>>>> >>>> No new rights profile or change to existing profiles is needed. The >>>> existing "Network Link Security" and "Network Management" rights >>>> profiles include dladm with sufficient privilege (as documented in >>>> this project) to allow administration of bridges >>>> >>> Will the daemon also be associated with one or both of these? >>> >> Why should it be ? The daemon should only be started by SMF. While it >> is possible to write the SMF manifest such that it uses an exec_attr >> profile rather than explicit credential entries I don't think that is >> necessary. In fact I'd say that unless the daemon is intended to also >> be started by a normal user (for something other than debug purposes) >> then using an RBAC profile in the SMF manifest just encourages users to >> think they can start the daemon manually (of course the daemon can be >> coded to check it is actually running under SMF and refuse to start!). >> > > Exactly and, no, the user will not be expected to start the daemon > manually. It requires SMF data to start correctly anyway. > > (And, yes, the daemon will run with least privilege.) > > I need to update the specification for this case, so I've placed it in > "waiting need spec" until I can draft a new document. >
I was actually going to let both of the questions in that email of mine slide...I went back and did some more reading, noticed that the daemon itself was a private interface (and thus it isn't expected to be run manually by a user.) The other question I asked was answered by Jim, I just didn't plug everything together w.r.t profile names and authorisations. Darren
