On Wed, 2009-10-28 at 11:46 +0000, Darren J Moffat wrote: > Jedy Wang wrote: > >>> A list of available BEs will also be provied in the GUI. If users > >>> select a BE which is different from the default one, the restart > >>> dialog will ask ConsoleKit to reboot into the selected BE. > >>> ConsoleKit > >>> will check solaris.system.shutdown to identify if the user has > >>> enough > >>> privilege. If so, ConsoleKit will use "bootadm set-menu > >>> default=n" > >>> to update the default BE and then do a reboot. > >> > >> This part concerns me a little. It is quite a different policy decision > >> to be able to reboot the existing BE than to change the default one. > > > > This is because bootadm is used to set default boot entry and I think it > > does not support set default boot entry temporarily. I CCed Vikram, the > > developer of bootadm. > > You shouldn't have to use bootadm. See Example 4 of the reboot(1M) man > page. > > >> Yes the user could just select the alternate one from the GRUB menu in > >> most cases. However I'd prefer to see an additional authorisation added > >> for this check, it can be in the default set provided by the "Console > >> User" property. I suggest something like "solaris.system.bootadm". > >> This is similar to how suspend/resume has been dealt with. > >> > > > > If I want to add "solaris.system.bootadm", what should I do and in which > > module it should be put in? > > It should probably be ConsoleKit or bootadm checking that authorisation. > However given what you have said above I'm taking a different stance. > I don't think bootadm(1M) should be called at all. >
Hi Darren, reboot can not be used because it does not shut down SMF services before rebooting according to Sherry Moore. Regards, Jedy
