Dave, The incremental and revised full webrev are respectively at:
http://cr.opensolaris.org/~tonyn/firewallDec112008-inc/ http://cr.opensolaris.org/~tonyn/firewallDec112008/ Some more closures to prior discussion below. The only portion of the code left to be reviewed are the ipf rule generation. Thanks, -tony >>> >>> http://cr.opensolaris.org/~tonyn/firewallNov262008/ >>> >>> The new webrev includes Darren's comments and changes for >>> >>> 6236609 svc.startd resets auxiliary state on svcadm mark maintenance >>> 6762307 SMF - expressing a service's maintenance state by request of >>> another service >>> >>> which are now captured in >>> >>> PSARC/2008/730 SMF - improved maintenance diagnosis >>> >>> The original host-based firewall ARC case will be updated to mention >>> the above case. >> >> I haven't yet reviewed the script changes. These comments cover only >> the C code and manifests. >> >> general: >> >> You need to supply template data for firewall_context and >> firewall_config, in ipfilter.xml for ipfilter (effectively replaces >> the comments) and in restarter.xml for the rest > > ah, yes :) Minor nit, templates information will be in global.xml > >> >> librestart.c`restarter_inst_delete_prop: >> >> There are already nearly identical versions of this function in >> startd, inetadm, and svcadm. I won't review a fourth. > > yes, there should be an effort to pull functions like these into libscf. I made this a private libscf interface and modified startd and svcadm to use this new interface. I defer changes to inetadm and svccfg since those code have different error handling and I don't want to add somewhat irrelevant changes to this ARC case.
