Christine Tran writes:
> Liane Praza wrote:
> > Riny Qian writes:
> >>
> >> <method_credential user='root' group='root' />
> >>Is it really needed? Since the service is started by svc.startd(1M),
> >>the method_context will be set to such (e.g. user='root') by default.
>
> > Explicitly stating your service's requirements in the manifest is
> > always a good way to go, so I belive this is good practice. It isn't
> > practice I'd explicitly enforce, though. (Do note that the ARCs
> > require that services are configured to run with the least possible
> > privileges. But, if root/root is the least possible privilege for a
> > service, I personally woudln't insist on the declaration.)
>
> method_context and method_credential continue to be objects of dread for
> me. The way up top is fine, but if you set privilege but leave out
> setting user, your manifest won't validate, even if your user is the
> implicit "root". Just user, mind you; omit group and you're still OK.
>
> Setting these properties via svccfg is even hairier, you need to set
> some property to be ":default", "default" is wrong.
>
> CT
> _______________________________________________
> smf-discuss mailing list
> smf-discuss at opensolaris.org
Hi Christine,
Your comment sent me off to look at the DTD, and I found this:
<!ELEMENT method_credential EMPTY>
<!ATTLIST method_credential
user CDATA #REQUIRED
group CDATA ":default"
supp_groups CDATA ":default"
privileges CDATA ":default"
limit_privileges CDATA ":default" >
You are correct that the user attribute is required. It appears that all
other properties should default to ":default" if not specified. Is it your
feeling that there should be a more intuitive way of specifying the
credential, or do we need to do a better job of documenting the
method_credential and method_context manifest elements?
tom
