Darren J Moffat writes: > Tom Whitten wrote: > > Your comment sent me off to look at the DTD, and I found this: > > > > <!ELEMENT method_credential EMPTY> > > > > <!ATTLIST method_credential > > user CDATA #REQUIRED > > group CDATA ":default" > > supp_groups CDATA ":default" > > privileges CDATA ":default" > > limit_privileges CDATA ":default" > > > > > You are correct that the user attribute is required. It appears that all > > other properties should default to ":default" if not specified. Is it your > > feeling that there should be a more intuitive way of specifying the > > credential, or do we need to do a better job of documenting the > > method_credential and method_context manifest elements? > > Why is specifying the user required though if all I need to do is > change the privileges or limit_privileges ?
It's a fair question, and I can't come up with a reason why it should be required. Bustos may have more history on this, but I see no reason to not file a rfe/bug. Also, to Christine's original comment: Setting these properties via svccfg is even hairier, you need to set some property to be ":default", "default" is wrong. And, you need to set all the properties, as partial definitions don't work. There are a set of bugs about this area. Unfortunately, the RE has moved to another area and I'm not sure if he's still planning on fixing these. 6517270 partial method context definitions should work 6221667 method context errors should be logged in the service's instance log Finally, when we get the templates changes to interactive svccfg done, that'll also help guide interactive setting of these properties better. liane
