David Bustos wrote: > > Can you explain what "audit work and ro filesystems" means? Does the > user want to carry out some operations before the system has fully come > up?
I think the customer intends for the system to come up with some filesystems mounted read-only, with only some auditing tools available, minimal network services. Some service would only run in this milestone, and perhaps he doesn't want the system to come up fully because parts of it may have been trojaned. If there is a way to achieve this state using profile then I think he would be happy. > I don't think we'll allow user define milestones per-se, but I think the > Enhanced Profiles project > ( http://opensolaris.org/os/project/smf-profiles ) may make it easier to > do something similar. > >> Incidentally, if I were to >> make my own dummy foo-milestone manifest and just drop it in >> /var/svc/manifest/milestone, and modify some dependencies to make >> multi-user-server its parent, would that do anything? I could try it, >> but perhaps someone can save me 30 minutes? > > What do you mean by 'do anything'? What would happen if I drop in a fake milestone.xml? Would I have created a new milestone or would the system complain, or silently ignore the new manifest? >> If my modification involves the >> exact thing that the new manifest wants to change, what happens? For >> example, I used svccfg to change some property from X to Y. A patch >> wants to change X to Z. Does this override my customization? > > Not if Y != X. On each import, svccfg stashes a pristine copy of the > properties in the last-import snapshot, and on upgrade it uses it to > determine whether you've customized any properties. For properties that > you customized, it will refuse to change them. However, this means that > there's no way to say "I want to customize this property to the same > values," since svccfg will interpret that as uncustomized. Wouldn't this constrained property changes, sometimes in a bad way? The original property is X. Sun really wants it to be Z because very bad things could happen if the property is anything other than Z. But Sun will be unable to change this, because I've already changed X to Y. CT
