I just saw the push notification go by for: 6851603 IPS needs a bit of help for RBAC 5100566 lib/libsecdb/Makefile uses non-unique temp files
The fix is very much the sort of thing I've advocated in the past. It re-uses SVR4 CAS scripting, but in the context of a single SMF service that will get pinged from IPS pkgs. I'm overjoyed. I think there are likely to be two kinds IPS SMF actuator services: a) self-assembly; b) system config file editing. (a) requires nothing further from the system, just guidelines (preferably including SMF FMRI naming guidelines). (b) requires further support from the system -- at the very least locking or serialization, since the authors of this kind of service are unlikely to be able to work out SMF dependencies that cause full serialization of system config file editing. Casper's fix provides a single service for editing RBAC files, and it serializes those edits, thus solving (b), though just for RBAC files. I think Casper's approach could be further generalized beyond RBAC. Now that we have a precedent for re-using SVR4 CAS scripts this way, perhaps we should revisit SVR4->IPS scripting migration. I was going to write a lengthy post about all this. But then I saw that push go by. Now I don't have to. It seems that the single-service-for- editing-system-system-files approach, and even SVR4 script re-use is now accepted. Hooray! Nico -- _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
