Erik Nordmark writes: > > http://zhadum.east/zbuild/carlsonj/dhcpv6-review/webrev/ > > http://cr.grommit.com/~carlsonj/webrev-dhcpv6/ > > Just a heads up that one of you and the IP Instances project has to do > some merging for: > usr/src/uts/common/inet/ip/ip6_if.c > usr/src/cmd/cmd-inet/usr.lib/in.ndpd/ndp.xml > > For the former IP Instances has an added argument for the rule > functions, and for the latter we are modifying the privileges > (net_config -> ip_config) that you are completely removing. > > Shouldn't be hard to do, but something to keep in mind for both projects.
OK; thanks. Both merges sound relatively straightforward to handle. If you go first, I'll merge those changes. If not, I'll help do the merge or review the results if you want. As for the latter one, I don't really have much choice in the matter, as the in.ndpd->dhcpagent->eventhook chain doesn't really allow for much control in privilege escalation. The best I could muster would be modifying the code itself to bracket privilege around the operations that need it (invoking dhcpagent via in.ndpd and perhaps dhcpagent's invocation of eventhook), but that solution seems a lot less good than the bigger (and out-of-scope) change of converting DHCP itself into a service and getting rid of the direct fork-and-exec from libdhcpagent. -- James Carlson, KISS Network <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 _______________________________________________ networking-discuss mailing list [email protected]
