Michael Hunter wrote: > > Begin forwarded message: > > Date: Mon, 06 Jul 2009 15:36:11 -0700 > From: Michael Hunter <[email protected]> > To: [email protected] > Subject: [nwam-dev] NWAM Phase 1 Code Review request > > > This is a request for people to review the NWAM Phase 1 code. > > The code can be found at http://cr.opensolaris.org/~mph/nwam1_cr/
I just have some comments on how things fit together in a systemic way, having played with these bits extensively in a VPN context. This is all I could get to. - usr/src/cmd/svc/milestone/net-loc 480: s/IPSec/IPsec/ (in other files also, like net-nwam) 265: do_nis() Keep in mind that the ypservers, if listed by name, need to be in /etc/hosts. NIS looks explicitly there and does not so regular nameservice lookup. Not sure if this is really the place to address it, but there probably should be some warning when the user is doing manual config and uses a hostname. 399: It would probably be good to not use the default nsswitch.nis file. Especially if you have both dns and NIS enabled. In general, one only needs NIS for passwd and automount (and possibly printers). At the very least, it would be good to have hosts and ipnodes list dns first, if available. - usr/src/cmd/svc/milestone/net-nwam revert_to_legacy_loc() disables IPsec policy and IPfilter policy, changes some properties, then re-enables them. This leaves open a window of opportunity where there is no network security policy, which is a bad thing. Can't you change the config file locations in the SMF properties and do a refresh/restart instead without first disabling? Or refresh/restart/innocuous enable in case the service wasn't started before? - usr/src/lib/libsecdb/exec_attr.txt So, you have nwamadm and nwamcfg as part of the "Network Management" profile. But "Network IPsec Management" is part of "Network Security" and "IP Filter Management" appears to be in its own bucket (which is a pre-existing bug IMO, it should be in Network Security). It is not part of "Network Management", possibly on purpose. Anyway, nwamcfg and nwamadm implicitly give you the ability to manage IPfilter and IPsec policies if you have the solaris.network.autoconf.write authorization since you can define a property to override security policy. In fact, you must supply a property or policy gets blanked out IIRC. This is leaking the separation of privileges. What is the intention here as far as the privilege and authorization model? I'm not sure what the right balance is for your project and the previous requirements that caused this separation in the first place. - usr/src/lib/libsecdb/user_attr.txt Does netadm need the IPfilter service listed? -Paul _______________________________________________ networking-discuss mailing list [email protected]
