Hi Gary,
I am requiring "solaris.system.shutdown" as action_authorization and
value_authorization for the boot-config services. Attribute
"solaris.system.shutdown" is already in profile "Maintenance and
Repair", which is what reboot(1M), init(1M) use. I will add the
authorization requirements to the man pages. How does this look?
Service svc:/system/boot-config:default is enabled by |
default. It requires solaris.system.shutdown as |
action_authorization and value_authorization. When |
fastreboot_default property is set to "true", "reboot" |
will behave as "reboot -f". |
I will make similar modification to the man page for init(1M) if you
think the above the changes are sufficient.
Thanks,
Sherry
On Tue, Dec 09, 2008 at 09:21:26PM -0800, Gary Winiger wrote:
> > Liane Praza wrote:
> > > I'm submitting this fasttrack on behalf of Sherry Moore. It specifies
> > > Minor
> > > release binding.
>
> Perhaps I missed it in the man page diffs for reboot (or is there
> a man page for boot-config) the documentation of the Rights Profile
> that contains the action and value authorizations and what those
> authorizations are seems missing.
>
> See http://opensolaris.org/os/community/arc/policies/SMF-policy/
>
> Gary..
--
Sherry Moore, Solaris Core Kernel http://blogs.sun.com/sherrym
