FYI: gkrellm on solaris not requires libgtop On Mon, Aug 25, 2008 at 2:30 PM, Henry Zhang <Hua.Zhang at sun.com> wrote: > Hi all, > > I would summary the discussion below. > > 1, The battery support on Solaris: > I investigated 2 solution, one is the patch wrote by David, but this patch > is using acpidrv.h and /dev/acpidrv which are not on Solaris now, the other > solution is using HAL, I think this is a solution we can use. > So I am implementing to use HAL/Dbus for the battery information. > > 2, SSL certification authentication: > I checked the bugzilla, and no category for GKrellM, I sent a mail to the > maintainer on this issue. I am discussing with him on how to fix this > problem.. > > 3, Security impact: > Add some content to describe the possible impaction. > > Attachment is the updated one-pager.. > > Thanks, > Henry > > Henry Zhang ??: >> >> Hi Darren, >> >> Thanks, I will file a bug on this issue... >> >> Regards, >> Henry >> >> Darren J Moffat ??: >>> >>> I see from the code that it is passing SSL_VERIFY_NONE to >>> SSL_CTX_set_verify() >>> >>> From the man page: >>> >>> >>> SSL_VERIFY_NONE >>> Server mode: the server will not send a client >>> certificate request to the client, so the client will >>> not send a certificate. >>> >>> Client mode: if not using an anonymous cipher (by >>> default disabled), the server will send a certificate >>> which will be checked. The result of the certificate >>> verification process can be checked after the TLS/SSL >>> handshake using the SSL_get_verify_result(3) function. >>> The handshake will be continued regardless of the >>> verification result. >>> >>> >>> This is the answer for the case. Personally I'm not happy with this >>> however it is what gkrellm does and it answers my question. I would like >>> the project team to file a bug upstream (if there isn't one already) to >>> provide functionality to actually verify the server's SSL/TLS certificate. >>> >>> -- >>> Darren J Moffat > > Template Version: @(#)onepager.txt 1.29 04/11/15 SMI > > This information is Sun Proprietary/Confidential: Internal Use Only: > Engineering Need-to-Know > > 1. Introduction > > 1.1. Project/Component Working Name: > > GKrellM > > 1.2. Name of Document Author/Supplier: > > Henry Zhang (hua.zhang at sun.com) > > 1.3. Date of This Document: > > 30/07/08 > > 1.4. Name of Major Document Customer(s)/Consumer(s): > > 1.4.1. The PAC or CPT you expect to review your project: > > Solaris PAC > > 1.4.2. The ARC(s) you expect to review your project: > > LSARC > > 1.4.3. The Director/VP who is "Sponsoring" this project: > > Robert.Odea at Sun.Com > > 1.4.4. The name of your business unit: > > JDS Desktop Engineering, OPG > > 1.5. Email Aliases: > 1.5.1. Responsible Manager: leo.binchy at Sun.COM > 1.5.2. Responsible Engineer: hua.zhang at Sun.COM > 1.5.3. Marketing Manager: jeff.mcmeekin at sun.com > 1.5.4. Interest List: gkrellm at sun.com > > 2. Project Summary > > 2.1. Project Description: > > GKrellM, GNU (or Gtk) Krell Monitors (or Meters), is a single process > stack of system monitors which supports applying themes to match its > appearance to your window manager, Gtk, or any other theme. The > current > version is 2.3.1. > > 2.2. Risks and Assumptions: > > 1. Temperature, fan, and voltage sensor monitors not support since > missing > libsensors. > > 2. APM laptop battery meter not support since no APM, we will use > HAL/DBus > to implement this function. > > 3. This application will depend on libgtop, which isn't engineered to > fully > or best support Solaris interfaces for getting system information > because > it was written from a more Linux perspective on system resources, and > some > system information can't get since not fully support from kernel, e.g. > some sensor monitor interfaces. > > 3. Business Summary > > 3.1. Problem Area: > > GKrell is a computer program based on the GTK+ toolkit that creates a > single process stack of system monitors. It can be used to monitor the > status of CPUs, main memory, hard disks, network interfaces, local and > remote mailboxes, and many other things. Plugin is supported. > > 3.2. Market/Requester: > > JDS Desktop group > > 3.3. Business Justification: > > For many users, it's nice to be able to see, real-time, what is > happening > on their system. There are ways to display memory usage, cpu usage, > network > traffic, available and used disk space, and a whole lot of other > similar > system statistics. This makes it easier to troubleshoot and notice > problems > as they come up. To be display these monitors, you will need gkrellm. > > It's a very useful monitoring tool, can replace a lots of the dock > applets, what's even better is that gkrellm supports a plugin > interface, > allowing vast expandability, it's also infinitely configurable and > themeable. > > Additionally Gkrellm is very easy on the CPU and packs a lot of > information > into a little bit of space. > > 3.4. Competitive Analysis: > > Windows XP has SysMetrix, Windows Vista has this type of side bar, > and GKrellM can run in Linux and other Unix-like operating systems. > > 3.5. Opportunity Window/Exposure: > > It is expected that this project will be integrated into Nevada B100 > > Note: this tool has GPL V3 license, it will not integrated into > Nevada until the license issue is solved. > > 3.6. How will you know when you are done?: > > When it is ported to Nevada and runs correctly. > > The project will be complete when there are no stoppers, P1 or P2 > bugs. > > 4. Technical Description: > > 4.1. Details: > > GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, > disks, load, active net interfaces, and internet connections. There > are > also builtin monitors for memory and swap, file systems with > mount/umount > feature, mailbox checking including POP3 and IMAP, clock/calendar, > laptop > battery, sensors (temperatures, voltages, and fans), and uptime. It > has > LEDs for the net monitors and an on/off button and online timer for > PPP. > Multiple monitors managed by a single process to reduce system load. > There is a GUI popup for configuration, plugin extensions can be > installed, > and many themes are available. It also features a client/server > monitoring > capability. > > If you want to configure GkrellM, you can right-click on the monitor > and > select Configuration from the drop-down menu, or press the F1 key at > anytime while GKrellM has the focus. The configuration menu lets you > modify general options, built-in monitors, plug-ins, and themes. > > GKrellM consists of the gkrellm client and the gkrellmd server. > Gkrellm can > run in client mode and collect data from gkrellmd server running on a > remote > machine. In this way, the user can remotely monitor different > characteristics > of all the machines on their LAN, such as hits and load on the web > server, > disk usage on the mail server, and port traffic on the NAT. > > The gkrellm client gets data from gkrellmd through SSH. By default > gkrellmd > will not run by default, so the user need to start gkrellmd manually, > and optionally add options to configure gkrellmd. For example, > you can configure which port gkrellmd will use and which IP addresses > or > hostnames are allowed to connect to gkrellmd. gkrellm client will also > be > configured to use some port, this port is used to create the SSH > connection > with the gkrellmd server given port. Then you can start gkrellm on > another > system and get the remote data from gkrellmd. > > Both gkrellm and the gkrellmd server are plugin capable so special > interest > monitors can be coded. And in order to make install plugin, you should > be root, > and ensure the plugin will not add additional security issue. > > > 4.2. Bug/RFE Number(s): > > RFE 6732524 > > 4.3. In Scope: > > The system information we can get from Solaris > > 4.4. Out of Scope: > > The system information Solaris can't support, e.g. temperature. > All plugins that are installed by users themselves. > > 4.5. Interfaces: > > Imported Interfaces > Interface Stability Comments > ------------------- ----------- > ----------------------------------- > > /usr/lib/libkstat.so.1 Committed standard library > SUNWgettext Uncommitted > libgtop Volatile LSARC/2006/347/ > libOpenSSL Contract Private PSARC/2006/019/ > GNOME Committed Platform Libraries Committed LSARC/2007/520 GTK+ > library > GNOME 2.20 > > Exported Interfaces Stability Comments > ------------------------- ------------- > --------------------------------- > > /usr/bin/gkrellm Volatile > SUNWgkrellm Uncommitted Package name > SUNWgkrellm-devel Uncommitted Package name > /usr/include/gkrellm2/gkrellm.h Project Private > /usr/lib/gkrellm2/plugins Project Private Used to store plugins > > 4.6. Doc Impact: > > Man page will need to be added > > 4.7. Admin/Config Impact: > > There are no changes to the system administration and configuration. > > 4.8. HA Impact: > > N/A > > 4.9. I18N/L10N Impact: > > The JDS team and the G11N are working together to evaluate and provide > I18N/L10N support. > > > 4.10. Packaging & Delivery: > > The new packages are: > > - SUNWgkrellm > - SUNWgkrellm-devel > > 4.11. Security Impact: > > This application uses OpenSSL, and support plugins, it may cause some > security concern, but generally all data transfered through the > connection > is the system usage status information, and not very confidential, > addtionally in order to make the network connection more secure, > this application is using SSH and some configuration on IP/port to > use, > see 4.1 for details. > > 4.12. Dependencies: > > SUNWgettext.spec > Gtk+ 2.0 >= 2.0 > gdk 2.0 > glib 2.0 >= 2.0 > libgtop > libssl > > 5. Reference Documents: > > GKrellM main project page: > http://gkrellm.net > > GKrellM Wiki: > http://en.wikipedia.org/wiki/GKrellM > > GKrellM themes site: > http://www.muhri.net/gkrellm/ > > > 6. Resources and Schedule: > > 6.1. Projected Availability: > > Expect to integrated into Nevada in build 100 in Q3 2008 > > 6.2. Cost of Effort: > > Development 1.0 Engineers - 1 Months > Testing 0.5 Engineers - 1 Week > RE 0.5 Engineers - 1 Week > > 6.3. Cost of Capital Resources: > > N/A > > 6.4. Product Approval Committee requested information: > > 6.4.1. Consolidation or Component Name: > > JDS / OpenSolaris > > 6.4.3. Type of CPT Review and Approval expected: > > Standard > > 6.4.4. Project Boundary Conditions: > > None > > 6.4.5. Is this a necessary project for OEM agreements: > > No > > 6.4.6. Notes: > > N/A > > 6.4.7. Target RTI Date/Release: > > Nevada B100 - Sep. 2008 > > 6.4.8. Target Code Design Review Date: > > Sep. 2008 > > 6.4.9. Update approval addition: > > New project, no Solaris PAC approval yet > > 6.5. ARC review type: > > FastTrack > > 7. Prototype Availability: > > 7.1. Prototype Availability: > > Sep. 2008 > > 7.2. Prototype Cost: > > 1 engineer > 1 QA > 1 RE > > _______________________________________________ > opensolaris-arc mailing list > opensolaris-arc at opensolaris.org >
-- Andy http://blog.sartek.net
