I'm sponsoring this fast-track for Ric Aleshire.
The contract is in the case directory and both
managers will sign the contract before the case times
out.
Thanks,
Jerry
Template Version: @(#)sac_nextcase %I% %G% SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
labeled brand zone
1.2. Name of Document Author/Supplier:
Author: Ric Aleshire
1.3 Date of This Document:
04 February, 2009
4. Technical Description
"Labeled" Brand Zone
Problem
Configuring and operating Trusted Extensions is a complex
administrative task. When Trusted extensions is enabled, each zone
must be associated with a unique sensitivity label. Only labeled zones
are compatible with the Trusted Gnome desktop. The creation of labeled
zones is particularly involved, and requires zone configuration
differences compared to traditional native zones. In OpenSolaris, for
example, labeled zones need additional IPS packages, additional lofs
mounts, and additional customization prior to first boot. We need a
convenient way to provide indirection for these customizations, to
automate and "hide" them, to simplify system administration.
Proposal
Interfaces for branded zones (PSARC/2005/471) provide a transparent way
to handle differences in zone environments. This case reserves a new
brand type, "labeled", which will be used to implement zones for Trusted
Extensions. The "labeled" brand type is closely related to the native
brand. No kernel modules or other additional software is required for
this brand; it is a native-equivalent brand.
This case also establishes a contract for zone interfaces used to support
the new "labeled" brand type.
In addition, the following applies when Trusted Extensions is enabled:
1) Except where directed explicitly by the content of the brand files,
zones infrastructure will not implicitly distinguish between brands
(i.e., conditional behavior based on brand name) and will treat all
zones as native.
2) Only native and native-equivalent brands can be started. Non-native
zones cannot be run under TX.
Interfaces
_________________________________________________________________________
| Interfaces Exported |
|_______________________________________________________________________|
| Interface | Stability |
|____________________________________________|__________________________|
| brand name "labeled" | Committed |
|____________________________________________|__________________________|
This case imports the following BrandZ interfaces, which are all Project
Private to the BrandZ project. (A contract for use of these interfaces
is included in materials for this case.)
_________________________________________________________________________
| Interfaces Imported |
|_______________________________________________________________________|
| Interface | Comment |
|____________________________________________|__________________________|
| /usr/share/lib/xml/dtd/zone_platform.dtd.1 | |
|____________________________________________|__________________________|
| /usr/share/lib/xml/dtd/brand.dtd.1 | Specifically, these tags |
| | in brand.dtd.1 are used: |
| | <install> |
| | <installopts> |
| | <initname> |
| | <login_cmd> |
| | <user_cmd> |
|____________________________________________|__________________________|
(Note that no libbrand.so interfaces are used.)
References
PSARC 2002/762 - Layered Trusted Solaris
PSARC/2002/174 - Virtualization and Namespace Isolation in Solaris
PSARC/2005/471 - BrandZ: Support for non-native zones
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
ON
6.5. ARC review type: FastTrack
6.6. ARC Exposure: open
