Garrett D'Amore wrote: > +1. > > Do we really need to introduce a new set of RBAC authorizations for > this? I'd have guessed that low-level sys_devices or whatever access > would have been sufficient.
Adding sys_devices would allow any user to modify the disk and didn't seem like sufficient access control. sys_devices can be used for reading in this case, but RBAC control should be used for writing. Phi > > -- Garrett > > Phi Tran wrote: >> I'm sponsoring this case for Mark Logan. (cc: Mark) >> >> Phi >> >> Phi Tran wrote: >>> Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI >>> This information is Copyright 2009 Sun Microsystems >>> 1. Introduction >>> 1.1. Project/Component Working Name: >>> Parted - GNU Partition Editor >>> 1.2. Name of Document Author/Supplier: >>> Author: Mark Logan >>> 1.3 Date of This Document: >>> 02 March, 2009 >>> 4. Technical Description >>> >>> 4.1. Overview >>> >>> GNU Partition Editor (Parted) [1] is a command-line application that >>> allows you to resize, create or delete disk partitions and >>> filesystems. The goal is to put it on the OpenSolaris Live CD. That >>> way one could shrink the Vista or other NTFS partition and create >>> space to install OpenSolaris. Many x86 machines come preinstalled >>> with Vista. The availability of Parted would increase adoption of >>> OpenSolaris by making it easier to create a dual-boot environment. >>> >>> Parted is in functionality, a superset of the Solaris fdisk command. >>> >>> Parted is for x86 only. >>> >>> 4.2. Details >>> >>> 4.2.1. Diagram >>> >>> >>> +---------+ >>> | Install >>> | >>> +---------+ >>> / \ (could use >>> either) / >>> \ >>> / \ >>> v >>> v >>> +--------+ >>> +---------+ | Parted >>> | | GParted | >>> +--------+ >>> +---------+ >>> \ / >>> \ >>> / >>> \ / >>> v >>> v >>> +-----------------------+ >>> | libparted / ntfsprogs >>> | >>> +-----------------------+ >>> 4.2.2. solaris-parted >>> >>> solaris-parted [2] is an open source project that ported Parted to >>> Solaris. I used this code as a starting point. >>> >>> 4.2.3. ntfsprogs >>> >>> Parted uses ntfsprogs [3] to resize, create or delete NTFS disk >>> partitions and filesystems. ntfsprogs [3] is a collection of >>> command-line utilities, one utility for each operation, e.g. >>> ntfsresize and mkntfs. >>> >>> ntfsprogs required very few changes to port to Solaris. >>> >>> 4.2.4. libparted >>> >>> GNU Parted is composed of a command-line interface and a library. >>> libparted does the actual device access, partition table editing and >>> filesystem manipulation. >>> >>> I made changes to libparted both to port it to Solaris and to >>> integrate solaris-parted and ntfsprogs into it. >>> >>> 4.2.5. GParted >>> >>> Gnome Partition Editor (GParted) [4] is a graphical application that >>> allows you to resize, create or delete disk partitions and >>> filesystems. GParted uses libparted and ntfsprogs. Parted is capable >>> of doing everything GParted does. >>> >>> GParted uses Gtkmm for its GUI. It requires Gtkmm 2.8.x or greater. >>> Solaris currently has Gtkmm 2.13.8. The most recent stable version is >>> 2.14.x. [5] >>> >>> GParted should use HAL (PSARC/2007/679) to lock out HAL-based >>> automounters when it is manipulating the partition table of a device. >>> [6] >>> >>> GParted is Phase 2 of this project. There will be a separate LSARC case. >>> >>> 4.2.6. open source >>> >>> It is my intent to get the GNU Parted, GParted and ntfsprogs projects >>> to buy back my changes. solaris-parted is no longer in development, >>> but I intend to get Parted to buy back those changes along with mine. >>> >>> 4.2.7. Security >>> >>> Interface level: Committed >>> >>> Parted needs permission to access the raw disk devices, just like >>> Solaris fdisk. >>> >>> The following RBAC authorizations and profile will be added. >>> >>> Authorization Names: >>> solaris.admin.parted.:::Partition Editor::help=AuthPartedHeader.html >>> solaris.admin.parted.write:::Edit Partitions::help=AuthPartedWrite.html >>> >>> Profile: >>> Edit Partitions:::Edit Disk Partitions using GNU Parted: >>> auths=solaris.admin.parted.write;help=RtParted.html >>> >>> 4.2.8. Integration with the OpenSolaris installation program >>> >>> We are talking to the OpenSolaris Install group about whether they >>> will use Parted or GParted to integrate that functionality into the >>> installation program. They have not yet decided on the implementation >>> specifics, so I did not include anything about it here. >>> >>> 4.3. Interfaces Exported >>> >>> Interface Name Classification Comments >>> --------------- -------------- ----------------- >>> SUNWparted Committed Package name >>> (Phase 1) >>> /usr/share/man/man8/parted.8 Volatile Manual page >>> (Phase 1) >>> /usr/bin/parted Volatile Parted launcher >>> shell script (Phase 1) >>> /usr/lib/parted/parted Volatile Parted >>> application (Phase 1) >>> /usr/lib/parted/mkntfs Volatile ntfsprogs >>> application (Phase 1) >>> /usr/lib/parted/ntfsresize Volatile ntfsprogs >>> application (Phase 1) >>> /usr/lib/parted/ntfsfix Volatile ntfsprogs >>> application (Phase 1) >>> /usr/lib/parted/ntfsclone Volatile ntfsprogs >>> application (Phase 1) >>> /usr/lib/libparted-1.8.so.8 Volatile Symbolic link >>> (Phase 1) >>> /usr/lib/libparted-1.8.so.8.0.0 Volatile Shared library >>> (Phase 1) >>> /usr/lib/libntfs.so.10 Volatile Symbolic link >>> (Phase 1) >>> /usr/lib/libntfs.so.10.0.0 Volatile Shared library >>> (Phase 1) >>> SUNWgparted Committed Package name >>> (Phase 2) >>> /usr/share/man/man8/gparted.8 Volatile Manual page >>> (Phase 2) >>> /usr/bin/gparted Volatile GParted >>> application (Phase 2) >>> >>> 4.4. Schedule >>> >>> I propose introducing GParted into OpenSolaris in three phases: >>> >>> Phase 1: Parted command line (2 man months) >>> >>> Put command line Parted on the CD. >>> A prototype of command line Parted is available now. >>> >>> Use Case: >>> >>> Boot OpenSolaris CD. >>> Run command line Parted in a Terminal window. >>> Shrink NTFS partition. >>> Install OpenSolaris. >>> >>> Phase 2: GParted GUI (3 man months) >>> >>> Put GParted GUI on the CD. >>> >>> Use Case: >>> >>> Boot OpenSolaris CD. >>> Run GParted GUI. >>> Shrink NTFS partition. >>> Install OpenSolaris. >>> >>> 4.5 References >>> >>> [1] GNU Parted >>> http://www.gnu.org/software/parted/ >>> >>> [2] solaris-parted >>> http://code.google.com/p/solaris-parted/ >>> >>> [3] NTFSprogs >>> http://www.linux-ntfs.org/ >>> >>> [4] GParted >>> http://gparted.sourceforge.net/ >>> >>> [5] Gtkmm >>> http://gtkmm.org/ >>> >>> [6] HAL spec >>> http://sac.sfbay/PSARC/2007/679/materials/hal-spec.html >>> >>> 6. Resources and Schedule >>> 6.4. Steering Committee requested information >>> 6.4.1. Consolidation C-team Name: >>> ON >>> 6.5. ARC review type: FastTrack >>> 6.6. ARC Exposure: open >>> >>> >> >
