I'm sponsoring this familiarity case for Caijian Guo. The requested
release binding is minor. The man page has been posted in the
materials directory.
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
bwm-ng
1.2. Name of Document Author/Supplier:
Author: Caijian Guo
1.3 Date of This Document:
06 March, 2009
4. Technical Description
Bwm-ng Check List
1.0 Project Information
1.1 Name of project/component
bmw-ng
1.2 Author of document
Caijian.Guo at Sun.COM
2.0 Project Summary
2.1 Project Description
bwm-ng is a small and simple console-based live network and disk io
bandwidth monitor. It listens to network and disk io and displays
current throughput.
Features:
supports both IPv4 and IPv6
unlimited number of interfaces/devices supported
interfaces/devices are added or removed dynamically from list
white-/blacklist of interfaces/devices
output of KB/s, Kb/s, packets, errors, average, max and total sum
output in curses, plain console, CSV or HTML
configfile
2.2 Release binding
What is is the release binding?
(see http://opensolaris.org/os/community/arc/policies/release-taxonomy/)
[ ] Major
[*] Minor
[ ] Patch or Micro
[ ] Unknown -- ARC review required
2.3 Type of project
Is this case a Linux Familiarity project?
[*] Yes
[ ] No
2.4 Originating Community
2.4.1 Community Name
bwm-ng[1]
2.4.2 Community Involvement
Indicate Sun's involvement in the community
[ ] Maintainer
[ ] Contributor
[*] Monitoring
Will the project team work with the upstream community to resolve
architectural issues of interest to Sun?
[*] Yes
[ ] No - briefly explain
Will we or are we forking from the community?
[ ] Yes - ARC review required prior to forking
[*] No
3.0 Technical Description
3.1 Installation & Sharable
3.1.1S Solaris Installation - section only required for Solaris Software
(see http://opensolaris.org/os/community/arc/policies/install-locations/
for details)
Does this project follow the Install Locations best practice?
[*] Yes
[ ] No - ARC review required
Does this project install into /usr under
[sbin|bin|lib|include|man|share]?
[*] Yes
[ ] No or N/A
Does this project install into /opt?
[ ] Yes - explain below
[*] No or N/A
Does this project install into a different directory structure?
[ ] Yes - ARC review required
[*] No or N/A
Do any of the components of this project conflict with anything under
/usr?
(see http://opensolaris.org/os/community/arc/caselog/2007/047/ for
details)
[ ] Yes - explain below
[*] No
If conflicts exist then will this project install under /usr/gnu?
[ ] Yes
[ ] No - ARC review required
[*] N/A
Is this project installing into /usr/sfw?
[ ] Yes - ARC review required
[*] No
3.1.1W Windows Installation - section only required for Windows Software
(see http://sac.sfbay/WSARC/2002/494 for details)
Does this project install software into a
<system drive>:\Program Files\Sun\<product> or <system
drive>:\Sun\<product>
directory?
[ ] Yes
[ ] No - ARC review required
Does the project use the Windows registry?
[ ] Yes
[ ] No - ARC review required
Does the project use
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product>\<version>
for the registry key?
[ ] Yes
[ ] No - ARC review required
Is the project's stored location
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product id>\<version
id>\Path?
[ ] Yes
[ ] No - ARC review required
3.1.2 Share and Sharable
Does the module include any components that are used or shared by
other projects?
[ ] Yes
[*] No
If yes are these components packaged to be shared with the other FOSS?
[ ] Yes
[ ] No - ARC review required
[*] N/A
Are these components already in the Solaris WOS?
[ ] Yes
[*] No - continue with next section (section 3.2)
If yes are these newer versions being delivered?
[ ] Yes
[ ] No - ARC review required
If yes are the newer versions replacing the existing versions?
[ ] Yes
[ ] No - ARC review required
3.2 Exported Libraries
Are libraries being delivered by this project?
[ ] Yes
[*] No - continue with next section (section 3.3)
Are 64-bit versions of the libraries being delivered?
[ ] Yes
[ ] No - ARC review required
Are static versions of the libraries being delivered?
[ ] Yes - ARC review required
[ ] No
3.3 Services and the /etc Directory
(see http://opensolaris.org/os/community/arc/policies/SMF-policy/)
Does the project integrate anything into /etc/init.d or /etc/rc?.d?
[ ] Yes - ARC review required
[*] No
Does the project integrate any new entries into /etc/inittab or
/etc/inetd.conf?
[ ] Yes - ARC review required
[*] No
Does the project integrate any private non-public files into /etc/default
or /etc/ configuration files?
[ ] Yes - ARC review required
[*] No
Does the service manifests method context grant rights above that
of the noaccess user and basic privilege set?
[ ] Yes - ARC review required
[*] No
3.4 Security
3.4.1 Secure By Default
(see http://opensolaris.org/os/community/arc/policies/secure-by-default/
for details)
(see http://www.opensolaris.org/os/community/arc/policies/NITS-policy/
for details)
(see parts of
http://opensolaris.org/os/community/arc/policies/SMF-policy/ for
addtional details)
Are there any network services provided by this project?
[ ] Yes
[*] No - continue with the next section (section 3.4.2)
Are network services enabled by default?
[ ] Yes - ARC review required
[ ] No
[ ] N/A
Are network services automatically enabled by the project during
installation?
[ ] Yes - ARC review required
[ ] No
[ ] N/A
Are inbound network communications denied by default?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is inbound data checked to prevent content-based attacks?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is the outbound receiver authenticated?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is the receiver authenticated prior to receiving any sensitive outbound
communication?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
3.4.2 Authorization
(see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
for details)
Are there any setuid/setgid privileged binaries in the project?
[ ] Yes - ARC review required
[*] No - continue with next section (section 3.4.3)
If yes then are the setuid/setgid privileges handled by the use of roles?
[ ] Yes
[ ] No - ARC review required
3.4.3 Auditing
(see http://opensolaris.org/os/community/arc/policies/audit-policy/ for
details)
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for details)
Does this component contain administrative or security enforcing software?
[ ] Yes - ARC review required
[*] No - continue to next section (section 3.4.4)
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for details)
Do the components create audit logs detailing what took place including
what event
took place, who was involved, when the event took place?
[ ] Yes - ARC contract and Audit project team review required
[ ] No - ARC review required
3.4.4 Authentication
(see http://opensolaris.org/os/community/arc/policies/PAM/)
Do the components contain any authentication code?
[ ] Yes
[*] No - continue to next section (section 3.4.5)
If yes do the components use PAM (plugable authentication modules) for
authentication?
[ ] Yes
[ ] No - ARC review required
If yes is a single PAM session maintained during authentication?
[ ] Yes
[ ] No - ARC review required
If yes are the components sufficiently privileged to allow the requested
operations (authentication, password change, process credential
manipulation,
audit state initialization)?
[ ] Yes - briefly describe below
[ ] No - ARC review required
3.4.5 Passwords
(see http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/
and
http://opensolaris.org/os/community/arc/bestpractices/passwords-files/ for
details)
Do any of the components for the project deal with passwords?
[ ] Yes
[*] No - continue to next section (section 3.4.6)
If yes are these passwords entered via the CLI or environment?
[ ] Yes - ARC review required
[ ] No
Are passwords stored within the file system for the component?
[ ] Yes
[ ] No - continue to next section (section 3.4.6)
If yes are the permissions on the file such to protect exposing the
password(s)?
[ ] Yes
[ ] No - ARC review required
3.4.6 General Security Questions
(see
http://opensolaris.org/os/community/arc/bestpractices/security-questions/ for
details)
Are there any network protocols used by this project?
[*] Yes
[ ] No - continue with the next section (section 3.5)
Do the components use standard network protocols?
[*] Yes
[ ] No - ARC review required
Do network services for the project make decisions based upon user, host
or
service identities?
[ ] Yes - explain below
[*] No
[ ] N/A
Do the components make use of secret information during authentication
and/or
authorization?
[ ] Yes - explain below
[*] No
[ ] N/A
3.5 Networking
Do the components access the network?
[*] Yes
[ ] No - continue with the next section (section 3.6)
If yes do the components support IPv6?
[*] Yes
[ ] No - ARC review required
3.6 Core Solaris Components
Do the components of this project compete with or duplicate core
Solaris components?
[ ] Yes - ARC review required
[*] No
Examples of Core Solaris Components include but are not limited to:
Secure By Default
Authorizations
PAM -- Plugable Authentication Module
Privilege
PRM -- Process Rights Management -- Privilege
Audit
xVm -- Virtualization
zones / Solaris Containers
PRM -- Process Rights Management
RBAC -- Role Based Access Control
TX / Trusted Extensions
ZFS
SMF -- Service Management Facility
FMA -- Fault Management Architecture
SCF -- Smart Card Facility
IPsec
4.0 Interfaces
4.1 Exported Interfaces
Interface Name Classification Comments
--------------------------- ------------------- ----------------------
SUNWbwm-ng Uncommitted Package
/usr/bin/bwm-ng Uncommitted Executable binary file
4.2 Imported Interfaces
Interface Name Classification Comments
--------------------------- -------------------- ---------------------
ncurses Committed LSARC/2008/524
Notes
bwm-ng is compile such that it is not dependent on libstatgrab.
Appendix A - References
[1] http://www.gropp.org/?id=projects&sub=bwm-ng
OSR ID# 10971
RFE ID# 6810966
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
SFW
6.5. ARC review type: FastTrack
6.6. ARC Exposure: open
