Jedy Wang wrote: >>> A list of available BEs will also be provied in the GUI. If users >>> select a BE which is different from the default one, the restart >>> dialog will ask ConsoleKit to reboot into the selected BE. >>> ConsoleKit >>> will check solaris.system.shutdown to identify if the user has >>> enough >>> privilege. If so, ConsoleKit will use "bootadm set-menu default=n" >>> to update the default BE and then do a reboot. >> >> This part concerns me a little. It is quite a different policy decision >> to be able to reboot the existing BE than to change the default one. > > This is because bootadm is used to set default boot entry and I think it > does not support set default boot entry temporarily. I CCed Vikram, the > developer of bootadm.
You shouldn't have to use bootadm. See Example 4 of the reboot(1M) man page. >> Yes the user could just select the alternate one from the GRUB menu in >> most cases. However I'd prefer to see an additional authorisation added >> for this check, it can be in the default set provided by the "Console >> User" property. I suggest something like "solaris.system.bootadm". >> This is similar to how suspend/resume has been dealt with. >> > > If I want to add "solaris.system.bootadm", what should I do and in which > module it should be put in? It should probably be ConsoleKit or bootadm checking that authorisation. However given what you have said above I'm taking a different stance. I don't think bootadm(1M) should be called at all. -- Darren J Moffat
