Danek Duvall wrote: > On Mon, Nov 24, 2008 at 10:58:45AM -0800, Brock Pytlik wrote: > > >> http://cr.opensolaris.org/~bpytlik/ips-2701-v3/ >> > > pkg.depotd.1m.txt: > > - line 128: I'd say "path" instead of "writ_root". This should also be > writeable-root. > sure > config.py: > > - "writable" should be "writeable". Same in pkg-server.xml. Maybe other > places too -- grep for it. > Made consistently writable (yeah, I was surprised as well). > svc-pkg-depot: > > - line 114: $? is now giving the return value of the second svcprop > command instead of the first -- is that what's intended? You should > probably update the comment to reflect the interaction between readonly > and writeable-root. Though honestly, it's not clear to me why having a > writeable root would turn fork/exec back on again -- isn't the point of > that to lock readonly servers down tight? > > Good catch on the $?, I've updated the code to reflect the checks we actually want to have.
I was told we need a writable root for two reasons, feed.xml, and search indexes. If search indexes are going to be generated, then fork/exec is needed. If the user doesn't want a server running with that priv, then they shouldn't use writeable root for now. I don't think this bug address all possible combinations of security configurations, it's meant to address the one that we need to make our deployment easier. Perhaps a new bug should be filed on actually determining what all the desired configurations would be so that we can design a coherent set of switches and flags. Brock > Danek > _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
