Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
All, We have another vote besides myself (Thank you Darren). I am still waiting on a vote on the case by COB on Wednesday, June 30th, 2010. The contracts are in process. The contract for the ncurses usage is signed and has been place in the ncurses (LSARC 2008/524) case directory. The libzoneinfo contract is an extension of an existing contract to use an additional interface (isvalid_tz()). I expect this to be signed as soon as the responsible manager returns from vacation. The importing manager (Dana Barsan) has already signed the contract. Thus I believe that there are no outstanding issues for the case. Thanks, John On 06/21/10 01:10 AM, Darren J Moffat wrote: I vote to approve (I wasn't present at the meeting but I have reviewed the materials and opinion). ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
On 06/17/10 09:17 PM, John Fischer wrote: Please review these new materials and the draft opinion. Either provide feedback or vote on the case by COB Wednesday, June 30th, 2010. My vote is approve. -Seb ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
Thanks!! On 06/23/10 09:54 AM, Sebastien Roy wrote: On 06/17/10 09:17 PM, John Fischer wrote: Please review these new materials and the draft opinion. Either provide feedback or vote on the case by COB Wednesday, June 30th, 2010. My vote is approve. -Seb ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
I vote to approve (I wasn't present at the meeting but I have reviewed the materials and opinion). -- Darren J Moffat ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
PSARC members, Updated opinion based upon feedback provided. Case directory is updated. Thanks, John ?Oracle Systems Architecture Committee Oracle Proprietary/Need to Know Subject: OpenSolaris Text Installer Submitted by:Susan Sohn File: PSARC/2010/165/opinion.html Date: TBD Committee:John Fischer, TBD. Product Approval Committee: N/A 1. Summary The Text Installer is a mouseless, screen-oriented installer designed for use on SPARC and x86 systems that may not have graphics support such as many server-class machines. 2. Decision Precedence Information The project is approved as specified in reference [1]. The project may be delivered in a minor release of the ON Consolidation. 3. Interfaces The project exports the following interfaces. Interfaces Exported Interface Classification Comments --- --- /usr/lib/text-install UncommittedCLI system/install/text-install CommittedIPS package name ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/tgt.so Private to Target Instantiation and Target Discovery ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/libzoneinfo.so Private to /usr/lib/\ libzoneinfo.so system/install-setup:default UncommittedSMF Install service The project imports the following interfaces. Interfaces Imported Interface Classification Comments --- - libzoneinfo.so.1 Contracted Private LSARC/2001/015 Python2.6 Uncommitted PSARC/2009/043 libdiskmgt.so.1 Consolidation LSARC/2004/743 Private Distribution Constructor CommittedPSARC/2009/471 libncurses.soContracted Volatile LSARC/2008/524 menu.lst (grub)CommittedPSARC/2004/454 4. Opinion This project had a successful inception review which did not have any major concerns that could not be corrected by specification updates. Thus the case was approved by updating those specifications and taking an email vote. The issues listed below reflect the substantial inception review issues. 4.1 Static IP and IPv6 Networking The inception UI specifications discussed the longer term UI for setting up the various NICs. The project team stated that the current review was based upon allowing networking to be setup via NWAM or not established. Static and IPv6 configurations will be reviewed in a future fast track and be based upon the interfaces for basic install network configuration case (PSARC/2010/164). There will be documentation in the commitment materials explaining that the Static IP and IPv6 Network section of the UI specification are not covered by this case (reference [2]). The committee was fine with the OpenSolaris Text Installer not being dependent upon that case and following up with a fast track. 4.2 text-install Command Installation Location As specified the project installs text-installer into /usr/bin. When questioned about the usage of the command the project team stated that there are a few edge use cases where the end user might execute the command from a command line. The majority of uses would simply be to insert a disc and the text-installer automatically starts on boot. The committee stated that perhaps a better installation location might be /usr/lib. The project team has decided to install the text-installer into the /usr/lib directory. The committee was fine with the resolution of this issue. 4.3 Root and User Passwords Not Required The committee noted that the root and user passwords are not required at install time. The project team stated that they were following current Best Practices with regards to installation technologies. The installation user is warned that the system will be installed in an unsafe manner. The committee was fine with the issue. 4.4
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
On 18/06/2010 16:08, John Fischer wrote: 4.4 User Installed as Primary Administrator The initial user installed by the Caiman installers have been given the Primary Administrator role. The committee pointed out that this role is going away. The issue was discussed in the Solaris Modernization case (PSARC/2010/067). In that case the project team agreed to modify the installers to: Primary Administrator is a Rights Profile not a Role. The distinction is very important. It is the fact that the profile is assigned directly to a user rather than a role what was the whole problem. Also Primary Administrator as a Rights Profile is not planned to go away. The advice of the security team was not to assign Primary Administrator to the initial user directly. The main reason this was done early on in the Caiman GUI installer was because other technology like the RBAC Console User profile wasn't available and neither was sudo. 1. remove the root password prompt 2. require an initial user login name and password 3. set the root password to the initial user password 4. the root is type=role 5. the initial user is granted the root role (type=normal;roles=root) 6. the initial user is put in /etc/sudoers -- presumable with all commands 7. the initial use is no longer granted the Primary Administrator Rights Profile initial user 8. the password hash algorithm is sha256 9. the root account password is installed as expired (passwd -f). sp_lstchg == 0 username:password:lastchg:min:max:warn:inactive:expire:flag sp_namp:sp_pwdp:sp_lstchg:sp_min:sp_max:sp_inact:ex_expire:sp_flag That is all fine. The specification for this case will be modified to reflect this requirement and deposited in the case directory as commitment materials (Appendix C - [1]). The committee was fine with the issue. 5. Minority Opinion(s) None 6. Advisory Information None 7. Appendices 7.1 Appendix A: Technical Changes Required None 7.2 Appendix B: Technical Changes Advised None 7.3 Appendix C: Reference Material Unless otherwise stated, path names are relative to the case directory (PSARC/2010/165). 1.commitment.materials/PSARC-Questionnaire.txt Standard PSARC Questionnaire 2.commitment.materials/ARC-CoverPage.html ARC cover page describing the case and documents included for review 3.commitment.materials/designdocv2.0.9.odt Text Installer Design Document Open Document Text format 4.commitment.materials/designdocv2.0.9.pdf Text Installer Design Document Portable Document Format 5.commitment.materials/spec10-21.html Solaris Caiman Text-based Installer UI Specification non-graphical format On 06/17/10 06:17 PM, John Fischer wrote: PSARC members, The project team has provided updated materials which have been placed under the commitment.materials directory. There is now an ARC cover page (ARC-CoverPage.html) which describes the changes between the inception and commitment materials. I have also added the attached draft opinion which is in the top level directory. There is also an HTML version of the draft opinion in the case directory. Please review these new materials and the draft opinion. Either provide feedback or vote on the case by COB Wednesday, June 30th, 2010. Thanks, John ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org -- Darren J Moffat ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
PSARC members, Updated opinion includes grub.lst taxonomy updated to Committed and Primary Administrator Rights Profile discussion updated. Thanks, John Oracle Systems Architecture Committee Oracle Proprietary/Need to Know Subject: OpenSolaris Text Installer Submitted by: Susan Sohn File: PSARC/2010/165/opinion.html Date: TBD Committee: John Fischer, TBD. Product Approval Committee: N/A 1. Summary The Text Installer is a mouseless, screen-oriented installer designed for use on SPARC and x86 systems that may not have graphics support such as many server-class machines. 2. Decision Precedence Information The project is approved as specified in reference [1]. The project may be delivered in a minor release of the ON Consolidation. 3. Interfaces The project exports the following interfaces. Interfaces Exported Interface Classification Comments --- --- /usr/lib/text-install Uncommitted CLI system/install/text-install Committed IPS package name ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/tgt.so Private to Target Instantiation and Target Discovery ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/libzoneinfo.so Private to /usr/lib/\ libzoneinfo.so system/install-setup:default Uncommitted SMF Install service The project imports the following interfaces. Interfaces Imported Interface Classification Comments --- --- libzoneinfo.so.1 Contracted Private LSARC/2001/015 Python2.6 Uncommitted PSARC/2009/043 libdiskmgt.so.1 Consolidation LSARC/2004/743 Private Distribution Constructor Committed PSARC/2009/471 libncurses.so Contracted Volatile LSARC/2008/524 menu.lst (grub) Committed PSARC/2004/454 4. Opinion This project had a successful inception review which did not have any major concerns that could not be corrected by specification updates. Thus the case was approved by updating those specifications and taking an email vote. The issues listed below reflect the substantial inception review issues. 4.1 Static IP and IPv6 Networking The inception UI specifications discussed the longer term UI for setting up the various NICs. The project team stated that the current review was based upon allowing networking to be setup via NWAM or not established. Static and IPv6 configurations will be reviewed in a future fast track and be based upon the “interfaces for basic install network configuration” case (PSARC/2010/164). There will be documentation in the commitment materials explaining that the Static IP and IPv6 Network section of the UI specification are not covered by this case (reference [2]). The committee was fine with the OpenSolaris Text Installer not being dependent upon that case and following up with a fast track. 4.2 text-install Command Installation Location As specified the project installs text-installer into /usr/bin. When questioned about the usage of the command the project team stated that there are a few edge use cases where the end user might execute the command from a command line. The majority of uses would simply be to insert a disc and the text-installer automatically starts on boot. The committee stated that perhaps a better installation location might be /usr/lib. The project team has decided to install the text-installer into the /usr/lib directory. The committee was fine with the resolution of this issue. 4.3 Root and User Passwords Not Required The committee noted that the root and user passwords are not required at install time. The project team stated that they were following current Best Practices with regards to installation technologies. The installation user is warned that the system will be installed in an unsafe manner. The committee was fine with the issue. 4.4 User Installed as Primary Administrator The initial user installed by the Caiman installers have been given the Primary Administrator Rights Profile. The committee pointed out that this Rights Profile is going away. The issue was discussed in the Solaris Modernization case (PSARC/2010/067). In that case the project team agreed to modify the installers to: 1. remove the root password prompt 2. require an initial user login name and password 3. set the root password to the initial user password 4. the root is type=role 5. the initial user is granted the root role (type=normal;roles=root) 6. the initial user is put in /etc/sudoers -- presumable with all commands 7. the initial use is no longer granted the Primary Administrator Rights Profile 8. the password hash algorithm is sha256 9. the root account password is installed as expired (passwd -f). sp_lstchg == 0 username:password:lastchg:min:max:warn:inactive:expire:flag sp_namp:sp_pwdp:sp_lstchg:sp_min:sp_max:sp_inact:ex_expire:sp_flag The specification for this case will be modified to reflect this
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
On 18/06/2010 17:03, Gary Winiger wrote: On 6/18/10 8:34 AM, Darren J Moffat wrote: On 18/06/2010 16:08, John Fischer wrote: 4.4 User Installed as Primary Administrator The initial user installed by the Caiman installers have been given the Primary Administrator role. The committee pointed out that this role is going away. The issue was discussed in the Solaris Modernization case (PSARC/2010/067). In that case the project team agreed to modify the installers to: Primary Administrator is a Rights Profile not a Role. The distinction is very important. It is the fact that the profile is assigned directly to a user rather than a role what was the whole problem. Also Primary Administrator as a Rights Profile is not planned to go away. Yes it is. PSARC/2009/652 User, RBAC and Labeled Networking Administration will be removing it along with all the suser and act type entries. Primary Administrator is a bug. With root as a role, there is no reason for Primary Administrator. Gary.. P.S. I'll be requesting a case date for 2009/652 shortly. Okay, didn't know about that. Given that can we have the reference put in this cases' opinion then. 7. the initial use is no longer granted the Primary Administrator Rights Profile initial user Yup. No matter how may times the 6 of us read this we didn't catch all the typos ;-( -- Darren J Moffat ___ opensolaris-arc mailing list opensolaris-arc@opensolaris.org
Re: PSARC/2010/165 - OpenSolaris Text Installer email vote...
PSARC members, The opinion has been updated (section 4.4) based upon Darren's and Gary's feedback. The directory versions are updated. Again, I am looking for a vote by COB Wednesday, June 30th, 2010. Gary, I did not say anything new about the IPv6 and Static IP section. I suspect that the project team will be forth coming with the fast track well prior to the GA of the product. Thanks, John Oracle Systems Architecture Committee Oracle Proprietary/Need to Know Subject: OpenSolaris Text Installer Submitted by: Susan Sohn File: PSARC/2010/165/opinion.html Date: TBD Committee: John Fischer, TBD. Product Approval Committee: N/A 1. Summary The Text Installer is a mouseless, screen-oriented installer designed for use on SPARC and x86 systems that may not have graphics support such as many server-class machines. 2. Decision Precedence Information The project is approved as specified in reference [1]. The project may be delivered in a minor release of the ON Consolidation. 3. Interfaces The project exports the following interfaces. Interfaces Exported Interface Classification Comments --- --- /usr/lib/text-install Uncommitted CLI system/install/text-install Committed IPS package name ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/tgt.so Private to Target Instantiation and Target Discovery ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/libzoneinfo.so Private to /usr/lib/\ libzoneinfo.so system/install-setup:default Uncommitted SMF Install service The project imports the following interfaces. Interfaces Imported Interface Classification Comments --- --- libzoneinfo.so.1 Contracted Private LSARC/2001/015 Python2.6 Uncommitted PSARC/2009/043 libdiskmgt.so.1 Consolidation LSARC/2004/743 Private Distribution Constructor Committed PSARC/2009/471 libncurses.so Contracted Volatile LSARC/2008/524 menu.lst (grub) Committed PSARC/2004/454 4. Opinion This project had a successful inception review which did not have any major concerns that could not be corrected by specification updates. Thus the case was approved by updating those specifications and taking an email vote. The issues listed below reflect the substantial inception review issues. 4.1 Static IP and IPv6 Networking The inception UI specifications discussed the longer term UI for setting up the various NICs. The project team stated that the current review was based upon allowing networking to be setup via NWAM or not established. Static and IPv6 configurations will be reviewed in a future fast track and be based upon the “interfaces for basic install network configuration” case (PSARC/2010/164). There will be documentation in the commitment materials explaining that the Static IP and IPv6 Network section of the UI specification are not covered by this case (reference [2]). The committee was fine with the OpenSolaris Text Installer not being dependent upon that case and following up with a fast track. 4.2 text-install Command Installation Location As specified the project installs text-installer into /usr/bin. When questioned about the usage of the command the project team stated that there are a few edge use cases where the end user might execute the command from a command line. The majority of uses would simply be to insert a disc and the text-installer automatically starts on boot. The committee stated that perhaps a better installation location might be /usr/lib. The project team has decided to install the text-installer into the /usr/lib directory. The committee was fine with the resolution of this issue. 4.3 Root and User Passwords Not Required The committee noted that the root and user passwords are not required at install time. The project team stated that they were following current Best Practices with regards to installation technologies. The installation user is warned that the system will be installed in an unsafe manner. The committee was fine with the issue. 4.4 User Installed as Primary Administrator The initial user installed by the Caiman installers have been given the Primary Administrator Rights Profile. The committee pointed out that this Rights Profile is going away according to the User, RBAC and Labeled Networking Administration case (PSARC/2009/652). Furthermore, the issue was discussed in the Solaris Modernization case (PSARC/2010/067). In that case the project team agreed to modify the installers to: 1. remove the root password prompt 2. require an initial user login name and password 3. set the root password to the initial user password 4. make the root account a role 5. the initial user is granted the root role (type=normal;roles=root) 6. the initial user is put in /etc/sudoers -- presumable with all commands 7. the initial use is no longer granted
PSARC/2010/165 - OpenSolaris Text Installer email vote...
PSARC members, The project team has provided updated materials which have been placed under the commitment.materials directory. There is now an ARC cover page (ARC-CoverPage.html) which describes the changes between the inception and commitment materials. I have also added the attached draft opinion which is in the top level directory. There is also an HTML version of the draft opinion in the case directory. Please review these new materials and the draft opinion. Either provide feedback or vote on the case by COB Wednesday, June 30th, 2010. Thanks, John Oracle Systems Architecture Committee Oracle Proprietary/Need to Know Subject: OpenSolaris Text Installer Submitted by: Susan Sohn File: PSARC/2010/165/opinion.html Date: TBD Committee: John Fischer, TBD. Product Approval Committee: N/A 1. Summary The Text Installer is a mouseless, screen-oriented installer designed for use on SPARC and x86 systems that may not have graphics support such as many server-class machines. 2. Decision Precedence Information The project is approved as specified in reference [1]. The project may be delivered in a minor release of the ON Consolidation. 3. Interfaces The project exports the following interfaces. Interfaces Exported Interface Classification Comments --- --- /usr/lib/text-install Uncommitted CLI system/install/text-install Committed IPS package name ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/tgt.so Private to Target Instantiation and Target Discovery ${root}/lib/python2.6/vendor-packages/\ Consolidation Python to C bridge osol_install/libzoneinfo.so Private to /usr/lib/\ libzoneinfo.so system/install-setup:defaultUncommitted SMF Install service The project imports the following interfaces. Interfaces Imported Interface Classification Comments --- --- libzoneinfo.so.1Contracted Private LSARC/2001/015 Python2.6 Uncommitted PSARC/2009/043 libdiskmgt.so.1 Consolidation LSARC/2004/743 Private Distribution ConstructorCommitted PSARC/2009/471 libncurses.so Contracted Volatile LSARC/2008/524 menu.lst (grub) EvolvingPSARC/2004/454 4. Opinion This project had a successful inception review which did not have any major concerns that could not be corrected by specification updates. Thus the case was approved by updating those specifications and taking an email vote. The issues listed below reflect the substantial inception review issues. 4.1 Static IP and IPv6 Networking The inception UI specifications discussed the longer term UI for setting up the various NICs. The project team stated that the current review was based upon allowing networking to be setup via NWAM or not established. Static and IPv6 configurations will be reviewed in a future fast track and be based upon the âinterfaces for basic install network configurationâ case (PSARC/2010/164). There will be documentation in the commitment materials explaining that the Static IP and IPv6 Network section of the UI specification are not covered by this case (reference [2]). The committee was fine with the OpenSolaris Text Installer not being dependent upon that case and following up with a fast track. 4.2 text-install Command Installation Location As specified the project installs text-installer into /usr/bin. When questioned about the usage of the command the project team stated that there are a few edge use cases where the end user might execute the command from a command line. The majority of uses would simply be to insert a disc and the text-installer automatically starts on boot. The committee stated that perhaps a better installation location might be /usr/lib. The project team has decided to install the text-installer into the /usr/lib directory. The committee was fine with the resolution of this issue. 4.3 Root and User Passwords Not Required The committee noted that the root and user passwords are not required at install time. The project team stated that they were following current Best Practices with regards to installation technologies. The installation user is warned that the system