Gary Winiger Wrote:
>> A summary of the updates in the material:
>>
>> 1. After offline communication, the project team would like to use the
>> interface provided by the IPS to search for drivers and packages by PCI
>> IDs. So content on drivers provided by Solaris OS is removed from the
>> driver
>> ails (I get broadcast address by calling dlpi_info()),
>> an exception will be raised accordingly. If dlpi_info() returns no
>> error, but there is no broadcast address, a string Python object, whose
>> length is zero, will be returned.
>>
>
> Why not None?
>
OK. Will return None Pytho
Sebastien Roy wrote:
> On Thu, 2008-08-14 at 17:09 +0100, John Levon wrote:
>
>> On Thu, Aug 14, 2008 at 09:01:41AM -0700, Danek Duvall wrote:
>>
>>
>>> On Thu, Aug 14, 2008 at 03:12:20PM +0800, Max Zhen wrote:
>>>
>>>
So, in this dlpi module for Python, I followed the require
sed Hermon HCA Driver
>
>
Just a mislabel?
Mark
-- next part --
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20080815/1e1fef78/attachment.html>
Paul Wernau wrote:
> You bring up an good point. Is there some pre-existing authorization
> you'd recommend? I see solaris.device.grant (Delegate Device
> Administration) as a potential. Or we could create a new set.
I don't think that one is appropriate. I would expect a completely new
aut
Andras Barna ??:
> On Thu, Aug 14, 2008 at 8:02 PM, Brian Cameron
> wrote:
>> Andras/Henry:
>>
>>> note: plugins can be installed in ~/.gkrellm2/plugins too
>> I thought Henry said that only sysadmins could install plugins.
Yes, sysadmins can install plugins into /usr/lib/gkrellm2/plugins;
mea
I'm sponsoring this case as a self-review for Jan "Honza" Hnatek.
If anyone disagrees, let me know and I'll promote this case to
a fast track.
Ienup
Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI
This information is Copyright 2008 Sun Microsystems
1. Introduction
1.1. Project/Componen
Can any user run 'ikeadm token login' ? Or is a specific authorisation
needed ? If so what is it ? Same for logout.
I'm particularly interested in the case where the key is actually a
users smartcard and the user has no direct root access. In this case I
would rather not give them an RBAC p
Hi, all
I am sponsoring this case. The timeout is set to be 08/22/2008.
Additional materials include pkgmap and manpages are available at:
Internally:
http://sac.eng/Archives/CaseLog/arc/LSARC/2008/524/materials/
Externally
http://www.opensolaris.org/os/community/arc/caselog/2008/524
Thank
Gary Winiger wrote:
> This customer would also like to do the same thing with doors.
>>> Maybe naively, I thought they already could with doors.
>>> I thought if you could see the door file, you could place
>>> a door_call to the server that created the file.
>> I believe you can bu
James Carlson wrote:
>cindi writes:
>
>
>>This case creates some new variants of the existing device-interr and
>>bus-linkerr faults so that separate Knowledge arcticles, messages and
>>severity
>>can be used depending on the service impact of the fault.
>>
>>
>
>Do the previous ones still
Gary Winiger wrote:
>> I spoke with a customer recently that has a need for exactly this type
>> of cross zone communication. They need it in both the TX and non-TX
>> cases. In their case they want the GZ to be required to setup the
>> channels but also want two local zones to be able to comm
No - I've removed it from the open agenda.
Aarti
>
>
> Case (Timeout) Exposure Title (updated 08/15/2008)
> 2008/497 (08/20/08) closed Hermon HCA Driver
>
>
> Just a mislabel?
>
> Mark
>
Nicolas Williams writes:
> I'd rather that ikecert have two new, mutually exclusive options, rather
> than one, and that it warn if neither is provided, with the default
> behavior left as is.
That'd be the clear alternative, but rather than force the project
team to chew up an option flag, I'd li
The case material was updated and saved as 'spec.txt' in the case
directory. I'd like to restart the review and set the timer to 08/21/2008.
A summary of the updates in the material:
1. After offline communication, the project team would like to use the
interface provided by the IPS to search for
was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20080815/db0d4b16/attachment.html>
I am sponsoring this case on behalf of Adrian Frost. This case seeks
patch binding for a Solaris 10 update release. The case introduces FMA
events for Intel integrated memory controller and Nehalem CPUs. The
case is a straight-forward addition of events which are part of an
approved FMA portfoli
On Fri, Aug 15, 2008 at 01:16:06PM -0500, Robert Gordon wrote:
>> The hook functions are enabled only
>> when Solaris is in cluster mode.
>
> Is that a programmatic interface ?
I'm not sure. You'd have to ask Thejaswini. IIRC, the kernel ones are
function pointers only initialized by the Sun Clu
On Fri, Aug 15, 2008 at 01:45:47PM -0400, James Carlson wrote:
> Yep, I understand the motivation.
>
> This should _at least_ have a patch README entry and a release note
> for the update it goes into, and should probably get other exposure as
> well.
>
> [...]
>
> Poor user.
I'd rather that ik
Dan McDonald writes:
> The frequency of new-key generation (typically measured in once-per-N-years,
> for 1 <= N <= 4) is such that the above paragraph will not apply often.
> Maybe that's why you're worried --> it's so infrequent that people will not
> think to look at the release notes.
More lik
On Fri, Aug 15, 2008 at 01:45:47PM -0400, James Carlson wrote:
> The fact that nobody will be able to provide a clear set of "how to
> use this stuff" directions should give the project team some pause
> about tightening security in this way. A recipe would have to say
> something like this in the
Dan McDonald writes:
> On Fri, Aug 15, 2008 at 01:01:13PM -0400, Paul Wernau wrote:
> >> Isn't this (changing the default way the pin is stored) an
> >> incompatible change?
>
> The storage of the PIN isn't an interface, per se.
>
> You are worried, I suspect, about least-surprise if someone crea
On Fri, Aug 15, 2008 at 01:01:13PM -0400, Paul Wernau wrote:
>> Isn't this (changing the default way the pin is stored) an
>> incompatible change?
The storage of the PIN isn't an interface, per se.
You are worried, I suspect, about least-surprise if someone creates a new
keypair and subsequently
On Aug 14, 2008, at 4:44 PM, Bill Sommerfeld wrote:
> The hook functions are enabled only
> when Solaris is in cluster mode.
Is that a programmatic interface ?
Could (from an architectural POV) this feature be enabled with out the
presence of SUN Cluster, and if not why not ?? (I'm just curiou
James Carlson wrote:
> Bill Sommerfeld writes:
>> I'm sponsoring this fasttrack for Paul Wernau. Timer expires on
>> 8/22/2008. Release binding is Patch/Micro. The new ikeadm and ikecert
>> subcommands, options, and associated behavior have a Committed stability
>> level.
> [...]
>> ikecert(1m
Bill Sommerfeld writes:
> I'm sponsoring this fasttrack for Paul Wernau. Timer expires on
> 8/22/2008. Release binding is Patch/Micro. The new ikeadm and ikecert
> subcommands, options, and associated behavior have a Committed stability
> level.
[...]
> ikecert(1m) will be changed so that the pi
Darren J Moffat wrote:
> Paul Wernau wrote:
>> You bring up an good point. Is there some pre-existing authorization
>> you'd recommend? I see solaris.device.grant (Delegate Device
>> Administration) as a potential. Or we could create a new set.
>
> I don't think that one is appropriate. I
Aaron Zang wrote:
> Michael Schuster wrote:
>
>
>>> Anyway, I still believe that the trend is to not using rootunlock. I
>>> still
>>> remember that around Nevada build 30, xscreensaver supported
>>> rootunlock by
>>> default, and now it is not the default behavior.
>>>
>> IMO it would
Hi
no wide character support?
On Fri, Aug 15, 2008 at 11:13 AM, Irene Huang wrote:
> Hi, all
>
> I am sponsoring this case. The timeout is set to be 08/22/2008.
>
> Additional materials include pkgmap and manpages are available at:
> Internally:
> http://sac.eng/Archives/CaseLog/arc/LSARC/2008/5
ndezvous).
>>
>> For example, in case of Trusted Extensions X, the X server creates
>> the rendezvous in a location that is loopback mounted via an smf
>> service. The X clients use this new rendezvous to communicate with
>> the X server.
>>
>> Please note that this case doesn't allow communication between
>> two non-global zones.
>>
>> -Lokanath
>>
>>
-- next part --
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20080815/6b66e595/attachment.html>
Darren,
Thanks,
Henry
Darren J Moffat ??:
> I still don't see how OpenSSL is being used. The proposal mentions SSH
> for connecting to the remote gkrellmd but SSH and SSL are totally
> different protocols.
GKrellM have a feature to get mail status, OpenSSL is only used for
making connection
Darren J Moffat wrote:
> Can any user run 'ikeadm token login' ? Or is a specific authorisation
> needed ? If so what is it ? Same for logout.
>
The exisiting model for ikeadm in general is that a user needs to have
root privileges. A non-root user will get a permissions error
attempting
All,
I have attached the modified proposal.txt file.
The additional materials have been updated as
well. The changes affect only Volatile and
Uncommitted interfaces. The Committed interfaces
remain unchanged. These changes are to match
what the community has recently done.
As such I have reset
I'm sponsoring this fasttrack for Paul Wernau. Timer expires on
8/22/2008. Release binding is Patch/Micro. The new ikeadm and ikecert
subcommands, options, and associated behavior have a Committed stability
level.
Description:
Private keys for IPsec/IKE are currently stored in th
On Fri, Aug 15, 2008 at 10:14:41AM +0100, Darren J Moffat wrote:
> I'm missing the bigger picture here, or failing to see where it is covered
> in the materials.
>
> Can someone draw me a simple picture of a multi node cluster using this
> showing which IKE the client connects to originally and w
> Date: Fri, 15 Aug 2008 07:53:13 -0700 (PDT)
> From: Gary Winiger
> >> >> This customer would also like to do the same thing with doors.
> > >
> > > Maybe naively, I thought they already could with doors.
> > > I thought if you could see the door file, you could place
> > > a door_call to
On Fri, 2008-08-15 at 00:39 -0700, Garrett D'Amore wrote:
> * performance -- the "slow path" causes packets to traverse PCI
> busses 3 times, as noted, and certainly involves more complexity in the
> paths (notably kcf scheduling of crypto gets involved).
The SCA4000 IPsec offload interface
Steve Hanson writes:
> The previous ones still exist and can still be interpreted in the same way.
Thanks; just checking.
--
James Carlson, Solaris Networking
Sun Microsystems / 35 Network Drive71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N
Gary Winiger wrote:
> Maybe I don't understand this reply. Let me try again. I don't
> see why there should be any check for Unix domain rendezvous.
> I don't see where rendezvous even between non-global zones
> is fundimentally different than IP network end points.
>
cindi writes:
> This case creates some new variants of the existing device-interr and
> bus-linkerr faults so that separate Knowledge arcticles, messages and
> severity
> can be used depending on the service impact of the fault.
Do the previous ones still exist and do something, or are these
outr
Henry Zhang wrote:
> Darren,
>
>
> Thanks,
> Henry
>
> Darren J Moffat ??:
>> I still don't see how OpenSSL is being used. The proposal mentions
>> SSH for connecting to the remote gkrellmd but SSH and SSL are totally
>> different protocols.
>
> GKrellM have a feature to get mail status, Ope
I'm missing the bigger picture here, or failing to see where it is
covered in the materials.
Can someone draw me a simple picture of a multi node cluster using this
showing which IKE the client connects to originally and where and how
the SADB's are passed between the nodes.
I think I understa
Michael Schuster wrote:
>> Anyway, I still believe that the trend is to not using rootunlock. I
>> still
>> remember that around Nevada build 30, xscreensaver supported
>> rootunlock by
>> default, and now it is not the default behavior.
>
> IMO it would make sense to retain the capability, but
> A summary of the updates in the material:
>
> 1. After offline communication, the project team would like to use the
> interface provided by the IPS to search for drivers and packages by PCI
> IDs. So content on drivers provided by Solaris OS is removed from the
> driver database. Now the driver
Bill Sommerfeld wrote:
> On Fri, 2008-08-15 at 00:39 -0700, Garrett D'Amore wrote:
>
>> * performance -- the "slow path" causes packets to traverse PCI
>> busses 3 times, as noted, and certainly involves more complexity in the
>> paths (notably kcf scheduling of crypto gets involved).
>>
>> >> This customer would also like to do the same thing with doors.
> >
> > Maybe naively, I thought they already could with doors.
> > I thought if you could see the door file, you could place
> > a door_call to the server that created the file.
>
> I believe you can but they do ne
> I spoke with a customer recently that has a need for exactly this type
> of cross zone communication. They need it in both the TX and non-TX
> cases. In their case they want the GZ to be required to setup the
> channels but also want two local zones to be able to communicate without
> requi
Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI
This information is Copyright 2008 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
ncurses for OpenSolaris
1.2. Name of Document Author/Supplier:
Author: Rick Ju
1.3 Date of This Document:
I'm wholly in favor of this case. However, to be fully clear, the
SCA4000 should not suffer any loss in functionality, as it can use what
we used to call "slow path IPsec acceleration", that is, it can use kcf
to perform crypto operations for it.
HOWEVER, there may be potential ramifications f
49 matches
Mail list logo