PSARC 2007/601 FastTrack timeout 12/05/2007 - "spec.txt" added to the materials directory

Mark Logan Mark.Logan at sun.com
Tue Dec 11 11:38:37 PST 2007 

Hi Gary,

I have an answer to one of your questions:

Gary Winiger wrote:
>
> 	Team, thanks for the excellent update.  Still a few open questions:
>
> 	* Other than the IOCTL, I've missed seeing interface taxonomies.
> 	* I've also missed seeing the release binding.
> 	* What's the set of exported interface?
> 	* 5.6-5.8 seem incomplete to me.  What privileges?  What Rights
> 	  Profiles, and why?  Perhaps more explicitly, what's the
> 	  method_context of svc:/network/lms and how does this proposed
> 	  service comply to the SMF policy:
> 	  http://opensolaris.org/os/community/arc/policies/SMF-policy/
> 	  (which unfortunately is 2 revs behind the internal
> 	  http://sac.eng/cgi-bin/bp.cgi?NAME=SMF.bp)
> 	  Yes I'm sending John email once again ;-{
>   

Here is the method_context.  The lms daemon needs no additional 
privileges beyond opening the /dev/heci device:
 
           <method_context>
                       <method_credential
                               user='root'
                               group='root'
                               limit_privileges=':default'
                               privileges='basic'
                       />
               </method_context>

> 	* 6.15 " is there any way for other software in the system ...
> 	  that a given network interface is running AMT?"
> 	  Answer:  "It *should* be possible ..."
> 	  will this be done?
> 	* 7 "? Remotely Protect Computing Assets : Through Out of Band
> 	  communication, each system's software version numbers are checked
> 	  and, if necessary, system software and virus protection are
> 	  remotely updated with the most recent patches and virus definitions.
> 	  Viruses and worms can also be contained at their source, if needed,
> 	  by means of built-in circuit-breaker functionality.
>
> 	  "Intel AMT infrastructure supports the creation of setup and
> 	  configuration interfaces for management applications, as well
> 	  as network, security, and storage administration."
>
> 	  What does this mean relative to this project?  How are Solaris
> 	  veriion numbers (service tags ;-) being checked?  How is Solaris
> 	  system software and virus protection being remotely updated
> 	  with the most recent patches and virus definitions?
>
> Gary..
>

More information about the opensolaris-arc mailing list