Gkrellm for OpenSolaris [LSARC/2008/513 FastTrack timeout 08/19/2008]
Andras Barna
andras.barna at gmail.com
Mon Aug 25 04:42:38 PDT 2008
FYI: gkrellm on solaris not requires libgtop
On Mon, Aug 25, 2008 at 2:30 PM, Henry Zhang <Hua.Zhang at sun.com> wrote:
> Hi all,
>
> I would summary the discussion below.
>
> 1, The battery support on Solaris:
> I investigated 2 solution, one is the patch wrote by David, but this patch
> is using acpidrv.h and /dev/acpidrv which are not on Solaris now, the other
> solution is using HAL, I think this is a solution we can use.
> So I am implementing to use HAL/Dbus for the battery information.
>
> 2, SSL certification authentication:
> I checked the bugzilla, and no category for GKrellM, I sent a mail to the
> maintainer on this issue. I am discussing with him on how to fix this
> problem..
>
> 3, Security impact:
> Add some content to describe the possible impaction.
>
> Attachment is the updated one-pager..
>
> Thanks,
> Henry
>
> Henry Zhang 写道:
>>
>> Hi Darren,
>>
>> Thanks, I will file a bug on this issue...
>>
>> Regards,
>> Henry
>>
>> Darren J Moffat 写道:
>>>
>>> I see from the code that it is passing SSL_VERIFY_NONE to
>>> SSL_CTX_set_verify()
>>>
>>> From the man page:
>>>
>>>
>>> SSL_VERIFY_NONE
>>> Server mode: the server will not send a client
>>> certificate request to the client, so the client will
>>> not send a certificate.
>>>
>>> Client mode: if not using an anonymous cipher (by
>>> default disabled), the server will send a certificate
>>> which will be checked. The result of the certificate
>>> verification process can be checked after the TLS/SSL
>>> handshake using the SSL_get_verify_result(3) function.
>>> The handshake will be continued regardless of the
>>> verification result.
>>>
>>>
>>> This is the answer for the case. Personally I'm not happy with this
>>> however it is what gkrellm does and it answers my question. I would like
>>> the project team to file a bug upstream (if there isn't one already) to
>>> provide functionality to actually verify the server's SSL/TLS certificate.
>>>
>>> --
>>> Darren J Moffat
>
> Template Version: @(#)onepager.txt 1.29 04/11/15 SMI
>
> This information is Sun Proprietary/Confidential: Internal Use Only:
> Engineering Need-to-Know
>
> 1. Introduction
>
> 1.1. Project/Component Working Name:
>
> GKrellM
>
> 1.2. Name of Document Author/Supplier:
>
> Henry Zhang (hua.zhang at sun.com)
>
> 1.3. Date of This Document:
>
> 30/07/08
>
> 1.4. Name of Major Document Customer(s)/Consumer(s):
>
> 1.4.1. The PAC or CPT you expect to review your project:
>
> Solaris PAC
>
> 1.4.2. The ARC(s) you expect to review your project:
>
> LSARC
>
> 1.4.3. The Director/VP who is "Sponsoring" this project:
>
> Robert.Odea at Sun.Com
>
> 1.4.4. The name of your business unit:
>
> JDS Desktop Engineering, OPG
>
> 1.5. Email Aliases:
> 1.5.1. Responsible Manager: leo.binchy at Sun.COM
> 1.5.2. Responsible Engineer: hua.zhang at Sun.COM
> 1.5.3. Marketing Manager: jeff.mcmeekin at sun.com
> 1.5.4. Interest List: gkrellm at sun.com
>
> 2. Project Summary
>
> 2.1. Project Description:
>
> GKrellM, GNU (or Gtk) Krell Monitors (or Meters), is a single process
> stack of system monitors which supports applying themes to match its
> appearance to your window manager, Gtk, or any other theme. The
> current
> version is 2.3.1.
>
> 2.2. Risks and Assumptions:
>
> 1. Temperature, fan, and voltage sensor monitors not support since
> missing
> libsensors.
>
> 2. APM laptop battery meter not support since no APM, we will use
> HAL/DBus
> to implement this function.
>
> 3. This application will depend on libgtop, which isn't engineered to
> fully
> or best support Solaris interfaces for getting system information
> because
> it was written from a more Linux perspective on system resources, and
> some
> system information can't get since not fully support from kernel, e.g.
> some sensor monitor interfaces.
>
> 3. Business Summary
>
> 3.1. Problem Area:
>
> GKrell is a computer program based on the GTK+ toolkit that creates a
> single process stack of system monitors. It can be used to monitor the
> status of CPUs, main memory, hard disks, network interfaces, local and
> remote mailboxes, and many other things. Plugin is supported.
>
> 3.2. Market/Requester:
>
> JDS Desktop group
>
> 3.3. Business Justification:
>
> For many users, it's nice to be able to see, real-time, what is
> happening
> on their system. There are ways to display memory usage, cpu usage,
> network
> traffic, available and used disk space, and a whole lot of other
> similar
> system statistics. This makes it easier to troubleshoot and notice
> problems
> as they come up. To be display these monitors, you will need gkrellm.
>
> It's a very useful monitoring tool, can replace a lots of the dock
> applets, what's even better is that gkrellm supports a plugin
> interface,
> allowing vast expandability, it's also infinitely configurable and
> themeable.
>
> Additionally Gkrellm is very easy on the CPU and packs a lot of
> information
> into a little bit of space.
>
> 3.4. Competitive Analysis:
>
> Windows XP has SysMetrix, Windows Vista has this type of side bar,
> and GKrellM can run in Linux and other Unix-like operating systems.
>
> 3.5. Opportunity Window/Exposure:
>
> It is expected that this project will be integrated into Nevada B100
>
> Note: this tool has GPL V3 license, it will not integrated into
> Nevada until the license issue is solved.
>
> 3.6. How will you know when you are done?:
>
> When it is ported to Nevada and runs correctly.
>
> The project will be complete when there are no stoppers, P1 or P2
> bugs.
>
> 4. Technical Description:
>
> 4.1. Details:
>
> GKrellM is a GTK-based stacked monitor program that charts SMP CPUs,
> disks, load, active net interfaces, and internet connections. There
> are
> also builtin monitors for memory and swap, file systems with
> mount/umount
> feature, mailbox checking including POP3 and IMAP, clock/calendar,
> laptop
> battery, sensors (temperatures, voltages, and fans), and uptime. It
> has
> LEDs for the net monitors and an on/off button and online timer for
> PPP.
> Multiple monitors managed by a single process to reduce system load.
> There is a GUI popup for configuration, plugin extensions can be
> installed,
> and many themes are available. It also features a client/server
> monitoring
> capability.
>
> If you want to configure GkrellM, you can right-click on the monitor
> and
> select Configuration from the drop-down menu, or press the F1 key at
> anytime while GKrellM has the focus. The configuration menu lets you
> modify general options, built-in monitors, plug-ins, and themes.
>
> GKrellM consists of the gkrellm client and the gkrellmd server.
> Gkrellm can
> run in client mode and collect data from gkrellmd server running on a
> remote
> machine. In this way, the user can remotely monitor different
> characteristics
> of all the machines on their LAN, such as hits and load on the web
> server,
> disk usage on the mail server, and port traffic on the NAT.
>
> The gkrellm client gets data from gkrellmd through SSH. By default
> gkrellmd
> will not run by default, so the user need to start gkrellmd manually,
> and optionally add options to configure gkrellmd. For example,
> you can configure which port gkrellmd will use and which IP addresses
> or
> hostnames are allowed to connect to gkrellmd. gkrellm client will also
> be
> configured to use some port, this port is used to create the SSH
> connection
> with the gkrellmd server given port. Then you can start gkrellm on
> another
> system and get the remote data from gkrellmd.
>
> Both gkrellm and the gkrellmd server are plugin capable so special
> interest
> monitors can be coded. And in order to make install plugin, you should
> be root,
> and ensure the plugin will not add additional security issue.
>
>
> 4.2. Bug/RFE Number(s):
>
> RFE 6732524
>
> 4.3. In Scope:
>
> The system information we can get from Solaris
>
> 4.4. Out of Scope:
>
> The system information Solaris can't support, e.g. temperature.
> All plugins that are installed by users themselves.
>
> 4.5. Interfaces:
>
> Imported Interfaces
> Interface Stability Comments
> ------------------- -----------
> -----------------------------------
>
> /usr/lib/libkstat.so.1 Committed standard library
> SUNWgettext Uncommitted
> libgtop Volatile LSARC/2006/347/
> libOpenSSL Contract Private PSARC/2006/019/
> GNOME Committed Platform Libraries Committed LSARC/2007/520 GTK+
> library
> GNOME 2.20
>
> Exported Interfaces Stability Comments
> ------------------------- -------------
> ---------------------------------
>
> /usr/bin/gkrellm Volatile
> SUNWgkrellm Uncommitted Package name
> SUNWgkrellm-devel Uncommitted Package name
> /usr/include/gkrellm2/gkrellm.h Project Private
> /usr/lib/gkrellm2/plugins Project Private Used to store plugins
>
> 4.6. Doc Impact:
>
> Man page will need to be added
>
> 4.7. Admin/Config Impact:
>
> There are no changes to the system administration and configuration.
>
> 4.8. HA Impact:
>
> N/A
>
> 4.9. I18N/L10N Impact:
>
> The JDS team and the G11N are working together to evaluate and provide
> I18N/L10N support.
>
>
> 4.10. Packaging & Delivery:
>
> The new packages are:
>
> - SUNWgkrellm
> - SUNWgkrellm-devel
>
> 4.11. Security Impact:
>
> This application uses OpenSSL, and support plugins, it may cause some
> security concern, but generally all data transfered through the
> connection
> is the system usage status information, and not very confidential,
> addtionally in order to make the network connection more secure,
> this application is using SSH and some configuration on IP/port to
> use,
> see 4.1 for details.
>
> 4.12. Dependencies:
>
> SUNWgettext.spec
> Gtk+ 2.0 >= 2.0
> gdk 2.0
> glib 2.0 >= 2.0
> libgtop
> libssl
>
> 5. Reference Documents:
>
> GKrellM main project page:
> http://gkrellm.net
>
> GKrellM Wiki:
> http://en.wikipedia.org/wiki/GKrellM
>
> GKrellM themes site:
> http://www.muhri.net/gkrellm/
>
>
> 6. Resources and Schedule:
>
> 6.1. Projected Availability:
>
> Expect to integrated into Nevada in build 100 in Q3 2008
>
> 6.2. Cost of Effort:
>
> Development 1.0 Engineers - 1 Months
> Testing 0.5 Engineers - 1 Week
> RE 0.5 Engineers - 1 Week
>
> 6.3. Cost of Capital Resources:
>
> N/A
>
> 6.4. Product Approval Committee requested information:
>
> 6.4.1. Consolidation or Component Name:
>
> JDS / OpenSolaris
>
> 6.4.3. Type of CPT Review and Approval expected:
>
> Standard
>
> 6.4.4. Project Boundary Conditions:
>
> None
>
> 6.4.5. Is this a necessary project for OEM agreements:
>
> No
>
> 6.4.6. Notes:
>
> N/A
>
> 6.4.7. Target RTI Date/Release:
>
> Nevada B100 - Sep. 2008
>
> 6.4.8. Target Code Design Review Date:
>
> Sep. 2008
>
> 6.4.9. Update approval addition:
>
> New project, no Solaris PAC approval yet
>
> 6.5. ARC review type:
>
> FastTrack
>
> 7. Prototype Availability:
>
> 7.1. Prototype Availability:
>
> Sep. 2008
>
> 7.2. Prototype Cost:
>
> 1 engineer
> 1 QA
> 1 RE
>
> _______________________________________________
> opensolaris-arc mailing list
> opensolaris-arc at opensolaris.org
>
--
Andy
http://blog.sartek.net
More information about the opensolaris-arc
mailing list