Content-type: text/html Man page of smf_security

smf_security

Section: Standards, Environments, and Macros (5)
Updated: 20 May 2009
Index Return to Main Contents
 

NAME

smf_security - service management facility security behavior  

DESCRIPTION

The configuration subsystem for the service management facility, smf(5), requires privilege to modify the configuration of a service. Privileges are granted to a user by associating the authorizations described below to the user through user_attr(4) and prof_attr(4). See rbac(5).

The following authorization is used to manipulate services and service instances.

solaris.smf.modify

Authorized to add, delete, or modify services, service instances, or their properties.

 

Property Group Authorizations

The smf(5) configuration subsystem associates properties with each service and service instance. Related properties are grouped. Groups may represent an execution method, credential information, application data, or restarter state. The ability to create or modify property groups can cause smf(5) components to perform actions that may require operating system privilege. Accordingly, the framework requires appropriate authorization to manipulate property groups.

Each property group has a type corresponding to its purpose. The core property group types are method, dependency, application, and framework. Additional property group types can be introduced, provided they conform to the extended naming convention in smf(5). The following basic authorizations, however, apply only to the core property group types:

solaris.smf.modify.method

Authorized to change values or create, delete, or modify a property group of type method.

solaris.smf.modify.dependency

Authorized to change values or create, delete, or modify a property group of type dependency.

solaris.smf.modify.application

Authorized to change values or create, delete, or modify a property group of type application.

solaris.smf.modify.framework

Authorized to change values or create, delete, or modify a property group of type framework.

solaris.smf.modify

Authorized to add, delete, or modify services, service instances, or their properties.

Property group-specific authorization can be specified by properties contained in the property group.

modify_authorization

Authorizations allow the addition, deletion, or modification of properties within the property group.

value_authorization

Authorizations allow changing the values of any property of the property group except modify_authorization.

The above authorization properties are only used if they have type astring. If an instance property group does not have one of the properties, but the instance's service has a property group of the same name with the property, its values are used.  

Service Action Authorization

Certain actions on service instances may result in service interruption or deactivation. These actions require an authorization to ensure that any denial of service is a deliberate administrative action. Such actions include a request for execution of the refresh or restart methods, or placement of a service instance in the maintenance or other non-operational state. The following authorization allows such actions to be requested:

solaris.smf.manage

Authorized to request restart, refresh, or other state modification of any service instance.

In addition, the general/action_authorization property can specify additional authorizations that permit service actions to be requested for that service instance. The solaris.smf.manage authorization is required to modify this property.  

Defined Rights Profiles

Two rights profiles are included that offer grouped authorizations for manipulating typical smf(5) operations.

Service Management

A service manager can manipulate any service in the repository in any way. It corresponds to the solaris.smf.manage and solaris.smf.modify authorizations.

The service management profile is the minimum required to use the pkgadd(1M) or pkgrm(1M) commands to add or remove software packages that contain an inventory of services in its service manifest.

Service Operator

A service operator has the ability to enable or disable any service instance on the system, as well as request that its restart or refresh method be executed. It corresponds to the solaris.smf.manage and solaris.smf.modify.framework authorizations.

Sites can define additional rights profiles customized to their needs.

 

Remote Repository Modification

Remote repository servers may deny modification attempts due to additional privilege checks. See NOTES.  

SEE ALSO

auths(1), profiles(1), pkgadd(1M), pkgrm(1M), prof_attr(4), user_attr(4), rbac(5), smf(5)  

NOTES

The present version of smf(5) does not support remote repositories.

When a service is configured to be started as root but with privileges different from limit_privileges, the resulting process is privilege aware. This can be surprising to developers who expect seteuid(<non-zero UID>) to reduce privileges to basic or less.


 

Index

NAME
DESCRIPTION
Property Group Authorizations
Service Action Authorization
Defined Rights Profiles
Remote Repository Modification
SEE ALSO
NOTES

This document was created by man2html, using the manual pages.
Time: 02:39:51 GMT, October 02, 2010