diff options
| author | dh155122 <none@none> | 2007-01-19 16:59:38 -0800 |
|---|---|---|
| committer | dh155122 <none@none> | 2007-01-19 16:59:38 -0800 |
| commit | f4b3ec61df05330d25f55a36b975b4d7519fdeb1 (patch) | |
| tree | 395c234b901886c84a82603a767e031fca136e09 /usr/src/lib/libsecdb | |
| parent | 2e59fc6dac28cd69376c21d6b90a5624160ba94c (diff) | |
| download | illumos-joyent-f4b3ec61df05330d25f55a36b975b4d7519fdeb1.tar.gz | |
PSARC 2006/366 IP Instances
6289221 RFE: Need virtualized ip-stack for each local zone
6512601 panic in ipsec_in_tag - allocation failure
6514637 error message from dhcpagent: add_pkt_opt: option type 60 is missing required value
6364643 RFE: allow persistent setting of interface flags per zone
6307539 RFE: Invalid network address causes zone boot failure
5041214 Allow IPMP configuration with zones
5005887 RFE: zoneadmd should support plumbing an interface via DHCP
4991139 RFE: zones should provide a mechanism to configure a defaultrouter for a zone
6218378 zoneadmd doesn't set the netmask for non-loopback addresses hosted on lo0
4963280 zones: need to virtualize the IPv6 default address selection mechanism
4963285 zones: need support of stateless address autoconfiguration for IPv6
5048068 zones don't boot if one of its interfaces has failed
5057154 RFE: ability to change interface status from within a zone
4963287 zones should support the plumbing of the first (and only) logical interface
4978517 TCP privileged port space should be partitioned per zone
5023347 zones don't work well with network routes other than default
4963372 investigate whether global zone can act as a router for local zones
6378364 RFE: Allow each zone to have its own virtual IPFilter
Diffstat (limited to 'usr/src/lib/libsecdb')
| -rw-r--r-- | usr/src/lib/libsecdb/exec_attr.txt | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/usr/src/lib/libsecdb/exec_attr.txt b/usr/src/lib/libsecdb/exec_attr.txt index 40de76e3d4..e568985fcb 100644 --- a/usr/src/lib/libsecdb/exec_attr.txt +++ b/usr/src/lib/libsecdb/exec_attr.txt @@ -104,12 +104,12 @@ File System Management:suser:cmd:::/usr/sbin/umount:uid=0 File System Management:suser:cmd:::/usr/sbin/umountall:uid=0 File System Management:suser:cmd:::/usr/sbin/unshare:uid=0;gid=root File System Management:suser:cmd:::/usr/sbin/unshareall:uid=0;gid=root -IP Filter Management:solaris:cmd:::/usr/sbin/ipf:privs=sys_net_config -IP Filter Management:solaris:cmd:::/usr/sbin/ipfs:privs=sys_net_config -IP Filter Management:solaris:cmd:::/usr/sbin/ipmon:privs=sys_net_config -IP Filter Management:solaris:cmd:::/usr/sbin/ipfstat:privs=sys_net_config;gid=sys -IP Filter Management:solaris:cmd:::/usr/sbin/ipnat:privs=sys_net_config;gid=sys -IP Filter Management:solaris:cmd:::/usr/sbin/ippool:privs=sys_net_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/ipf:privs=sys_ip_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipfs:privs=sys_ip_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipmon:privs=sys_ip_config +IP Filter Management:solaris:cmd:::/usr/sbin/ipfstat:privs=sys_ip_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/ipnat:privs=sys_ip_config;gid=sys +IP Filter Management:solaris:cmd:::/usr/sbin/ippool:privs=sys_ip_config;gid=sys Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/krb5kdc:uid=0 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kadmind:uid=0 Kerberos Server Management:solaris:cmd:::/usr/lib/krb5/kprop:euid=0;privs=none @@ -175,9 +175,9 @@ Name Service Security:suser:cmd:::/usr/sbin/nisinit:euid=0 Name Service Security:suser:cmd:::/usr/sbin/nislog:euid=0 Name Service Security:suser:cmd:::/usr/sbin/rpc.nisd:uid=0;gid=0 Network Management:solaris:cmd:::/sbin/ifconfig:uid=0 -Network Management:solaris:cmd:::/sbin/route:privs=sys_net_config +Network Management:solaris:cmd:::/sbin/route:privs=sys_ip_config Network Management:solaris:cmd:::/sbin/routeadm:euid=0;\ - privs=proc_chroot,proc_owner,sys_net_config + privs=proc_chroot,proc_owner,sys_ip_config Network Management:solaris:cmd:::/sbin/dladm:euid=dladm;egid=sys;\ privs=sys_net_config,net_rawaccess,proc_audit Network Management:suser:cmd:::/usr/bin/netstat:uid=0 @@ -194,15 +194,15 @@ Network Management:suser:cmd:::/usr/sbin/snoop:uid=0 Network Management:suser:cmd:::/usr/sbin/spray:euid=0 Network Link Security:solaris:cmd:::/sbin/dladm:euid=dladm;egid=sys;\ privs=sys_net_config,net_rawaccess,proc_audit -Network Security:solaris:cmd:::/usr/lib/inet/certdb:privs=sys_net_config -Network Security:solaris:cmd:::/usr/lib/inet/certlocal:privs=sys_net_config -Network Security:solaris:cmd:::/usr/lib/inet/certrldb:privs=sys_net_config -Network Security:solaris:cmd:::/usr/lib/inet/in.iked:privs=sys_net_config,net_privaddr -Network Security:solaris:cmd:::/usr/sbin/ikeadm:privs=sys_net_config -Network Security:solaris:cmd:::/usr/sbin/ikecert:privs=sys_net_config -Network Security:solaris:cmd:::/usr/sbin/ipsecconf:privs=sys_net_config -Network Security:solaris:cmd:::/usr/sbin/ipseckey:privs=sys_net_config -Network Security:solaris:cmd:::/usr/sbin/ipsecalgs:privs=sys_net_config +Network Security:solaris:cmd:::/usr/lib/inet/certdb:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/lib/inet/certlocal:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/lib/inet/certrldb:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/lib/inet/in.iked:privs=sys_ip_config,net_privaddr +Network Security:solaris:cmd:::/usr/sbin/ikeadm:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/sbin/ikecert:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/sbin/ipsecconf:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/sbin/ipseckey:privs=sys_ip_config +Network Security:solaris:cmd:::/usr/sbin/ipsecalgs:privs=sys_ip_config Network Security:solaris:cmd:::/usr/sbin/ksslcfg:euid=0 Network Security:suser:cmd:::/usr/bin/ssh-keygen:uid=0;gid=sys Network Security:suser:cmd:::/usr/lib/inet/certdb:euid=0 |