Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> General >> Sun Alert and Security Discussion

tsolinfo acl entry

Hi,Can someone show an example of an acl entry for the tsolinfo file ?There is no example in the documentation and the setfacl format doesn't work as far as I can tell.Thanks.J.D.
[222 byte] By [] at [2007-11-25 23:04:46]
«« Solaris 10 with Trusted Extensions
»» Remote CDE Login Fails!
# 1
Why don't you guys ever respond ? This is ridiculous. This stuff is not in the manuals and not working as expected. Please provide an answer.J.D.
at 2007-7-5 17:56:19 > top of Java-index,General,Sun Alert and Security Discussion...
# 2

Wow. A whole 15 seconds on google.

<a href="http://docs.sun.com/app/docs/doc/805-8022-05/6j7ht6u7k?a=view" target="_blank"> http://docs.sun.com/app/docs/doc/805-8022-05/6j7ht6u7k?a=vie w</a>

The following is an example of a tsolinfo file:

default label ADMIN_LOW[ADMIN_LOW]

default allowed_privs all

default forced_privs all

label usr/sbin/myfile ADMIN_HIGH[ADMIN_HIGH]

forced_privs usr/sbin/myfile file_mac_read

allowed_privs usr/sbin/myfile file_mac_read,file_mac_write

That help?

at 2007-7-5 17:56:19 > top of Java-index,General,Sun Alert and Security Discussion...
# 3
Nope. I'm looking for the ACL entry syntax for tsolinfo. This other stuff works fine.Thanks though.J.D.
at 2007-7-5 17:56:19 > top of Java-index,General,Sun Alert and Security Discussion...
# 4
So you're building a package? From what I've seen, that's what the tsolinfo file is used in... setacl is for a different purpose.What's the genesis of your query?
at 2007-7-5 17:56:19 > top of Java-index,General,Sun Alert and Security Discussion...
# 5

It's simple. I'm trying to generate a package with a tsolinfo file that contains an acl entry. None of the documentation I have found details what this entry is supposed to look like.

I know very well that setfacl and tsolinfo are two very different things, but I was hoping, in the absence of decent documentation, that the format would be similar. It isn't and it doesn't work.

In my opinion, this is a bug. Yet, nobody seems to want to acknowledge this.

What's more is nothing is said about setting such ACL attributes on MLDs.

If I could do that with a postinstall, I would.

sfaguy at 2007-7-5 17:56:19 > top of Java-index,General,Sun Alert and Security Discussion...
General
Sun Alert and Security Discussion

General New Topic

General Hot Topic

General

All Classified