Opened 8 years ago

Last modified 6 years ago

#913 new enhancement

IZ620: A hmacc user role has to be created

Reported by: easymf Owned by:
Priority: high Milestone:
Component: hedeby Version: 1.0u2
Severity: Keywords: Sun bootstrap
Cc:

Description

[Imported from gridengine issuezilla http://gridengine.sunsource.net/issues/show_bug.cgi?id=620]

        Issue #:      620             Platform:     Sun           Reporter: easymf (easymf)
       Component:     hedeby             OS:        All
     Subcomponent:    bootstrap       Version:      1.0u2            CC:    None defined
        Status:       NEW             Priority:     P2
      Resolution:                    Issue type:    ENHANCEMENT
                                  Target milestone: 1.0u5next
      Assigned to:    adoerr (adoerr)
      QA Contact:     adoerr
          URL:
       * Summary:     A hmacc user role has to be created
   Status whiteboard:
      Attachments:


     Issue 620 blocks:
   Votes for issue 620:     Vote for this issue


   Opened: Mon Feb 9 03:27:00 -0700 2009 
------------------------


   Description

   To retrieve certain data from SDM system, it is needed to grant certain
   permissions to an user. An initial version of HMACC will hold a monitoring only
   features - the set of permissions needed by user of HMACC is smaller than set of
   permissions needed by SDM admin user, thus it'd be ideal to deliver a more fine
   grained roles that would fit an HMACC too.

   In addition, additional permissions needed for a remote JVM monitoring has to be
   granted to HMACC users (roles).

   Evaluation

   A high-priority enhancement because it's preferred to have a special user (role)
   for an HMACC user in 1.0u3 (first release with HMACC).

   Suggested Fix/Work Around

   As a workaround, it is sufficient to grant additional permissions to
   "administrator" role, as this role already governs most of the permissions
   needed by hmacc.

   The only additional permissions needed to grant are:

        permission java.util.PropertyPermission "*", "read, write";
        permission java.lang.management.ManagementPermission "monitor";
        permission javax.management.MBeanPermission "*", "runtime";

   Analysis

   Creating a new user role governing the "monitoring" permissions is just a part
   of the problem. To have a full support for new user role, it is needed to
   introduce a command for adding/removing a user with "monitoring" ("observer")
   role. Following set of permissions is needed for this role:

        permission javax.management.MBeanPermission "*", "getDomains";
        permission javax.management.MBeanPermission "*", "getObjectInstance";
        permission javax.management.MBeanPermission "*", "queryMBeans";
        permission javax.management.MBeanPermission "*", "queryNames";
        permission javax.management.MBeanPermission "*", "getAttribute";
        permission javax.management.MBeanPermission "*", "getMBeanInfo";
        permission javax.management.MBeanPermission "*", "addNotificationListener";
        permission javax.management.MBeanPermission "*", "removeNotificationListener";
        permission javax.management.MBeanPermission "*", "isInstanceOf";
        permission javax.management.MBeanPermission "*", "getObjectInstance";
        permission javax.management.MBeanPermission "*", "invoke";
        permission javax.management.MBeanPermission "*", "runtime";
        permission java.util.PropertyPermission "*", "read, write";
        permission java.lang.management.ManagementPermission "monitor";
        permission javax.management.MBeanPermission "*", "runtime";

   An "invoke" permission has to be investigated - ideally, not all ("*") MBeans
   should be granted to invoke operations on, but only those really needed.

   The new role should have meaningful name "observer" or something similar.

   To be able to add user with that role to the system, two possible approaches exist:

   1. To create an "AddObserverUser" command, that would copy the functionality of
   the "AddAdminUser" command except the fact, that an "observer" role would be
   used isntead of "administrator" role.
   2. To modify the "AddAdminUser" command to make it more general - to allow to
   add an user with any role. It would mean, that a "role" switch would need to be
   introduced and command would need to be renamed to "AddUserWithRole" (or
   something similar).

   How to test

   A testsuite test for set of commands.
   A manual test for hmacc.

   ETC - 2 PD
               ------- Additional comments from rhierlmeier Wed Nov 25 07:21:10 -0700 2009 -------
   Milestone changed

Change History (0)

Note: See TracTickets for help on using tickets.