Can somebody point me to the priviledge which a smf service needs to bind to ports below 1024 as a normal user?

It's net_privaddr (and root needs it too) - there's an example at github.com/omniosorg/omnios-extra/b…-bind9/files/named-template.xml#L61

Thanks worked

i'm probably going to say it poorly, but do contracts 'nest' at all? e.g. there's a situation where a child process needs to die if it's parent dies for any reason.. AFAIK you'd need a contract to do that

but if the parent is already running under a contract, might that be a problem (if that one isn't configured to react differently to a process in the contract exiting)

(this is a library -- not mine -- where a call forks a child process, and since it can't control the parent, on Linux and FreeBSD it uses prctl() or the like to set the child to exit if the parent does)

jbk: can you change the library and child any? can the child be multithreaded? (open a pipe in the parent, pass the read end to the child, and create a thread in the child that blocks on a read on the pipe and exits the process when it gets EOF)

but process(5) does mention some notion of contract inheritance around CT_PR_REGENT ("If set, the process contract can inherit unabandoned contracts

left by exiting member processes.")

[illumos-gate] 17351 libc: ignoring unreachable code -- Toomas Soome <tsoome⊙mc>

toasterson: illumos.org/man/7/privileges is your friend when trying to figure out what privileges you need for something like that

(I also spent some time a few years ago going through other man pages in Solaris to spell out which privileges were needed on the man page for the system calls/programs/etc, but I don't think anyone has done that for illumos man pages)

can't believe you've caused me to be online on this shittiest of all days.

the reason file(1) needs /usr/has is that that is how mediators work

the reason for mediating it is when we tried to replace it _before_ everyone complained about _that_ because the text changes and blah blah blah

so at the moment, the "community" viewpoint has reached "You must neither ship the old file, nor the new file"

fools days indeed

.oO "I most certainly do welcome the new and improved version"

I do too. My point was that the mediator is a compromise based on last time (I haven't actually spoken to pmooney, maybe it's a compromise based on general empathy, rather than remembering when jeffpc tried this)

and that "we shouldn't use usr/has, just delete things" is a point of view that needs to be tempered by the experience of ever having tried to delete anything

Mediating what's in gate and allowing distributions to replace it if they choose seems very sensible. I wouldn't want to see it deleted, or a different implementation imported into gate, even if the licence allowed it.

I just don't like us making idiots of ourselves by sort of settling on impossible positions, because what happens -- from direct experience -- is you just burn out on trying to fix things like that

which is why we still have uucp support, and rpc.wtfisthatd

and file(1) from when jeffpc did it, and several other things probably

sc

Like I said in at least one other place, I would like to see ours improved, but I also don't have time to do it myself right now. Mediation seems like a pragmatic win.

I am generally in favour of the "It's your computer!" school of thought :P

is the developer-essential metapackage just an Illumos thing or does it also exist on Solaris?

No idea!

I think it's actually "build-essential", isn't it? And that name was picked to match common Linux distributions

yes, you're right

pkg.oracle.com doesn't show it

I thought they had a package like that, though. alanc would know what it is

Solaris world has duality, they did create this community version (whatever the actual name is), which is supposed to support developers to build third party packages

CBE? haven't tried it

yep. ofc there is some gameplay about rights to use and such

I would be inclined to avoid even downloading it unless you have someone who feels confident interpeting the licence terms

I'll ask alanc next time I seem him on irc

oh sure, use my name in vain while I'm out for lunch

"developer-gnu" is our roughly equivalent package: pkg.oracle.com/solaris/release/mani…1.4.42.0.0.111.0%3A20211203T200423Z

though I see pkg.openindiana.org/hipster/manifes…C5.11-2025.0.0.0%3A20250105T135527Z has a lot more in

we renamed /usr/has/bin to /usr/sunos/bin before 11.0 shipped to avoid the "tired joke" portion of the arguments

since no one really belived sch's claim that "has" obviously stood for "Historical Application Support"

alanc: Yeah, that seems frankly a wise decision