PSARC Questions Version 1.18 Approved Oct. 2008 (PSARC/2008/625) 1. What is the proposal being presented for review? * Give an overview of the project and its phase(s). Command Assistant provides easy access to examples showing the usage of OpenSolaris command-line applications. The examples are taken from existing OpenSolaris sgml documentations, man-pages and eventually javadoc documentation. * Describe the exposure (OpenSolaris), scope and type of review desired (overview, full case, etc.) Command Assistant will be released with OpenSolaris. It needs full case review. * What are the project's deliverables? Package: SUNWcmdassist COMPONENTS VERSION LICENSE TERMS ----------------------------------------------------------- Assistant Tool Client 1.0.0 CDDL Client side components will be shipped with OpenSolairs in OpenSolairs package repository.It's a standard Gnome Applet. * /usr/lib/bonobo/server/CommandAssistant_Applet.server * /usr/lib/CommandAssistant/commandassistant-applet * /usr/lib/CommandAssistant/config.xml Note: These server components will be hosted on OpenSolaris.com. Assistant Tool Web Service 1.0.0 CDDL Apache Lucene 2.4.0 2.4.0 Apache LicenseV2.0 * How does this project align with existing or proposed ARC cases? None 2. Describe user interactions. * Are new user interfaces being proposed, or existing interfaces being changed? New user interfaces * Are there any install time changes? No 3. What are the exported (defined by your project) and imported (defined by another project that your project then references) interfaces or protocols and their respective stability levels? See: http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/ * Is there a versioning scheme in place? No * Has the team secured interface contracts where necessary? N/A * Use an ARC prescribed interface table format. N/A 4. Describe any dependencies on hardware (e.g. SPARC exclusive), and on other projects within Solaris. N/A 5. Projects need to be aware of the overall security of the system and how their components affect it. Which parts of this project are critical to the security of the system to avoid such unintended consequences such as unauthorized system entry, unauthorized access to or modification of data, elevation of privilege, denial of service, ...? Does this project require elevated privilege? A number of specific policies and practices address various aspects of the security of the system. They are found in appendix 1. Which of these are applicable to this project, and how are they addressed? Re: Only SOAP (http port 80) is used for client app. No security issues. 6. Describe means of observing project functionality and performance, by an end user or by a system administrator. Re: It's user space GUI app. Regular tools can be used to monitor the performance. 7. How does the project deal with faults and interruptions? Initialization and restarting? Re: It's stateless app. Restarting frees any system resources helt by the app. 8. How does the project interact with Solaris virtualization technologies (xVM, LDOMs, zones, SunCluster, etc.)? Re: It works in virtualization environment. 9. Does this project require administration (i.e., configuration or management)? If so, No * How is the project administered, and what sort of review process has this user interface undergone? UI review by xDesign team * Is there a means of aggregating management and/or configuration with other related projects? * Does this project deliver its own administration along with the other components, or is this project an administration interface for other projects? * Are there any external (to Solaris) management interfaces to consider, or being consumed? Projects that require or deliver administrative interfaces are often by their nature security components of the system and should likely address the security question (#5 above, with attention to RBAC and Audit). (See also appendix 2). 10. Have you reviewed the Policies and Best Practices? Yes Are there any exceptions this project needs? See No http://www.opensolaris.org/os/community/arc/policies/ http://www.opensolaris.org/os/community/arc/bestpractices/