Amendments to PSARC/2008/606 pconsole - parallel console

Amendment 1:

The pconsole-bin binary requires elevated privilege to be useful.  We
request to move the binary from the originally stated /usr/bin to
/usr/sbin, in line with where other binaries requiring privilege
usually exist.

Amendment 2:

A new execution profile and attribute will be defined.  This profile
will *NOT* be assigned to anyone by default.  The pconsole manual page
will be modified to say:

 -    NOTE:
 -        This program must be run as root.   To  allow  non-root
 -        users  to  use  this  program, the system administrator
 -        must make the pconsole-bin binary setuid root by  issu-
 -        ing the following command:
 -
 -        # chmod 4555 /usr/bin/pconsole-bin
 -
 -        This is NOT recommended however, as it could result  in
 -        making the system less secure.
 -
 +    NOTE:
 +        This program must be either run as root or by a user granted
 +        the "Parallel Console Access" rights profile:
 +
 +        # usermod -P "Parallel Console Access" login-name
 +

RBAC changes:

/etc/security/prof_attr:
Parallel Console Access:::Connect to remote consoles with pconsole:help=pconsole.html

/etc/security/exec_attr:
Parallel Console Access:solaris:cmd:::/usr/sbin/pconsole-bin:privs=all