Attention users of network IPMI
Brad Bishop
bradleyb at fuzziesquirrel.com
Fri Mar 30 04:27:38 AEDT 2018
> On Mar 29, 2018, at 12:37 PM, Emily Shaffer <emilyshaffer at google.com> wrote:
> On Thu, Mar 29, 2018 at 9:19 AM Alexander Amelkin <a.amelkin at yadro.com> wrote:
> IPMI defines user privileges (user, operator, administrator, oem
> prooprietary privileges), and I think we need to support them. I'd do that via
> standard user groups. The root username may still be available with
> 'administrator' privilege level (user 'root' included into 'admin' group).
> That way we can rely on standard means for authentication and filesystem
> permissions, and maybe have some pam plugin for interaction with phosphor
> (e.g. to check whether a user is disabled).
>
> I thought Intel (Ed?) was working on something related to this. Could someone comment?
There is this:
https://gerrit.openbmc-project.xyz/#/c/8440/
and these:
https://lists.ozlabs.org/pipermail/openbmc/2018-February/010742.html
https://lists.ozlabs.org/pipermail/openbmc/2018-January/thread.html#10344
https://lists.ozlabs.org/pipermail/openbmc/2017-December/thread.html#10054
None of this has seen much activity lately. I’d encourage everyone to
leave feedback in the proposal made by Richard and/or to carry that
proposal forward.
More information about the openbmc
mailing list