Skip to end of metadata
Go to start of metadata

Overview

Buxton is a security-enabled configuration management system. It features a layered approach to configuration storage, with each layer containing an arbitrary number of groups, each of which may contain key-value pairs. Mandatory Access Control (MAC) is implemented at the group level and at the key-value level.

Buxton provides a C library (libbuxton) for client applications to use. Internally, buxton uses a daemon (buxtond) for processing client requests and enforcing MAC. Also, a CLI (buxtonctl) is provided for interactive use and for use in shell scripts.

Link: https://github.com/sofar/buxton

Comparison with GENIVI Persistence

Comparison GENIVI Persistence and Buxton
 GENIVI PersistenceBuxton
ComponentsPersistence Client Library (PCL) provides also file API to applications, not only a key-value API.C library (libbuxton) for client applications to use.
Persistence Administration Service (PAS), s a daemon responsible to create default databases and file

folder structure according JSON configuration files. Creates backups and recovers data from backups

A daemon (buxtond) for processing client requests and enforcing MAC.
Persistence Healt Monitor (PHM) responsible to repair persistence file system problems

and format and setup persistence data afterwards.

Also, a CLI (buxtonctl) is provided for interactive use and for use in shell scripts
Persistence Common Object (PCO) abstraction layer to implement different storage backends

used by PCL and PAS. Later on a IPC abstraction layer will be added.

 
DatabaseEach application has it's own databaseOne database for all applications
SecurityFor security it is recommend for every application to use it's own Linux user id and group id,

where the database hat the same rights. (optional) MAC concept (e.g. Smack) could be added, but haven’t been considered yet

Mandatory Access Control (MAC) is implemented at the group level and at the key-value level. (optional)
CachingCached database will be used for key-values.

Files will be cached using ramdisk. Modified data will be written back form cache to non-volatile memory device during shutdown phase.

gdbm will be used for the key-value store which uses internally mmap()'s
InterfaceKey-value and file C-APIKey-value API
Multi-userYesYes
Default data handlingYes, with default databaseYes, using different layer within the database
NotificationsSend change (create, modify, delete) notifications to applications registered to receive notifications 
BackupBackup and checksum creation for files (complete files only) and keys 

 

Copied from MediaWiki
Last Edit: 15:28, 24 July 2014‎ Ingo.Huerner

  • No labels