Le 2 oct. 08 à 21:00, Bruce, Phillip a écrit :
If your logged into a container, how can your verify the name of the
global zone running the container?
You can't !
And this is a feature not a bug.
Nicolas
01010101 01001110 01001001 01011000
Nicolas Dorfsman
[EMAIL PROTECTED] / [EMAIL
Although it's a feature, if you need this functionality, the global
zone can store its name in a file which the Container can read.
On Thu, Oct 2, 2008 at 3:05 PM, Nicolas Dorfsman [EMAIL PROTECTED] wrote:
Le 2 oct. 08 à 21:00, Bruce, Phillip a écrit :
If your logged into a container, how can
Le 2 oct. 08 à 21:14, Jeff Victor a écrit :
Although it's a feature, if you need this functionality, the global
zone can store its name in a file which the Container can read.
Sure.
But I think it's a bad idea.
We must not create a hole where the operating system is secured.
Even if you
On Thu, Oct 2, 2008 at 2:23 PM, Nicolas Dorfsman [EMAIL PROTECTED] wrote:
Sure.
But I think it's a bad idea.
We must not create a hole where the operating system is secured.
Even if you think it doesn't mind because you know the existence of
this file(hole), what could be the consequence
Mike Gerdts wrote:
1. Let's pretend that a zone is a virtual machine. I could make the
same argument using longer sentences if that makes someone happy.
2. For example, if you know all global zones are on the 192.168.1.0/24
subnet, the following will give you a pretty good clue. Other zones
Hi Mike,
Le 2 oct. 08 à 21:47, Mike Gerdts a écrit :
The overall availability of a server comes from a number of factors
which include security and usability. If the level of separation that
you are worried about is a critical factor, I'd suggest not using
zones. They are good but
The other way that the global zone identity normally leaks through to the
non-global zones is through the system's hostid. So if you compare the
output of `/usr/bin/hostid` with `for e in $allglobalzones ; do ssh $e
/usr/bin/hostid ; done`, you can easily see which global zone matches your
Le 2 oct. 08 à 22:00, Moore, Joe a écrit :
The other way that the global zone identity normally leaks through
to the non-global zones is through the system's hostid. So if you
compare the output of `/usr/bin/hostid` with `for e in
$allglobalzones ; do ssh $e /usr/bin/hostid ; done`,
Moore, Joe writes:
The other way that the global zone identity normally leaks through to the
non-global zones is through the system's hostid. So if you compare the
output of `/usr/bin/hostid` with `for e in $allglobalzones ; do ssh $e
/usr/bin/hostid ; done`, you can easily see which
Jeff,
Thanks how would I do that?
Phillip
-Original Message-
From: Jeff Victor [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 02, 2008 12:14 PM
To: zones-discuss@opensolaris.org
Subject: Re: [zones-discuss] Confirming Zone running Container
Although it's a feature, if you need
:47 PM
To: Nicolas Dorfsman
Cc: zones-discuss@opensolaris.org
Subject: Re: [zones-discuss] Confirming Zone running Container
On Thu, Oct 2, 2008 at 2:23 PM, Nicolas Dorfsman [EMAIL PROTECTED]
wrote:
Sure.
But I think it's a bad idea.
We must not create a hole where the operating system
Nicolas Dorfsman wrote:
Personally, we've defined a DNS alias for zonename-vh to point to
the global zone for each of our local zones. That way we can `ssh
www-zh zoneadm -z www reboot` easily.
Interesting. Why don't ssh to the non-global ?
`ssh www init 6`
That assumes several things
Phillip,
Le 2 oct. 08 à 22:38, Bruce, Phillip a écrit :
Mike,
Using zonecfg command can ONLY be used at the global zone level not at
the container level.
[EMAIL PROTECTED]:/var/adm# zonecfg
zonecfg can only be run from the global zone.
What are you trying to do exactly ?
The
Le 2 oct. 08 à 22:37, Moore, Joe a écrit :
Nicolas Dorfsman wrote:
Personally, we've defined a DNS alias for zonename-vh to point to
the global zone for each of our local zones. That way we can `ssh
www-zh zoneadm -z www reboot` easily.
Interesting. Why don't ssh to the non-global ?
On 10/02/08 22:42, Nicolas Dorfsman wrote:
Phillip,
Le 2 oct. 08 à 22:38, Bruce, Phillip a écrit :
Mike,
Using zonecfg command can ONLY be used at the global zone level not at
the container level.
[EMAIL PROTECTED]:/var/adm# zonecfg
zonecfg can only be run from the global zone.
On Thu, Oct 2, 2008 at 3:53 PM, Menno Lageman [EMAIL PROTECTED] wrote:
On 10/02/08 22:42, Nicolas Dorfsman wrote:
Phillip,
Le 2 oct. 08 à 22:38, Bruce, Phillip a écrit :
Mike,
Using zonecfg command can ONLY be used at the global zone level not at
the container level.
[EMAIL
16 matches
Mail list logo