Going through the networking stack is not very efficient if you do have other options (although it is scalable and deployment-agnostic, and overhead is not usually fatal). Besides, at least for NFS - you can't run the kernel server in a local zone (there are some rumoured third-party userspace daemons, but that's another story).
If your zones are expected to co-live on one hardware you can go with a "lofs" mounted filesystem, which is available to both zones and the global zone. Glen Brunette also had a fine presentation on "Immutable Service Containers" ideology which describes some security implications and considerations of shared filesystems, including read-only and read-write access from zones with different roles in your information system. http://mediacast.sun.com/users/gbrunette/media/CEC-2008-ISC-v0.2.pdf -- This message posted from opensolaris.org _______________________________________________ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
