David Edmondson wrote:
> If the global zone creates a link with the name "foo0" and then assigns
> that link to a non-global zone, the global zone should be free to create
> a link with the name "foo0" (without the destruction of the original
> link). Without the namespace manipulation, how would this happen?
Why should it be free to do so? I don't understand where the requirement
is coming from, and what real-world problem it is solving.
Clearly the analogous operations in the file system name space doesn't
do this. If superuser creates /export/home/foo and then does a chown foo
/export/home/foo, that directory still appears in ls(1).
>> There are two things that are not clear to me (because I haven't
>> thought about the tradeoffs)
>> - should we allow a ngz to vanity name links assigned to it by the gz
>> (it can vanity name the links it creates without any added complexity
>> I suspect)
>
> I suspect 'no', as that would be confusing for the global zone
> administrator.
Yes, that is a relevant concern.
The tradeoff is that if we want all the ngz's (exclusive-IP zones) to
all have their network interface named 'net0' then we'd need something
that can vanity name them.
Perhaps you view that the gz should do that (and what would help me
understand your first paragraph above). An alternative is that the ngz
vanity names the datalink.
>> - whether the gz should be able to see (with some qualification to
>> the name) the links that are created in the ngz. (From the ownership
>> model it can't modify them, but it might be useful to see that there
>> is a "zoneA/aggr0" link created by zoneA.)
>
> I think 'yes', as an observability aid.
Erik
