James Carlson wrote: > Margot Miller writes: >>>> The other problem I hear wrt zones is that the O/S >>>> administator is not the application administrator and >>>> that there would have to be some communication >>>> between the two to create a zone. >> The argument I heard was that having to ask the O/S >> administrator to even set up a zone is problematic. >> Once the zone is in place, things are fine. > > Yes, that's a potential issue. The flip side of that issue is that > bits buried in some user's home directory will be unknown to the > system administrator, and thus won't be patched or handled during > upgrade.
Right now users can install arbitrary software in $HOME and it will be unknown to the admin. What this proposal suggests is using a subset of the Solaris packaging technology to allow and encourage the use of packaging tools to install into $HOME - potentially giving the admin a better interface to discover installed stuff across the users' home directories on a given system, rather than no interface today, while still allowing non-root use of existing package technology (which is the main goal of this proposal). The proposal is not meant to boil the ocean, but rather take a baby step toward a more friendly non-root environment for developers and app administrators. > Even if the check for UID 0 is removed, we currently have no higher- > level design that accounts for the issues that arise with arbitrary > software installation. There have been issues raised in this discussion that I attempted to recap before the July break and there has been some discussion since. Are there other issues not previously discussed that you are referring to? -jhf-
