Also note that with Solaris zones, PAGs are shared across zones. If a
process is not in a PAG it uses the UID for the user, and thus if two
zones use the same UID, the processes can use the same tokens. This may
be a security issue in the way you use the zone.
Tom Keiser wrote:
On 12/3/06, Matthew Cocker <[EMAIL PROTECTED]> wrote:
Anyone running afs client in a solaris 10 container environment? I
have seen
some references that you can not run afs in the "child containers" but
you
have to run it from the "main container" (I may have the solaris terms
mixed). Is this correct?
Many people are running afs and containers in production. You need to
run afsd in the global zone. Use lofs mounts to import all or part of
the afs namespace into the child zones. Importing all of /afs into a
zone just requires the following zonecfg stanza:
add fs
set type=lofs
set dir=/afs
set special=/afs
end
Use set options as you like.
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
