On Mon, Jul 06, 2009 at 10:17:39PM +0200, Casper.Dik at Sun.COM wrote: > > > >hey casper, > > > >fyi, this is not how zones works. zones starts with the empty set and > >then adds privs. please see the brand config.xml files for where this > >is defined. you'll need to upate these files with these new privileges. > >(and feel free to file an RFE against zones to start with the basic set > >and then add or remove privs as necessary.) > > > I looked through the code and it appears that the code tries to always > adds "basic" to the 'default' set. > > It appears, then, that adding stuff the "basic" will just work except > when you configure a zone without specifying "default" for limitpriv. >
oops. your right. i was confusing this with the need to update these config files with new non-basic privs that are required for correct system operation. sorry for the noise, ed
