Re: [zones-discuss] How secure are zones? Hackers?
You can definitely have the global zone on one physical interface and the non-global zone facing the internet on another physical interface. With proper firewalls, RBAC setup, and lock down of your zone, you can have a very secure configuration. Take a look at JASS/SST toolkit and the CIS benchmark for Solaris on guidlines for securing your Solaris/OpenSolaris installs. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Virtualization Architect and Consultant Web: http://unixconsole.blogspot.com E-Mail: unixcons...@yahoo.com *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* - Original Message From: Orvar Korvar knatte_fnatte_tja...@yahoo.com To: zones-discuss@opensolaris.org Sent: Tue, November 30, 2010 7:48:31 AM Subject: [zones-discuss] How secure are zones? Hackers? I am thinking if it is safer to reach the outside world internet, via a Zone. Will this add additional security, with respect to the global zone? I think this is an interesting question? -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Sparse zones in S11?
FYI, sparse zones are dead in S11. This is due to the fact that S11 uses IPS and that removes the old SYSV packages and patching mechanisms. I agree that sparse zones should still be around using IPS somehow, but it's not in the cards. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Virtualization Architect and Consultant Web: http://unixconsole.blogspot.com E-Mail: unixcons...@yahoo.com *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* - Original Message From: Orvar Korvar knatte_fnatte_tja...@yahoo.com To: zones-discuss@opensolaris.org Sent: Thu, November 4, 2010 5:36:34 AM Subject: [zones-discuss] Sparse zones in S11? I hope the sparse zones will be improved in S11? Like, patch only the global zone, etc. Is there work done on sparse zones in S11? -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris 8/9 branded zones on Nevada and/or x86
Speaking from experience, there are some big deployments of Solaris 9 on x86 out there in the e-commerce and telco industries. But many have moved onto Solaris 10 thankfully. So I can understand the thinking here. But I'm sure there may be some good business cases where S8/9 branded zones on x86 would be desirable. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Virtualization Architect and Consultant Web: http://unixconsole.blogspot.com E-Mail: unixcons...@yahoo.com *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* - Original Message From: Jeff Victor jeff.j.vic...@gmail.com To: Rainer Orth r...@techfak.uni-bielefeld.de Cc: zones-discuss@opensolaris.org Sent: Friday, October 2, 2009 8:54:27 PM Subject: Re: [zones-discuss] Solaris 8/9 branded zones on Nevada and/or x86 On Fri, Oct 2, 2009 at 5:59 AM, Rainer Orth r...@techfak.uni-bielefeld.de wrote: As far as I've been able to find out so far, Solaris 8 and 9 branded zones are available and supported on Solaris 10 only right now, and only for SPARC. Are there any plans to provide them for x86 and Nevada, too? There wasn't much Solaris 8 or Solaris 9 deployed on x86, so, to the best of my knowledge, there will not be a Solaris 8 Containers or Solaris 9 Containers for x86. As for Nevada - do you also mean x86? There are two reasons I'm asking: I'd like to test current versions of GCC on older Solaris releases without having to run on bare metal. Of course I could use VirtualBox or xVM on x86, but the performance won't be too good (I tested a GCC bootstrap on xVM dom0 quite some time ago and it took about twice as long as on bare metal). And on SPARC, I don't have a spare Ldom available to run Solaris 10, but would rather use a zone on a V880 running Nevada. Especially given the fact that Sun wants to get Solaris 10 users on bare metal to Nevada (Solaris 11, whatever) quickly by providing Solaris 10 branded zones, it would only make sense to provide S8/S9 branded zones on S11 as well. I follow your logic. It is very important to distinguish between the bi-weekly builds of OpenSolaris, the supported releases of the OpenSolaris distro, and the-next-version-of-Solaris-after-10. They are different entities, and the abilities to run S8C or S9C on each of those are very different things. S8C and S9C are (non-open-source) products that Sun (as opposed to other distributors of OpenSolaris distros) makes available. I don't think that this is an appropriate place for discussion of Sun's product futures. But I have been wrong about such things before... --JeffV ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Moving zones between different sparc architecture
Hi, This should work fine for zones, but I would recommend installing a full oem build on the global zone to be sure. However, with LDoms it's a little harder as the platform differences matter between T1, T2, and T2+ matters. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Virtualization Architect and Consultant Web: http://unixconsole.blogspot.com E-Mail: unixcons...@yahoo.com *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* - Original Message From: Ben Rockwood b...@cuddletech.com To: pol.barthel...@sun.com pol.barthel...@sun.com Cc: zones-discuss@opensolaris.org Sent: Thursday, February 5, 2009 3:45:00 PM Subject: Re: [zones-discuss] Moving zones between different sparc architecture pol.barthel...@sun.com wrote: Hello, It is supported to move zones from a sun4u to a sun4v or vice-versa ? I'm not certain if its supported, but it does work. benr. ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] LDoms
Hi, Take a look at the LDoms community page: http://opensolaris.org/os/community/ldoms/ Take a look at the An Introduction to Logical Domains part 1-3 and the Sun BluePrints doc on LDoms. That should give you a good foundation. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* - Original Message From: Sanjay Akula [EMAIL PROTECTED] To: zones-discuss@opensolaris.org Sent: Wednesday, April 16, 2008 4:57:15 PM Subject: [zones-discuss] LDoms Can any one tell me how LDoms works? Does this is an independent OS on each zones or it is dependent on Global zone? I'm new to LDoms. -- Regards, SysAdmin Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Any plans for a Vmotion-like Zone migration tool?
Hi, LDOM's should work with this type of migration since each guest domain has its own virtual memory map, kernel, etc. It'll be a matter of insuring that the destination machine has the available resources to migrate to. Of course, this would still require some mechanism to do the migration (coordinating memory mapping, storage, TCP/IP stack, etc.). So it's still not an easy thing, but I'm sure it could be done. Zones on the other hand are tied closely to the kernel running in the global zone. So it probably won't be possible to do without some method of migrating the processes, kernel space, reassigning PID's, etc. And then you have the issue of keeping all of your machines in sync (OS version, patches, etc.). So there is some additional overhead and management requirements. It would be great to see this possible with the above solutions. But I'll leave it to the experts to make it happen:) Octave --- Mike Gerdts [EMAIL PROTECTED] wrote: On 3/20/07, Nils Nieuwejaar [EMAIL PROTECTED] wrote: When migrating a zone, you would have to find some way to extricate the kernel state for just that some subset of a system's processes, devices, network connections, etc. - then insert that state into the middle of a kernel already running on another machine. To put it mildly, that would be hard. OpenVZ (similar to zones, from my understanding) can do this on Linux. http://wiki.openvz.org/Checkpointing_and_live_migration http://openvz.org/news/announcements/openvz-sparc-20070102 If you want live migration on Solaris, and you are using x86/x64 machines, then you should be looking at Xen. http://www.opensolaris.org/os/community/xen Does running on sun4v LDOMs help provide a path to this? To someone that hasn't really looked at how LDOMs get their initial state, it seems as though this would be quite doable. Mike -- Mike Gerdts http://mgerdts.blogspot.com/ ___ zones-discuss mailing list zones-discuss@opensolaris.org *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Food fight? Enjoy some healthy debate in the Yahoo! Answers Food Drink QA. http://answers.yahoo.com/dir/?link=listsid=396545367 ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] Re: [nfs-discuss] Re: [sysadmin-discuss] NFS server in zones
Hi, Read below.. --- Calum Mackay [EMAIL PROTECTED] wrote: hi Octave, thanks much for the comments. However, I think there's a need to take a few steps back... The requirements you list are things that seems to me to be: once we have decided that we want an NFS server in a zone, these are important things that should be true of the delivered product. But I'm not yet seeing clear reasons for *why* we want an NFS server in a zone. I'm certainly not saying that we don't want this, I just want to fully understand the need for it. There are many reasons that people would want this. To list a few: 1. Consolidate different NFS sharing environments that have to be seperate. 2. Provide SA's with their own test jumpstart environment without wasting a server per SA. This has come up as a project at two different employers of mine. 3. Consolidate developer environments onto one system. Each zone may be for different departments that need to NFS share their products. 4. Consolidate NFS home directories and keep them separate per line of business. I think you can see a pattern here. People want to consolidate environments that normally require separate servers. There are many applications of NFS and to require all NFS to be managed from the global zone is backward. It prevents owners of a Zone from being able to manage their own services. It's totally reasonable to keep management of cpu, memory, networking, storage, etc up at the global zone level. But it does not make sense for basic services, like NFS. scrap projects. Probably the most common idea for having a zone NFS server is for Jumpstart or home directories. As things stand today, it's not doable. Right, but these things are easily done (of course) using a server in the global zone: what advantages do we gain by putting the server in a local zone? Simple, NFS is a basic UNIX service. If you want to provide zones to different groups within your business that have their own SA's, it's a roadblock for projects. An SA who manages a zone has to contact the global zone SA to make simple NFS changes. For a services based data center this is a waste of time. It's understandable to require owners of zones to request more cpu, memory, storage, etc. These are things that need to be charged back for ROI. NFS is a basic service and should be manageable from a zone. It's like requiring SSH access to be controlled from the global zone. I think the key requirements would be: 1. Full NFS server functionality within a zone. So things like share, /etc/dfs/dfstab, sharemgr, ZFS sharing, etc. should work in the same manner as they do in the global zone. Yes, this would definitely be a delivery requirement for this project, but it doesn't sound like a justification for it. 2. Security. Separation of NFS namespace to insure proper security between zones. I'm not sure I quite understand this. Would you please expand? Meaning that if a zone is compromised, the other NFS shares across the machine should not be accessible or manageable. 3. Performance. NFS serving out of a zone should not be slower or less scalable than NFS serving from the global zone. Indeed, this would be an important delivery requirement, of course. thanks again for your comments. cheers, calum. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Need Mail bonding? Go to the Yahoo! Mail QA for great tips from Yahoo! Answers users. http://answers.yahoo.com/dir/?link=listsid=396546091 ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] Re: [nfs-discuss] Re: [sysadmin-discuss] NFS server in zones
Hi, --- [EMAIL PROTECTED] wrote: 1) I think there are a variety of use cases that may have disjoint requirements from consolidation, and I want to hear about them, too. One example we had awhile back - SAS shares some of its data via NFS, and loses this ability in a zone. Do they need anything different? 2) Since NFS is mostly an in-kernel service, unlike something like Apache, if you have some kind of issue with NFS stability, you lose the whole box, not just the zone. This lack of fault isolation isn't always something that people are aware of. Does this change anything for your use case? This is a great point and shows that there has to be some reorg of the NFS framework. I don't know if that means we need a pseudo instance of the kernel modules for each zone. Or if we have to break it up into components that should be unique to each zone and ones that should be common. 2) Due to the above, it seems like the global zone admin should have a knob to turn to enable or disable the ability of a zone to share out files via NFS. Do people agree? I agree there is should be knob. Perhaps something in zonecfg like: add service set type=nfs end That would enable the zone to be an nfs server. What do you think? 2.5) Is this related to whether the global zone can share a resource? 3) I know we've talked about a zone not being able to share stuff outside of its namespace, but I wonder if we should further restrict this to sharing storage that's fully administered in the zone, e.g. you can't share a filesystem you got via lofs, but you can share from a /dev/dsk/cxtxdx or a zpool that had been fully delegated to you. Opinions? This might be useful for higher levels of security. Not sure how we would go about that, but it's definitely an interesting idea that I'm sure some gov. agency would love:) 4) A bug currently prevents a client instance and a server instance from being safe to use on the same box (apologies, can't quote the bugid from here). How likely, in your use case, is it that this will be a problem, i.e. will your boxes be in the position where a zone needs data shared from another zone as opposed to a separate server? I can definitely see situations where one zone is a server for another zone. One wacky idea would be a N1GE master zone sharing it's grid shares to execution nodes that could be anywhere on the network or even on the same box! Rob T ___ nfs-discuss mailing list [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Re: [nfs-discuss] Re: [sysadmin-discuss] NFS server in zones
Hi Robert, Excellent point! I think this is a good example of why the same physical path can't be shared from a zone and the global zone at the same time. Perhaps excluding any zonepaths from being shared at the global zone is desirable if the nfs switch for that zone is turned on? Octave --- Robert Gordon [EMAIL PROTECTED] wrote: On Feb 14, 2007, at 3:17 PM, Edward Pilatowicz wrote: On Wed, Feb 14, 2007 at 08:26:48PM +0100, Menno Lageman wrote: Robert Gordon wrote: So could we all agree that: An NFS Server in a zone means that the namespace it exports is restricted to that zone only. By that i mean no global zone access to that namespace, nor would that namespace be re-exported within another NFS Server zone instance ? I have some trouble parsing that, but my perception of the desired behaviour is: - a zone can only export resources that are within that zone (i.e. everything below it's zonepath), - a resource exported from a zone, may not at the same time be exported from the global zone; i.e. if zone a exports /export/foo then /zones/a/root/export/foo may not be exported by the global zone) - zone A and zone B may both export their own /export/foo since those are two distinct resources. this all makes logical sense to me. i would refine your second point though because it doesn't take into account lofs mounts. ex, if i have /export/foo in the global zone and then in zonecfg i configure a filesystem resource such that this directory is also lofs mounted in the zone at /export/foo, then who should be able to export the filesystem? it seems to me that both the local zone and the global zone should be able to export it (or not export it) independantly. ed There maybe a conflicting security requirement here. Lets say I'm SA of the zone and i have exported /export/foo with krb5i (since my foo really needs tight security :) ) to a limited set of clients. Then along comes Mr Global SA and exports it with auth_sys to any old nfs client.. seems like that might be an issue ? Robert. ___ zones-discuss mailing list zones-discuss@opensolaris.org *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* The fish are biting. Get more visitors on your site using Yahoo! Search Marketing. http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] Re: [sysadmin-discuss] NFS server in zones
Hi, This has been a major complaint for many sysadmins and beta testers. I know one of my first bugs filed against the betas of Solaris 10 was the lack of NFS server functionality within zones. I've even been in the situation at work where this has been a requirement, only to have to scrap projects. Probably the most common idea for having a zone NFS server is for Jumpstart or home directories. As things stand today, it's not doable. I've even escalated this thru different channels over the past few years only to see it go no where. I'm sure there is a lot of demand for this feature for zones. I think the key requirements would be: 1. Full NFS server functionality within a zone. So things like share, /etc/dfs/dfstab, sharemgr, ZFS sharing, etc. should work in the same manner as they do in the global zone. 2. Security. Separation of NFS namespace to insure proper security between zones. This may be achieved by making the kernel NFS framework aware of the zoneid context. 3. Performance. NFS serving out of a zone should not be slower or less scalable than NFS serving from the global zone. Starting a project would be nice. But I think there should be close involvement with the NFS engineers at Sun. As for getting their attention and funding, the best we can do is show enough community interest for NFS within zones. So I'd ask all sysadmins, developers, etc. to respond to this thread to show support for fixing this. --- Tom Haynes [EMAIL PROTECTED] wrote: Before I propose a project for NFS to start getting NFS servers working in zones, I'd like to find out the requirements. I've been going over internal mail threads in the NFS group and the two things that seem to stand in the way to getting NFS completely in zones are: 1) Staffing - this is not on our roadmaps. 2) Lack of requirements - we don't know what people want. I look at the first hurdle and see a golden opportunity for a real OpenSolaris project - since internal developers aren't scheduled to do this work, we can get external developers involved from the start of the project. Of course, the second hurdle really stops us from kicking off the project. I'll start the ball rolling by kicking in some thoughts that Spencer Shepler provided when I asked him about getting this project started: One of the things we have been struggling with in deciding if and how to fund a zonification of the NFS server is understanding exactly what people need/want. One simple requirement seems to be that of server consolidation. That can be handled generally with IP address/interface aliasing. But there are obviously other reasons as well that someone may want a zoneification of the NFS server. Are people trying to delegation administration? Configure a system for testing or software deployment testing or... So my suggestion would be to start a thead of discussion about what the requirements are that lead people to thinking of NFS server in a zone. The point of this exercise is to understand if that is the only or most appropriate answer? For example, we may be able to combine the admin delegation stuff that has been talked about for ZFS to things like the shareadm command and to the nfsd daemon. Is it more effective, easier, to build a delegation of administration of the NFS services than to require someone to create zones and hand over all of the administration for those zones. Maybe it is better to have things in the zone since there would be IP-identity confusion for a strict delegation method. We should define the requirements as a community and then get the project started in that community. ___ sysadmin-discuss mailing list [EMAIL PROTECTED] http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] Re: [sysadmin-discuss] NFS server in zones
Hi Tom, Thanks for the input. I agree that it'll take a lot of involvement from the community to deliver the code. But I also think there some should a lot of collaboration with the NFS engineers to insure we don't break stuff:) I'm all for a project to be launched from the NFS or Zones community for this. I'd even be willing to help out, just have to keep in mind my programming is a little rusty:) Octave --- Tom Haynes [EMAIL PROTECTED] wrote: Octave Orgeron wrote: Hi, This has been a major complaint for many sysadmins and beta testers. I know one of my first bugs filed against the betas of Solaris 10 was the lack of NFS server functionality within zones. I've even been in the situation at work where this has been a requirement, only to have to scrap projects. Probably the most common idea for having a zone NFS server is for Jumpstart or home directories. As things stand today, it's not doable. I've even escalated this thru different channels over the past few years only to see it go no where. I'm sure there is a lot of demand for this feature for zones. I think the key requirements would be: 1. Full NFS server functionality within a zone. So things like share, /etc/dfs/dfstab, sharemgr, ZFS sharing, etc. should work in the same manner as they do in the global zone. 2. Security. Separation of NFS namespace to insure proper security between zones. This may be achieved by making the kernel NFS framework aware of the zoneid context. 3. Performance. NFS serving out of a zone should not be slower or less scalable than NFS serving from the global zone. Starting a project would be nice. But I think there should be close involvement with the NFS engineers at Sun. As for getting their attention and funding, the best we can do is show enough community interest for NFS within zones. So I'd ask all sysadmins, developers, etc. to respond to this thread to show support for fixing this. Octave, Thanks for the input on the requirements. I am a NFS engineer for Sun. I don't think we should count on getting attention and funding for Sun's NFS engineers to do this project. All of us are aware of the need, but are focused on delivering other products. I'm not saying they will not help out, I don't think you could stop them. Again, I think that this is a golden opportunity to start an OpenSolaris project in the clear and with full involvement from the community. I'm willing to provide project leadership and mentoring to external developers. I'm pretty sure that the other NFS engineers are willing to review requirements, specs, design, code, etc. But the bulk of that work will fall on the community to provide. I'm not looking to start a project which gets done entirely within Sun. Thanks, Tom *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Systems Engineer http://www.opensolaris.org/os/community/sysadmin/ http://unixconsole.blogspot.com [EMAIL PROTECTED] *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Don't get soaked. Take a quick peak at the forecast with the Yahoo! Search weather shortcut. http://tools.search.yahoo.com/shortcuts/#loc_weather ___ zones-discuss mailing list zones-discuss@opensolaris.org
