Hi Mike,
Mike Gerdts wrote:
On Nov 15, 2007 4:04 AM, Zoram Thanga [EMAIL PROTECTED] wrote:
Hi All,
I'd like to automate system identification for a zone when it is freshly
installed. In most cases, I'd like to keep the same settings for domain
name, name service, security policy, etc., as in the global zone.
It sounds like simply copying in whole or part the relevant files from
the global zone and making the appropriate modifications to
$zonepath/root/etc/.sysid* (forget the exact file name) would be a
workable approach. This would have to be done from the global zone.
Yes, the program will only run in the global zone, and only once after
the new zone is installed.
However, I'm wondering if we can count on the presence of /etc/sysidcfg
on the global zone. Once a system has been initialized, we could safely
remove /etc/sysidcfg and there would be no problem, right?
I'm wondering if there are (C) library interfaces to determine which
name service is used in the global zone, so that I can make the
following entry in the zone's /etc/sysidcfg file:
To the best of my knowledge, such an API is not even available to
query in the same zone (e.g. global zone querying global zone). Such
an API that allowed cross-zone queries of this information would cross
isolation boundaries that have been held rather dear with zones.
No, I am not looking to cross zone boundaries here - just obtain all the
necessary information from the global zone and apply them to the freshly
installed NGZs. Of course, if the user wants to specify sysid settings
that are different from those of the global zone, she would be allowed
to do so. But if she just wants to re-use the same name service setting,
security policy setting, etc, then that's when I'd like to query the GZ
for those informations.
name_service=service{service specific parameters}
So, I'd like do something like:
name_service = get_name_service()
if (name_service is NIS) {
/* get domain name */
/* get yp master */
} else if (name_service is NIS+) {
/* get NIS+ details */
} else if (name_service is LDAP) {
/* get LDAP details */
} else if (name_service is DNS) {
/* get DNS details */
} ...
This approach, much like the one used by sysidconfig, is broken. What
happens when you use LDAP for everything except hosts and DNS for
hosts? If you are coming up with a new solution for setting up naming
services, please don't repeat this mistake.
Yes. I am aware of the complications, and no we're not trying to come up
with new naming service solutions :) I just want to know how to query
the settings when the user says use the same settings as in the GZ.
You may want to take a look at zonemgr. It will do quite a bit of
customization of a zone without interaction and may be just what you
are looking for.
I'll take a look. Can zonemgr query the settings if the user didn't
specify them?
Thanks,
Zoram
--
Zoram Thanga::Sun Cluster Development::http://blogs.sun.com/zoram
___
zones-discuss mailing list
zones-discuss@opensolaris.org
