>Oh, hm, but I can - punt on having a passwd file in the local zones at all,
>and instead handle passwd/shadow lookups via a door call to the global
>zone. This could be handled by an NSS backend used in place of the usual
>files backend, and could use either a dedicated server that looks only in
>/etc/passwd, or just call the global zone nscd.
>
>-- Jeff
Unless nscd-per-zone is configured via txzonemgr,
there is one nscd running in the global zone and the
labeled zones use a door to call to it.
>From "man nscd" on s10u6:
The shadow file is specifically not cached.
getspnam(3C) calls remain uncached as a result.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Jan Parcel, Sustaining, Trusted OE
Internal Trusted Support Pages: http://trusted.sfbay
