So when sharing one hostname in the global zone, every local zone needs to have the same hostname? And that hostname is the name of the all-zones interface?
What if I want a unique IP address per local zone, does that require not having any interface marked as 'all-zones'? On May 18, 2007, at 1:06 PM, Jan Parcel wrote: > The hostname for the local zone must be the same as the all-zones > address, > really there's no such thing as an address "in the global zone" for > all-zones, it's really in all zones. > > The additional address in the local zone must be *additional* it > cannot > be the hostname. > > >> Date: Fri, 18 May 2007 09:19:25 +0100 >> From: Darren J Moffat <Darren.Moffat at sun.com> >> Subject: Re: [security-discuss] BSM Bug? >> To: Robert Bailey <robert.bailey at mac.com> >> Cc: security-discuss at opensolaris.org >> Delivered-to: security-discuss at opensolaris.org >> X-Original-To: security-discuss at opensolaris.org >> List-Unsubscribe: > <http://mail.opensolaris.org/mailman/listinfo/security-discuss>, > <mailto:security-discuss-request at opensolaris.org?subject=unsubscribe> >> List-Id: OpenSolaris Security Discussions <security- >> discuss.opensolaris.org> >> >> Robert Bailey wrote: >>> I was wondering if anyone has run into this. I have two TX systems, >>> each with the same BSM configuration, that has zonename enabled. >>> On one TX system I have my local zones configured to run without IP >>> addreses. In the global, there is one IP for all-zones, one >>> without the >>> all-zones tag. This system can report via BSM, on all transactions >>> within a local zone. >>> >>> The second system, has the same BSM configuration, but for the >>> local >>> zone configuration there is an IP on the local zone, the global >>> has one >>> with an all-zones. This system does not report any audit trail >>> for the >>> local zone except for one entry for zoneadmd. >> >> Can you send the output of `auditconfig -lspolicy` for both machines. >> Also ifconfig -a from the global zone for both machines. >> >> If I understand correctly you have: `auditconfig -setpolicy >> +zonename` >> for both but have only a global zone audit log configured ? >> >> >> >> -- >> Darren J Moffat >> _______________________________________________ >> security-discuss mailing list >> security-discuss at opensolaris.org >
