On 7/31/06, Glenn Faden <[EMAIL PROTECTED]> wrote:
Paul Kraus wrote:


>         If the home directories are auto-mounted, then work just like
> on a non-zoned system. NFS from remote servers is mounted via NFS, if
> the global zone is the home directory server, then the NFS mount is
> supposed to be converted into an LOFS mount (just as any auto-mount of
> a server by itself is). I haven't tried this yet, as none of our zoned
> systems are NFS server (yet), but home directory mounts from remote
> servers into non-global zones works just fine.

There is no way for the non-global zone automounter to convert these
automounts from NFS to LOFS. Firstly, there is no API for the non-global
zone to determine that the NFS server is, in fact, the global zone
sharing the same kernel. Secondly, even if it could make this
determination, there is no way for the the NFS semantics to be turned
into equivalent LOFS semantics because the exported pathname is outside
of the non-global zone's root directory.

I lied above. We had tried this and it did work, but not as I had
thought. As part of testing LDAP authentication we have a couple
non-global zones setup on the machine that also happens to be our home
directory NFS server.

One NG zone is a whole root zone running the JES LDAP server.

The second NG zone is a sparse zone acting as an LDAP client for authentication.

The password, shadow, group, and auto_home tables are served via LDAP.

When I log into the second NG zone I get my home directory from the global zone.

Since  the non-global zone automounter is unaware and unable to do
anything else, it will simply do an NFS mount. The problem is that CR
5065254 (NFS/UFS deadlock when system is both NFS server and client) is
likely to cause a deadlock.

Taking a closer look, it appears that the mount is, in fact, an NFS
mount from the global to the NG zone.

[EMAIL PROTECTED]:/home/pkraus> df -F lofs
/dev               (/dev              ):13661412 blocks  1068602 files
/lib               (/lib              ): 2881356 blocks   483877 files
/platform          (/platform         ): 2881356 blocks   483877 files
/sbin              (/sbin             ): 2881356 blocks   483877 files
/usr               (/usr              ): 2881356 blocks   483877 files
[EMAIL PROTECTED]:/home/pkraus> df -F nfs
/home/pkraus       (farewelltr:/export/home/pkraus):33038948 blocks
2991056 files
[EMAIL PROTECTED]:/home/pkraus>

Where ldap is the name of the NG zone and farewelltr is the name of
the global zone.

So in summary, auto mounted home directories should work in a NG zone
as long as the home directory NFS server is NOT the global zone on the
same host...

--
Paul Kraus
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to