I think we already have this as a potentially serious problem for
non-global zones that are NFS clients of the global zone, don't we?
Making it work "right" would involve either resolving the underlying
deadlock or somehow identifying those self-mounts and doing a lofs
mount from the global zone instead.

That's true although whether or not such a deadlock takes place today
is defined by how the global zone administrator sets up their system.
The "capability" to create the deadlock is in the hands of the global

If non-global zones are allowed to share parts of their file system,
there is a denial of service that can take place if another non-global
zone ends up mounting that file system, putting the whole system at

That's not to say that I'm happy with the current situation - we should
resolve the deadlock or as you suggest, translate those NFS mounts into
an appropriate lofs mount.

zones-discuss mailing list

Reply via email to