Hi Brad, thanks for the response.

i suppose i am misunderstanding your code. you are actually checking the "non-global" dir name in the global space, *not* the global dir name itself. this tool cannot make this
example work without creating /local in the global zone.

    zonecfg:test> add fs
    zonecfg:test:fs> set dir=/local
    zonecfg:test:fs> set special=/opt/local
    zonecfg:test:fs> set type=lofs
    zonecfg:test:fs> add options [ro,nodevices]
    zonecfg:test:fs> end

here is zonemgr 1.8 in action:

# ./zonemgr -a add -n test -z "/zones" -t s \
   -P "changeme" -R /root \
   -r "/opt/local|/local"
Error: The "/local" directory does not exist in the global zone.
Use -h flag to see proper usage or -l flag to see the license.

/opt/local exists in the global zone. /local does not, and is not *supposed to*.


Hi Oz,

Thanks for your contribution!

The readwrite/readonly loopback mount (lofs) options are intended
to provide non-global access to a global filesystem, directory, file,
or device.  The proper usage is as follows:

  -w "<global_dir_name>|<non-global_dir_name>"
  -r "<global_dir_name>|<non-global_dir_name>"

The only reason that I clarified this usage is because your example
seemed to imply the reverse use.  e.g. "<non-globaldir>|<globaldir"

I added the check for the presence of the filesystem, directory,
file or device in the global zone to the Zone Manager because if I don't when zoneadm will fail with the an error. Here is an
example with the safeguard disabled:

In this example, I am attempting to readonly mount the global directory "/nodata" which does not exist in the global zone on
/fstest2 in the non-global zone fstest.

# zonemgr -a add -n fstest  -z /zones -P admin123 -r "/nodata|/fstest"
could not verify fs /fstest: could not access /nodata: No such file or
zoneadm: zone fstest failed to verify
Error: Zone installation failed, return value: 0

Note that the resulting state of the zone is configured.
# zonemgr -a list
  ID NAME             STATUS     PATH                           BRAND
   0 global           running    /                              native
   - fstest1          configured /zones/fstest2                 native

The zone can't be installed unless the configuration is changed to use a filesystem, directory, file or device that exists in the global zone.

Lastly, the documentation for this safeguard is the error message
that you see when you specify a filesystem, directory, file, or device
that does not exist in the global zone.

Best regards and thanks for using the Zone Manager!


On Thu, 2007-03-08 at 16:06 -0500, ozan s. yigit wrote:
zonemgr issue:

i happen to use mount points in my global zone that are different
than the mount points i want to see in a non-global zone; for example
my interactive login zone has a lofs /home that maps to global zone
(say) /zfs-home which is distinctly *different* than /home in
the global zone. [it has different home dirs]

zoneadm code has the most peculiar [mis]feature: it thinks it should
check the local directory spec in the global zone, for eg. -w "gdir|ldir"
for reasons at best muddy: to protect my sanity? to enforce a best-practice
policy: "hmm, thou shalt name all your mount points same for lofs in global
and non-global zones"

         globaldir=`echo ${rodirs[$i]} | cut -d"|" -f1`
          localdir=`echo ${rodirs[$i]} | cut -d"|" -f2`
          if [ -d "$localdir" ]
error_message "The \"$localdir\" directory does not exist in the global zone."

this check will succeed in this peculiar case (because i happen
to have /home) but fail when i want to do (say) -r "/zfs-shared|/shared"
because /shared does not exist in the global zone.

here is a suggestion: either give me enough rope, or document and skip
the unnecessary syntax. either let me do

        -w "/my/own/zfs/none/of/your/beeswax|/local"
        -w "/local"   # same global and non-global mt point

a minor glitch in an otherwise amazingly useful script.


zones-discuss mailing list

Reply via email to