> I would like to have users on a zone, but we use pidentd to control some 
> network connections.
> It seems that pidentd doesn not work on zones as it can't open kmem.
> Is there any way to make it work ?

Essentially, no.

Opening /dev/kmem in the zone wouldn't be a good thing to do --
there's only one kernel, and that would break the security model.
Besides, everything visible via /dev/kmem is just an implementation
artifact; anything that depends on it hasn't been designed correctly
and may fail at any time as the internal kernel code evolves.

The right thing to do is to create a set of stable interfaces to get
PID lists for sockets.  We don't currently have such a thing in
Solaris, but it looks like this is something that other programs (such
as lsof) need.

James Carlson, Solaris Networking              <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive         71.232W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.496N   Fax +1 781 442 1677
zones-discuss mailing list

Reply via email to