[EMAIL PROTECTED] writes:
> I would like to have users on a zone, but we use pidentd to control some
> network connections.
> It seems that pidentd doesn not work on zones as it can't open kmem.
> Is there any way to make it work ?
Opening /dev/kmem in the zone wouldn't be a good thing to do --
there's only one kernel, and that would break the security model.
Besides, everything visible via /dev/kmem is just an implementation
artifact; anything that depends on it hasn't been designed correctly
and may fail at any time as the internal kernel code evolves.
The right thing to do is to create a set of stable interfaces to get
PID lists for sockets. We don't currently have such a thing in
Solaris, but it looks like this is something that other programs (such
as lsof) need.
James Carlson, Solaris Networking <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
zones-discuss mailing list