> I've done some work on pidentd prior to the new IP instances code using the
> ability to intercept calls for all zones in the global zone with the
> SO_ALLZONES socket option (which may not work anymore after the IP 
> instances putback)


Not sure about the socket option (should still work ... ?), but IP
Instances did nuke the symbols that pidentd was reading out of the
kernel, so that utility is now broken.

> In that scenario, there's one pidentd which runs in the global zone and it
> gets all identd calls for all zones which do not have exclusive IP 
> instances; it is then able to resolve all identd queries but using 
> nameservices relative to the global zone.

I'd sort of like to know how it does that reliably ... does it fork
and enter the zone?

In any event, I think that getting something other than /dev/kmem for
these sorts of applications (pidentd isn't the only one; there's also
lsof and probably ntop as well) would be a _very_ nice thing to have.

James Carlson, Solaris Networking              <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive         71.232W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.496N   Fax +1 781 442 1677
zones-discuss mailing list

Reply via email to