Brad Diggs wrote: > Hello Vic, > > You have a few options. You can use secure by default to > disable most services and then as a post-zone creation > process, run a custom script that enables the services > that you want enabled through svcadm. > > Or, you could through jass define a custom set of services > that you want disabled and enabled. > > Or you could create a custom smf template that sets the > service end states that you desire. > > All three of these options plus one more are available as > through the -s option in the Zone Manager script. Feel free > to download this bash shell script and re-use the methods > employed in your own script. The purpose of the Zone Manager > project is to greatly simplify zone creation and management. > And I highly encourage you to re-use whatever you like from > it.
This is one of the really neat features of SMF. svccfg extract > <your SMF profile> #on the origin system/zone with customized SMF profile cp <your SMF profile> /var/svc/profile/generic.xml #on the target system/zone prior to first boot and you have a customized service definition, a la SBD, applied at first boot, so your are never more vulnerable than you want to be. Works for any zone. Steffen > > Hope that helps! > > Brad > > On Fri, 2007-11-16 at 10:25 -0800, Vic Engle wrote: > >>I have a perl script that I use to create many zones automatically. It >>creates a template and sysidcfg file for the zone and creates and starts up >>the zone. There are services which are disabled by default and I would like >>to have my script configure those services to be enabled when the zone boots >>for the first time. >> >>Can I set the services to be enabled simply by editing the service manifest >>XML files before booting the zone? Is there a better way to do this? >> >>Thanks, >>Vic >> >> >>This message posted from opensolaris.org >>_______________________________________________ >>zones-discuss mailing list >>email@example.com _______________________________________________ zones-discuss mailing list firstname.lastname@example.org