As far as I know, there is no zones API for querying the global 
zone's configuration.

The Zone Manager project was created to help you simplify zone
creation and management.  This is a perfect example of how it
helps you out.  The way that I re-use the global config through 
the Zone Manager is to copy the relevant configuration files from 
the global zone into the non-global zone.  Here are a couple of

Create a zone using the global zone's nsswitch.conf and resolv.conf
# zonemgr -a add -n z1 -z /zones -P pw -I "|bge0|24|z1" \
  -C /etc/nsswitch.conf -C /etc/resolv.conf

Or alternatively, if you prefer to just use one of the standard nss
templates, the following works as well.

# zonemgr -a add -n z1 -z /zones -P pw -I "|bge0|24|z1" \
  -C "/etc/nsswitch.dns|/etc/nsswitch.conf" -C /etc/resolv.conf

Hope that helps!


On Thu, 2007-11-15 at 18:58 +0530, Zoram Thanga wrote:
> Hi Mike,
> Mike Gerdts wrote:
> > On Nov 15, 2007 4:04 AM, Zoram Thanga <[EMAIL PROTECTED]> wrote:
> >> Hi All,
> >>
> >> I'd like to automate system identification for a zone when it is freshly
> >> installed. In most cases, I'd like to keep the same settings for domain
> >> name, name service, security policy, etc., as in the global zone.
> > 
> > It sounds like simply copying in whole or part the relevant files from
> > the global zone and making the appropriate modifications to
> > $zonepath/root/etc/.sysid* (forget the exact file name) would be a
> > workable approach.  This would have to be done from the global zone.
> Yes, the program will only run in the global zone, and only once after 
> the new zone is installed.
> However, I'm wondering if we can count on the presence of /etc/sysidcfg 
> on the global zone. Once a system has been initialized, we could safely 
> remove /etc/sysidcfg and there would be no problem, right?
> > 
> >> I'm wondering if there are (C) library interfaces to determine which
> >> name service is used in the global zone, so that I can make the
> >> following entry in the zone's /etc/sysidcfg file:
> > 
> > To the best of my knowledge, such an API is not even available to
> > query in the same zone (e.g. global zone querying global zone).  Such
> > an API that allowed cross-zone queries of this information would cross
> > isolation boundaries that have been held rather dear with zones.
> No, I am not looking to cross zone boundaries here - just obtain all the 
> necessary information from the global zone and apply them to the freshly 
> installed NGZs. Of course, if the user wants to specify sysid settings 
> that are different from those of the global zone, she would be allowed 
> to do so. But if she just wants to re-use the same name service setting, 
> security policy setting, etc, then that's when I'd like to query the GZ 
> for those informations.
> > 
> >> name_service=<service>{<service specific parameters>}
> >>
> >> So, I'd like do something like:
> >>
> >> name_service = get_name_service()
> >>
> >> if (name_service is NIS) {
> >>      /* get domain name */
> >>      /* get yp master */
> >> } else if (name_service is NIS+) {
> >>      /* get NIS+ details */
> >> } else if (name_service is LDAP) {
> >>      /* get LDAP details */
> >> } else if (name_service is DNS) {
> >>      /* get DNS details */
> >> } ...
> > 
> > This approach, much like the one used by sysidconfig, is broken.  What
> > happens when you use LDAP for everything except hosts and DNS for
> > hosts?  If you are coming up with a new solution for setting up naming
> > services, please don't repeat this mistake.
> >
> Yes. I am aware of the complications, and no we're not trying to come up 
> with new naming service solutions :) I just want to know how to query 
> the settings when the user says "use the same settings as in the GZ".
> > You may want to take a look at zonemgr. It will do quite a bit of
> > customization of a zone without interaction and may be just what you
> > are looking for.
> > 
> I'll take a look. Can zonemgr query the settings if the user didn't 
> specify them?
> Thanks,
> Zoram

The Zone Manager

zones-discuss mailing list

Reply via email to