I'm working on rfe 6613349 suid not allowed message could be better,
and one issue is that the current error message uses cmn_err()
(usr/src/uts/common/os/exec.c:613). I'm pretty sure this should use
zcmn_err(), since (to me at least) I would think the message should
(at least) go to the zone where the event occurred. I am wondering if
someone more familiar with zones can confirm this.
Assuming that it should go to the zone where the event was created, I
was also contemplating echoing the message to the global zone as well,
but including zone_t->zonename in the global zone. With the
philosophy of the global zone as an administrative area while the
actual 'work' of the machine goes in within zones, having the
information there (as well as in the zone itself) would seem useful as
well, however I don't know if it would violate any rules about
separation (I'm hoping someone can comment on this).
zones-discuss mailing list