Le 19 févr. 09 à 14:02, James Carlson a écrit :
Nicolas Dorfsman writes:Le 19 févr. 09 à 09:13, david.co...@sun.com a écrit :What is best practice here?Do not run {x}ntpd in the zones.Actually there is a use-case for doing so - given that it's anetwork-facing appliction, one might want to run xntpd in a non- globalzone for isolation reasons.To expound on that a bit: non-global zones can have access to networks that the global zone cannot talk to. In these cases, it's possible for NTP to be configured to serve out time even if it can't manage the time on the system. The "disable pll" option in ntp.conf would be used to set up such a server.
Idea is to have one particular non-globale zone setting the time for the whole machine.
+1 It would be a great idea to have a easy solution to give these privileges to a zone._______________________________________________See zonecfg(1M) ... that specific case is in the examples for the "limitpriv" attribute.
I'll do. I've said "easy". ;-)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org
