Information Technology Reference
In-Depth Information
either as read-only or as read-write. This requires the use of a loopback mount,
as shown in the next example for yet another Container. The programs in non-
Solaris packages installed in such a file system would be available to the zone, but
package and patch tools used in the zone will not recognize those packages.
GZ#
zonecfg -z myufszone
zonecfg:myzone>
add fs
zonecfg:myzone:fs>
set dir=/shared
zonecfg:myzone:fs>
set special=/zones/shared/myzone
zonecfg:myzone:fs>
set type=lofs
zonecfg:myzone:fs>
end
zonecfg:myzone>
exit
In the preceding example, the
special
parameter specifies the global zone's
name for that directory. The
dir
parameter specifies the directory name in the
Container on which to mount the global zone's directory.
A brief diversion is warranted here. When managing Containers, you must keep
in mind the two different perspectives on all objects such as files, processes, and
users. In the most recent example, a process in the global zone would normally use
the path name
/zones/shared/myzone
to refer to that directory. A process in the
Container, however, must use the path
/shared
instead. While the Container is
running, a privileged user of the global zone can also use the path
/zones/roots/
myzone/root/shared
, as shown in Figure 6.3.
Figure 6.3
Loopback Mounts into a Container
Also, an entire file system can be configured into a Container so that only the
Container can access it. Processes in other Containers cannot use that file system,
Search WWH ::
Custom Search