Information Technology Reference
In-Depth Information
6.2.1.2 Modifying Container Privileges
Earlier in this chapter, we discussed Oracle Solaris privileges, including the fact
that you can modify the set of privileges that a Container can have. If you change
the privileges that a Container can have, you must reboot the Container before
the changes will take effect. The following example depicts the steps to add the
sys_time privilege to an existing Container.
GZ# zonecfg -z web
zonecfg:web> set limitpriv=”default,sys_time”
zonecfg:web> exit
GZ# zoneadm -z web boot
6.2.1.3 Installing and Booting the Container
After you have configured the Container, you can install it, making it ready to run.
GZ# zoneadm -z myzone install
Preparing to install zone <myzone>.
Creating list of files to copy from the global zone.
Copying <7503> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1098> packages on the zone.
Initialized <1098> packages on zone.
Zone <myzone> is initialized.
The file </zones/roots/myzone/root/var/sadm/system/logs/install_log> contains a log of
the zone installation.
GZ# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- myzone installed /zones/roots/myzone native shared
During the installation process, zoneadm creates the directories required by
the Container. For directories that hold system packages, the appropriate files and
directories are either copied or loopback-mounted from the global zone, depending
on whether the Container uses the sparse-root or whole-root model. Directories
that contain system configuration information, such as /etc , are created in the
Container's file structure and populated with configuration files.
Containers boot much faster than virtual machines, mostly because there is
so little to do. The global zone sets up the security boundary and then creates a
zinit process that starts the Container's Services Management Facility (SMF)
and creates a few other processes. At that point, the Container is ready for use.
 
Search WWH ::




Custom Search