[OpenIndiana-discuss] Zone Privileges for a Normal User
deniz.rende at gmail.com
Mon Nov 7 01:20:23 UTC 2011
The link provided below is a very good source
but it still does not answer my question why even though I set
specifically user to manage in the regarding file:
the user is unable to zonecfg zdve2.
So I am wondering if this entry:
has some problems in openindiana or does this only apply to Solaris 11?
On Fri, Nov 4, 2011 at 6:21 PM, Deniz Rende <deniz.rende at gmail.com> wrote:
> I am using openindiana 151a server edition in VirtualBox.
> root at oi151a:~# uname -a
> SunOS oi151a 5.11 oi_151a i86pc i386 i86pc Solaris
> I have the following zones in the system:
> root at oi151a:~# zoneadm list -civ
> ID NAME STATUS PATH BRAND
> 0 global running / ipkg
> 1 zdev running /zones/zdev ipkg
> 2 zdev2 running /zones/zdev2 ipkg
> I have a user called macuser1 with the following auths and profiles:
> macuser1 at oi151a:~$ auths
> macuser1 at oi151a:~$ profiles
> Zone Management
> ZFS File System Management
> Basic Solaris User
> What I am trying to do is to dedicate the zdev2 zone to the macuser1 but
> also let this user to manage it.
> I got the first part successfully:
> macuser1 at oi151a:~$ pfexec zlogin zdev2
> [Connected to zone 'zdev2' pts/3]
> Last login: Fri Nov 4 17:22:49 on pts/3
> OpenIndiana (powered by illumos) SunOS 5.11 oi_151a September 2011
> root at zdev2:~#
> and as intended the user is not able to login to zdev zone:
> macuser1 at oi151a:~$ pfexec zlogin zdev
> zlogin: macuser1 is not authorized to login to zdev zone.
> which is good, but I can't get the user to configure it's own zone, ie:
> macuser1 at oi151a:~$ pfexec zonecfg -z zdev2
> WARNING: you do not have write access to this zone's configuration file;
> going into read-only mode.
> which is giving me read-only mode.
> How do I let this user to manage ( i,e use zonecfg ) zdev2 zone? I
> appreciate the feedback.
> Deniz Rende
> Deniz Rende
E-mail: deniz.rende at gmail.com
Phone: +1 (510) 213-UNIX (8649)
Mobile: +1 (816) 213-2139
More information about the OpenIndiana-discuss