Sun Microsystems 10 - page 47

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009

4.1.6.6. Options for using ZFS i n local zones

[hes] Depending on the manner of configuration of ZFS in zones, there are different application

options for ZFS in zones.

ZFS operation in a

local zone

Allocation of an

individual ZFS

within a zone –

legacy mount

Adding of a ZFS

dataset to a zone

/ Creation of a

ZFS in the local

zone

Adding of a ZFS

volume dataset

to a zone

Using of a

ZFS

filesystem via

lofs

Table 4: [hes] Options for using ZFS in local zones

4.1.6.7. NFS and local zones

[ug] The use of zones does not change anything in the global zone with respect to NFS. A local zone

can mount file systems from NFS servers. The following restrictions must be observed:

itself since the NFS service runs in the kernel and cannot yet run in a local zone.

be used as an NFS server.

since the mount is possible, but loss of data can occur (bug 5065254)

volumes that have been created. It is not possible to create a device node inside of a local zone,

since this would represent a security hole. If a zone would be able to create any device node, then a

zone administrator could create a device node for a disk that is not assigned to the zone, and would

have finally read- or write-access to that data.

That is why the creation of device nodes within a local zone is forbidden by restricting privileges for

systemcalls inside a local zone. However, a volume manager needs these functions and can

therefore not operate within a local zone.

40