[brandz-discuss] Solaris 8 Brand - migration assistant v1
Dan Price
dp at eng.sun.com
Wed Dec 5 15:36:40 PST 2007
On Wed 05 Dec 2007 at 05:43AM, Bernar Tallitsch wrote:
> I loaded Solaris 10 (8/07), ensured it had the 127111-03 patch, loaded
> the three required SUNW packages, created the Non-global zone using
> the solaris 8 template and succesfully installed the example Solaris 8
> flar and another baselined Solaris 8 flar. This is accordining the
> Sun documentation.
I assume you rebooted following the installation of the 127111-03 patch?
>
> The Solaris 8 branded zone works great for a root user; however,
> attempts to login/su to normal users and system users (daemon, etc...)
> fail due to the inability to execute. A truss indicates that
> functions such as chdir (su - user) or execve /bin/csh (su user) fail.
> I noticed the limitpriv resource did not have anything assigned so I
> assigned it the default. This did not alliviate the problem and a
> look at ppriv indicates no problem.
Interesting. You shouldn't need to set limitpriv (it will just default
to the default). Can you post any portion of the truss (or send it to
me privately)?
Is the filesystem inside the zone somehow set to be "nosuid" or
"nosetuid" (i.e. disallow setuid/setgid execution)? You could
check with the "mount" command in the global zone.
Are there any interesting crle(1) settings in the zone? (just
invoke /usr/bin/crle as root).
Feel free to follow up with me offline if you prefer.
-dp
--
Daniel Price - Solaris Kernel Engineering - dp at eng.sun.com - blogs.sun.com/dp
More information about the brandz-discuss
mailing list