1. Manuals
  2. Brands
  3. Sun Microsystems Manuals
  4. Software
  5. Security and Trust Services APIs 1.0
  6. Manual

Separate Name Services In Zones; Hosts Database; User Database (Passwd, Shadow, User_Attr); Services - Sun Microsystems SOLARIS 10 Manual

Container guide
Hide thumbs Also See for SOLARIS 10:
Table of Contents

Advertisement

Version 3.1-en
Solaris 10 Container Guide - 3.1 4. Best Practices
Effective: 30/11/2009

4.1.9. Separate name services in zones

[ug] Name services include among other things the hosts database and the userids (p as sw d ,
s ha dow ) and are configured with the file / e tc / ns sw i tc h. co n f, which exists separately in
each local zone. Name services are therefore defined in local zones independent of global zones. The
most important aspects thereto are covered in this section.
If one adopts the recommendation stated in this document that no applications should run in the
global zone, then the global zone also does not need to be integrated into NIS or LDAP. This further
limits access from the outside and reduces the dependency of the global zone from other computers
(name services server).

4.1.9.1. hosts database

[ug] Computers that should be addressable by name must be recorded here. No automatic copy of
/ et c/h os ts from the global zone takes place when the zone is installed (completely in the sense
that a separate OS environment exists in the local zone). It is of course a better alternative to use a
name service such as NIS, DNS or LDAP. In an automatic installation, this can be set up via a
sysidcfg file.

4.1.9.2. User database (passwd, shadow, user_attr)

[ug] User settings in local zones can be complemented by a name service as with a separate
computer. Care should be taken that user names can be dissimilar in different zones; in particular in
monitoring from the global zone (with ps) the names configured in the global zone are displayed. A
copy of files from the global zone is not recommended, a name service such as NIS or LDAP is more
suitable.

4.1.9.3. Services

[ug] The /e tc / s e r v i c e s or the corresponding name service must also be adjusted to the
applications running in the zone.

4.1.9.4. Projects

[ug] To locally run resource management using a Fair Share Scheduler, or extended accounting, in a
local zone, the corresponding name service database in /e tc /p r oj ec t or the corresponding
name service in the zone must be adjusted.
45

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SOLARIS 10 and is the answer not in the manual?

Subscribe to Our Youtube Channel

Related Manuals for Sun Microsystems SOLARIS 10

Related Products for Sun Microsystems SOLARIS 10

Table of Contents