/lib in my sparse zone is running and its inherit-pkg-dir due ti which its readonly is it possible to make it writable if yes how ?
Please test this on an experimental zone first.
It looks like you run:
# zonecfg myzone
and then type in:
zonecfg:myzone> remove inherit-pkg-dir
zonecfg:myzone:inherit-pkg-dir> set dir=/lib
zonecfg:myzone:inherit-pkg-dir> end
zonecfg:myzone>
Then confiorm what you have asked for:
zonecfg:myzone> info
Then do:
zonecfg:myzone> verify
zonecfg:myzone> commit
zonecfg:myzone> exit
Whether this has to be set during the zone creation stage rather than afterwards, I do not know, I imagine it has to be during the zone creation stage!
Please see:
Solaris Zone Management
and:
Create Sparse Root Solaris Zone
Hi,
FYI, that restriction in zone project that inherited package directory is read only was "NOT" accomplished in vain. it violates secirity model.
Anyway, the solution for your situation can be done as in procedure below. Hope it'll help u.
Good Luck.
How can we have a read/write directory inside a IPD (Inherited Package Directory) or a readonly mount inside a zone
Often we need to have read/write directories inside the IPDs so that we can install packages in a specific sparse root zone. Consider a package which installs its binaries in /usr/local. Since /usr is readonly inside a sparse root zone /usr/local will also be readonly. But we can have a subdirectory of IPD which is writable, following the steps documented below:
No need for this step if you have a free slice
# mkfile 100m /space/zones/local
# lofiadm -a /space/zones/local
/dev/lofi/2
Configure zone for adding a writable filesystem inside an IPD:
# zonecfg -z zone2
zonecfg:zone2> add fs
zonecfg:zone2:fs> set dir=/usr/local
zonecfg:zone2:fs> set special=/dev/lofi/2
zonecfg:zone2:fs> set raw=/dev/rlofi/2
zonecfg:zone2:fs> set type=ufs
zonecfg:zone2:fs> end
zonecfg:zone2> commit
zonecfg:zone2> info
zonename: zone2
zonepath: /space/zones/zone2
autoboot: false
bootargs:
pool:
limitpriv:
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
fs:
dir: /usr/local
special: /dev/lofi/2
raw: /dev/rlofi/2
type: ufs
options: []
zonecfg:zone2> exit
You need to create a /usr/local since zone utilities wont be able to create it inside the IPD as it is readonly:
# mkdir /usr/local/
# newfs /dev/lofi/2
newfs: construct a new file system /dev/rlofi/2: (y/n)? y
/dev/rlofi/2: 204600 sectors in 341 cylinders of 1 tracks, 600 sectors
99.9MB in 22 cyl groups (16 c/g, 4.69MB/g, 2240 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 9632, 19232, 28832, 38432, 48032, 57632, 67232, 76832, 86432,
115232, 124832, 134432, 144032, 153632, 163232, 172832, 182432, 192032, 201632
Now Install the zone:
# zoneadm -z zone2 install
Preparing to install zone <zone2>.
Checking <ufs> file system on device </dev/rlofi/2> to be mounted at </space/zones/zone2/root>
Creating list of files to copy from the global zone.
Copying <2066> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <977> packages on the zone.
Initialized <977> packages on zone.
Zone <zone2> is initialized.
The file </space/zones/zone2/root/var/sadm/system/logs/install_log> contains a log of the zone installation.
Checking whether the /usr/local inside is writable:
# zoneadm -z zone2 boot
# zlogin zone2
[Connected to zone 'zone2' pts/3]
Sun Microsystems Inc. SunOS 5.11 snv_46 October 2007
# cd /usr
# touch a
touch: a cannot create
# cd local
# touch a
# ls
a lost+found
Customize your zone specific package so that it gets installed in /usr/local