Tom Haynes wrote:
Elton wrote:
I have setup a small (5 machines) development/test network using
Solaris 10 11/06 (I know this is an OpenSolaris forum). I have an
LDAP server configured and running which also serves as the Home
Directory Server.
The problem I have encountered is when users access there machines
they can not read down and traverse their home directories. For
example, a user logs in and has access to 2 labeled zones FOO and
FOBAR. (FOBAR dominates FOO) So, the user is currently in the FOBAR
labeled zone but CAN NOT access there home directory using the
/zone/FOO/export/home path. You can access the directory but nothing
is there.
I have set-up the home directory per the install instruction with 1
exception. The installation instructions state, "For every labeled
zone, create a new dfstab file. Each zone shares the home directories
at the label of the zone.
a. Go to the zone’s /etc/dfs directory. # cd
/zone/zone-name/root/etc/dfs" I created the files as stated above but
the files cannot be share from non-global zones (according to the
error message I recieve) Also, I tried just rebooting the box and the
nfs/server service was disabled and would not start until I removed
the entries in each zone. Therefore, I added the entries the dfstab
in the global zone.
Now this is all on the LDAP server, is there anything I need to do to
the clients?
Any suggestions would be greatly appreciated.
Elton,
Are you trying to have each zone export their own shares?
This sounds like a Trusted Extensions (TX) configuraton, in which case
there is the illusion that is is supported (but it all really happens
from the global zone still).
Elton I'd recommend posting this in security-discuss and also clarifying
if this really is TX.
--
Darren J Moffat
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
