I, too, am late to this thread but I caught something that didn't seem right to me in this specific example. For the administration of the non-global zones, SunEducation (for whom I am an instructor) is stressing that the ng zones are "Software Virtualizations" (my quotes) and that the hardware and infrastructure are managed by the global zone admin. In this case, the ngz admins would not have access or permission to corrupt their filesystems at the zpool/zfs level. Unless zfs is to offer a different management model, I don't suspect we will need to differentiate the (incapacitated) ngz admins from the gz admins.
Regards, Craig On Wed, May 3, 2006 3:05 pm, Eric Schrock said: > On Wed, May 03, 2006 at 02:47:57PM -0700, eric kustarz wrote: >> Jason Schroeder wrote: >> >> >eric kustarz wrote: >> > >> >>The following case is about to go to PSARC. Comments are welcome. >> >> >> >>eric >> >> >> >To piggyback on earlier comments re: adding hostname and user: >> > >> >What is the need for zpool history to distinguish zfs commands that >> >were executed by priviledged users in non-global zones for those >> >datasets under ngz ownership? >> > >> I personally don't see a need to distinguish between zones. However, >> with delegated administration, it would be nice to know who did (say) >> destroy that file system - the local root or some remote user. > > Keep in mind that one username (or uid) in a local zone is different > from the same username in the global zone, since they can be running > different name services. In the simplest example, you could have an > entry that said something like: > > root zfs destroy tank/foo > > And if you were using datasets delegated to local zones, you wouldn't > know if that was 'root' in the global zone or 'root' in the local zone. > If you are going to log a user at all, you _need_ to log the zone name > as well. Even without usernames, it would probably be useful to know > that a particular action was done in a particular zone. > > Imagine a service provider with several zones delegated to different > users, and each user has their own portion of the namespace. At some > point, you get a servicecall from a customer saying "someone deleted my > filesystems!!!!" You could look at the zpool history, but without a > zone name, you wouldn't know if was your fault (from the global zone) or > theirs (from the local zone). > > - Eric > > -- > Eric Schrock, Solaris Kernel Development http://blogs.sun.com/eschrock > _______________________________________________ > zfs-discuss mailing list > zfs-discuss@opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/zfs-discuss > _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
