[geeks] Solaris 10 puzzle
Phil Stracchino
alaric at metrocast.net
Tue Nov 30 19:07:17 CST 2010
On 11/30/10 19:51, hike wrote:
> On Tue, Nov 30, 2010 at 7:19 PM, Phil Stracchino <alaric at metrocast.net>wrote:
>
>> On 11/30/10 19:02, Phil Stracchino wrote:
>>> Folks, anyone have any insights on this?
>>>
>>> Assume two Solaris 10 hosts. Call them H1 and H2. Both reside on the
>>> same subnet, and in fact have almost adjacent IP addresses.
>>>
>>> Assume two Solaris zones, one each. Call them H1z1 and H2z1.
>>>
>>> Assume a ZFS filesystem, H1:/foo, on H1, NFS exported via ZFS,
>>> rw=H1z1:H2z1,root=H1z1:H2z1.
>>>
>>> H1z1 and H2z1 mount this same share at /bar, with identical options, and
>>> have so far as I can see identical services running.
>>>
>>> All applicable mountpoints, on H1, H1z1, and H1z2, are owned by the same
>>> user and group (in this case, oracle:oinstall). The user and group
>>> oracle and oinstall are defined and valid, and have the same numeric
>>> uid/gid, on all three.
>>>
>>>
>>> H1:/foo mounts on H2z1:/bar as oracle:oinstall.
>>> H1:/foo mounts on H1z1:/bar as nobody:nobody.
>>>
>>> ....WTF? I'm baffled.
>>
>> Oh, one more clue: H2z1 can chown the mounted filesystem. H1z1 gets
>> permission denied.
>>
>> Is there something in Solaris 10 ZFS/NFS that says that a host cannot
>> grant root NFS privileges to one of its own zones?
>
> Are the UID/GID the same on all these machines?
Yup. I said that already.
--
Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355
alaric at caerllewys.net alaric at metrocast.net phil at co.ordinate.org
Renaissance Man, Unix ronin, Perl hacker, Free Stater
It's not the years, it's the mileage.
More information about the geeks
mailing list