[OmniOS-discuss] Ang: LX Zones question: Do you miss ipadm(1M)?

[Andy Fiddaman]

On Thu, 30 Mar 2017, Dan McDonald wrote:

;
; > On Mar 30, 2017, at 5:11 PM, Brian Hechinger <wonko at 4amlunch.net> wrote:
; >
; > I'd like to see a way that network configuration can be disabled from within the zone so that it's set by the host admin and not the zone admin (assuming they are different people).
;
; I thought more people would be in agreement with you, but that appears not to be the case.
;
; Rewriting lxinit & friends to allow this sort of admin model is going to be harder than I thought, and since r151022 is already late relative to prior releases (it's a cadence-breaker thanks to Loader, Python2.7, and Kayak-for-ISO), I don't know if getting ipadm(1M) for LX zones would work.  You're the strongest endorser of doing it so far.

I read Brian's comment as wanting to stop network configuration from within
the zone => no ipadm. That's what I want too - if I set up a Linux zone and
hand control over, I don't want the zone root user to be able to change
the IP address.

Andy

-- 
Citrus IT Limited | +44 (0)870 199 8000 | enquiries at citrus-it.co.uk
Rock House Farm | Green Moor | Wortley | Sheffield | S35 7DQ
Registered in England and Wales | Company number 4899123