On Feb 14, 2007, at 3:17 PM, Edward Pilatowicz wrote: > i would refine your second point though because it doesn't take into > account lofs mounts. > > ex, if i have /export/foo in the global zone and then in zonecfg i > configure a "filesystem" resource such that this directory is also > lofs mounted in the zone at /export/foo, then who should be able > to export the filesystem? > > it seems to me that both the local zone and the global zone > should be able to export it (or not export it) independantly.
I disagree - I think a filesystem should have an owner, and the owner should have sole control over sharing. If the global zone needs to share the data, it should take over ownership, and from outside this should be visible as the data moving between "servers". In a related area, and to address an earlier question I raised, I don't think getting a filesystem via a lofs mount should entitle you to share it - you should have device access delegated to your zone in order to do that. Zones folks may disagree. Rob T
