The scenario you are describing is exactly waht Solaris Trusted
Extensions does. See:
http://www.opensolaris.org/os/community/security/projects/tx/
--Glenn
Rob Fisher wrote:
I asked this question before, but I never got a satisfactory answer. Seems
there are a lot more people around with a lot deeper knowledge of zones, so it
might just be worth asking it again.
Here's the scenario:
I have a laptop. When it boots, it gives you the console login: prompt. (I
don't use dtlogin.) When you log in, obviously, you log in to the global zone.
When you run xinit, your X session runs in the global zone.
What I want is to log in at the console, and be in a local zone. Then launch X,
and have my session in a local zone. I don't want to pass through the global
zone at all. That should be locked down tight and hidden away.
Is this possible? Can the console login be attached to a zone?
I don't want XDMCP, scripts, zlogin, or anything like that, just a clean way of
booting up, sitting down, logging in, and not being in the global zone. I can
think of hacks to achieve the same result, but I'm interested in this from a
theory viewpoint too.
Does anyone know if what I want to do is possible?
thanks
Rob
This message posted from opensolaris.org
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
