Vous êtes ici : Formations en Ligne Gratuites » Catalogue » workbooks » Solaris » Solaris 11 » Solaris 11 - System Administration » SO305 - Process Management and Process Scheduling

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Prochaine révision		Révision précédente
elearning:workbooks:solaris:11:junior:l126 [2016/10/22 05:25] – modification externe 127.0.0.1elearning:workbooks:solaris:11:junior:l126 [2020/01/30 03:28] (Version actuelle) – modification externe 127.0.0.1
Ligne 1: Ligne 1:
-====== Zone Administration ======+====== SO305 - Process Management and Process Scheduling=====
  
-=====Solaris Containers=====+A process is a binary file that is loaded into memory and executed. Everything you do in Solaris generates a process. A process is accompagnied by an environnment which, amongst other data, contains the following information:
  
-The term Solaris **Containers** is often confused with that of Solaris **Zones**. In factthere is a slight difference. The definition of a container is:+  A unique process ID (PID), 
 +  The unique ID of the parent process (PPID), 
 +  The unique user ID of the user who generated the process (UID), 
 +  The unique group ID of the group to which the process is attached (GID), 
 +  The processing time, 
 +  The process priority, 
 +  The current working directory, 
 +  * The list of open files.
  
-<WRAP center round important 60%> +Process environnement data is stored in the **/proc** directory.
-Solaris container = Solaris Zone + Solaris Resource Manager ( SRM ) +
-</WRAP>+
  
-The **SRM** is responsible for workload and resource management.+=====The /proc File System=====
  
-Solaris Zones are **not** full guest operating system kernels and as such they are similar in concept to FreeBSD **[[wp>FreeBSD_jail|Jails]]**Zones share the same kernel and as such cannot be live migrated to another host.+The /proc directory contains virtual files and directoriesFile content is created dynamically when consulted and only root can view all the data within /proc.
  
-There are two types of zones:+Start by taking a look at all the directories containing digits:
  
-  * a single **Global** zone, +<code> 
-  * one or more **Non-global*or **local** zones.+root@solaris:~# cd /proc; ls -d [0-9]* 
 +0     1015  1119  118   1664  191   235   3609  3644  3653  3668  3685  3722  3742  42    5770  5893  6123  6180  6236  679   85    895   936   979 
 +1     1016  1122  13    1665  1992  237   3620  3645  3655  3674  3688  3723  3743  4985  5774  5906  6136  6181  6242  7     874   896   941   982 
 +1002  104   1129  1406  1666  2     241   3633  3647  3657  3675  3698  3725  3782  5     5804  5960  6165  6199  6255  8     881   898   943   985 
 +1012  11    1138  1456  1667  203       3636  3648  3658  3679  3700  3738  3784  50    5834  5968  6173  6201  6274  814   890   899   95    996 
 +1013  1106  1143  1495  1668  2122  3579  3640  3650  3660  3682  3709  3739  3786  5614  5843  6     6174  6216  637   818   891   932   957 
 +1014  1109  1159  1661  1822  225   3608  3643  3652  3661  3683  3720  3741  413   570   5889  6090  6178  6227  6736  823   892   934   978 
 +</code>
  
-Each local zone requires about 400 Mb of disk space and 15 Mb of RAM.+Each of the above directories refers to a PID and contains all the necessary process environnement information.
  
-====The Global Zone====+=====Process Types=====
  
-The global zone:+There are three types of processes
  
-    has a zone **ID** of **0**, +  * **interactive** process launched in a terminal either in the foreground or the background
-    * provides unique instance of the Solaris kernel+  * **batch** - process launched by the system at a specific time
-    contains all packages installed by IPS, +  * **daemon** - a process that has no parent terminal.
-    can contains other software not installed by IPS, +
-    contains database of all applications installed in the global zone+
-    contains all configuration data concerning the global zone such as its host name, +
-    knows about all //devices// and all //file systems//, +
-    is aware of all local zones as well as their configuration, +
-    is the zone in which local zones can be created, installed, configured, managed, un-installed and deleted.+
  
-====Non-global or Local Zones====+A process can be in one of 9 //process states//:
  
-A local zone:+^ Process State ^ Description ^ 
 +| New | The process' initial state when launched | 
 +| User Mode | The process executes in user mode | 
 +| Kernel Mode | The process executes in kernel mode | 
 +| New | The process' initial state when launched | 
 +| waiting | The process is waiting for a resource other than the processor | 
 +| sleeping | The process is sleeping | 
 +| runnable | The process has everything it needs to run except the processor | 
 +| swap | The process is sleeping in swap | 
 +| elected| The process has control of the processor |
  
-    * is given a zone ID when it is booted, +=====Managing Processes=====
-    * shares the kernel with the global zone, +
-    * contains a some of the installed packages, +
-    * shares packages with the global zone, +
-    * can contain other software and files not present in the global zone, +
-    * contains a database of all locally installed applications as well as all applications shared by the global zone, +
-    * has no knowledge of the other local zones, +
-    * cannot be used to manage or to un-install local zones, including itself, +
-    * contains all configuration data concerning the local zone such as its host name and IP address,+
  
-For those familiar with Solaris 10 zones, there were two types of local zones: +====The ps Command====
  
-  * **//Small zones//** or //Sparse Root zones// where the zone shared the following global zone directories: +The output of the ps caommand shows those processes generated by the user attached to the terminal:
-    * /usr +
-    * /lib +
-    * /platform +
-    * /sbin +
-  * **//Big zones//**  or //Whole Root zones// that contained a complete Solaris installation.+
  
-In Solaris 11 only Whole Root Zones remain.+<code sh> 
 +root@solaris:~# ps 
 +  PID TTY         TIME CMD 
 + 6771 pts/1       0:00 ps 
 + 3742 pts/1       0:00 su 
 + 3743 pts/1       0:00 bash 
 +</code>
  
- +Used with the **-f** switch, the command shows the **Process Table**:
-=====Lab #1 - Installing a Non-global Zone===== +
- +
-In this lab you will be installing a **Local Zone** into a ZFS file system. Start by looking at where you can create the directory that will contain future zones:+
  
 <code> <code>
-root@solaris:~# zfs list +root@solaris:~# ps -f 
-NAME                              USED  AVAIL  REFER  MOUNTPOINT +     UID   PID  PPID      STIME TTY         TIME CMD 
-mypool                            103M  51.5M    31K  /mypool +    root  6772  3743   0 15:03:08 pts/1       0:00 ps -f 
-mypool/iscsi                      103M   155M    16K  - +    root  3742  3741     Dec 15 pts/1       0:00 su 
-rpool                            7.40G  11.9G  4.58M  /rpool +    root  3743  3742   0   Dec 15 pts/1       0:00 -bash
-rpool/ROOT                       5.22G  11.9G    31K  legacy +
-rpool/ROOT/solaris               5.22G  11.9G  4.08G  / +
-rpool/ROOT/solaris-backup-     2.47M  11.9G  1.98G  / +
-rpool/ROOT/solaris-backup-1/var    46K  11.9G   758M  /var +
-rpool/ROOT/solaris-backup-2       127K  11.9G  3.92G  / +
-rpool/ROOT/solaris-backup-2/var    58K  11.9G   266M  /var +
-rpool/ROOT/solaris/var            980M  11.9G   209M  /var +
-rpool/VARSHARE                    102K  11.9G   102K  /var/share +
-rpool/dump                       1.03G  12.0G  1.00G  +
-rpool/export                      110M  11.9G    32K  /export +
-rpool/export/home                 110M  11.9G    32K  /export/home +
-rpool/export/home/trainee         110M  11.9G   110M  /export/home/trainee +
-rpool/swap                       1.03G  12.0G  1.00G  -+
 </code> </code>
  
-<WRAP center round important 60%> +The column headers in the above output are defined as follows:
-You **cannot** create zone datasets under the **rpool/ROOT** dataset. +
-</WRAP>+
  
-====Configuring the Zone's Dataset====+^ UID | User ID | 
 +^ PID | Process Indentification | 
 +^ PPID | Parent Process ID | 
 +^ C | Priority| 
 +^ STIME | Start Time | 
 +^ TTY | Terminal | 
 +^ TIME | Duration | 
 +^ CMD | Command |
  
-It seems that the best option is to create a new file system just for zones:+To see all the running processes, add the **-e** switch:
  
 <code> <code>
-root@solaris:~# zfs create -o mountpoint=/zones rpool/zones +root@solaris:~# ps -ef 
-root@solaris:~# zfs list +     UID   PID  PPID      STIME TTY         TIME CMD 
-NAME                              USED  AVAIL  REFER  MOUNTPOINT +    root             Dec 15 ?           0:04 sched 
-mypool                            103M  51.5M    31K  /mypool +    root             Dec 15 ?           0:27 zpool-rpool 
-mypool/iscsi                      103M   155M    16K  - +    root             Dec 15 ?           0:02 kmem_task 
-rpool                            7.40G  11.9G  4.58M  /rpool +    root             Dec 15 ?           0:00 /usr/sbin/init 
-rpool/ROOT                       5.22G  11.9G    31K  legacy +    root             Dec 15 ?           0:00 pageout 
-rpool/ROOT/solaris               5.22G  11.9G  4.08G  / +    root             Dec 15 ?           0:13 fsflush 
-rpool/ROOT/solaris-backup-1      2.47M  11.9G  1.98G  / +    root             Dec 15 ?           0:00 intrd 
-rpool/ROOT/solaris-backup-1/var    46K  11.9G   758M  /var +    root             Dec 15 ?           0:00 vmtasks 
-rpool/ROOT/solaris-backup-      127K  11.9G  3.92G  / +    root   874         Dec 15 ?           0:00 /usr/sbin/cron 
-rpool/ROOT/solaris-backup-2/var    58K  11.9G   266M  /var +    root    11         Dec 15 ?           0:03 /lib/svc/bin/svc.startd 
-rpool/ROOT/solaris/var            980M  11.9G   209M  /var +    root    13         Dec 15 ?           0:13 /lib/svc/bin/svc.configd 
-rpool/VARSHARE                    102K  11.9G   102K  /var/share +    root   203         Dec 15 ?           0:00 /usr/lib/zones/zonestatd 
-rpool/dump                       1.03G  12.0G  1.00G  - + pkg5srv  1667  1661     Dec 15 ?           0:00 /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
-rpool/export                      110M  11.9G    32K  /export +    root   118         Dec 15 ?           0:00 /usr/lib/pfexecd 
-rpool/export/home                 110M  11.9G    32K  /export/home + pkg5srv  1495         Dec 15 ?           0:07 /usr/apache2/2.2/bin/htcacheclean -d20160 -i -l 2048M -n -p /var/cache/pkg/sysr 
-rpool/export/home/trainee         110M  11.9G   110M  /export/home/trainee +  netcfg    42         Dec 15 ?           0:00 /lib/inet/netcfgd 
-rpool/swap                       1.03G  12.0G  1.00G  - +    root   679         Dec 15 ?           0:00 /usr/lib/picl/picld 
-rpool/zones                        31K  11.9G    31K  /zones+    root  1106         Dec 15 ?           0:00 /usr/lib/devchassis/devchassisd 
 + trainee  3650         Dec 15 ?           0:00 /usr/lib/bonobo-activation-server --ac-activate --ior-output-fd=21 
 +   dladm    50         Dec 15 ?           0:00 /usr/sbin/dlmgmtd 
 +  daemon    85         Dec 15 ?           0:00 /lib/crypto/kcfd 
 +    root   104         Dec 15 ?           0:00 /lib/inet/in.mpathd 
 +  netadm    95         Dec 15 ?           0:00 /lib/inet/ipmgmtd 
 +  daemon   881         Dec 15 ?           0:00 /usr/sbin/rpcbind 
 +    root   637         Dec 15 ?           0:00 /sbin/dhcpagent 
 +    root   818         Dec 15 ?           0:00 zpool-mypool 
 +    root   957         Dec 15 ?           0:00 /usr/sbin/syslogd 
 +    root   934         Dec 15 ?           2:09 /usr/lib/fm/fmd/fmd 
 +    root   898         Dec 15 ?           0:00 /usr/lib/autofs/automountd 
 + trainee  3648  3579     Dec 15 ?           0:01 nautilus 
 +    root   932         Dec 15 ?           0:02 /usr/bin/VBoxService 
 +    root   237         Dec 15 ?           0:00 /usr/lib/rad/rad -sp 
 +    root   225         Dec 15 ?           0:00 /usr/lib/sysevent/syseventd 
 +    root   814         Dec 15 ?           0:03 /usr/sbin/nscd 
 +    root   235         Dec 15 ?           0:00 /usr/sbin/vbiosd 
 + trainee  3644  3579     Dec 15 ?           0:05 metacity 
 + pkg5srv  1666  1661     Dec 15 ?           0:00 /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +    root   413         Dec 15 ?           0:01 /usr/lib/devfsadm/devfsadmd 
 + trainee  3658  3579     Dec 15 ?           0:01 /usr/bin/python2.6 /usr/lib/updatemanagernotifier 
 +    root   823         Dec 15 ?           0:00 /lib/svc/method/iscsid 
 +    root   191         Dec 15 ?           0:00 /usr/lib/utmpd 
 +    root   996   895     Dec 15 ?           0:00 /usr/lib/hal/hald-addon-storage 
 +    root   241         Dec 15 ?           0:00 /usr/lib/dbus-daemon --system 
 +  netadm   570         Dec 15 ?           0:00 /lib/inet/nwamd 
 +    root   892         Dec 15 ?           0:01 /usr/lib/hal/hald --daemon=yes 
 +noaccess  1129         Dec 15 ?           0:00 /usr/lib/fm/notify/asr-notify 
 + pkg5srv  1668  1661     Dec 15 ?           0:00 /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +    root   936         Dec 15 ?           0:00 /usr/lib/ssh/sshd 
 +    root  1122         Dec 15 ?           0:00 /usr/sbin/gdm-binary 
 +    root   941   895     Dec 15 ?           0:00 /usr/lib/hal/hald-addon-cpufreq 
 +  daemon   890         Dec 15 ?           0:00 /usr/lib/nfs/nfsmapid 
 +    root   891         Dec 15 ?           0:00 /usr/lib/inet/inetd start 
 +    root   899   898     Dec 15 ?           0:00 /usr/lib/autofs/automountd 
 +    root   895   892     Dec 15 ?           0:00 hald-runner 
 +    root   896         Dec 15 ?           0:00 /usr/sbin/console-kit-daemon 
 +    root   943   895     Dec 15 ?           0:01 /usr/lib/hal/hald-addon-acpi 
 +    root   985    11   0   Dec 15 console     0:00 /usr/sbin/ttymon -g -d /dev/console -l console -T sun-color -m ldterm,ttcompat  
 +    root   979         Dec 15 ?           0:00 /usr/sbin/auditd 
 +    root   982         Dec 15 ?           0:00 /usr/lib/sendmail -bl -q15m 
 +   smmsp   978         Dec 15 ?           0:00 /usr/lib/sendmail -Ac -q15m 
 + trainee  1159  1143     Dec 15 vt/7        1:59 /usr/bin/Xorg :0 -nolisten tcp -br -novtswitch -auth /tmp/gdm-auth-cookies-DOaq 
 +    root  6255         Dec 15 ?           0:00 /usr/lib/inet/in.ndpd 
 +    root  1002         Dec 15 vt/1        0:00 /usr/lib/vtdaemon -c 16 
 +  daemon  6181         Dec 15 ?           0:00 /usr/lib/nfs/nfsmapid 
 +    root  1012    11     Dec 15 vt/4        0:00 /usr/sbin/ttymon -g -d /dev/vt/4 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +    root  1013    11   0   Dec 15 vt/2        0:00 /usr/sbin/ttymon -g -d /dev/vt/2 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +    root  1014    11     Dec 15 vt/6        0:00 /usr/sbin/ttymon -g -d /dev/vt/6 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +    root  1015    11     Dec 15 vt/5        0:00 /usr/sbin/ttymon -g -d /dev/vt/5 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +    root  1016    11     Dec 15 vt/3        0:00 /usr/sbin/ttymon -g -d /dev/vt/3 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +noaccess  1138         Dec 15 ?           0:00 /usr/lib/fm/notify/smtp-notify 
 +    root  1119         Dec 15 ?           0:00 /usr/lib/rmvolmgr -
 +    root  4985       0   Dec 15 ?           0:00 zsched 
 +    root  1406         Dec 15 ?           0:00 /usr/sbin/cupsd -C /etc/cups/cupsd.conf 
 +    root  6201  5770     Dec 15 zoneconsole    0:00 /usr/sbin/ttymon -g -d /dev/console -l console -T vt100 -m ldterm,ttcompat -h - 
 +    root  1109       0   Dec 15 ?           0:00 /usr/lib/inet/in.ndpd 
 +    root  1143  1122     Dec 15 ?           0:00 /usr/lib/gdm-simple-slave --display-id /org/gnome/DisplayManager/Display1 
 +     gdm  1456         Dec 15 ?           0:00 /usr/bin/dbus-launch --exit-with-session 
 + trainee  3645  3579     Dec 15 ?           0:02 gnome-panel 
 + trainee  3652       0   Dec 15 ?           0:05 /usr/lib/wnck-applet --oaf-activate-iid=OAFIID:GNOME_Wncklet_Factory --oaf-ior- 
 + trainee  3653  3579   0   Dec 15 ?           0:00 /usr/lib/nwam-manager 
 +  netadm  5893         Dec 15 ?           0:00 /lib/inet/ipmgmtd 
 +    root  2122         Dec 15 ?           0:00 /usr/lib/ocm/ccr/bin/nmz 
 + trainee  3609         Dec 15 ?           0:00 /usr/lib/dbus-daemon --fork --print-pid 6 --print-address 8 --session 
 +    root  6773  3743   0 15:04:31 pts/1       0:00 ps -ef 
 + pkg5srv  1665  1661     Dec 15 ?           0:00 /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 + trainee  3579  1992     Dec 15 ?           0:00 gnome-session 
 + trainee  3643         Dec 15 ?           0:00 /usr/lib/gvfsd 
 + trainee  3620  3579     Dec 15 ?           0:00 /usr/bin/ssh-agent -- gnome-session 
 + trainee  3633         Dec 15 ?           0:02 /usr/lib/gconfd-2 
 + trainee  3647         Dec 15 ?           0:00 /usr/lib/gvfs-hal-volume-monitor 
 +    root  1664       0   Dec 15 ?           0:00 /usr/lib/zones/zoneproxyd 
 + trainee  3608         Dec 15 ?           0:00 dbus-launch --exit-with-session --sh-syntax 
 +    root  1661         Dec 15 ?           0:00 /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +    root  1822         Dec 15 ?           0:00 zoneadmd -z myzone 
 +  netadm  5960         Dec 15 ?           0:07 /lib/inet/nwamd 
 + trainee  3636       0   Dec 15 ?           0:00 /usr/bin/gnome-keyring-daemon --start --components=pkcs11 
 + trainee  3640         Dec 15 ?           0:03 /usr/lib/gnome-settings-daemon 
 +    root  1992  1143     Dec 15 ?           0:00 /usr/lib/gdm-session-worker 
 + trainee  3657         Dec 15 ?           0:00 /usr/lib/gvfsd-trash --spawner :1.9 /org/gtk/gvfs/exec_spaw/
 +    root  6136       0   Dec 15 ?           0:04 /usr/sbin/nscd 
 +    root  6090         Dec 15 ?           0:00 /usr/lib/zones/zoneproxy-client -s localhost:1008 
 +    root  6216         Dec 15 ?           0:01 /usr/sbin/syslogd 
 +    root  6173       0   Dec 15 ?           0:00 /usr/lib/autofs/automountd 
 +    root  6123         Dec 15 ?           0:00 /usr/sbin/cron 
 +    root  6178       0   Dec 15 ?           0:00 /usr/lib/inet/inetd start 
 + trainee  6274         Dec 15 ?           1:40 gedit 
 +    root  6199         Dec 15 ?           0:00 /usr/lib/ssh/sshd 
 +  daemon  5834         Dec 15 ?           0:00 /lib/crypto/kcfd 
 +    root  5968         Dec 15 ?           0:00 /sbin/dhcpagent 
 +    root  5614  4985     Dec 15 ?           0:00 /usr/sbin/init 
 + trainee  3655         Dec 15 ?           0:00 /usr/lib/trashapplet --oaf-activate-iid=OAFIID:GNOME_Panel_TrashApplet_Factory  
 +    root  5906         Dec 15 ?           0:00 /lib/inet/in.mpathd 
 +    root  5843         Dec 15 ?           0:00 /usr/lib/pfexecd 
 + trainee  6736         Dec 15 ?           0:01 nautilus --no-desktop /home/trainee 
 +    root  6174  6173     Dec 15 ?           0:00 /usr/lib/autofs/automountd 
 +    root  6180         Dec 15 ?           0:00 /usr/lib/fm/fmd/fmd 
 +    root  5889         Dec 15 ?           0:00 /usr/lib/utmpd 
 +    root  5770         Dec 15 ?           0:01 /lib/svc/bin/svc.startd 
 + trainee  3660  3579   0   Dec 15 ?           0:00 python2.6 /usr/lib/system-config-printer/applet.py 
 + trainee  3722         Dec 15 ?           0:00 /usr/lib/notification-daemon 
 + trainee  3679         Dec 15 ?           0:00 /usr/bin/VBoxClient --display 
 +  daemon  6165         Dec 15 ?           0:00 /usr/sbin/rpcbind 
 +  netcfg  5804       0   Dec 15 ?           0:00 /lib/inet/netcfgd 
 + trainee  3661  3579     Dec 15 ?           1:12 java -Djava.security.policy=/usr/share/vpanels/java.policy com.oracle.solaris.v 
 + trainee  3739  3738     Dec 15 ?           0:00 gnome-pty-helper 
 + trainee  3675       0   Dec 15 ?           0:00 /usr/bin/VBoxClient --clipboard 
 + trainee  3700         Dec 15 ?           0:00 /usr/lib/notification-area-applet --oaf-activate-iid=OAFIID:GNOME_NotificationA 
 + trainee  3674  3579     Dec 15 ?           0:03 /usr/bin/xscreensaver -nosplash 
 + trainee  3683         Dec 15 ?           0:26 /usr/bin/VBoxClient --draganddrop 
 + trainee  3668  3579     Dec 15 ?           0:01 gnome-power-manager 
 + trainee  3685  3579     Dec 15 ?           0:00 gnome-volume-control-applet 
 + trainee  3682         Dec 15 ?           0:00 /usr/bin/VBoxClient --seamless 
 + trainee  3698         Dec 15 ?           0:01 /usr/lib/clock-applet --oaf-activate-iid=OAFIID:GNOME_ClockApplet_Factory --oaf 
 + trainee  3688  3579     Dec 15 ?           0:01 python2.6 /usr/lib/time-slider-notify 
 + trainee  3720         Dec 15 ?           0:00 /usr/lib/gvfsd-metadata 
 + trainee  3738         Dec 15 ?           0:05 gnome-terminal 
 + trainee  3723   237     Dec 15 ?           0:00 /usr/lib/rad/rad -m /usr/lib/rad/transport -m /usr/lib/rad/protocol -m /usr/lib 
 + trainee  3709         Dec 15 ?           0:00 /usr/bin/pulseaudio --start 
 + trainee  3725         Dec 15 ?          11:40 /usr/bin/firefox 
 +    root  3742  3741     Dec 15 pts/1       0:00 su - 
 + trainee  3741  3738     Dec 15 pts/1       0:00 bash 
 +    root  3743  3742     Dec 15 pts/1       0:00 -bash 
 +    root  5774         Dec 15 ?           0:07 /lib/svc/bin/svc.configd 
 + trainee  3784         Dec 15 ?           0:02 evince file:///tmp/Solaris_Zones_Tutorial.pdf 
 + trainee  3782         Dec 15 ?           0:00 /usr/lib/gam_server 
 + trainee  3786         Dec 15 ?           0:00 /usr/lib/evinced 
 +   smmsp  6227         Dec 15 ?           0:00 /usr/lib/sendmail -Ac -q15m 
 +    root  6236         Dec 15 ?           0:00 /usr/lib/sendmail -bl -q15m 
 +    root  6242         Dec 15 ?           0:00 /usr/lib/fm/notify/smtp-notify
 </code> </code>
  
-Now create your zone using the **zonecfg** command:+====The top Command====
  
-<code> +The ps command, although useful, only gives snapshot view of the processes running at the time the command was executedTo get a continual view of what is running you can use the **top** command:
-root@solaris:~# zonecfg -z myzone +
-Use 'create' to begin configuring new zone. +
-zonecfg:myzone> create +
-create: Using system default template 'SYSdefault' +
-zonecfg:myzone> set zonepath=/zones/myzone +
-zonecfg:myzone> set autoboot=true +
-zonecfg:myzone>  +
-</code> +
- +
-<WRAP center round important 60%> +
-The **-z** switch stands for the **zonename**. +
-</WRAP> +
- +
-Zones are represented by **XML** files. As you can see above, when created, the zonecfg uses the default template **/etc/zones/SYSdefault.xml**:+
  
 <code> <code>
-root@solaris:~# cat /etc/zones/SYSdefault.xml +last pid 6807;  load avg:  0.21,  0.19,  0.17;  up 2+08:33:55                                                                                                15:59:00 
-<?xml version="1.0"?>+141 processes: 140 sleeping, on cpu 
 +CPU states: 93.2% idle,  4.1% user,  2.7% kernel,  0.0% iowait,  0.0% swap 
 +Kernel: 1111 ctxsw, 15 trap, 879 intr, 3744 syscall, 4 flt 
 +Memory: 2048M phys mem, 74M free mem, 1024M total swap, 1024M free swap
  
-<!-+   PID USERNAME NLWP PRI NICE  SIZE   RES STATE    TIME    CPU COMMAND 
- Copyright (c) 2010, 2011, Oracle and/or its affiliatesAll rights reserved+   934 root       28  59    0   38M 6224K sleep    4:42  2.30% fmd 
- +  3738 trainee      54    0  129M   18M sleep    0:07  0.87% gnome-terminal 
-    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead+  3725 trainee    19  49    0  533M  216M sleep   12:58  0.82% firefox 
---> +  1159 trainee      59    0  170M  152M sleep    2:10  0.45% Xorg 
- +  3661 trainee    23  59    0  235M  116M sleep    1:25  0.24% java 
-<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1"> +  3683 trainee      59    0   13M  724K sleep    0:31  0.10% VBoxClient 
- +  6806 root        1  59    0 4432K 2848K cpu/1    0:00  0.08% top 
-<zone name="default" zonepath="" autoboot="false" brand="solaris" +  5960 netadm      7  59    0 5344K 3504K sleep    0:08  0.03% nwamd 
-      ip-type="exclusive"> +  3644 trainee      59    0   31M   13M sleep    0:05  0.02% metacity 
-  <automatic-network lower-link="auto" linkname="net0" +  3698 trainee      59    0   32M 8904K sleep    0:00  0.02% clock-applet 
-      link-protection="mac-nospoof" mac-address="random"/> +    13 root       18  59    0   23M   13M sleep    0:13  0.02% svc.configd 
-</zone>+  3640 trainee      59    0  143M   21M sleep    0:03  0.01% gnome-settings
 +  6136 root       27  59    0 5808K 3084K sleep    0:04  0.01% nscd 
 +   932 root        7  59    0   11M  600K sleep    0:02  0.01% VBoxService 
 +  6216 root       11  59    0 3964K 1080K sleep    0:01  0.01% syslogd 
 +  3688 trainee      59    0  133M   13M sleep    0:01  0.00% isapython2.6 
 +  3658 trainee      12   19   61M   25M sleep    0:01  0.00% updatemanagerno 
 +   104 root        1  59    0 9692K  388K sleep    0:00  0.00% in.mpathd 
 +  1495 pkg5srv      59    0 5272K 1240K sleep    0:07  0.00% htcacheclean 
 +  3674 trainee      59    0   14M 2892K sleep    0:03  0.00% xscreensaver 
 +  1665 pkg5srv    24  59    0   21M  240K sleep    0:00  0.00% httpd.worker 
 +   982 root        1  59    0 6224K 1216K sleep    0:00  0.00% sendmail 
 +  3668 trainee      59    0  128M 9484K sleep    0:00  0.00% gnome-power-man 
 +  1661 root        1  59    0   14M  204K sleep    0:00  0.00% httpd.worker 
 +  6236 root        1  59    0 6164K 1900K sleep    0:00  0.00% sendmail 
 +  3653 trainee      59    0  128M 9724K sleep    0:00  0.00% nwam-manager 
 +  5968 root        1  59    0 2592K 1232K sleep    0:00  0.00% dhcpagent 
 +  1138 noaccess    4  59    0   10M 1736K sleep    0:00  0.00% smtp-notify 
 +   637 root        1  59    0 9408K  484K sleep    0:00  0.00% dhcpagent
 </code> </code>
  
-Note that you also have set the **autoboot** property to **yes** so that the zone starts on system boot. +The default refresh interval is 3 seconds. To make it 1 second, use top'**s** command:
- +
-To show the configuration that zonecfg has already filled in for you by using the **/etc/zones/SYSdefault.xml** file, use the command **info** :+
  
 <code> <code>
-zonecfg:myzone> info +last pid 6807;  load avg 0.17,  0.18,  0.17;  up 2+08:38:55                                                                                                16:04:00 
-zonenamemyzone +141 processes138 sleeping, 2 running, 1 on cpu 
-zonepath/zones/myzone +CPU states95.1% idle,  2.9% user,  2.0% kernel,  0.0% iowait,  0.0% swap 
-brandsolaris +Kernel1084 ctxsw, 10 trap, 894 intr, 4709 syscall, 5 flt 
-autoboottrue +Memory2048M phys mem, 69M free mem, 1024M total swap, 1024M free swap 
-bootargs:  +Seconds to delay1 
-file-mac-profile:  +   PID USERNAME NLWP PRI NICE  SIZE   RES STATE    TIME    CPU COMMAND 
-pool:  +  3725 trainee    19  49    0  533M  216M sleep   13:05  1.05% firefox 
-limitpriv:  +  6274 trainee      49    0  141M   28M sleep    2:04  0.80% gedit 
-scheduling-class:  +  1159 trainee      59    0  170M  152M sleep    2:11  0.71% Xorg 
-ip-typeexclusive +  3652 trainee      59    0  129M   13M sleep    0:05  0.26% wnck-applet 
-hostid:  +  3661 trainee    23  59    0  235M  116M run      1:26  0.23% java 
-fs-allowed:  +  3738 trainee      59    0  129M   18M sleep    0:08  0.21% gnome-terminal 
-anet+  3683 trainee      59    0   13M  724K run      0:31  0.09% VBoxClient 
- linknamenet0 +...
- lower-linkauto +
- allowed-address not specified +
- configure-allowed-addresstrue +
- defrouter not specified +
- allowed-dhcp-cids not specified +
- link-protectionmac-nospoof +
- mac-addressrandom +
- mac-prefix not specified +
- mac-slot not specified +
- vlan-id not specified +
- priority not specified +
- rxrings not specified +
- txrings not specified +
- mtu not specified +
- maxbw not specified +
- rxfanout not specified +
- vsi-typeid not specified +
- vsi-vers not specified +
- vsi-mgrid not specified +
- etsbw-lcl not specified +
- cos not specified +
- pkey not specified +
- linkmode not specified +
-zonecfg:myzone> +
 </code> </code>
  
-Finally, **commit** the configuration, **verify** the newly created **XML** file and **quit**:+Use the **M** key to sort the processes in descending order of memery usage:
  
 <code> <code>
-zonecfg:myzone> commit +last pid 8942;  load avg:  0.12,  0.15,  0.11;  up 3+05:39:51                                                                                                13:04:56 
-zonecfg:myzone> verify +145 processes143 sleeping, 1 zombie, 1 on cpu 
-zonecfg:myzone> exit +CPU states89.4% idle,  6.6% user,  4.0% kernel,  0.0% iowait,  0.0% swap 
-root@solaris:~# +Kernel1037 ctxsw, 5616 trap, 828 intr, 6520 syscall, 5 fork, 3960 flt 
 +Memory: 2048M phys mem, 197M free mem, 1024M total swap, 1024M free swap 
 + 
 +   PID USERNAME NLWP PRI NICE  SIZE   RES STATE    TIME    CPU COMMAND 
 +  3725 trainee    22  49    0  519M  168M sleep   25:28  0.45% firefox 
 +  3661 trainee    23  59    0  227M  149M sleep    2:58  0.18% java 
 +  3685 trainee      59    0  191M 8008K sleep    0:00  0.00% gnome-volume-co 
 +  1159 trainee      59    0  169M  151M sleep    3:59  0.30% Xorg 
 +  3645 trainee      59    0  150M   35M sleep    0:05  0.00% gnome-panel 
 +  3648 trainee      49    0  147M   28M sleep    0:01  0.00% nautilus 
 +  3640 trainee      59    0  143M   22M sleep    0:06  0.00% gnome-settings- 
 +...
 </code> </code>
  
-Your zone's configuration is now in its own **XML** file: 
  
-<code> +====The fg and bg Commands==== 
-root@solaris:~# cat /etc/zones/myzone.xml  + 
-<?xml version="1.0" encoding="UTF-8"?> +You can launch a process either in the foreground or the background when using bash or ksh. A process running in the background is asynchonous whilst a process in the foreground is synchronous.
-<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1"> +
-<!-- +
-    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead. +
---> +
-<zone name="myzone" zonepath="/zones/myzone" autoboot="true" brand="solaris" ip-type="exclusive"> +
-  <automatic-network lower-link="auto" linkname="net0" link-protection="mac-nospoof" mac-address="random"/> +
-</zone> +
-</code> +
  
-Display the zones on your system by using the **list** subcommand of the **zoneadm** command:+Execute the following command:
  
 <code> <code>
-root@solaris:~# zoneadm list -cv +root@solaris:~# sleep 9999 & 
-  ID NAME             STATUS     PATH                           BRAND    IP     +[1] 6790
-   0 global           running    /                              solaris  shared +
-   - myzone           configured /zones/myzone                  solaris  excl +
 </code> </code>
  
-The switches used with the **list** subcommand are: +In the above output you can see a **job number** between square brackets followed by the PID. The job number is specific to the terminal in which the cammand is executed. 
- +
-^ Switch ^ Description ^ +
-| -c | Display all zones | +
-| -v | Display verbose output | +
- +
-====Installing a Zone====+
  
-Now you are ready to install the zone with the following command:+At any point in time, you can display a list of running jobs by using the **jobs** command:
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone install+root@solaris:~# jobs -
 +[1]+  6790 Running                 sleep 9999 &
 </code> </code>
  
 <WRAP center round important 60%> <WRAP center round important 60%>
-Go grab a cup of coffee or juice ! The installation process can take upto 20 minutes.+Note the **+** sign between the job number and PID. This indicates that the job is the last job to have been worked on. A **-** sign indicates that the job was the second to last job thta was worked on.
 </WRAP> </WRAP>
  
-When installation is complete, you will see something similar to the following:+If you are running a job in the foreground and you wish to swap it to the background, you first need to pause the process. Pausing a process in Solaris 11 is acheived using **^Z** as shown by the output of the follwing command:
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone install +root@solaris:~# stty -a 
-The following ZFS file system(s) have been created: +speed 38400 baud;  
-    rpool/zones/myzone +rows = 36; columns = 168; ypixels = 0; xpixels = 0; 
-Progress being logged to /var/log/zones/zoneadm.20121214T123059Z.myzone.install +csdata ? 
-       ImagePreparing at /zones/myzone/root.+eucw 1:0:0:0, scrw 1:0:0:0 
 +intr = ^c; quit = ^\; erase = ^?; kill = ^u; 
 +eof = ^d; eol = -^?; eol2 = -^?; swtch = <undef>; 
 +start = ^q; stop = ^s; susp = ^z; dsusp = ^y; 
 +rprnt = ^r; flush = ^o; werase = ^w; lnext = ^v; 
 +-parenb -parodd cs8 -cstopb hupcl cread -clocal -loblk -crtscts -crtsxoff -parext  
 +-ignbrk brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl -iuclc  
 +ixon ixany -ixoff imaxbel  
 +isig icanon -xcase echo echoe echok -echonl -noflsh  
 +-tostop echoctl -echoprt echoke -defecho -flusho -pendin iexten  
 +opost -olcuc onlcr -ocrnl -onocr -onlret -ofill -ofdel  
 +</code>
  
- AI Manifest/tmp/manifest.xml.UWaiVk +To understand how ths works, execute the following command:
-  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml +
-    Zonename: myzone +
-Installation: Starting ...+
  
-              Creating IPS image +<code> 
-Startup linked: 1/1 done +root@solaris:~# sleep 1234
-              Installing packages from: +
-                  solaris +
-                      origin http://pkg.oracle.com/solaris/release/ +
-DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED +
-Completed                            183/183   33556/33556  222.2/222.2  154k/s+
  
-PHASE                                          ITEMS +</code>
-Installing new actions                   46825/46825 +
-Updating package state database                 Done  +
-Updating image state                            Done  +
-Creating fast lookup database                   Done  +
-Installation: Succeeded+
  
-        NoteMan pages can be obtained by installing pkg:/system/manual+Now pause the process with ^Z :
  
- done. +<code> 
- +root@solaris:~# sleep 1234 
-        DoneInstallation completed in 3389.965 seconds. +^Z 
- +[2]+  Stopped                 sleep 1234 
- +root@solaris:~# jobs -l 
-  Next StepsBoot the zone, then log into the zone console (zlogin -C) +[1]-  6790 Running                 sleep 9999 & 
- +[2]+  6794 Stopped (user)          sleep 1234
-              to complete the configuration process. +
- +
-Log saved in non-global zone as /zones/myzone/root/var/log/zones/zoneadm.20121214T123059Z.myzone.install+
 </code> </code>
  
-Now use zonesadm'**list** subcommand to display the zones:+Now the process is paused you can switch it to the background using the **bg** command:
  
 <code> <code>
-root@solaris:~# zoneadm list -cv +root@solaris:~# bg %2 
-  ID NAME             STATUS     PATH                           BRAND    IP     +[2]+ sleep 1234 & 
-   0 global           running    /                              solaris  shared +root@solaris:~# jobs -l 
-   myzone           installed  /zones/myzone                  solaris  excl  +[1]-  6790 Running                 sleep 9999 & 
 +[2]+  6794 Running                 sleep 1234 &
 </code> </code>
  
 <WRAP center round important 60%> <WRAP center round important 60%>
-Note that the myzone **STATUS** is now **installed** as opposed to **configured**.+Note that when the job is sent to the background, it automatically starts to run.
 </WRAP> </WRAP>
  
-====A Zone's First Boot==== +When you want to switch the process back to the foreground, you must again pause it. However, in this case, you cannot use ^Z. Instead you need to send a signal to the process using the **kill** command:
- +
-Verify myzone and then boot it:+
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone verify +root@solaris:~# kill -l 
-root@solaris:~# zoneadm -z myzone boot+ 1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 
 + 6) SIGABRT 7) SIGEMT 8) SIGFPE 9) SIGKILL 10) SIGBUS 
 +11) SIGSEGV 12) SIGSYS 13) SIGPIPE 14) SIGALRM 15) SIGTERM 
 +16) SIGUSR1 17) SIGUSR2 18) SIGCHLD 19) SIGPWR 20) SIGWINCH 
 +21) SIGURG 22) SIGIO 23) SIGSTOP 24) SIGTSTP 25) SIGCONT 
 +26) SIGTTIN 27) SIGTTOU 28) SIGVTALRM 29) SIGPROF 30) SIGXCPU 
 +31) SIGXFSZ 32) SIGWAITING 33) SIGLWP 34) SIGFREEZE 35) SIGTHAW 
 +36) SIGCANCEL 37) SIGLOST 38) SIGXRES 39) SIGJVM1 40) SIGJVM2 
 +41) SIGRTMIN 42) SIGRTMIN+1 43) SIGRTMIN+2 44) SIGRTMIN+3 45) SIGRTMIN+4 
 +46) SIGRTMIN+5 47) SIGRTMIN+6 48) SIGRTMIN+7 49) SIGRTMIN+8 50) SIGRTMIN+9 
 +51) SIGRTMIN+10 52) SIGRTMIN+11 53) SIGRTMIN+12 54) SIGRTMIN+13 55) SIGRTMIN+14 
 +56) SIGRTMIN+15 57) SIGRTMAX-15 58) SIGRTMAX-14 59) SIGRTMAX-13 60) SIGRTMAX-12 
 +61) SIGRTMAX-11 62) SIGRTMAX-10 63) SIGRTMAX-9 64) SIGRTMAX-8 65) SIGRTMAX-7 
 +66) SIGRTMAX-6 67) SIGRTMAX-5 68) SIGRTMAX-4 69) SIGRTMAX-3 70) SIGRTMAX-2 
 +71) SIGRTMAX-1 72) SIGRTMAX
 </code> </code>
  
-Check if the zone status is now **running**:+The signal we need to send is the SIGSTOP:
  
 <code> <code>
-root@solaris:~# zoneadm list -cv +oot@solaris:~# kill -23 %2 
-  ID NAME             STATUS     PATH                           BRAND    IP     +root@solaris:~# jobs -l 
-   0 global           running    /                              solaris  shared +[1]-  6790 Running                 sleep 9999 & 
-   myzone           running    /zones/myzone                  solaris  excl  +[2]+  6794 Stopped (signal)        sleep 1234
 </code> </code>
  
-Now you can login to the zone using the **zlogin** command:+Now you can bring the process to the forground using the **fg** command:
  
 <code> <code>
-root@solaris:~# zlogin -C myzone +root@solaris:~# fg %2 
-[Connected to zone 'myzone' console]+sleep 1234 
 +^C
 </code> </code>
  
-Hit <key>Enter</key> and configure the zone: 
  
-  * host name myzone.fenestros.loc +====The wait command====
-  * time zone Europe/Paris +
-  * root password Wind0w$ +
-  * user name and login myzone +
-  * user password fenestr0$+
  
-Once configured you will see messages similar to the following:+The wait command transforms an asynchronous command into a synchronous command.
  
-<code> +For example:
-SC profile successfully generated. +
-Exiting System Configuration Tool. Log is available at: +
-/system/volatile/sysconfig/sysconfig.log.7316 +
-</code> +
- +
-Use the tilde-dot ( ~. ) shortcut to leave the zone and return to your global zone:+
  
 <code> <code>
-~. +root@solaris:~# jobs -l 
-[Connection to zone 'myzone' console closed+[1]+  6790 Running                 sleep 9999 & 
-root@solaris:~# +root@solaris:~# wait %1 
 +^C 
 +root@solaris:~# jobs -l 
 +[1]+  6790 Running                 sleep 9999 &
 </code> </code>
  
-====Logging into a Zone Directly as Root====+====The prioctnl Command====
  
-Log back into the zone as root using the **-S** switch of the **zlogin** command:+Whilst the **nice** command still exists in Solaris 11, its use is deprecated and it has been included only for backward compatibility. Solaris 11 provides the **priocntl** command for process scheduling.
  
-<code> +The priocntl switches are as follows:
-root@solaris:~# zlogin -S myzone +
-[Connected to zone 'myzone' pts/4] +
-@myzone:~$ whoami +
-root +
-@myzone:~$ ~.                                                                                                                                                            +
-[Connection to zone 'myzone' pts/4 closed] +
-root@solaris:~#  +
-</code>+
  
-====Logging into Zone as specific User====+^ Switch ^ Definition ^ 
 +| -l | Lists the currently loaded scheduling tasks | 
 +| -d | Displays the scheduling parameters of process | 
 +| -e | Creates process by executing a command | 
 +| -p | Changes the priority of an existing process | 
 +| -c | Specifies the class in which the command executes |
  
-To log into the zone as the **myzone** user that you previously createduse the following command:+Firstlydisplay the currently loaded scheduling tasks:
  
 <code> <code>
-root@solaris:~# zlogin -l myzone myzone +root@solaris:~# priocntl -l 
-[Connected to zone 'myzone' pts/4] +CONFIGURED CLASSES 
-No directory! Logging in with home=+==================
-Oracle Corporation SunOS 5.11 11.1 September 2012 +
--bash-4.1$ whoami +
-myzone +
--bash-4.1$ ~. +
-[Connection to zone 'myzone' pts/4 closed] +
-root@solaris:~#  +
-</code>+
  
-=====LAB #2 - Administering Zones=====+SYS (System Class)
  
-====Sharing Files between the Global and Local Zones====+TS (Time Sharing
 + Configured TS User Priority Range: -60 through 60
  
-To share files between the two zones, you need to configure a LOFS mount.+SDC (System Duty-Cycle Class)
  
-In the global zone, create a directory for sharing files:+FX (Fixed priority) 
 + Configured FX User Priority Range0 through 60
  
-<code> +IA (Interactive) 
-root@solaris:~# mkdir -p /root/zones/myzone + Configured IA User Priority Range: -60 through 60
-</code>+
  
-Now use the **zonecfg** command to configure the share:+RT (Real Time) 
 + Configured RT User Priority Range: 0 through 59 
 +</code>  
 + 
 +To display the scheduling parameters of the sleep process created earlier, use the following command replacing the PID value with the PID of **your** process:
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone +root@solaris:~# priocntl -d -i pid 6790 
-zonecfg:myzone> add fs +INTERACTIVE CLASS PROCESSES
-zonecfg:myzone:fs> set dir=/root/share +   PID[/LWP      IAUPRILIM     IAUPRI     IAMODE 
-zonecfg:myzone:fs> set special=/root/zones/myzone +   6790                0            0          1
-zonecfg:myzone:fs> set type=lofs +
-zonecfg:myzone:fs> add options [rw,nodevices+
-zonecfg:myzone:fs> end +
-zonecfg:myzone> exit +
-root@solaris:~# +
 </code> </code>
  
-<WRAP center round important 60%> +This output shows three columns:
-Note that **dir** indicates the mount point in the local zone whilst **special** indicates the share in the global zone. +
-</WRAP>+
  
-Now create a file in **/root/zones/myzone**: +^ Column ^ Description ^ 
- +| IAUPRILIM | The inter-active per process user priority | 
-<code> +| IAUPRI | The inter-active user priority limit | 
-root@solaris:~# touch /root/zones/myzone/testshare +| IAMODE | The inter-active mode bit. When set, the process is given a priority boost of 10 |
-</code>+
  
-Reboot myzonecheck it is up and running, log into myzone as root and check you can see the share. Finally, create a file in **/root/share**:+To now modify the process priority ( nice value ) of your sleep commanduse the following command and display the result:
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone reboot +root@solaris:~# priocntl -s -p -5 -i pid 6790 
-root@solaris:~# zoneadm list -cv +root@solaris:~# priocntl -d -i pid 6790 
-  ID NAME             STATUS     PATH                           BRAND    IP     +INTERACTIVE CLASS PROCESSES: 
-   0 global           running                                 solaris  shared +   PID[/LWP]       IAUPRILIM     IAUPRI     IAMODE 
-   2 myzone           running    /zones/myzone                  solaris  excl   +   6790                0           -5          1
-root@solaris:~# zlogin -S myzone +
-[Connected to zone 'myzone' pts/4] +
-@myzone:~$ cd /root +
-@myzone:~root$ ls                                                                                                                                                        +
-share +
-@myzone:~root$ ls share                                                                                                                                                  +
-testshare +
-@myzone:~root$ touch share/shareback                                                                                                                                     +
-@myzone:~root$ ls share                                                                                                                                                  +
-shareback  testshare+
 </code> </code>
  
-Leave myzone and check if you can see the **shareback** file from the global zone:+<WRAP center round important 60%> 
 +Note that a negative value reduces the global priority of the process. For more information concerning the use of this command, consult this **[[http://docs.oracle.com/cd/E23824_01/html/821-1461/priocntl-1.html|page]]** 
 +</WRAP>
  
-<code> 
-@myzone:~root$ ~.                                                                                                                                                        
-[Connection to zone 'myzone' pts/4 closed] 
-root@solaris:~# ls /root/zones/myzone 
-shareback  testshare 
-</code> 
  
-You can also share the global zone's DVD-ROM drive. However do **not** use the process explained above since it creates a permanent LOFS mount which will stop you ejecting the DVD from the global zone's DVD-ROM drive whilst the local zone is running:+====The nohup Command====
  
-<code> +The nohup utility invokes the named command with the arguments suppliedWhen the command is invoked, nohup arranges for the SIGHUP signal to be ignored by the processWhen invoked with the -p or -g switches, nohup arranges for processes already running as identified by a list of process IDs or a list of process group IDs to become immune to hang-ups.
-root@solaris:~# mkdir /zones/myzone/root/globaldvdrom +
-root@solaris:~# ls /cdrom/cdrom0 +
-32Bit                           autorun.sh                      runasroot.sh                    VBoxWindowsAdditions-amd64.exe +
-64Bit                           cert                            VBoxLinuxAdditions.run          VBoxWindowsAdditions-x86.exe +
-AUTORUN.INF                     OS2                             VBoxSolarisAdditions.pkg        VBoxWindowsAdditions.exe +
-root@solaris:~# mount -F lofs /cdrom/cdrom0 /zones/myzone/root/globaldvdrom +
-</code>+
  
-Now check you can see the contents of the DVD from within the local zone:+  root@solaris:~# nohup lp /root/sales &
  
-<code> 
-root@solaris:~# zlogin myzone ls /globaldvdrom 
-32Bit 
-64Bit 
-AUTORUN.INF 
-autorun.sh 
-cert 
-OS2 
-runasroot.sh 
-VBoxLinuxAdditions.run 
-VBoxSolarisAdditions.pkg 
-VBoxWindowsAdditions-amd64.exe 
-VBoxWindowsAdditions-x86.exe 
-VBoxWindowsAdditions.exe 
-</code> 
  
-Finally unmount the DVD-Rom and eject it: 
  
-<code> +=====proc tools=====
-root@solaris:~# umount /zones/myzone/root/globaldvdrom +
-root@solaris:~# eject cdrom +
-cdrom /dev/dsk/c7t1d0s2 ejected +
-</code>+
  
-====Removing the Share====+====pcred====
  
-In order to remove the LOFS share, proceed as follows:+The **pcred** command shows the owner of a specified process:
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone +root@solaris:~# pcred 1 
-zonecfg:myzone> info fs +1: e/r/suid=0  e/r/sgid=0
-fs: +
- dir: /root/share +
- special: /root/zones/myzone +
- raw not specified +
- type: lofs +
- options: [rw,nodevices] +
-zonecfg:myzone> remove fs dir=/root/share +
-zonecfg:myzone> exit +
-root@solaris:~# zoneadm -z myzone reboot+
 </code> </code>
  
-====Allocating CPU Resources====+====pfiles====
  
-First, lets see what the non-global zone currently sees as available processors:+The **pfiles** command output diplays the open files associated with a process:
  
 <code> <code>
-root@solaris:~# zlogin myzone psrinfo -v +root@solaris:~# pfiles 1 
-Status of virtual processor 0 as of12/15/2012 06:54:05 +1: /usr/sbin/init 
-  on-line since 12/15/2012 07:25:33. +  Current rlimit256 file descriptors 
-  The i386 processor operates at 2271 MHz, +   0S_IFIFO mode:0600 dev:585,1 ino:4616249 uid:0 gid:0 size:0 
- and has an i387 compatible floating point processor. +      O_RDWR|O_NDELAY 
-Status of virtual processor as of12/15/2012 06:54:05 +      /system/volatile/initpipe 
-  on-line since 12/15/2012 07:25:34. + 253S_IFREG mode:0444 dev:583,1 ino:65538 uid:0 gid:0 size:0 
-  The i386 processor operates at 2271 MHz+      O_RDONLY|O_LARGEFILE FD_CLOEXEC 
- and has an i387 compatible floating point processor.+      /system/contract/process/pbundle 
 +      offset:
 + 254S_IFREG mode:0666 dev:583,1 ino:65539 uid:0 gid:0 size:0 
 +      O_RDWR|O_LARGEFILE FD_CLOEXEC 
 +      /system/contract/process/template 
 +      offset:0 
 + 255: S_IFREG mode:0666 dev:583,1 ino:65539 uid:0 gid:0 size:0 
 +      O_RDWR|O_LARGEFILE FD_CLOEXEC 
 +      /system/contract/process/template 
 +      offset:0
 </code> </code>
  
-As you can see, the zone has //grabbed// both of the processors available in the global zone. In order to limit the availabilty to just 1 processor, you need to change the zone's configuration:+====pflags====
  
-<code> +The **pflags** command prints the /proc tracing flags, the pending and held signals and other /proc status information for the process:
-root@solaris:~# zonecfg -z myzone +
-zonecfg:myzone> add dedicated-cpu +
-zonecfg:myzone:dedicated-cpu> set ncpus=1 +
-zonecfg:myzone:dedicated-cpu> end +
-zonecfg:myzone> exit +
-root@solaris:~# zoneadm -z myzone reboot +
-root@solaris:~# zlogin myzone psrinfo -v +
-Status of virtual processor 0 as of: 12/15/2012 07:12:29 +
-  on-line since 12/15/2012 07:25:33. +
-  The i386 processor operates at 2271 MHz, +
- and has an i387 compatible floating point processor. +
-</code> +
- +
-<WRAP center round important 60%> +
-The dedicated cpu is now invisible to all other non-global zones. You can also define a range of CPUs, such as **1-3**, in which case, when the non-global zone boots, the system will allocate 1 CPU as a minimum and 2 or 3 CPUs if they are available. +
-</WRAP> +
- +
-Before proceeding further, remove the dedicated CPU:+
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone "remove dedicated-cpu" +root@solaris:~# pflags 1 
-root@solaris:~# zoneadm -z myzone reboot+1: /usr/sbin/init 
 + data model = _ILP32  flags = ORPHAN|MSACCT|MSFORK 
 + /1: flags = ASLEEP  pollsys(0x806c040,0x1,0xf5d29688,0x0)
 </code> </code>
  
-====Fair Share Scheduler====+====pldd====
  
-Another way of sharing resources is to use the Fair Share Scheduler. Firstly, you need to set that scheduler as the default for the system:+The **pldd** command lists the dynamic libraries linked into each process:
  
-<code> +<code sh
-root@solaris:~# dispadmin -d FSS +root@solaris:~# pldd 1 
-root@solaris:~# dispadmin -l +1: /usr/sbin/init 
-CONFIGURED CLASSES +/usr/lib/libc/libc_hwcap1.so.1 
-================== +/lib/libcontract.so.1 
- +/lib/libnvpair.so.1 
-SYS (System Class) +/lib/libnsl.so.1 
-TS (Time Sharing) +/lib/libscf.so.1 
-SDC (System Duty-Cycle Class) +/lib/libuutil.so.1 
-FX (Fixed Priority) +/lib/libbsm.so.1 
-IA (Interactive) +/lib/libtsol.so.2
-RT (Real Time) +
-FSS (Fair Share)+
 </code> </code>
  
-Next set the FSS scheduler as the default for your zone:+====pstack====
  
-<code> +The **pstack** command prints a hex+symbolic stack trace for each process:
-root@solaris:~# zonecfg -z myzone "set scheduling-class=FSS" +
-</code> +
- +
-Now you can give your global zone 75% of your processors leaving 25% for your zone:+
  
 <code> <code>
-root@solaris:~# zonecfg -z global +root@solaris:~# pstack 1 
-zonecfg:global> set cpu-shares=75 +1: /usr/sbin/init 
-zonecfg:global> exit + f4704ed7 pollsys  (806c040, 1, f5d29688, 0) 
-root@solaris:~# zonecfg -z myzone + f46aacc5 poll     (806c040, 1, 493e0, 80545cf) + 81 
-zonecfg:myzone> set cpu-shares=25 + 080546b3 main     (1, f5d2a00c, f5d2a014, f48278bc) + 427 
-zonecfg:myzone> exit+ 080541ed _start   (1, f5d2a088, 0, 0, 7d8, f5d2a097) + 7d
 </code> </code>
  
-Finally use the **prstat** command to display the CPU resource balancing:+====ptree====
  
-<code> +The **ptree** command prints a tree of all running processes showing their dependencies:
-   PID USERNAME  SIZE   RSS STATE   PRI NICE      TIME  CPU PROCESS/NLWP       +
-  3725 trainee   518M  180M sleep    49    0   0:31:48 0.4% firefox/21 +
-  3738 trainee   129M   18M sleep    59    0   0:00:37 0.4% gnome-terminal/+
- 11208 daemon     14M 3380K sleep    59    0   0:00:04 0.3% rcapd/1 +
-  1159 trainee   169M  152M sleep    59    0   0:04:51 0.1% Xorg/3 +
-  3661 trainee   227M  149M sleep    59    0   0:03:32 0.1% java/23 +
-     5 root        0K    0K sleep    99  -20   0:01:11 0.1% zpool-rpool/136 +
-  3683 trainee    13M  724K sleep    59    0   0:01:25 0.0% VBoxClient/+
- 12971 root       11M 3744K cpu1     59    0   0:00:00 0.0% prstat/1 +
- 12134 netadm   5340K 2808K sleep    59    0   0:00:00 0.0% nwamd/7 +
- 12308 root     5880K 2296K sleep    59    0   0:00:00 0.0% nscd/25 +
-  3645 trainee   150M   35M sleep    59    0   0:00:06 0.0% gnome-panel/+
-  3644 trainee   128M   15M sleep    59    0   0:00:12 0.0% metacity/+
- 12400 root     3964K 1008K sleep    59    0   0:00:00 0.0% syslogd/11 +
-  3658 trainee    61M   23M sleep    12   19   0:00:03 0.0% updatemanagerno/+
-   814 root       16M 6288K sleep    59    0   0:00:05 0.0% nscd/37 +
-   932 root       11M  600K sleep    59    0   0:00:05 0.0% VBoxService/+
-   957 root       11M 1144K sleep    59    0   0:00:00 0.0% syslogd/11 +
-   818 root        0K    0K sleep    99  -20   0:00:00 0.0% zpool-mypool/136 +
-   637 root     9408K 1036K sleep    59    0   0:00:00 0.0% dhcpagent/+
-   881 daemon   3356K    4K sleep    59    0   0:00:00 0.0% rpcbind/1 +
-    95 netadm   4296K  680K sleep    59    0   0:00:00 0.0% ipmgmtd/6 +
-   104 root     9692K  388K sleep    59    0   0:00:00 0.0% in.mpathd/+
-    85 daemon     16M 2940K sleep    59    0   0:00:00 0.0% kcfd/3 +
-    50 root       16M 1560K sleep    59    0   0:00:00 0.0% dlmgmtd/7 +
-ZONEID    NPROC  SWAP   RSS MEMORY      TIME  CPU ZONE                         +
-          124 4095M  973M    48%   0:53:57 1.4% global                       +
-           28  137M   46M   2.2%   0:00:08 0.0% myzone                       +
- +
- +
- +
- +
- +
- +
-Total: 152 processes, 956 lwps, load averages: 0.08, 0.12, 0.12 +
-</code> +
-====Allocating Memory==== +
- +
-Three types of memory capping are possible within a zone: +
- +
-^ Cap ^ Description ^ +
-| Physical | Total amount of physical memory available to the zone. Once past the cap, memory pages are paged out | +
-| Locked | Amount of memory that can be allocated to a greedy application by a zone | +
-| Swap | Amount of swap space that can be used by a zone | +
- +
-To cap the physical memory of a zone, you need to add and correctly configure the **capped-memory** property:+
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone +root@solaris:~# ptree 
-zonecfg:myzone> add capped-memory +934   /usr/lib/fm/fmd/fmd 
-zonecfg:myzone:capped-memory> set physical=50m +936   /usr/lib/ssh/sshd 
-zonecfg:myzone:capped-memory> end +957   /usr/sbin/syslogd 
-zonecfg:myzone> exit +978   /usr/lib/sendmail -Ac -q15m 
-root@solaris:~# zonecfg -z myzone info capped-memory +979   /usr/sbin/auditd 
-capped-memory: +982   /usr/lib/sendmail -bl -q15m 
- physical: 50M+1002  /usr/lib/vtdaemon -c 16 
 +1106  /usr/lib/devchassis/devchassisd 
 +1109  /usr/lib/inet/in.ndpd 
 +1119  /usr/lib/rmvolmgr -s 
 +1122  /usr/sbin/gdm-binary 
 +  1143  /usr/lib/gdm-simple-slave --display-id /org/gnome/DisplayManager/Display1 
 +    1159  /usr/bin/Xorg :0 -nolisten tcp -br -novtswitch -auth /tmp/gdm-auth-cookies-DOaq 
 +    1992  /usr/lib/gdm-session-worker 
 +      3579  gnome-session 
 +        3620  /usr/bin/ssh-agent -- gnome-session 
 +        3644  metacity 
 +        3645  gnome-panel 
 +        3648  nautilus 
 +        3653  /usr/lib/nwam-manager 
 +        3658  /usr/bin/python2.6 /usr/lib/updatemanagernotifier 
 +        3660  python2.6 /usr/lib/system-config-printer/applet.py 
 +        3661  java -Djava.security.policy=/usr/share/vpanels/java.policy com.oracle.solaris.v 
 +        3668  gnome-power-manager 
 +        3674  /usr/bin/xscreensaver -nosplash 
 +        3685  gnome-volume-control-applet 
 +        3688  python2.6 /usr/lib/time-slider-notify 
 +1129  /usr/lib/fm/notify/asr-notify 
 +1138  /usr/lib/fm/notify/smtp-notify 
 +1406  /usr/sbin/cupsd -C /etc/cups/cupsd.conf 
 +1456  /usr/bin/dbus-launch --exit-with-session 
 +1495  /usr/apache2/2.2/bin/htcacheclean -d20160 -i -l 2048M -n -p /var/cache/pkg/sysr 
 +1661  /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +  1665  /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +  1666  /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +  1667  /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +  1668  /usr/apache2/2.2/bin/64/httpd.worker -f /system/volatile/pkg/sysrepo/sysrepo_ht 
 +1664  /usr/lib/zones/zoneproxyd 
 +1822  zoneadmd -z myzone 
 +2122  /usr/lib/ocm/ccr/bin/nmz 
 +3608  dbus-launch --exit-with-session --sh-syntax 
 +3609  /usr/lib/dbus-daemon --fork --print-pid 6 --print-address 8 --session 
 +3633  /usr/lib/gconfd-2 
 +3636  /usr/bin/gnome-keyring-daemon --start --components=pkcs11 
 +3640  /usr/lib/gnome-settings-daemon 
 +3643  /usr/lib/gvfsd 
 +3647  /usr/lib/gvfs-hal-volume-monitor 
 +3650  /usr/lib/bonobo-activation-server --ac-activate --ior-output-fd=21 
 +3652  /usr/lib/wnck-applet --oaf-activate-iid=OAFIID:GNOME_Wncklet_Factory --oaf-ior
 +3655  /usr/lib/trashapplet --oaf-activate-iid=OAFIID:GNOME_Panel_TrashApplet_Factory  
 +3657  /usr/lib/gvfsd-trash --spawner :1.9 /org/gtk/gvfs/exec_spaw/
 +3675  /usr/bin/VBoxClient --clipboard 
 +3679  /usr/bin/VBoxClient --display 
 +3682  /usr/bin/VBoxClient --seamless 
 +3683  /usr/bin/VBoxClient --draganddrop 
 +3698  /usr/lib/clock-applet --oaf-activate-iid=OAFIID:GNOME_ClockApplet_Factory --oaf 
 +3700  /usr/lib/notification-area-applet --oaf-activate-iid=OAFIID:GNOME_NotificationA 
 +3709  /usr/bin/pulseaudio --start 
 +3720  /usr/lib/gvfsd-metadata 
 +3722  /usr/lib/notification-daemon 
 +3725  /usr/bin/firefox 
 +3738  gnome-terminal 
 +  3739  gnome-pty-helper 
 +  3741  bash 
 +    3742  su - 
 +      3743  -bash 
 +        6891  sleep 9999 
 +        6932  ptree 
 +3782  /usr/lib/gam_server 
 +4985  zsched 
 +  5614  /usr/sbin/init 
 +5770  /lib/svc/bin/svc.startd 
 +  6201  /usr/sbin/ttymon -g -d /dev/console -l console -T vt100 -m ldterm,ttcompat -h - 
 +5774  /lib/svc/bin/svc.configd 
 +5804  /lib/inet/netcfgd 
 +5834  /lib/crypto/kcfd 
 +5843  /usr/lib/pfexecd 
 +5889  /usr/lib/utmpd 
 +5893  /lib/inet/ipmgmtd 
 +5906  /lib/inet/in.mpathd 
 +5960  /lib/inet/nwamd 
 +5968  /sbin/dhcpagent 
 +6090  /usr/lib/zones/zoneproxy-client -s localhost:1008 
 +6123  /usr/sbin/cron 
 +6136  /usr/sbin/nscd 
 +6165  /usr/sbin/rpcbind 
 +6173  /usr/lib/autofs/automountd 
 +  6174  /usr/lib/autofs/automountd 
 +6178  /usr/lib/inet/inetd start 
 +6180  /usr/lib/fm/fmd/fmd 
 +6181  /usr/lib/nfs/nfsmapid 
 +6199  /usr/lib/ssh/sshd 
 +6216  /usr/sbin/syslogd 
 +6227  /usr/lib/sendmail -Ac -q15m 
 +6236  /usr/lib/sendmail -bl -q15m 
 +6242  /usr/lib/fm/notify/smtp-notify 
 +6255  /usr/lib/inet/in.ndpd 
 +11    /lib/svc/bin/svc.startd 
 +  985   /usr/sbin/ttymon -g -d /dev/console -l console -T sun-color -m ldterm,ttcompat  
 +  1012  /usr/sbin/ttymon -g -d /dev/vt/4 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +  1013  /usr/sbin/ttymon --d /dev/vt/2 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +  1014  /usr/sbin/ttymon -g -d /dev/vt/6 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +  1015  /usr/sbin/ttymon -g -d /dev/vt/5 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +  1016  /usr/sbin/ttymon -g -d /dev/vt/3 -l console -m ldterm,ttcompat -h -p solaris.fe 
 +13    /lib/svc/bin/svc.configd 
 +42    /lib/inet/netcfgd 
 +50    /usr/sbin/dlmgmtd 
 +85    /lib/crypto/kcfd 
 +95    /lib/inet/ipmgmtd 
 +104   /lib/inet/in.mpathd 
 +118   /usr/lib/pfexecd 
 +191   /usr/lib/utmpd 
 +203   /usr/lib/zones/zonestatd 
 +225   /usr/lib/sysevent/syseventd 
 +235   /usr/sbin/vbiosd 
 +237   /usr/lib/rad/rad -sp 
 +  3723  /usr/lib/rad/rad -m /usr/lib/rad/transport -m /usr/lib/rad/protocol -m /usr/lib 
 +241   /usr/lib/dbus-daemon --system 
 +413   /usr/lib/devfsadm/devfsadmd 
 +570   /lib/inet/nwamd 
 +637   /sbin/dhcpagent 
 +679   /usr/lib/picl/picld 
 +814   /usr/sbin/nscd 
 +823   /lib/svc/method/iscsid 
 +874   /usr/sbin/cron 
 +881   /usr/sbin/rpcbind 
 +890   /usr/lib/nfs/nfsmapid 
 +891   /usr/lib/inet/inetd start 
 +892   /usr/lib/hal/hald --daemon=yes 
 +  895   hald-runner 
 +    941   /usr/lib/hal/hald-addon-cpufreq 
 +    943   /usr/lib/hal/hald-addon-acpi 
 +    996   /usr/lib/hal/hald-addon-storage 
 +896   /usr/sbin/console-kit-daemon 
 +898   /usr/lib/autofs/automountd 
 +  899   /usr/lib/autofs/automountd 
 +932   /usr/bin/VBoxService 
 +6274  gedit 
 +6736  nautilus --no-desktop /home/trainee
 </code> </code>
  
-====Zone Statistics====+====pwdx====
  
-Zone statistics can be displayed by using the **zonestat** command:+The **pwdx** command prints the current working directory of a process:
  
-<code> +<code sh
-root@solaris:~# zonestat 5 3 +root@solaris:~# pwdx 
-Collecting data for first interval... +1: /
-Interval: 1, Duration: 0:00:05 +
-SUMMARY                   Cpus/Online: 2/2   PhysMem: 2047M  VirtMem: 3071M +
-                    ---CPU----  --PhysMem-- --VirtMem-- --PhysNet-- +
-               ZONE  USED %PART  USED %USED  USED %USED PBYTE %PUSE +
-            [total]  0.23 11.9% 1495M 73.0% 1967M 64.0%     0 0.00% +
-           [system]  0.19 9.68%  309M 15.1%  891M 29.0%         - +
-             global  0.04 4.52% 1134M 55.4% 1024M 33.3%     0 0.00% +
-             myzone  0.00 0.10% 51.3M 2.50% 51.5M 1.67%     0 0.00% +
- +
-Interval2, Duration: 0:00:10 +
-SUMMARY                   Cpus/Online: 2/2   PhysMem: 2047M  VirtMem: 3071M +
-                    ---CPU----  --PhysMem-- --VirtMem-- --PhysNet-- +
-               ZONE  USED %PART  USED %USED  USED %USED PBYTE %PUSE +
-            [total]  0.06 3.47% 1495M 73.0% 1967M 64.0%     0 0.00% +
-           [system]  0.02 1.00%  310M 15.1%  891M 29.0%         - +
-             global  0.04 4.80% 1134M 55.4% 1024M 33.3%     0 0.00% +
-             myzone  0.00 0.14% 51.3M 2.50% 51.5M 1.67%     0 0.00% +
- +
-Interval: 3, Duration: 0:00:15 +
-SUMMARY                   Cpus/Online: 2/2   PhysMem: 2047M  VirtMem: 3071M +
-                    ---CPU----  --PhysMem-- --VirtMem-- --PhysNet-- +
-               ZONE  USED %PART  USED %USED  USED %USED PBYTE %PUSE +
-            [total]  0.07 3.83% 1494M 72.9% 1963M 63.9%     0 0.00% +
-           [system]  0.02 1.10%  308M 15.0%  891M 29.0%         - +
-             global  0.05 5.34% 1134M 55.4% 1020M 33.2%     0 0.00% +
-             myzone  0.00 0.12% 51.3M 2.50% 51.5M 1.67%     0 0.00%+
 </code> </code>
  
 +=====Process Scheduling=====
  
-====Non-global Zone Privileges ==== 
- 
-Certain things cannot be done from within a non-global zone. The list of privileges assigned to a zone can be displayed as follows: 
- 
-<code> 
-root@solaris:~# zlogin myzone ppriv -l 
-contract_event 
-contract_identity 
-contract_observer 
-cpc_cpu 
-dtrace_kernel 
-dtrace_proc 
-dtrace_user 
-file_chown 
-file_chown_self 
-file_dac_execute 
-file_dac_read 
-file_dac_search 
-file_dac_write 
-file_downgrade_sl 
-file_flag_set 
-file_link_any 
-file_owner 
-file_read 
-file_setid 
-file_upgrade_sl 
-file_write 
-graphics_access 
-graphics_map 
-ipc_dac_read 
-ipc_dac_write 
-ipc_owner 
-net_access 
-net_bindmlp 
-net_icmpaccess 
-net_mac_aware 
-net_mac_implicit 
-net_observability 
-net_privaddr 
-net_rawaccess 
-proc_audit 
-proc_chroot 
-proc_clock_highres 
-proc_exec 
-proc_fork 
-proc_info 
-proc_lock_memory 
-proc_owner 
-proc_priocntl 
-proc_session 
-proc_setid 
-proc_taskid 
-proc_zone 
-sys_acct 
-sys_admin 
-sys_audit 
-sys_config 
-sys_devices 
-sys_ipc_config 
-sys_linkdir 
-sys_mount 
-sys_iptun_config 
-sys_flow_config 
-sys_dl_config 
-sys_ip_config 
-sys_net_config 
-sys_nfs 
-sys_ppp_config 
-sys_res_bind 
-sys_res_config 
-sys_resource 
-sys_share 
-sys_smb 
-sys_suser_compat 
-sys_time 
-sys_trans_label 
-win_colormap 
-win_config 
-win_dac_read 
-win_dac_write 
-win_devices 
-win_dga 
-win_downgrade_sl 
-win_fontpath 
-win_mac_read 
-win_mac_write 
-win_selection 
-win_upgrade_sl 
-</code>  
  
 +====cron====
  
-====Changing Zone's Name====+The **crond** service, launched at boot time, is responsible for executing certain scripts and commands at specific intervals. The crond service assumes that the system is online permanently. In the case of downtime coinciding with a cronjob, the cronjob is simply not executed until the following period.
  
-To change the name of a zoneit first has to be shutdown:+In Solaris 11, every 60 seconds crond reads the system crontab files ( **/var/spool/cron/crontabs/root****/var/spool/cron/crontabs/sys** and **/var/spool/cron/crontabs/adm** ), any crontabs in **/etc/cron.d/**  and all the user crontabs:
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone halt+root@solaris:~# cat /var/spool/cron/crontabs/root 
 +#ident "%Z%%M% %I% %E% SMI" 
 +
 +# Copyright 2007 Sun Microsystems, Inc.  All rights reserved. 
 +# Use is subject to license terms. 
 +
 +# The root crontab should be used to perform accounting data collection. 
 +
 +
 +10 3 * * * /usr/sbin/logadm 
 +15 3 * * 0 [ -x /usr/lib/fs/nfs/nfsfind ] && /usr/lib/fs/nfs/nfsfind 
 +30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean 
 +30 0,9,12,18,21 * * * /usr/lib/update-manager/update-refresh.sh 
 +root@solaris:~# cat /var/spool/cron/crontabs/sys 
 +#ident "%Z%%M% %I% %E% SMI" /* SVr4.0 1.2 */ 
 +
 +# The sys crontab should be used to do performance collection. See cron 
 +# and performance manual pages for details on startup. 
 +
 +# 0 * * * 0-6 /usr/lib/sa/sa1 
 +# 20,40 8-17 * * 1-5 /usr/lib/sa/sa1 
 +# 5 18 * * 1-5 /usr/lib/sa/sa2 -s 8:00 -e 18:01 -i 1200 -A 
 +root@solaris:~# cat /var/spool/cron/crontabs/adm 
 +#ident "%Z%%M% %I% %E% SMI" /* SVr4.0 1.2 */ 
 +
 +# The adm crontab file should contain startup of performance collection if 
 +# the profiling and performance feature has been installed. 
 +#
 </code> </code>
  
-Now you can change the zone name:+User crontabs are files named after the user who created them and can be found in **/var/spool/cron/crontabs/**:
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone "set zonename=myzone1" +root@solaris:~# ls /var/spool/cron/crontabs
-root@solaris:~# zoneadm list -cv +adm   root  sys
-  ID NAME             STATUS     PATH                           BRAND    IP     +
-   0 global           running                                 solaris  shared +
-   - myzone1          installed  /zones/myzone                  solaris  excl  +
 </code> </code>
  
-====Changing a Zone's Root Dataset==== +The crond service writes to the log file **/var/cron/log**:
- +
-To change the underlying root dataset of your **myzone1** zone use the following command:+
  
 <code> <code>
-root@solaris:~# zoneadm -z myzone1 move /zones/myzone1 +root@solaris:~# cat /var/cron/log 
-root@solaris:~# zoneadm list -cv +! *** cron started ***   pid = 1176 Tue Nov 20 19:27:50 2012 
-  ID NAME             STATUS     PATH                           BRAND    IP     +! SIGTERM Tue Nov 20 22:44:25 2012 
-   0 global           running                                 solaris  shared +! ******* CRON ABORTED ******** Tue Nov 20 22:44:25 2012 
-   myzone1          installed  /zones/myzone1                 solaris  excl  +! *** cron started ***   pid = 861 Tue Nov 20 22:46:22 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 3328 c Wed Nov 21 00:30:00 2012 
 +<  root 3328 c Wed Nov 21 00:34:25 2012 
 +! *** cron started ***   pid = 871 Sat Dec  1 14:33:18 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 3259 c Mon Dec  3 13:13:02 2012 
 +! time was reset, re-initializing Mon Dec  3 13:13:02 2012 
 +! SIGTERM Mon Dec  3 13:14:29 2012 
 +! ******* CRON ABORTED ******** Mon Dec  3 13:14:29 2012 
 +! *** cron started ***   pid = 856 Mon Dec  3 13:16:23 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 + root 4816 c Fri Dec  7 11:23:09 2012 
 +! time was reset, re-initializing Fri Dec  7 11:23:09 2012 
 +<  root 4816 c Fri Dec  7 11:41:03 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 4858 c Fri Dec  7 13:26:23 2012 
 +! time was reset, re-initializing Fri Dec  7 13:26:23 2012 
 +<  root 4858 c Fri Dec  7 13:26:23 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 7226 c Mon Dec 10 15:35:15 2012 
 +! time was reset, re-initializing Mon Dec 10 15:35:15 2012 
 +<  root 7226 c Mon Dec 10 15:35:15 2012 
 +! SIGTERM Tue Dec 11 12:13:34 2012 
 +! ******* CRON ABORTED ******** Tue Dec 11 12:13:34 2012 
 +! *** cron started ***   pid = 7956 Tue Dec 11 12:16:49 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 + root 7963 c Tue Dec 11 12:30:00 2012 
 +<  root 7963 c Tue Dec 11 12:30:00 2012 
 +! SIGTERM Tue Dec 11 12:43:27 2012 
 +! ******* CRON ABORTED ******** Tue Dec 11 12:43:27 2012 
 +! *** cron started ***   pid = 8011 Tue Dec 11 13:12:56 2012 
 +! re-scheduling jobs Tue Dec 11 13:59:39 2012 
 +! SIGTERM Tue Dec 11 15:01:00 2012 
 +! ******* CRON ABORTED ******** Tue Dec 11 15:01:00 2012 
 +! *** cron started ***   pid = 9610 Tue Dec 11 15:02:25 2012 
 +! SIGTERM Tue Dec 11 15:24:31 2012 
 +! ******* CRON ABORTED ******** Tue Dec 11 15:24:31 2012 
 +! *** cron started ***   pid = 10892 Tue Dec 11 15:25:14 2012 
 +! SIGTERM Tue Dec 11 15:32:51 2012 
 +! ******* CRON ABORTED ******** Tue Dec 11 15:32:51 2012 
 +! *** cron started ***   pid = 865 Tue Dec 11 15:34:07 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 + root 2646 c Wed Dec 12 08:46:52 2012 
 +! time was reset, re-initializing Wed Dec 12 08:46:52 2012 
 +! SIGTERM Wed Dec 12 08:47:05 2012 
 +! ******* CRON ABORTED ******** Wed Dec 12 08:47:05 2012 
 +! *** cron started ***   pid = 854 Wed Dec 12 08:57:20 2012 
 + CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 2375 c Wed Dec 12 09:30:00 2012 
 +<  root 2375 c Wed Dec 12 09:30:00 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 2511 c Wed Dec 12 13:33:08 2012 
 +! time was reset, re-initializing Wed Dec 12 13:33:08 2012 
 +<  root 2511 c Wed Dec 12 13:33:08 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 3397 c Thu Dec 13 11:02:43 2012 
 +! time was reset, re-initializing Thu Dec 13 11:02:43 2012 
 +<  root 3397 c Thu Dec 13 11:08:46 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 3487 c Thu Dec 13 12:58:15 2012 
 +! time was reset, re-initializing Thu Dec 13 12:58:15 2012 
 +<  root 3487 c Thu Dec 13 12:58:15 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 4616 c Fri Dec 14 11:22:45 2012 
 +! time was reset, re-initializing Fri Dec 14 11:22:45 2012 
 +<  root 4616 c Fri Dec 14 11:22:45 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 4633 c Fri Dec 14 12:30:19 2012 
 +<  root 4633 c Fri Dec 14 12:30:19 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 14029 c Sat Dec 15 06:21:22 2012 
 +! time was reset, re-initializing Sat Dec 15 06:21:22 2012 
 +! *** cron started ***   pid = 874 Sat Dec 15 07:26:36 2012 
 +! time was reset, re-initializing Sat Dec 15 06:26:41 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 6724 c Sat Dec 15 10:39:14 2012 
 +! time was reset, re-initializing Sat Dec 15 10:39:14 2012 
 +<  root 6724 c Sat Dec 15 10:39:14 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 6795 c Mon Dec 17 15:47:04 2012 
 +! time was reset, re-initializing Mon Dec 17 15:47:04 2012 
 +<  root 6795 c Mon Dec 17 15:47:05 2012 
 +>  CMD: /usr/lib/update-manager/update-refresh.sh 
 +>  root 6884 c Mon Dec 17 19:24:51 2012 
 +! time was reset, re-initializing Mon Dec 17 19:24:51 2012 
 +<  root 6884 c Mon Dec 17 19:24:51 2012
 </code> </code>
  
-====Backing Up Zone====+If command or script produces an output, that output is sent to root by mail.
  
-Backing up a zone includes backing up the zone configuration **and** the application data in it. You can use any kind of backup software to backup data within the zone and then export it such that it may be re-injected after a zone restoreThe zone configuration is backed up as follows:+The **root** user can establish lists of users that can or cannot create their own crontabs by editing either the **/etc/cron.d/cron.allow** or **/etc/cron.d/cron.deny** files:
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone1 export -f myzone1.config +root@solaris:~# ls /etc/cron.
-root@solaris:~# cat myzone1.config  +at.deny    cron.deny  queuedefs 
-create -b +root@solaris:~# cat /etc/cron.d/cron.deny 
-set brand=solaris +daemon 
-set zonepath=/zones/myzone1 +bin 
-set autoboot=true +nuucp
-set scheduling-class=FSS +
-set ip-type=exclusive +
-add anet +
-set linkname=net0 +
-set lower-link=auto +
-set configure-allowed-address=true +
-set link-protection=mac-nospoof +
-set mac-address=random +
-end +
-add capped-memory +
-set physical=50M +
-end +
-add rctl +
-set name=zone.cpu-shares +
-add value (priv=privileged,limit=25,action=none) +
-end+
 </code> </code>
  
-Now backup the zone's xml file:+Each line in a crontab starts with five columns:
  
-<code> +^ Minutes ^ Hours ^ Day of the month ^ Month ^ Day of the week ^ 
-root@solaris:~# cp /zones/myzone1/root/etc/svc/profile/site/scit_profile.xml /root/myzone1.xml +|  (0-59)  |  (0-23)  |  (1-31)  |  (1-12)  |  (0-6)*  |
-</code>+
  
 +* 0 is Sunday. 
  
-==== Restoring Zone====+The following examples of values in those columns help explain how versatile crontab can be:
  
-Disaster has struck! Uninstall and delete **myzone1**:+^ Example ^ Description ^ 
 +| An absolute value such as 10 | In the //Minutes// column = 10 minutes after **each** hour | 
 +| A series of values such as 2,6,8 | In the //Month// column = February, June and August | 
 +| A range such as 1-5 | In the //Day of the week// column = From Monday through to Friday | 
 +| The wildcard * | In the //Day of the month// column = Every day of the month | 
 +| A regular interval such as 0-23/2 | In the //Hour// column = Every two hours |
  
-<code> +The crond service can be configured by editing the **/etc/default/cron** file:
-root@solaris:~# zoneadm -z myzone1 uninstall +
-Are you sure you want to uninstall zone myzone1 (y/[n])? y +
-Progress being logged to /var/log/zones/zoneadm.20121218T170820Z.myzone1.uninstall +
-root@solaris:~#  +
-root@solaris:~# zonecfg -z myzone1 delete +
-Are you sure you want to delete zone myzone1 (y/[n])? y +
-</code> +
- +
-Now restore myzone1 as follows:+
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone1 -f myzone1.config +root@solaris:~# cat /etc/default/cron 
-root@solaris:~# zoneadm -z myzone1 install -c /root/myzone1.xml +# 
-The following ZFS file system(s) have been created: +# Copyright 1991 Sun Microsystems, Inc.  All rights reserved. 
-    rpool/zones/myzone1 +# Use is subject to license terms
-Progress being logged to /var/log/zones/zoneadm.20121218T171621Z.myzone1.install +
-       Image: Preparing at /zones/myzone1/root.+#pragma ident "%Z%%M% %I% %E% SMI"
  
- AI Manifest: /tmp/manifest.xml.9BaOQP +CRONLOG=YES 
-  SC Profile: /root/myzone1.xml +</code>
-    Zonename: myzone1 +
-Installation: Starting ...+
  
-              Creating IPS image +In this file you can define variables such as PATH for normal users and SUPATH for the root role.
-Startup linked: 1/1 done +
-              Installing packages from: +
-                  solaris +
-                      origin:  http://pkg.oracle.com/solaris/release/ +
-DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED +
-Completed                            183/183   33556/33556  222.2/222.2  674k/s +
- +
-PHASE                                          ITEMS +
-Installing new actions                   46825/46825 +
-Updating package state database                 Done  +
-Updating image state                            Done  +
-Creating fast lookup database                   Done  +
-Installation: Succeeded +
- +
-        Note: Man pages can be obtained by installing pkg:/system/manual +
- +
- done. +
- +
-        Done: Installation completed in 678.453 seconds. +
- +
- +
-  Next Steps: Boot the zone, then log into the zone console (zlogin -C) +
- +
-              to complete the configuration process. +
- +
-Log saved in non-global zone as /zones/myzone1/root/var/log/zones/zoneadm.20121218T171621Z.myzone1.install +
-</code>+
  
-Log in as root and check the zone is running correctly:+As already stated, each authorized user can create a crontab. To check if a crontab exists, the user needs to execute the following command:
  
 <code> <code>
-root@solaris:~# zlogin -S myzone1 +trainee@solaris:~$ crontab -l 
-[Connected to zone 'myzone1' pts/3] +crontab: can't open your crontab file.
-@myzone.solaris.loc:~$ ls +
-bin     dev     etc     export  home    lib     mnt     net     nfs4    opt     proc    root    rpool   sbin    system  tmp     usr     var+
 </code> </code>
  
-====Cloning a Local Zone==== +In order to create a crontab, the user should use the following command:
- +
-In this section you are going to create a template zone that you can clone as necessary every time you need to install a new zone. Start by creating a zone called **cleanzone**:+
  
 <code> <code>
-root@solaris:~# zonecfg -z cleanzone +trainee@solaris:~$ crontab -e
-Use 'create' to begin configuring a new zone. +
-zonecfg:cleanzone> create +
-create: Using system default template 'SYSdefault' +
-zonecfg:cleanzone> set zonepath=/zones/cleanzone +
-zonecfg:cleanzone> set autoboot=true +
-zonecfg:cleanzone> verify +
-zonecfg:cleanzone> commit +
-zonecfg:cleanzone> exit+
 </code> </code>
  
-Install the zone:+====at====
  
-<code> +As in the case of cron, root has the ability to control who can and cannot use the at command by editing one of the following:
-root@solaris:~# zoneadm -z cleanzone install +
-The following ZFS file system(s) have been created: +
-    rpool/zones/cleanzone +
-Progress being logged to /var/log/zones/zoneadm.20121218T143129Z.cleanzone.install +
-       Image: Preparing at /zones/cleanzone/root.+
  
- AI Manifest: /tmp/manifest.xml.vAaqcB +  * **/etc/cron.d/at.allow**, 
-  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml +  * **/etc/cron.d/at.deny**.
-    Zonename: cleanzone +
-Installation: Starting ...+
  
-              Creating IPS image +If the at.allow file exists, only users in that file can use the at command.
-Startup linked: 1/1 done +
-              Installing packages from: +
-                  solaris +
-                      origin:  http://pkg.oracle.com/solaris/release/ +
-DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED +
-Completed                            183/183   33556/33556  222.2/222.2  552k/s+
  
-PHASE                                          ITEMS +Now take the example of root creating two at jobs for the 31/12 at 1pm and 2pm respectively:
-Installing new actions                   46825/46825 +
-Updating package state database                 Done  +
-Updating image state                            Done  +
-Creating fast lookup database                   Done  +
-InstallationSucceeded+
  
-        NoteMan pages can be obtained by installing pkg:/system/manual +<code> 
- +root@solaris:~# at 13:00 Dec 31 
- done+at> pwd > /tmp/test1.atd 
- +at> <EOT> 
-        DoneInstallation completed in 797.979 seconds. +commands will be executed using /usr/bin/bash 
- +job 1356955200.a at Mon Dec 31 13:00:00 2012 
- +root@solaris:~#  
-  Next StepsBoot the zone, then log into the zone console (zlogin -C) +root@solaris:~# at 14:00 Dec 31 
- +at> free > /tmp/test2.atd 
-              to complete the configuration process+at> <EOT> 
- +commands will be executed using /usr/bin/bash 
-Log saved in non-global zone as /zones/cleanzone/root/var/log/zones/zoneadm.20121218T143129Z.cleanzone.install+job 1356958800.a at Mon Dec 31 14:00:00 2012
 </code> </code>
  
-Boot the zone to import the zone's manifest:+The at files created can be found in  **/var/spool/cron/atjobs/**:
  
 <code> <code>
-root@solaris:~# zoneadm -z cleanzone boot+root@solaris:~# ls /var/spool/cron/atjobs/ 
 +1356955200.a     1356955200.a.au  1356958800.a     1356958800.a.au
 </code> </code>
  
-Login to the zone and hit <key>Enter</key> then immediately leave the zone by using the **~.** shortcut:+Viewing the contents of the first file you will see something similar to the following example:
  
 <code> <code>
-root@solaris:~# zlogin -C cleanzone+root@solaris:~# cat /var/spool/cron/atjobs/1356955200.a  
 +: at job 
 +: jobname: stdin 
 +: notify by mail: no 
 +: project: 1 
 +export HZ; HZ='' 
 +export SHELL; SHELL='/usr/bin/bash' 
 +export TERM; TERM='xterm' 
 +export PAGER; PAGER='/usr/bin/less -ins' 
 +export MAIL; MAIL='/var/mail/root' 
 +export PATH; PATH='/usr/bin:/usr/sbin' 
 +export PWD; PWD='/root' 
 +export LANG; LANG='en_US.UTF-8' 
 +export SHLVL; SHLVL='1' 
 +export HOME; HOME='/root' 
 +export LOGNAME; LOGNAME='root' 
 +export _; _='/usr/bin/at' 
 +$SHELL << '...the rest of this file is shell input' 
 +
 +# Copyright 2005 Sun Microsystems, Inc.  All rights reserved. 
 +# Use is subject to license terms. 
 +
 +#ident "%Z%%M% %I% %E% SMI" /* SVr4.0 1.2 */ 
 +cd /root 
 +umask 22 
 +pwd > /tmp/test1.atd 
 </code> </code>
  
-To clone a zone, it first needs to be shutdown:+To delete that job you can use the at command with the following syntax:
  
 <code> <code>
-root@solaris:~# zoneadm -z cleanzone halt +root@solaris:~# at -
-root@solaris:~# zoneadm list -cv +user = root 1356958800.a Mon Dec 31 14:00:00 2012 
-  ID NAME             STATUS     PATH                           BRAND    IP     +user = root 1356955200.a Mon Dec 31 13:00:00 2012 
-   0 global           running    /                              solaris  shared +root@solaris:~# at -r 1356958800.a 
-   3 myzone1          running    /zones/myzone1                 solaris  excl   +root@solaris:~# at -
-   cleanzone        installed  /zones/cleanzone               solaris  excl  +user = root 1356955200.a Mon Dec 31 13:00:00 2012
 </code> </code>
  
-Now create a clone of **cleanzone**:+To execute several commands at the same time, it is simple to create a text file containing the commands and then to redirect the contents of the file to at's standard input:
  
 <code> <code>
-root@solaris:~# zonecfg -z myzone2 "create -t cleanzone" +root@solaris:~# touch todo.list 
-root@solaris:~# zonecfg -z myzone2 "set zonepath=/zones/myzone2" +root@solaris:~# echo pwd > todo.list 
-root@solaris:~# zoneadm -z myzone2 clone cleanzone +root@solaris:~# echo free >> todo.list 
-The following ZFS file system(s) have been created+root@solaris:~# echo who >> todo.list 
-    rpool/zones/myzone2 +root@solaris:~# cat todo.list 
-Progress being logged to /var/log/zones/zoneadm.20121218T174936Z.myzone2.clone +pwd 
-Log saved in non-global zone as /zones/myzone2/root/var/log/zones/zoneadm.20121218T174936Z.myzone2.clone+free 
 +who 
 +root@solaris:~# at 14:30 Dec 31 < todo.list 
 +commands will be executed using /usr/bin/bash 
 +job 1356960600.a at Mon Dec 31 14:30:00 2012
 </code> </code>
- 
-=====References===== 
- 
-  * **[[http://www.oracle.com/technetwork/documentation/solaris-11-192991.html|The Oracle Technology Network]]** 
  
 ----- -----
 <html> <html>
 <div align="center"> <div align="center">
-Copyright © 2011-2015 Hugh Norris.<br><br> +Copyright © 2019 Hugh Norris.
-<a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/"><img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png" /></a><br />This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/">Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License</a>+
-</div>+
 </html> </html>

Piste : GP100 - PMP Docker LDF904 - Utilisation d'Ansible avec Docker et Windows DOF608 - Validation de la Formation LRF400 - Administration de la Sécurité DOF100 - Docker : Fondamentaux LDF600 - Debian 11 : Administration Système Avancée AZ003 - Windows Azure – Adminsitration BD100 - ElasticSearch ELK LDF702 - Installation du Chef Infra Server et du Chef Workstation

Menu