05-11-2009
ZFS Question
We are looking into testing ZFS at our location. Because we are a government agency we have security and auditors breathing down our neck to make sure we are not opening any security holes.
My question is are there any ports or security concerns I would need to address if implemnting a ZFS file system? I can't believe there are any being that it's a file system but I don't know (or even pretend to know) everything in regards to solaris or unix.
Thanks
Robert
10 More Discussions You Might Find Interesting
1. Solaris
How does one set a size limit on a ZFS filesystem? It seems every ZFS FS I create has the same size limit as the parent Zpool.
I want to create an FS with a much smaller limit. how?
Thanks in advance my friends. (3 Replies)
Discussion started by: akbar
3 Replies
2. Solaris
I created a pool the other day. I created a 10 gig files just for a test, then deleted it.
I proceeded to create a few files systems. But for some reason the pool shows 10% full, but the files systems are both at 1%? Both files systems share the same pool.
When I ls -al the pool I just... (6 Replies)
Discussion started by: mrlayance
6 Replies
3. Solaris
I have a oracle instance running in NGZ which is on zfs dataset. Is there any possibility if i can take a zfs snapshot without shutting down the zone and then restore the zfs on other server and start oracle .. will the data be fine or not ? (2 Replies)
Discussion started by: fugitive
2 Replies
4. Solaris
zfs-zeta bye filesystem
or
zope filesystem
which is correct (2 Replies)
Discussion started by: kishanreddy
2 Replies
5. Solaris
With Solaris 11 coming out with a requirement of ZFS on the root disk, I was curious to know who is using the Zeta File System now?
I have been using ZFS for the past year and don't plan to go back to UFS since ZFS is much more reliable and easier to maintain. (13 Replies)
Discussion started by: bluescreen
13 Replies
6. Solaris
what are all the advantages of ZFS comparing to UFS SVM
what is the use of creating file system in a file system in ZFS (15 Replies)
Discussion started by: dinu
15 Replies
7. Solaris
Hi,
I need some advice please. I have this server with a couple of zpools, lets call them
pay_serv
ukb_pool
There are two zones attached to these pools. When I do a zfs list I see this
pay_serv 8.41G 265G 8.41G /pay_serv
ukb_pool 79.8G 194G 23K /ukb_pool
ukb_pool/temp_ps 9.11G... (4 Replies)
Discussion started by: giles.cardew
4 Replies
8. Solaris
Hello,
I just build a Solaris 10 server on an x86 box. I forgot to mirror the two disks when I install the OS. Can I get some help with this?
I have this
# zpool list
rpool 278G 5.77G 272G 2% ONLINE -
# zpool status
pool: online
state: ONLINE
scan: none requested
config:
... (12 Replies)
Discussion started by: bitlord
12 Replies
9. Solaris
What I am trying to do is reuse space that was used from an old solaris zone and take that space used in the 2 disk mirror from the 2nd zpool and relocate it to /var/audit in the root pool. The pysical server has 4 disks. 2 disks are a mirrored root zone(c1t0d0s0,c1t1d0s0) and the other were the... (1 Reply)
Discussion started by: jpolachak
1 Replies
10. Solaris
I'm having trouble increasing my reservations on some ZFS filesystems, although there seems to be enough space in the zpool, and no constraints on the parent device.
Note that I'm using refreservation instead of reservation, so I'm not constrained by the reservation on the parent device (or... (1 Reply)
Discussion started by: akbar
1 Replies
LEARN ABOUT OPENSOLARIS
auths
auths(1) User Commands auths(1)
NAME
auths - print authorizations granted to a user
SYNOPSIS
auths [ user ]...
DESCRIPTION
The auths command prints on standard output the authorizations that you or the optionally-specified user or role have been granted. Autho-
rizations are rights that are checked by certain privileged programs to determine whether a user may execute restricted functionality.
Each user may have zero or more authorizations. Authorizations are represented by fully-qualified names, which identify the organization
that created the authorization and the functionality that it controls. Following the Java convention, the hierarchical components of an
authorization are separated by dots (.), starting with the reverse order Internet domain name of the creating organization, and ending with
the specific function within a class of authorizations.
An asterisk (*) indicates all authorizations in a class.
A user's authorizations are looked up in user_attr(4) and in the /etc/security/policy.conf file (see policy.conf(4)). Authorizations may be
specified directly in user_attr(4) or indirectly through prof_attr(4). Authorizations may also be assigned to every user in the system
directly as default authorizations or indirectly as default profiles in the /etc/security/policy.conf file.
EXAMPLES
Example 1 Sample output
The auths output has the following form:
example% auths tester01 tester02
tester01 : solaris.system.date,solaris.jobs.admin
tester02 : solaris.system.*
example%
Notice that there is no space after the comma separating the authorization names in tester01.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
FILES
/etc/user_attr
/etc/security/auth_attr
/etc/security/policy.conf
/etc/security/prof_attr
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO
profiles(1), roles(1), getauthattr(3SECDB), auth_attr(4), policy.conf(4), prof_attr(4), user_attr(4), attributes(5)
SunOS 5.11 25 Mar 2004 auths(1)