Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: 10 Recommended Patch Not Working
Operating Systems Solaris 10 Recommended Patch Not Working Post 302414659 by System Shock on Tuesday 20th of April 2010 03:59:20 PM
Old 04-20-2010
... by any chance, do you have Solaris zones implemented in this server? Maybe one that was configured but not activated?
 

8 More Discussions You Might Find Interesting

1. Solaris

after patch, telnet not working

The problem: I installed the Solaris 8 recommended patch cluster 117350-11 over 108528-15 before the Christmas break. The server is a SunFire V100. Here is the situation: Before the patch install, there was a working cron job that did daily, weekly, and monthly backups of the V100 filesystems... (3 Replies)
Discussion started by: antalexi
3 Replies

2. IP Networking

Patch-o-matic (patch for iptable) for linux2.4.08 & iptable1.2.7a

Hello friends I'm running Redhat 9.0 with linux kernel 2.4.20-8 & have iptables version 1.2.7a & encountering a problem that I narrate down. I need to apply patch to my iptable and netfilter for connection tracking and load balancing that are available in patch-o-matic distribution by netfilter.... (0 Replies)
Discussion started by: Rakesh Ranjan
0 Replies

3. Solaris

Issue while installing: Solaris 10 SPARC Recommended Patch Cluster (2009.10.23)

Hello, As explained, I've encountered an issue while installing Solaris 10 SPARC Recommended Patch Cluster (2009.10.23). Actually, patch no 120011-14 stops with the following error: ERROR: attribute verification of </var/run/.patchSafeMode/root/usr/bin/passwd> failed file type <f>... (6 Replies)
Discussion started by: a.mauger
6 Replies

4. Solaris

Applying Recommended Patch Cluster to Whole Root Zone

Hi there, Apologies if this question has been asked and answered already but I've not been able to find the thread. Question: Is it possible to apply the Solaris 10 Recommended Patch Cluster to a whole root (non-global) zone locally? I.E. apply the patch cluster from the non-global in... (3 Replies)
Discussion started by: nm146332
3 Replies

5. Solaris

Jumpstart and Applying Recommended Patch Cluster

I'm trying to setup our jumpstart server to automatically apply the latest patch cluster during installs, but I'm running into an issue. Every time Jumpstart runs it has this error. Obviously it's processing the patch_order file, so I'm not sure what I'm missing. ... (0 Replies)
Discussion started by: christr
0 Replies

6. Solaris

Recommended Patch Cluster Using ZFS Snapshots

I have a question regarding installing recommended patch clusters via ZFS snapshots. Someone wrote a pretty good blog about it here: Initial Program Load: Live Upgrade to install the recommended patch cluster on a ZFS snapshot The person's article is similar to what I've done in the past. ... (0 Replies)
Discussion started by: christr
0 Replies

7. Solaris

Recommended patchset for Solaris and the patch bundle

Hello I recently downloaded and installed the latest patchset for Solaris 10 (update 5) running on SPARC. Actually I am new to Solaris (I come from Red Hat) and the security department asked me to update the system for security fixes. I logged in to Oracle support and used the recommended patch... (3 Replies)
Discussion started by: abohmeed
3 Replies

8. Solaris

Oracle stopped updating Solaris 10 recommended patch cluster ?

Dear All, Has Oracle stopped updating Solaris 10 recommended patch cluster ? From suport.oracle.com i could see the last patch bundle was released on 11th july and there has been no updates after that. Does anyone know about any official announcement from oracle on this ? Thanks ... (1 Reply)
Discussion started by: abhi_8029
1 Replies

LEARN ABOUT LINUX

zones

zones(5)                                                Standards, Environments, and Macros                                               zones(5)

NAME

       zones - Solaris application containers

DESCRIPTION

       The  zones  facility  in  Solaris provides an isolated environment for running applications. Processes running in a zone are prevented from
       monitoring or interfering with other activity in the system. Access to other processes, network  interfaces,  file  systems,  devices,  and
       inter-process communication facilities are restricted to prevent interaction between processes in different zones.

       The privileges available within a zone are restricted to prevent operations with system-wide impact. See privileges(5).

       You  can  configure  and administer zones with the zoneadm(1M) and zonecfg(1M) utilities. You can specify the configuration details a zone,
       install file system contents including software packages into the zone, and manage the runtime state of the zone. You can use the zlogin(1)
       to  run  commands  within an active zone. You can do this without logging in through a network-based login server such as in.rlogind(1M) or
       sshd(1M).

       An alphanumeric name and numeric ID identify each active zone. Alphanumeric names are configured using the zonecfg(1M) utility. Numeric IDs
       are  automatically assigned when the zone is booted. The zonename(1) utility reports the current zone name, and the zoneadm(1M) utility can
       be used to report the names and IDs of configured zones.

       A zone can be in one of several states:

       CONFIGURED              Indicates that the configuration for the zone has been completely specified and committed to stable storage.

       INCOMPLETE              Indicates that the zone is in the midst of being installed or uninstalled, or was interrupted in the midst of  such
                               a transition.

       INSTALLED               Indicates that the zone's configuration has been instantiated on the system: packages have been installed under the
                               zone's root path.

       READY                   Indicates that the "virtual platform" for the zone has been established. Network interfaces have been plumbed, file
                               systems  have  been  mounted,  devices  have  been  configured, but no processes associated with the zone have been
                               started.

       RUNNING                 Indicates that user processes associated with the zone application environment are running.

       SHUTTING_DOWN           Indicates that the zone is being halted. The zone can become stuck in one of these states if it is unable  to  tear
       DOWN                    down  the  application  environment state (such as mounted file systems) or if some portion of the virtual platform
                               cannot be destroyed. Such cases require operator intervention.

   Process Access Restrictions
       Processes running inside a zone (aside from the global zone) have restricted access to other processes. Only processes in the same zone are
       visible  through  /proc  (see  proc(4) or through system call interfaces that take process IDs such as kill(2) and priocntl(2). Attempts to
       access processes that exist in other zones (including the global zone) fail with the same error code that would be issued if the  specified
       process did not exist.

   Privilege Restrictions
       Processes  running  within a non-global zone are restricted to a subset of privileges, in order to prevent one zone from being able to per-
       form operations that might affect other zones. The set of privileges limits the capabilities of privileged users (such as the super-user or
       root  user)  within the zone. The list of privileges available within a zone can be displayed using the ppriv(1) utility. For more informa-
       tion about privileges, see privileges(5).

   Device Restrictions
        The set of devices available within a zone is restricted, to prevent a process in one zone from interfering with processes in other zones.
       For example, a process in a zone should not be able to modify kernel memory using /dev/kmem, or modify the contents of the root disk. Thus,
       by default, only a few pseudo devices considered safe for use within a zone are available. Additional devices can be made available  within
       specific zones using the zonecfg(1M) utility.

       The  device  and  privilege restrictions have a number of effects on the utilities that can run in a non-global zone. For example, the eep-
       rom(1M), prtdiag(1M), and prtconf(1M) utilities do not work in a zone since they rely on devices that are not normally available.

   File Systems
       Each zone has its own section of the file system hierarchy, rooted at a directory known as the zone root. Processes  inside  the  zone  can
       access  only files within that part of the hierarchy, that is, files that are located beneath the zone root. This prevents processes in one
       zone from corrupting or examining file system data associated with another zone. The chroot(1M) utility can be used within a zone, but  can
       only restrict the process to a root path accessible within the zone.

        In  order  to  preserve file system space, sections of the file system can be mounted into one or more zones using the read-only option of
       the lofs(7FS) file system. This allows the same file system data to be shared in multiple zones, while preserving the  security  guarantees
       supplied by zones.

       NFS  and  autofs  mounts  established  within a zone are local to that zone; they cannot be accessed from other zones, including the global
       zone. The mounts are removed when the zone is halted or rebooted.

   Networking
       Zones can be assigned logical network interfaces, which can be used to communicate over the network. These interfaces are configured  using
       the zonecfg(1M) utility. The interface is removed when the zone is halted or rebooted. Only logical interfaces can be assigned to a zone.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

SEE ALSO

       zlogin(1),  zonename(1),  in.rlogind(1M),  sshd(1M),  zoneadm(1M),  zonecfg(1M),  getzoneid(3C),  kill(2), priocntl(2), ucred_get(3C), get-
       zoneid(3C), proc(4), attributes(5), privileges(5), crgetzoneid(9F)

SunOS 5.10                                                          13 Apr 2004                                                           zones(5)
All times are GMT -4. The time now is 08:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy