Login or Register to Ask a Question and Join Our Community


Solaris

Svcadm disable in global zone affects same service in ngz

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Svcadm disable in global zone affects same service in ngz
# 1  
Old 05-18-2016
Svcadm disable in global zone affects same service in ngz
I have a service that resides in both the global and non global zones. When I disable the service in the global zone, a svcs -p on that service shows the process name and ID of the svcadmd for the non global. An svcs -l on the service in the global shows online with an intended state of disabled. I have to shutdown the non globals, disable the svc on the global again, enable it, then boot the ngz to fix.
Can I configure the global svc to not "see" the non global processes.

Update, found that I can kill the zone add processes which disassociates the ngz processes from my svc and allows my svc to operate normally. I just have to issue zoneadm -z zone boot to reestablish the zoneadmd for each zone.

Still need to configure my svc in the global to not be affeted by the ngz svc processes.
Last edited by Cbrown31; 06-11-2016 at 12:23 AM.. Reason: Update
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Solaris 11 zone has no external network access (except to Global Zone)

Hi, hoping someone can help, its been a while since I used Solaris. After creating a NGZ (non global zone), the NGZ can access the GZ (Global Zone) and the GZ can access the NGZ (using ssh, zlogin) However, the NGZ cannot access any other netwqork devices, it can't even see the default router ... (2 Replies)
Discussion started by: GazinLincoln
2 Replies

2. Solaris

Date and time change in global and non global zone

Hi, If I change date and time in global zone, then it will affect in non global zones. During this process what files will get affect in non global zones and which mechanism it's using to change. gloabl zone:Solaris 11.3 X86 TIA (1 Reply)
Discussion started by: Sumanthsv
1 Replies

3. Solaris

Global and non-global zone resource sharing - tricky

hi all, Just a simple question but i cant get the answers in the book - In my globalzone , assuming i have 4 cpus (psrinfo -pv = 0-3), if i set dedicated-cpu (ncpus=2) for my local zone Is my globalzone left with 2 cpus or still 4 cpus ? Does localzone "resource reservation.e.g. cpu in... (6 Replies)
Discussion started by: javanoob
6 Replies

4. Solaris

Scripting changes to multiple zone configurations in the same Global Zone

So this is Solaris 11.1. I have a Global zone that has several non-global zones running in it. I want to change the capped-memory.physical resources setting in ALL the zone configs of the running zones. if I were to do this manually here's what I would do: zonecfg -z zone1 select... (2 Replies)
Discussion started by: os2mac
2 Replies

5. Solaris

showing 2 different time zones in global zone and nonglobal zone

can some one help me out as it is showing 2 different time zones in global zone and nonglobal zone .In global zone it is showing in GMT while in nonglobal zone i it showing as PDT. System in running with solaris 10 (3 Replies)
Discussion started by: ravijanjanam12
3 Replies

6. Solaris

how to add a default gateway in a zone of different VLAN of global zone

Hi Greetings... I have an issue in connecting the zone from outside the network and it is because of default gateway. I can ping default gateway from inside the zone and not able to ping from global zone due to different VLAN issue. If i add two different gateways and restart network services,... (2 Replies)
Discussion started by: vvpotugunta
2 Replies

7. Solaris

How to access ENV variables of non global zones in global zone???

Hi Guys, My requirement is I have file called /opt/orahome/.profile in non global zone. PATH=/usr/bin:/usr/ucb:/etc:/usr/sbin:/usr/local/bin:/usr/openwin/bin:. export PATH PS1="\${ORACLE_SID}:`hostname`:\$PWD$ " export PS1 EDITOR=vi export EDITOR ENV=/opt/orahome/.kshrc export ENV... (1 Reply)
Discussion started by: vijaysachin
1 Replies

8. Solaris

[b]How to mount a folder from global zone to non global zone??

Hi All There is one folder in global zone I just want to share the same folder innon global zone. How can i do it? pls send me script for this. (2 Replies)
Discussion started by: vijaysachin
2 Replies

9. Solaris

Solaris Zone : Non global Zone check failed

Hi All , I try to install some packages in my global zone... On the execution of the installion of the script it quits by saying the error "Non global zone check failed" Kindly help me in this regard Thanks in advance, jeganr (7 Replies)
Discussion started by: jegaraman
7 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

tnctl

tnctl(1M)						  System Administration Commands						 tnctl(1M)

NAME

       tnctl - configure Trusted Extensions network parameters

SYNOPSIS

       /usr/sbin/tnctl [-dfv] [-h host [/prefix] [:template]]
	    [-m zone:mlp:shared-mlp][-t template [:key=val [;key=val]]]
	    [-HTz] file]

DESCRIPTION

       tnctl provides an interface to manipulate trusted network parameters in the Solaris kernel.

       As  part  of  Solaris  Trusted Extensions initialization, tnctl is run in the global zone by an smf(5) script during system boot. The tnctl
       command is not intended to be used during normal system administration. Instead, if a local trusted networking database	file  is  modified
       without using the Solaris Management Console, the administrator first issues tnchkdb(1M) to check the syntax, and then refreshes the kernel
       copy with this command:

	 # svcadm restart svc:/network/tnctl

       See WARNINGS about the risks of changing remote host and template information on a running system.

OPTIONS

       -d

	   Delete matching entries from the kernel. The default is to add new entries.

	   When deleting MLPs, the MLP range must match exactly. MLPs are specified in the form:

	     port[-port]/protocol

	   Where port can be a number in the range 1 to 65535. or any known service (see services(4)), and protocol can be a number in the range 1
	   to 255, or any known protocol (see protocols(4)).

       -f

	   Flush  all  kernel  entries	before loading the entries that are specified on the command line. The flush does not take place unless at
	   least one entry parsed successfully.

       -v

	   Turn on verbose mode.

       -h host[/prefix][:template]

	   Update the kernel remote-host cache on the local host for  the specified host or, if a template name  is  given,  change  the  kernel's
	   cache  to  use  the	specified template. If prefix is not specified, then an implied prefix length is determined according to the rules
	   used for interpreting the tnrhdb. If -d is specified, then a template name cannot be specified.

       -m zone:mlp:shared-mlp

	   Modify the kernel's multilevel port (MLP) configuration cache for the specified zone. zone specifies the zone to be	updated.  mlp  and
	   shared-mlp specify the MLPs for the zone-specific and shared IP addresses. The shared-mlp field is effective in the global zone only.

       -t template[key=val[;key=val]]

	   Update  the	kernel template cache for template or, if a list of key=val pairs is given, change the kernel's cache to use the specified
	   entry. If -d is specified, then key=val pairs cannot be specified.

       -T file

	   Load all template entries in file into the kernel cache.

       -H file

	   Load all remote host entries in file into the kernel cache.

       -z file

	   Load just the global zone's MLPs from file into the kernel cache. To reload MLPs for a non-global zone, reboot the zone:

	     # zoneadm -z non-global zone reboot

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWtsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Uncommitted		   |
       +-----------------------------+-----------------------------+

FILES

       /etc/security/tsol/tnrhdb

	   Trusted network remote-host database

       /etc/security/tsol/tnrhtp

	   Trusted network remote-host templates

       /etc/security/tsol/tnzonecfg

	   Trusted zone configuration database

       /etc/nsswitch.conf

	   Configuration file for the name service switch

SEE ALSO

       svcs(1), svcadm(1M), tninfo(1M), tnd(1M), tnchkdb(1M), zoneadm(1M), nsswitch.conf(4), protocols(4), services(4), attributes(5), smf(5)

       How to Synchronize Kernel Cache With Network Databases in Solaris Trusted Extensions Administrator's Procedures

WARNINGS

       Changing a template while the network is up can change the security view of an undetermined number of hosts.

NOTES

       The functionality described on this manual page is available only if the system is configured with Trusted Extensions.

       The tnctl service is managed by the service management facility, smf(5), under the service identifier:

	 svc:/network/tnctl

       The service's status can be queried by using svcs(1). Administrative actions on this service, such as refreshing the kernel cache,  can	be
       performed using svcadm(1M), as in:

	 svcadm restart svc:/network/tnctl

SunOS 5.11							    6 Mar 2008								 tnctl(1M)