Print this page
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

Split Close
Expand all
Collapse all
          --- old/usr/src/man/man1m/zonecfg.1m
          +++ new/usr/src/man/man1m/zonecfg.1m
↓ open down ↓ 21 lines elided ↑ open up ↑
  22   22  .nf
  23   23  \fBzonecfg\fR \fB-z\fR \fIzonename\fR \fB-f\fR \fIcommand_file\fR
  24   24  .fi
  25   25  
  26   26  .LP
  27   27  .nf
  28   28  \fBzonecfg\fR help
  29   29  .fi
  30   30  
  31   31  .SH DESCRIPTION
  32      -.sp
  33   32  .LP
  34   33  The \fBzonecfg\fR utility creates and modifies the configuration of a zone.
  35   34  Zone configuration consists of a number of resources and properties.
  36   35  .sp
  37   36  .LP
  38   37  To simplify the user interface, \fBzonecfg\fR uses the concept of a scope. The
  39   38  default scope is global.
  40   39  .sp
  41   40  .LP
  42   41  The following synopsis of the \fBzonecfg\fR command is for interactive usage:
↓ open down ↓ 22 lines elided ↑ open up ↑
  65   64  .LP
  66   65  Every zone is configured with an associated brand. The brand determines the
  67   66  user-level environment used within the zone, as well as various behaviors for
  68   67  the zone when it is installed, boots, or is shutdown. Once a zone has been
  69   68  installed the brand cannot be changed. The default brand is determined by the
  70   69  installed distribution in the global zone. Some brands do not support all of
  71   70  the \fBzonecfg\fR properties and resources. See the brand-specific man page for
  72   71  more details on each brand. For an overview of brands, see the \fBbrands\fR(5)
  73   72  man page.
  74   73  .SS "Resources"
  75      -.sp
  76   74  .LP
  77   75  The following resource types are supported:
  78   76  .sp
  79   77  .ne 2
  80   78  .na
  81   79  \fB\fBattr\fR\fR
  82   80  .ad
  83   81  .sp .6
  84   82  .RS 4n
  85   83  Generic attribute.
↓ open down ↓ 72 lines elided ↑ open up ↑
 158  156  .sp
 159  157  .ne 2
 160  158  .na
 161  159  \fB\fBrctl\fR\fR
 162  160  .ad
 163  161  .sp .6
 164  162  .RS 4n
 165  163  Resource control.
 166  164  .RE
 167  165  
 168      -.SS "Properties"
 169  166  .sp
      167 +.ne 2
      168 +.na
      169 +\fB\fBsecurity-flags\fR\fR
      170 +.ad
      171 +.sp .6
      172 +.RS 4n
      173 +Process security flag settings.
      174 +.RE
      175 +
      176 +.SS "Properties"
 170  177  .LP
 171  178  Each resource type has one or more properties. There are also some global
 172  179  properties, that is, properties of the configuration as a whole, rather than of
 173  180  some particular resource.
 174  181  .sp
 175  182  .LP
 176  183  The following properties are supported:
 177  184  .sp
 178  185  .ne 2
 179  186  .na
↓ open down ↓ 238 lines elided ↑ open up ↑
 418  425  .ne 2
 419  426  .na
 420  427  \fB\fBcapped-cpu\fR\fR
 421  428  .ad
 422  429  .sp .6
 423  430  .RS 4n
 424  431  \fBncpus\fR
 425  432  .RE
 426  433  
 427  434  .sp
      435 +.ne 2
      436 +.na
      437 +\fB\fBsecurity-flags\fB\fB
      438 +.ad
      439 +.sp .6
      440 +.RS 4n
      441 +\fBlower\fR, \fBdefault\fR, \fBupper\fR.
      442 +.RE
      443 +
      444 +.sp
 428  445  .LP
 429  446  As for the property values which are paired with these names, they are either
 430  447  simple, complex, or lists. The type allowed is property-specific. Simple values
 431  448  are strings, optionally enclosed within quotation marks. Complex values have
 432  449  the syntax:
 433  450  .sp
 434  451  .in +2
 435  452  .nf
 436  453  (<\fIname\fR>=<\fIvalue\fR>,<\fIname\fR>=<\fIvalue\fR>,...)
 437  454  .fi
↓ open down ↓ 420 lines elided ↑ open up ↑
 858  875  have their own caps, the minimum value takes precedence.
 859  876  .sp
 860  877  The \fBcapped-cpu\fR property is an alias for \fBzone.cpu-cap\fR resource
 861  878  control and is related to the \fBzone.cpu-cap\fR resource control. See
 862  879  \fBresource_controls\fR(5).
 863  880  .RE
 864  881  
 865  882  .sp
 866  883  .ne 2
 867  884  .na
      885 +\fB\fBsecurity-flags\fR: lower, default, upper\fR
      886 +.ad
      887 +.sp .6
      888 +.RS 4n
      889 +Set the process security flags associated with the zone.  The \fBlower\fR and
      890 +\fBupper\fR fields set the limits, the \fBdefault\fR field is set of flags all
      891 +zone processes inherit.
      892 +.RE
      893 +
      894 +.sp
      895 +.ne 2
      896 +.na
 868  897  \fBglobal: \fBfs-allowed\fR\fR
 869  898  .ad
 870  899  .sp .6
 871  900  .RS 4n
 872  901  A comma-separated list of additional filesystems that may be mounted within
 873  902  the zone; for example "ufs,pcfs". By default, only hsfs(7fs) and network
 874  903  filesystems can be mounted. If the first entry in the list is "-" then
 875  904  that disables all of the default filesystems. If any filesystems are listed
 876  905  after "-" then only those filesystems can be mounted.
 877  906  
↓ open down ↓ 43 lines elided ↑ open up ↑
 921  950                     value           simple
 922  951  dataset           name            simple
 923  952  dedicated-cpu     ncpus           simple or range
 924  953                     importance      simple
 925  954  
 926  955  capped-memory     physical        simple with scale
 927  956                     swap            simple with scale
 928  957                     locked          simple with scale
 929  958  
 930  959  capped-cpu        ncpus           simple
      960 +security-flags    lower           simple
      961 +                   default        simple
      962 +                   upper          simple
 931  963  .fi
 932  964  .in -2
 933  965  .sp
 934  966  
 935  967  .sp
 936  968  .LP
 937  969  To further specify things, the breakdown of the complex property "value" of the
 938  970  "rctl" resource type, it consists of three name/value pairs, the names being
 939  971  "priv", "limit" and "action", each of which takes a simple value. The "name"
 940  972  property of an "attr" resource is syntactically restricted in a fashion similar
 941  973  but not identical to zone names: it must begin with an alphanumeric, and can
 942  974  contain alphanumerics plus the hyphen (\fB-\fR), underscore (\fB_\fR), and dot
 943  975  (\fB\&.\fR) characters. Attribute names beginning with "zone" are reserved for
 944  976  use by the system. Finally, the "autoboot" global property must have a value of
 945  977  "true" or "false".
 946  978  .SS "Using Kernel Statistics to Monitor CPU Caps"
 947      -.sp
 948  979  .LP
 949  980  Using the kernel statistics (\fBkstat\fR(3KSTAT)) module \fBcaps\fR, the system
 950  981  maintains information for all capped projects and zones. You can access this
 951  982  information by reading kernel statistics (\fBkstat\fR(3KSTAT)), specifying
 952  983  \fBcaps\fR as the \fBkstat\fR module name. The following command displays
 953  984  kernel statistics for all active CPU caps:
 954  985  .sp
 955  986  .in +2
 956  987  .nf
 957  988  # \fBkstat caps::'/cpucaps/'\fR
↓ open down ↓ 132 lines elided ↑ open up ↑
1090 1121  .ad
1091 1122  .sp .6
1092 1123  .RS 4n
1093 1124  Name of the zone for which statistics are displayed.
1094 1125  .RE
1095 1126  
1096 1127  .sp
1097 1128  .LP
1098 1129  See \fBEXAMPLES\fR for sample output from a \fBkstat\fR command.
1099 1130  .SH OPTIONS
1100      -.sp
1101 1131  .LP
1102 1132  The following options are supported:
1103 1133  .sp
1104 1134  .ne 2
1105 1135  .na
1106 1136  \fB\fB-f\fR \fIcommand_file\fR\fR
1107 1137  .ad
1108 1138  .sp .6
1109 1139  .RS 4n
1110 1140  Specify the name of \fBzonecfg\fR command file. \fIcommand_file\fR is a text
↓ open down ↓ 8 lines elided ↑ open up ↑
1119 1149  .sp .6
1120 1150  .RS 4n
1121 1151  Specify the name of a zone. Zone names are case sensitive. Zone names must
1122 1152  begin with an alphanumeric character and can contain alphanumeric characters,
1123 1153  the underscore (\fB_\fR) the hyphen (\fB-\fR), and the dot (\fB\&.\fR). The
1124 1154  name \fBglobal\fR and all names beginning with \fBSUNW\fR are reserved and
1125 1155  cannot be used.
1126 1156  .RE
1127 1157  
1128 1158  .SH SUBCOMMANDS
1129      -.sp
1130 1159  .LP
1131 1160  You can use the \fBadd\fR and \fBselect\fR subcommands to select a specific
1132 1161  resource, at which point the scope changes to that resource. The \fBend\fR and
1133 1162  \fBcancel\fR subcommands are used to complete the resource specification, at
1134 1163  which time the scope is reverted back to global. Certain subcommands, such as
1135 1164  \fBadd\fR, \fBremove\fR and \fBset\fR, have different semantics in each scope.
1136 1165  .sp
1137 1166  .LP
1138 1167  \fBzonecfg\fR supports a semicolon-separated list of subcommands. For example:
1139 1168  .sp
↓ open down ↓ 656 lines elided ↑ open up ↑
1796 1825  .in +2
1797 1826  .nf
1798 1827  # \fBkstat -c project_caps\fR
1799 1828  
1800 1829  # \fBkstat -c project_caps -i 1\fR
1801 1830  .fi
1802 1831  .in -2
1803 1832  .sp
1804 1833  
1805 1834  .SH EXIT STATUS
1806      -.sp
1807 1835  .LP
1808 1836  The following exit values are returned:
1809 1837  .sp
1810 1838  .ne 2
1811 1839  .na
1812 1840  \fB\fB0\fR\fR
1813 1841  .ad
1814 1842  .sp .6
1815 1843  .RS 4n
1816 1844  Successful completion.
↓ open down ↓ 13 lines elided ↑ open up ↑
1830 1858  .ne 2
1831 1859  .na
1832 1860  \fB\fB2\fR\fR
1833 1861  .ad
1834 1862  .sp .6
1835 1863  .RS 4n
1836 1864  Invalid usage.
1837 1865  .RE
1838 1866  
1839 1867  .SH ATTRIBUTES
1840      -.sp
1841 1868  .LP
1842 1869  See \fBattributes\fR(5) for descriptions of the following attributes:
1843 1870  .sp
1844 1871  
1845 1872  .sp
1846 1873  .TS
1847 1874  box;
1848 1875  c | c
1849 1876  l | l .
1850 1877  ATTRIBUTE TYPE  ATTRIBUTE VALUE
1851 1878  _
1852 1879  Interface Stability     Volatile
1853 1880  .TE
1854 1881  
1855 1882  .SH SEE ALSO
1856      -.sp
1857 1883  .LP
1858 1884  \fBppriv\fR(1), \fBprctl\fR(1), \fBzlogin\fR(1), \fBkstat\fR(1M),
1859 1885  \fBmount\fR(1M), \fBpooladm\fR(1M), \fBpoolcfg\fR(1M), \fBpoold\fR(1M),
1860 1886  \fBrcapd\fR(1M), \fBrctladm\fR(1M), \fBsvcadm\fR(1M), \fBsysidtool\fR(1M),
1861 1887  \fBzfs\fR(1M), \fBzoneadm\fR(1M), \fBpriv_str_to_set\fR(3C),
1862 1888  \fBkstat\fR(3KSTAT), \fBvfstab\fR(4), \fBattributes\fR(5), \fBbrands\fR(5),
1863 1889  \fBfnmatch\fR(5), \fBlx\fR(5), \fBprivileges\fR(5), \fBresource_controls\fR(5),
1864      -\fBzones\fR(5)
     1890 +\fBsecurity-flags\fR(5), \fBzones\fR(5)
1865 1891  .sp
1866 1892  .LP
1867 1893  \fISystem Administration Guide: Solaris Containers-Resource Management, and
1868 1894  Solaris Zones\fR
1869 1895  .SH NOTES
1870      -.sp
1871 1896  .LP
1872 1897  All character data used by \fBzonecfg\fR must be in US-ASCII encoding.
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX