From 3878843a57bae7ad8da31ef4aaeed8388d2f534c Mon Sep 17 00:00:00 2001 From: Jerry Jelinek Date: Fri, 28 Feb 2014 18:21:12 -0800 Subject: [PATCH] 4660 update man pages for lofi in a zone Reviewed by: Dan McDonald Reviewed by: Richard Lowe Approved by: Richard Lowe --- usr/src/man/man1m/lofiadm.1m | 8 +++++++- usr/src/man/man1m/zonecfg.1m | 32 ++++++++++++++++++++++++++++++++ usr/src/man/man7d/lofi.7d | 4 ---- 3 files changed, 39 insertions(+), 5 deletions(-) diff --git a/usr/src/man/man1m/lofiadm.1m b/usr/src/man/man1m/lofiadm.1m index eb7a2c0616..e1ea5d0055 100644 --- a/usr/src/man/man1m/lofiadm.1m +++ b/usr/src/man/man1m/lofiadm.1m @@ -77,9 +77,11 @@ association, or print information about the current associations. Encryption and compression options are mutually exclusive on the command line. Further, an encrypted file cannot be compressed later, nor can a compressed file be encrypted later. + +In the global zone, \fBlofiadm\fR can be used on both the global +zone devices and all devices owned by other non-global zones on the system. .sp .LP -The \fBlofi\fR driver is not available and will not work inside a zone. .SH OPTIONS .sp .LP @@ -251,6 +253,10 @@ restrictions apply (such as restricted root access over \fBNFS\fR). The file is held open until the association is removed. It is not actually accessed until the block device is used, so it will never be written to if the block device is only opened read-only. + +Note that the filename may appear as "?" if it is not possible to resolve the +path in the current context (for example, if it's an NFS path in a non-global +zone). .RE .sp diff --git a/usr/src/man/man1m/zonecfg.1m b/usr/src/man/man1m/zonecfg.1m index 97cc6bbf57..9e0ec3ce6a 100644 --- a/usr/src/man/man1m/zonecfg.1m +++ b/usr/src/man/man1m/zonecfg.1m @@ -326,6 +326,16 @@ The following properties are supported: .sp .ne 2 .na +.B (global) +.ad +.sp .6 +.RS 4n +.B fs-allowed +.RE + +.sp +.ne 2 +.na \fB\fBfs\fR\fR .ad .sp .6 @@ -791,6 +801,8 @@ Under any other conditions, the system default scheduling class is used. .RE .RE + + .sp .ne 2 .na @@ -850,6 +862,26 @@ control and is related to the \fBzone.cpu-cap\fR resource control. See .RE .sp +.ne 2 +.mk +.na +\fBglobal: \fBfs-allowed\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of additional filesystems that may be mounted within +the zone; for example "ufs,pcfs". By default, only hsfs(7fs) and network +filesystems can be mounted. + +This property does not apply to filesystems mounted into the zone via "add fs" +or "add dataset". + +WARNING: allowing filesystem mounts other than the default may allow the zone +administrator to compromise the system with a malicious filesystem image, and +is not supported. +.RE + +.sp .LP The following table summarizes resources, property-names, and types: .sp diff --git a/usr/src/man/man7d/lofi.7d b/usr/src/man/man7d/lofi.7d index 72b2d9781b..81fffc6354 100644 --- a/usr/src/man/man7d/lofi.7d +++ b/usr/src/man/man7d/lofi.7d @@ -136,7 +136,3 @@ through the \fBlofi\fR file driver. .LP For compatibility purposes, a raw device is also exported with the block device. (For example, \fBnewfs\fR(1M)). -.sp -.LP -The \fBlofi\fR driver isn't available in a zone and will not work inside a -zone. -- 2.11.4.GIT