OpenSolaris

1. Project: Zone Manager
   1. Blogs
   2. Discussions
   3. Leaders
   4. Files
   5. Version Changelog
   6. Documentation
      1. Version 1.8 Help
      2. 1.8 Release Notes
      3. Version 1.7 Help
   7. RFE List
   8. Bugs
   9. Observers
   10. Thanks
   11. Other Zones Management Projects
   12. Governance

Changelog

Version 1.8.1

• Fixed NM2CIDR and CIDR2NM conversion inconstency AND simplified conversion method. (Thanks James Carlson!)
• Basic hardening mode doesnt' work with lock or unlock for hardeningargs.
• Hardening compatibility with v1.7 is incomplete.
• Made successful completion message more meaningful.

Version 1.8

• Updated support for GA version BrandZ
• Eliminated duplication of code between add and modify actions
• Added limiting privleges. See man privileges(5).
• Made hardening feature backward compatible with v1.7 by using basic mode when lock, unlock, enable, or disable are used for the hardening mode.
• Added ability to set the root users home directory and root shell via modify action.
• Added ability to add CSW packages via modify action.
• Removed minimize action and moved that functionality to the modify action.
• Removed lock/unlock/enable/disable actions and moved that functionality into the modify action.
• Fixed bug with minimization and updated assocciated help.
• Fixed bug with file/directory/link copies
• Fixed bug when specifying multiple interfaces.
• Fixed bug with recursive copy using : instead of | for delimiter.
• Switched to GPL v2 from CDDL
• Replaced all references to /tmp with a variable for a user specified temporary directory. The default value is ~/.zonemgr.
• Added support for a zone to use an existing filesystem. e.g Don't error out if the directory/filesystem already exists.
• Added ability modify existing zone configuration
• Fixed bug with root home directory not getting set with proper permissions.
• Added ability to display zone info
• Enabled several modes of service hardening including Secure by by Default, JASS, SMF Site Profile, and Basic.
• Incorporated Secure By Default (SBD) into hardening modes. http://www.opensolaris.org/os/community/security/projects/sbd/

   serviceprofile = [limited|open]
   To enable a service once netservices is enabled, you will need
   to both enable the service and may have to make it accessible
   remotely via the following commands:
      svcadm enable <service>
      svccfg -s <service> setprop config/localonly = false
  

• Incorporated JASS into hardening modes.
• Incorporated SMF Site Profile into hardening modes.
• Added support for moving a zone to a new directory
• Add support for zone cloning feature. http://onesearch.sun.com/search/blog/index.jsp?qt=zones+clone
• Add detach and attach for moving a zone from one server to another
• Added support to set the root users shell
• Quit setting root PermitRootLogin in ssh sshdconfig. The code is still there but it isn't enabled by default anymore.
• Implemented info level error message that won't exit on error.
• Added support for one or more ZFS partitions via type=zfs

http://onesearch.sun.com/search/blog/index.jsp?qt=zones+zfs zpool create -m <mount_point> <zpool> <device> zfs set quota=<size>M <zpool>

Version 1.7

• Adopted and incorporated CDDL license via -l flag.
• Added zone cloning.
• Improved usage by making output more man like and piping to less.
• Added Blastwave pkg-get support to automate installing any blastwave package into a new non-global zone.
• Added BrandZ support http://www.opensolaris.org/os/community/brandz Currently supports the lx brand. The -t, -M, -r, -w, -d, -D, and -s are not supported with the brand option.
• Added the ability to add a zone with no networking.
• Prevent a user from creating a zone when the zone directory that already exists.
• Fixed bug where zonepath ends with a /
• Added support for multiple IP addresses on independent network interfaces and independent network mask per IP address and host name
• Added the ability to specify your own minimization package list file
• Added the ability to specify services file via "-f <file>" flag
• Added the ability to specify input password file for clear text or encrypted passwords
• Removed the -i <interface> flag since it has been obsoleted by the new "-I <ip address>:<interface>:<netmask>:<host name>" method of specifying the network interface. Now the non-global host name will be the host name specified or derived from the first IP address. If no host name is specified or derived, the zone name will be used.
• Removed the -H flag since it has been obsolated by the new -I spec
• Moved recursive file copy to before command execution so that the command to be executed can be something that was copied into place.
• Added hosts file updating for global and new non-global zones
• Added the ability to specify multiple commands to run.
• Added the ability to setup one or more NFS mounts in /etc/vfstab of the non-global zone.
• Fixed bug with -X "<cmd>".
• Fixed bug where domain was not getting set in /etc/defaultdomain
• Added the ability to specify a destination directory for the file or directory being copied by the -C <file/dir> command.
• Added ability to specify a zone root directory
• Fixed Bug where TZ doesn't get set
• Updated NFSv4 config in sysidcfg for Solaris 06/06
• Fixed Bug with input parameters for optional file parameters
• Added the runcmd action that enables you to run one or more commands in all specified zones from the global zone.
• Synchronized the delimiter to be the pipe symbol (|) instead of a mix of the pipe and colon.