device in a zone - Solaris

This is a discussion on device in a zone - Solaris ; I have a zone (for userinlogs) in which I want to use my soundcard. So I added this line to the xml file (with zonecfg) But KDE (in that zone) complains that it can't access de audio device. What am ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: device in a zone

  1. device in a zone

    I have a zone (for userinlogs) in which I want to use my soundcard.
    So I added this line to the xml file (with zonecfg)



    But KDE (in that zone) complains that it can't access de audio device.
    What am I doning wrong?

    --
    dick -- http://nagual.nl/ -- PGP/GnuPG key: F86289CE
    ++ Running FreeBSD 6.1 +++ Solaris 10 6/06 ++

  2. Re: device in a zone


    Dick Hoogendijk wrote:
    > I have a zone (for userinlogs) in which I want to use my soundcard.
    > So I added this line to the xml file (with zonecfg)
    >
    >
    >
    > But KDE (in that zone) complains that it can't access de audio device.
    > What am I doning wrong?
    >


    Does the user that uses KDE have write permission on the sound device
    ?

    //Lars


  3. Re: device in a zone

    quoting tunla (19 Oct 2006 12:57:11 -0700):
    >
    > Dick Hoogendijk wrote:
    >> I have a zone (for userinlogs) in which I want to use my soundcard.
    >> So I added this line to the xml file (with zonecfg)
    >>
    >>
    >>
    >> But KDE (in that zone) complains that it can't access de audio device.
    >> What am I doning wrong?
    >>

    >
    > Does the user that uses KDE have write permission on the sound device


    Don't know. Don't know how to set this either. What I do know is that
    the user can access the sound device when logged in on the global zone
    and can't access it when logged in on the userzone. How come?

    --
    dick -- http://nagual.nl/ -- PGP/GnuPG key: F86289CE
    ++ Running FreeBSD 6.1 +++ Solaris 10 6/06 ++

  4. Re: device in a zone

    Dick Hoogendijk wrote:
    > quoting tunla (19 Oct 2006 12:57:11 -0700):
    >> Dick Hoogendijk wrote:
    >>> I have a zone (for userinlogs) in which I want to use my soundcard.
    >>> So I added this line to the xml file (with zonecfg)
    >>>
    >>>
    >>>
    >>> But KDE (in that zone) complains that it can't access de audio device.
    >>> What am I doning wrong?
    >>>

    >> Does the user that uses KDE have write permission on the sound device

    >
    > Don't know. Don't know how to set this either. What I do know is that


    chmod will set a device perm. Be careful if you don't want hackers
    listening in on your microphone!

    > the user can access the sound device when logged in on the global zone
    > and can't access it when logged in on the userzone. How come?
    >


    Make sure you are familiar with zone device restrictions... I'm sure
    that sound is OK. Also, audio is generally linked to /dev/audio in
    Solaris much like /dev/mouse. Could KDE be looking for this instead?

    man zone -----
    Device Restrictions
    The set of devices available within a zone is restricted, to
    prevent a process in one zone from interfering with
    processes in other zones. For example, a process in a zone
    should not be able to modify kernel memory using /dev/kmem,
    or modify the contents of the root disk. Thus, by default,
    only a few pseudo devices considered safe for use within a
    zone are available. Additional devices can be made avail-
    able within specific zones using the zonecfg(1M) utility.

    Note that the device and privilege restrictions have a
    number of effects on the utilities that can run in a non-
    global zone. For example, the utilities eeprom(1M),
    prtdiag(1M), and prtconf(1M) do not work in a zone since
    they rely on devices that are not normally available.

    Some FAQ ------
    2.2 : Which kind of devices may I NOT add using the zonecfg “set
    devices” command?

    * Devices that expose system data : /dev/kmem, /dev/lockstat, …
    * Devices that expose network data : /dev/hme, /dev/ip, …



    --

    -=//-\drian Thompson=-

  5. Re: device in a zone

    quoting Adrian Thompson (Fri, 20 Oct 2006 18:00:13 GMT):
    > Dick Hoogendijk wrote:
    >>>>

    > chmod will set a device perm. Be careful if you don't want hackers
    > listening in on your microphone!


    LOL ... On FreeBSD chmod will not persist a reboot. Will try it on solaris
    though, if you say that I just have to set permissions.

    > Make sure you are familiar with zone device restrictions... I'm sure
    > that sound is OK. Also, audio is generally linked to /dev/audio in
    > Solaris much like /dev/mouse. Could KDE be looking for this instead?


    I'll investigate. Thanks for the tip. I'll also print out the manual on
    zones from docs@sun.

    The restricted devices speak for themselves. ;-)

    --
    dick -- http://nagual.nl/ -- PGP/GnuPG key: F86289CE
    ++ Running FreeBSD 6.1 +++ Solaris 10 6/06 ++

  6. Re: device in a zone

    On Fri, 20 Oct 2006 20:39:34 +0000, Dick Hoogendijk wrote:

    > quoting Adrian Thompson (Fri, 20 Oct 2006 18:00:13 GMT):
    >> Dick Hoogendijk wrote:
    >>>>>

    >> chmod will set a device perm. Be careful if you don't want hackers
    >> listening in on your microphone!

    >
    > LOL ... On FreeBSD chmod will not persist a reboot. Will try it on solaris
    > though, if you say that I just have to set permissions.


    FreeBSD WILL retain changed device permissions across reboots IF you put
    the device and modified permissions in "/etc/devfs.conf" (for FBSD-6).

  7. Re: device in a zone

    quoting User1001 (Thu, 26 Oct 2006 08:16:26 -0500):
    > On Fri, 20 Oct 2006 20:39:34 +0000, Dick Hoogendijk wrote:
    >> LOL ... On FreeBSD chmod will not persist a reboot. Will try it on
    >> solaris though, if you say that I just have to set permissions.

    >
    > FreeBSD WILL retain changed device permissions across reboots IF you put
    > the device and modified permissions in "/etc/devfs.conf" (for FBSD-6).


    I know, but that's through a _configuration_ file. Not by just setting the
    permissions. I found out that solaris does it likewise.

    --
    http://nagual.nl/ -- PGP/GnuPG key: F86289CE
    ++ Running FreeBSD 6.1 ++ Solaris 10 6/06 ++

+ Reply to Thread