zlogin(1) - enter a zone
-
zlogin(1) User Commands zlogin(1) NAME zlogin - enter a zone SYNOPSIS zlogin [-dCETU] [-e c] [-l username] zonename zlogin [-ESTU] [-e c] [-l username] zonename utility [argument]... DESCRIPTION The zlogin utility is used to enter an operating system zone. Only a user operating in the global system zone can use this utility, and it must be executed with all privileges. In addition, the user must be authorized to use specific options described in the OPTIONS section. zlogin checks for authorization strings which optionally include the specified zonename as a suffix, preceded by the slash character. When omitted, the authorization matches any zone. zlogin operates in one of three modes: Interactive Mode If no utility argument is given and the stdin file descriptor for the zlogin process is a tty device, zlogin operates in interactive mode. In this mode, zlogin creates a new pseudo terminal for use within the login session. Programs requiring a tty device, for example, vi(1), work properly in this mode. In this mode, zlo- gin invokes login(1) to provide a suitable login session. Non-Interactive Mode If a utility is specified, zlogin operates in non-interactive mode. This mode can be useful for script authors since stdin, stdout, and stderr are preserved and the exit status of utility is returned upon termination. In this mode, zlogin invokes su(1M) in order to set up the user's environment and to provide a login environment. The specified command is passed as a string and interpreted by a shell running in the non- global zone. See rsh(1). Console Mode If the -C option is specified, the user is con- nected to the zone console device and zlogin operates in console mode. The zone console is available once the zone is in the installed state. Connections to the console are persis- tent across reboot of the zone. OPTIONS The following options are supported: -C Connects to the zone console. Access to the zone console requires the authorization zone.manage/zonename. -d If the zone halts, disconnect from the console. This option can only be specified along with -C. -e c Specifies a different escape character, c, for the key sequence used to access extended functions and to dis- connect from the login. The default escape character is the tilde (~). -E Disables the ability to access extended functions or to disconnect from the login by using the escape sequence character. -l username Specifies a different username for the zone login. If you do not use this option, the zone username used is root. This option is invalid if the -C option is speci- fied. The username must be valid in the zone. For interactive logins the authorization solaris.zone.login/zonename is required, and password authentication takes place in the zone. For non-interactive logins, or to bypass password authentication, the authorization solaris.zone.man- age/zonename is required. -S Safe login mode. zlogin does minimal processing and does not invoke login(1) or su(1M). The zone username is set to root. The -S option cannot be used if a username is specified through the -l option, and cannot be used with console logins. This mode should only be used to recover a damaged zone when other forms of login have become impossible. Use of this option requires the authorization solaris.zone.manage/zonename. -T Enters an immutable zone as a "Trusted Path Domain" mem- ber. This session can modify files which are normally immutable. Such processes cannot read unprotected files. The -T option cannot be used with console login. -U Similar to -T option, but turns on "unsafe" mode. Escape Sequences Lines that you type that start with the tilde character (~) are "escape sequences". The escape character can be changed using the -e option. ~. Disconnects from the zone. This is not the same as a logout, because the local host breaks the connection with no warning to the zone's end. SECURITY Once a process has been placed in a zone other than the global zone, the process cannot change zone again, nor can any of its children. OPERANDS The following operands are supported: zonename The name of the zone to be entered. utility The utility to be run in the specified zone. argument... Arguments passed to the utility. EXIT STATUS In interactive and non-interactive modes, the zlogin utility exits when the command or shell in the non-global zone exits. In non-interactive mode, the exit status of the remote program is returned as the exit status of zlogin. In interactive mode and console login mode, the exit status is not returned. zlogin returns a 0 exit status as long as no connection-related error occurred. In all modes, in the event that a connection to the zone cannot be established, the connection fails unexpectedly, or the user is lacking sufficient privilege to perform the requested operation, zlogin exits with status 1. To summarize, the following exit values are returned: 0 Successful entry. 1 Permission denied, or failure to enter the zone. Any Return code from utility, or from su(1M) if operating in non- interactive mode. In a solaris-kz brand zone, a non-console login is implemented by creating a new terminal driver instance, and starting a stub process called 'zvlogin' which spawns the shell as needed. The zone must therefore be booted to a certain point (such that the svc:/system/sysevent:default service is running) for zlogin to work. In all other respects, the visible behavior is the same. ATTRIBUTES See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |system/zones | +-----------------------------+-----------------------------+ |Interface Stability |Committed | +-----------------------------+-----------------------------+ SEE ALSO login(1), rsh(1), vi(1), su(1M), zoneadm(1M), zonecfg(1M), attributes(5), tpd(5), zones(5) NOTES zlogin fails if its open files or any portion of its address space cor- responds to an NFS file. This includes the executable itself or the shared libraries. SunOS 5.11 12 Dec 2013 zlogin(1)
© Lightnetics 2024