Solaris man マニュアル
System Administration Commands                        zoneadm(1M)

NAME
     zoneadm - administer zones

SYNOPSIS
     zoneadm -z zonename subcommand [subcommand_options]

     zoneadm [-z zonename] list [list_options]

DESCRIPTION
     The zoneadm utility is used to administer  system  zones.  A
     zone  is  an application container that is maintained by the
     operating system runtime.

SECURITY
     Once a process has been placed in a zone other than zone  0,
     the process or any of its children cannot change zones.

OPTIONS
     The following options are supported:

     -z zonename     String identifier for a zone.



SUBCOMMANDS
     Subcommands which can result in destructive actions or  loss
     of work have a -F flag to force the action. If input is from
     a terminal device, the user is prompted if such a command is
     given  without  the -F flag; otherwise, if such a command is
     given without the -F flag, the action is disallowed, with  a
     diagnostic message written to standard error. If a zone ins-
     tallation or uninstallation is interrupted, the zone is left
     in  the incomplete state. Use uninstall to reset such a zone
     back to the configured state.

     The following subcommands are supported:

     boot [boot_options]

         Boot (or activate) the specified zones.

         The following boot_options are supported:


         -s       Boots only to milestone  svc:/milestone/single-
                  user:default.  This  milestone is equivalent to
                  init level s. See svc.startd(1M) and init(1M).



     halt

         Halt the specified  zones.  halt  bypasses  running  the
         shutdown  scripts  inside  the zone. It also removes run
         time resources of the zone.

         Use:

         zlogin zone shutdown

         to cleanly shutdown the zone  by  running  the  shutdown
         scripts.



     help [subcommand]

         Display  general  help.  If  you   specify   subcommand,
         displays help on subcommand.



     install

         Install the specified zone on the system.  This  subcom-
         mand  automatically attempts to verify first. It refuses
         to install if the verify step fails. See the verify sub-
         command.



     list [list_options]

         Display the name of the current zones, or the  specified
         zone if indicated.

         By default, all running zones are  listed.  If  you  use
         this  subcommand with the zoneadm -z zonename option, it
         lists only the specified zone, regardless of its  state.
         In this case, the -i and -c options are disallowed.

         The following list_options are supported:


         -c       Display all configured zones.




         -i       Expand the display to all installed zones.




         -p       Request machine parsable output.

                  The -v and -p options are  mutually  exclusive.
                  If  neither  -v  nor  -p is used, just the zone
                  name is listed.



         -v       Display  verbose  information,  including  zone
                  name,  id,  current  state,  root directory and
                  options.

                  The -v and -p options are  mutually  exclusive.
                  If  neither  -v  nor  -p is used, just the zone
                  name is listed.



     ready

         Prepares a zone for running applications  but  does  not
         start any user processes in the zone.



     reboot

         Restart the zones. This is equivalent  to  a  halt  boot
         sequence.  This  subcommand fails if the specified zones
         are not active.



     uninstall [-F]

         Uninstall the specified zone from the system.  Use  this
         subcommand  with  caution.  It  removes all of the files
         under the zonepath of the zone in question. You can  use
         the -F flag to force the action.



     verify

         Check to make sure the configuration  of  the  specified
         zone  can  safely be installed on the machine. Following
         is a break-down of the checks by resource/property type:


         zonepath

             zonepath and its  parent  directory  exist  and  are
             owned by root with appropriate modes . The appropri-
             ate modes are that zonepath is 700,  its  parent  is
             not  group  or world-writable and so forth. zonepath
             is not over an NFS mount.  A  sub-directory  of  the
             zonepath named "root" does not exist.

             If zonepath does not  exist,  the  verify  does  not
             fail,  but  merely  warns  that a subsequent install
             will attempt to create it with proper permissions. A
             verify subsequent to that might fail should anything
             go wrong.




         fs

             Any fs resources have their type value  checked.  An
             error  is  reported  if  the  value  is one of proc,
             mntfs, autofs, cachefs, or  nfs  or  the  filesystem
             does   not   have  an  associated  mount  binary  at
             /usr/lib/fs/<fstype>/mount.

             It is an error for the directory to  be  a  relative
             path.

             It is an error for the path specified by raw to be a
             relative  path  or  if there is no fsck binary for a
             given filesystem type at  /usr/lib/fs/<fstype>/fsck.
             It  is  also an error if a corresponding fsck binary
             exists but a raw path is not specified.



         net

             All physical network interfaces exist.  All  network
             address resources are one of:


               o  a valid IPv4 address,  optionally  followed  by
                  "/" and a prefix length;

               o  a valid IPv6 address, which must be followed by
                  "/" and a prefix length;

               o  a host name which resolves to an IPv4 address.



         rctl

             It also verifies that any defined  resource  control
             values  are valid on the current machine. This means
             that the privilege level is privileged, the limit is
             lower  than  the currently defined system value, and
             that the defined action agrees with the actions that
             are valid for the given resource control.



EXIT STATUS
     The following exit values are returned:

     0        Successful completion.



     1        An error occurred.



     2        Invalid usage.



ATTRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWzoneu                   |
    |_____________________________|_____________________________|
    | Interface Stability         | Evolving                    |
    |_____________________________|_____________________________|


SEE ALSO
     svcs(1), zlogin(1), zonename(1), svcadm(1M),  svc.startd(1M)
     and  init(1M),  svc.startd(1M),  zonecfg(1M), attributes(5),
     smf(5), zones(5)

NOTES
     The zones(5) service is managed by  the  service  management
     facility, smf(5), under the service identifier:

     svc:/system/zones:default

     Administrative actions on this service,  such  as  enabling,
     disabling,  or  requesting  restart,  can be performed using
     svcadm(1M). The service's status can be  queried  using  the
     svcs(1) command.

     The act of installing a new non-global zone is a fresh  ins-
     tallation  of  the Solaris operating system. A new installa-
     tion of Solaris must not require interaction with  the  user
     (that is, it must be "hands off"). Because of this, packages
     installed in the global zone and all non-global zones cannot
     contain  request  scripts (see pkgask(1M)). If a package did
     have a request script, then the  creation  of  a  non-global
     zone  could not be done without user intervention. Any pack-
     age that contains a request script is added  to  the  global
     zone only. See pkgadd(1M).