svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
zlogin(1)
zlogin(1) User Commands zlogin(1)
NAME
zlogin - enter a zone
SYNOPSIS
zlogin [-dCETU] [-e c] [-l username] zonename
zlogin [-ESTU] [-e c] [-l username] zonename utility [argument]...
DESCRIPTION
The zlogin utility is used to enter an operating system zone. Only a
user operating in the global system zone can use this utility, and it
must be executed with all privileges. In addition, the user must be
authorized to use specific options described in the OPTIONS section.
zlogin checks for authorization strings which optionally include the
specified zonename as a suffix, preceded by the slash character. When
omitted, the authorization matches any zone.
zlogin operates in one of three modes:
Interactive Mode If no utility argument is given and the stdin
file descriptor for the zlogin process is a tty
device, zlogin operates in interactive mode. In
this mode, zlogin creates a new pseudo terminal
for use within the login session. Programs
requiring a tty device, for example, vi(1),
work properly in this mode. In this mode, zlo‐
gin invokes login(1) to provide a suitable
login session.
Non-Interactive Mode If a utility is specified, zlogin operates in
non-interactive mode. This mode can be useful
for script authors since stdin, stdout, and
stderr are preserved and the exit status of
utility is returned upon termination. In this
mode, zlogin invokes su(8) in order to set up
the user's environment and invoke the user's
shell. This mode invokes su without a dash (-)
as its first argument.
The specified command is passed as a string and
interpreted by a shell running in the non-
global zone. See rsh(1).
Console Mode If the -C option is specified, the user is con‐
nected to the zone console device and zlogin
operates in console mode. The zone console is
available once the zone is in the installed
state. Connections to the console are persis‐
tent across reboot of the zone.
If zlogin is executed in console mode and its
standard input is not a terminal, then it
enables a non-interactive mode and prints the
following message on the standard output:
[Connected read-only to zone '<zname>' console]
OPTIONS
The following options are supported:
-C Connects to the zone console. Access to the zone console
requires the authorization solaris.zone.console/zonename
or solaris.zone.manage/zonename.
-d If the zone halts, disconnect from the console. This
option can only be specified along with -C.
-e c Specifies a different escape character, c, for the key
sequence used to access extended functions and to dis‐
connect from the login. The default escape character is
the tilde (~).
-E Disables the ability to access extended functions or to
disconnect from the login by using the escape sequence
character.
-l username Specifies a different username for the zone login. If
you do not use this option, the zone username used is
root. This option is invalid if the -C option is speci‐
fied.
The username must be valid in the zone. For interactive
logins the authorization solaris.zone.login/zonename is
required, and password authentication takes place in the
zone. For non-interactive logins, or to bypass password
authentication, the authorization solaris.zone.man‐
age/zonename is required.
-S Safe login mode. zlogin does minimal processing and does
not invoke login(1) or su(8). The zone username is set
to root. The -S option cannot be used if a username is
specified through the -l option, and cannot be used with
console logins. This mode should only be used to recover
a damaged zone when other forms of login have become
impossible.
Use of this option requires the authorization
solaris.zone.manage/zonename.
-T Enters an immutable zone as a "Trusted Path Domain" mem‐
ber. This session can modify files which are normally
immutable. Such processes cannot read unprotected files.
The -T option cannot be used with console login.
Use of this option requires the authorization
solaris.zone.manage/zonename.
-U As -T but turns on "unsafe" mode.
Escape Sequences
Lines that you type that start with the tilde character (~) are "escape
sequences". The escape character can be changed using the -e option.
~. Disconnects from the zone. This is not the same as a logout,
because the local host breaks the connection with no warning to
the zone's end.
SECURITY
Once a process has been placed in a zone other than the global zone,
the process cannot change zone again, nor can any of its children.
OPERANDS
The following operands are supported:
zonename The name of the zone to be entered.
utility The utility to be run in the specified zone.
argument... Arguments passed to the utility.
ENVIRONMENT VARIABLES
LANG, LC_ALL, LC_COLLATE, LC_CTYPE, LC_MESSAGES, LC_MONETARY,
LC_NUMERIC, LC_TIME
If the -S option has not been used, whichever of these environment
variables are set in the environment from which zlogin is run will
be set to the same value in the environment inside the zone.
TERM
If this environment variable is set in the environment from which
zlogin is run, it will be set to the same value in the environment
inside the zone.
PATH
This variable will be set to "/usr/sbin:/usr/bin" in the environ‐
ment inside the zone.
HOME
If the -S option is used, this environment variable will be set to
"/" in the environment inside the zone. Otherwise it will be left
for login(1) or su(8) to set.
SHELL
If the -S option is used, this environment variable will be set to
"/sbin/sh" in the environment inside the zone. Otherwise it will be
left for login(1) or su(8) to set.
EXIT STATUS
In interactive and non-interactive modes, the zlogin utility exits when
the command or shell in the non-global zone exits. In non-interactive
mode, the exit status of the remote program is returned as the exit
status of zlogin. In interactive mode and console login mode, the exit
status is not returned. zlogin returns a 0 exit status as long as no
connection-related error occurred.
In all modes, in the event that a connection to the zone cannot be
established, the connection fails unexpectedly, or the user is lacking
sufficient privilege to perform the requested operation, zlogin exits
with status 1.
To summarize, the following exit values are returned:
0 Successful entry.
1 Permission denied, or failure to enter the zone.
Any Return code from utility, or from su(8) if operating in non-
interactive mode.
In a solaris-kz brand zone, a non-console login is implemented by cre‐
ating a new terminal driver instance, and starting a stub process
called zvlogin which spawns the shell as needed. The zone must there‐
fore be booted to a certain point (such that the svc:/system/sysev‐
ent:default service is running) for zlogin to work. In all other
respects, the visible behavior is the same.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Availabilitysystem/zones _ Interface StabilityCommitted
SEE ALSO
attributes(7), login(1), rsh(1), su(8), tpd(7), vi(1), zoneadm(8),
zonecfg(8), zones(7)
NOTES
zlogin fails if its open files or any portion of its address space cor‐
responds to an NFS file. This includes the executable itself or the
shared libraries.
zlogin allows logins even if the usual environment is not yet avail‐
able. For example, the multi-user milestone has not been reached during
boot. As a result, some services such as mounted home directories may
not be available when using zlogin in these circumstances.
Oracle Solaris 11.4 25 Mar 2020 zlogin(1)