How to Display Ready or Running Zones

This procedure creates a shell script that displays the labels of the current zone and all zones that the current zone dominates.

Before You Begin

You must be in the System Administrator role in the global zone.

1. Use the trusted editor to create the getzonelabels script.

   For details, see How to Edit Administrative Files in Trusted Extensions.

   Provide the pathname to the script, such as /usr/local/scripts/getzonelabels.

2. Add the following content, and save the file:

   #!/bin/sh # echo "NAME\t\tSTATUS\t\tLABEL" echo "====\t\t======\t\t=====" myzone=`zonename` for i in `/usr/sbin/zoneadm list -p` ; do zone=`echo $i | cut -d ":" -f2` status=`echo $i | cut -d ":" -f3` path=`echo $i | cut -d ":" -f4` if [ $zone != global ]; then if [ $myzone = global ]; then path=$path/root/tmp else path=$path/export/home fi fi label=`/usr/bin/getlabel -s $path |cut -d ":" -f2-9` if [ `echo $zone|wc -m` -lt 8 ]; then echo "$zone\t\t$status\t$label" else echo "$zone\t$status\t$label" fi done

3. Test the script in the global zone.

   # getzonelabels NAME STATUS LABEL ==== ====== ===== global running ADMIN_HIGH needtoknow running CONFIDENTIAL : NEED TO KNOW restricted ready CONFIDENTIAL : RESTRICTED internal running CONFIDENTIAL : INTERNAL public running PUBLIC

   When run from the global zone, the script displays the labels of all ready or running zones. Here is the global zone output for the zones that were created from the default label_encodings file:

Example 10–1 Displaying the Labels of All Ready or Running Zones

In the following example, a user runs the getzonelabels script in the internal zone.

# getzonelabels
NAME            STATUS          LABEL
====            ======          =====
internal        running         CONFIDENTIAL : INTERNAL
public          running         PUBLIC