After setting up Solaris Container Manager, the user needs to do the following tasks to manage projects, pools, and zones:
Create the required profiles on each host that needs to be managed by Container Manager
Be a part of the local access user list
Following are the necessary profiles:
On Solaris 10 - Zone Management, Pool Management, Project Management
On Solaris 9 - Pool Management, Project Management
On Solaris 8 - Project Management
Ensure that the user is associated with the necessary profiles by running the following command:
$ profiles <username>
(On Solaris 9 and 10)
Add the following line to the /etc/security/prof_attr file.
Pool Management:::Resource pool management profile:help=RtPoolMgmt
If Pool Management profile is not present in the /etc/security/prof_attr file, add the following lines to the /etc/security/exec_attr file.
Pool Management:suser:cmd:::/usr/sbin/pooladm:euid=0
Pool Management:suser:cmd:::/usr/sbin/poolcfg:euid=0
(On Solaris 8)
Add the following line to the /etc/security/prof_attr file.
Project Management:::Project management profile:help=RtPoolMgmt
If Project Management profile is not present in the /etc/security/prof_attr file, add the following lines to the /etc/security/exec_attr file.
Project Management:suser:cmd:::/usr/sbin/projadd:euid=0
Project Management:suser:cmd:::/usr/sbin/projmod:euid=0
Project Management:suser:cmd:::/usr/sbin/projdel:euid=0
Alternatively, you can create profiles using the Solaris Management Console or smprofile.
Run the following command to find if the user is a part of the local access user list for the SCM module.
<BASEDIR>/SUNWsymon/sbin/es-config -M scm-container -s
If user is not part of the access list, run the following command:
<BASEDIR>/SUNWsymon/sbin/es-config -M scm-container -l <user_name>