Security Privilege Error Messages Are Incomplete
Error messages displayed during failure of creation, modification, or deletion of Zone, Pool, or Project are incomplete and do not provide enough details. Following are the error messages you might encounter:
-
Cannot create the resource pool
-
Cannot create the zone
-
Cannot update the project, zone, or pool
-
Cannot activate the container for valid user
-
Cannot associate the container to the host
Workaround: If you encounter any of the previous errors, refer to the profile recommendations that follow. Before this, ensure that the user is a valid Sun Management Center user and has the necessary administration privileges (part of esadm, esdomadm groups).
Ensure that the user is associated with the necessary profiles by running the following command:
$ profiles <username>
Following are the necessary profiles:
-
On Solaris 10 - Zone Management, Pool Management, Project Management
-
On Solaris 9 - Pool Management, Project Management
-
On Solaris 8 - Pool Management, Project Management
If you find the necessary profiles missing, run the following command (as the superuser) and modify the profiles associated with a user:
# usermod -P "<comma separated list of necessary profiles>" <username>
If any profile does not exist on the system, add the missing entries in the following format to the prof_attr file in the /etc/security directory.
Pool Management:::Resource pool management profile:help=RtPoolMgmt.html
Project Management:::Manage Solaris projects:auths=solaris.project.read,solaris.project.write;help=RtProjManagement.html
Run the following command to find if the user is a part of the local access user list for the SCM module.
<BASEDIR>/SUNWsymon/sbin/es-config -M scm-container -s
If user is not part of the access list, run the following command:
<BASEDIR>/SUNWsymon/sbin/es-config -M scm-container -l <user_name>
- © 2010, Oracle Corporation and/or its affiliates