系统管理指南：Oracle Solaris Containers－资源管理和 Oracle Solaris Zones

如何列出带有详细输出的非全局区域的权限集

可以使用带有 -l 选项、表达式 zone，以及 -v 选项的 ppriv 实用程序列出区域的权限。

登录到非全局区域。此示例使用名为 my-zone 的区域。

在提示符下，键入 ppriv -l -v zone 报告区域中的一组可用权限，同时给出每个权限的说明。

my-zone# ppriv -l -v zone

将显示以下类似信息：

contract_event
        Allows a process to request critical events without limitation.
        Allows a process to request reliable delivery of all events on
        any event queue.
contract_observer
        Allows a process to observe contract events generated by
        contracts created and owned by users other than the process's
        effective user ID.
        Allows a process to open contract event endpoints belonging to
        contracts created and owned by users other than the process's
        effective user ID.
file_chown
        Allows a process to change a file's owner user ID.
        Allows a process to change a file's group ID to one other than
        the process' effective group ID or one of the process'
        supplemental group IDs.
.
.
.