Use this procedure to delegate a ZFS dataset to a non-global zone.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.
global# zfs create poolA/fs2
global# zfs set mountpoint=/fs-del/fs2 poolA/fs2
Setting the mountpoint is not required. If the mountpoint property is not specified, the dataset is mounted at /alias within the zone by default. Non-default values for the mountpoint and the canmount properties alter this behavior, as described in the zfs(1M) man page.
global# zfs get mountpoint poolA/fs2 NAME PROPERTY VALUE SOURCE poolA/fs2 mountpoint /fs-del/fs2 local
# zonecfg -z my-zone zonecfg:my-zone> add dataset zonecfg:my-zone:dataset> set name=poolA/fs2 zonecfg:my-zone:dataset> end
# zonecfg -z my-zone zonecfg:my-zone> add dataset zonecfg:my-zone:dataset> set name=poolA/fs2 zonecfg:my-zone:dataset> set alias=delegated zonecfg:my-zone:dataset> end
global# zfs get -r zoned poolA NAME PROPERTY VALUE SOURCE poolA zoned off default poolA/fs2 zoned on default
Note that the zoned property for poolA/fs2 is set to on. This ZFS file system was delegated to a non-global zone, mounted in the zone, and is under zone administrator control. ZFS uses the zoned property to indicate that a dataset has been delegated to a non-global zone at one point in time.