Go to main content

手册页第 7 部分:标准、环境、宏、字符集和杂项

退出打印视图

更新时间: 2022年7月27日 星期三
 
 

mwac(7)

名称

mwac, MWAC - Mandatory Write Access Control

描述

Mandatory Write Access Control (MWAC) implements a new policy in the Oracle Solaris operating system that allows for fine-grained control over the writability of objects on otherwise read-only file systems.

In the current instance of the Oracle Solaris operating system, the kernel implements the MWAC policy for non-global and global zones preventing any overruling of the policy from within the zone.

Zones marked as read-only have their root file system write-protected by MWAC. Only the file system objects that are write-listed by the read-only-profile are writable. See zonecfg(8). Other file system objects are read-only.

Creating links to objects that are read-only by virtue of the MWAC-policy is not allowed.

Process with the PRIV_PROC_TPD flag set are exempt from the MWAC-policy. Such process can be created by using Trusted Path login or using the –T or –U option for zlogin.

另请参见

ln(1), getpflags(2), link(2), pathconf(2), tpd(7), zoneadm(8), zonecfg(8)