Device Use in Non-Global Zones
The set of devices available within a zone is restricted to prevent a process in one zone from interfering with processes running in other zones. For example, a process in a zone cannot modify kernel memory or modify the contents of the root disk. Thus, by default, only certain pseudo-devices are considered safe for use in a zone. Additional devices can be made available within specific zones by using the zonecfg
utility.
Caution:
Applications that depend on devices that do not exist in a non-global zone, such as/dev/kmem
, cannot be run in a non-global zone.