Zones complement RBAC.

Similar Messages

• Solaris 8 branded zone and privileges

  Hello,
  I've just installed a Solaris 8 Branded zone to migrate an old server. The migration worked like a charm, and everything seems ok excepted one thing. The zone must run a Lotus Domino server, so the process needs to bind ports 80, 443 and 389, but it can't.
  I've found things about the limitpriv directive for the zone configuration, and the net_privaddr privilege to allow a process to bind ports under 1024.
  So now, if I run the process in the non global zone as root, it can bind, but if it is launched as the user notes, it can't.
  If I use the ppriv command to see what are the privileges of the process, I see :
  1945:   /opt/lotus/notes/latest/sunspa/server
  flags = <none>
          E: file_link_any,proc_exec,proc_fork,proc_info,proc_session
          I: file_link_any,proc_exec,proc_fork,proc_info,proc_session
          P: file_link_any,proc_exec,proc_fork,proc_info,proc_session
          L: contract_event,contract_observer,file_chown,file_chown_self,file_dac_execute,file_dac_read,file_dac_search,
          file_dac_write,file_link_any,file_owner,file_setid,ipc_dac_read,ipc_dac_write,ipc_owner,net_bindmlp,net_icmpaccess,
          net_mac_aware,net_privaddr,net_rawaccess,proc_audit,proc_chroot,proc_exec,proc_fork,proc_info,proc_lock_memory,
          proc_owner,proc_session,proc_setid,proc_taskid,sys_acct,sys_admin,sys_audit,sys_mount,sys_nfs,sys_resourceSo, the net_privaddr appears in the limit, but it is not enabled. How can I make it enabled for that process?
  Thanks

  Thanks for the link, good explanations about privileges but they seem unusable in Solaris 8 branded zone. It suggests to create a role with the privileges my process needs, using the "rolemod -K" command, but this option does not exist for the rolemod command in my Solaris 8 zone, it just supports "classic" RBAC.
  Maybe the solution would be to create the good profile for the user running the process, but I'm a little bit lost with RBAC and I can't find an existing profile corresponding to what I want.
  Actually, the limitpriv for my zone is "default,net_rawaccess,net_privaddr,file_dac_read" and that's all. I added net_privaddr and file_dac_read because I saw that a "ppriv -D" on the Lotus server complained about the lack of these privileges, but in fact they are already included in default privileges.

• LDAP naming service and UNIX RBAC

  Does anyone have any experience with using Directory Server to store authentication information for UNIX servers? Can Directory Server be used to store data that can be used for access control (RBAC) on a UNIX Server (Solaris 9 mostly)? Any help would be greatly appreciated.
  Thanks.

  we've used it for RBAC & printers as well...not knowing what it is you're really after, here's an example.
  for RBAC:
  d'oh~> cat rbac.ldif
  dn: uid=nelsin,ou=people,dc=example,dc=com
  changetype: modify
  SolarisAttrKeyValue: profiles=Zone Management,Cluster Management
  objectclass: SolarisUserAttr
  d'oh~> ldapmodify -h ds01.example.com -D "cn=Directory Manager" -w password -f rbac.ldif
  and for printing:
  d'oh~> cat printer.ldif
  dn: printer-uri=b1f2,ou=printers,dc=example,dc=com
  objectClass: top
  objectClass: printerService
  objectClass: printerAbstract
  objectClass: sunPrinter
  printer-name: unixa2
  sun-printer-bsdaddr: adds001.example.com,building1floor2,Solaris
  sun-printer-kvp: description=UNIX Printer in building 1 floor 2
  printer-uri: unixb1f2
  d'oh~> ldapadd -h ds01.example.com -p 389 -D "cn=Directory Manager" -f ./printer.ldif

• FA complète + FA épurée

  Bonjour,
  Je suis en train de développer une interface qui devra être affichée sur deux écrans de PC de la manière suivante :
  - un premier écran affichera l'interface complète, à des fins de tests et maintenance ;
  - un deuxième écran affichera une interface similaire mais épurée de toutes les commandes et indicateurs qui ne sont pas utiles pour l'utilisation de base de l'IHM.
  Par exemple :
  - le bouton "Stop Application" se retrouvera sur l'interface complète ET sur l'interface déportée ;
  - le bouton "Start Test" se trouvera uniquement sur l'interface complète et ne devra pas être visible dans l'interface déportée.
  Ce que je voudrais éviter, c'est dédoubler les commandes et indicateurs (ça ne sert à rien d'avoir 2 boutons "Stop Application") pour ne pas surcharger le diagramme.
  J'ai pensé à une solution toute simple : customiser chaque commande qui doit être déportée, en dédoublant l'image du bouton de sorte à ce qu'elle apparaisse 2 fois sur la face-avant, mais 1 fois sur l'écran principal et 1 fois sur l'écran déporté.
  J'aimerais savoir si c'est le meilleur moyen de faire cela, ou s'il y a un autre moyen de "déporter" ou "doubler" la FA, sans doubler le diagramme ?
  Merci de vos retours,
  Cordialement,
  cecileAiro
  Solved!
  Go to Solution.

  Non au contraire Cécile,
  Les FGV (functional Global variable) sont selon moi bien meilleur car elles vous permettent de créer un moteur d'action (code dans chaque état) et aussi d'éviter les situations de compétition.
  Cependant dans votre cas il suffit de récupérer la référence d'un clone. Etant donné que c'est juste de la lecture, une variable globale suffit amplement.
  Pour être sûr que l'on se synchronise sur le terme de FGV voici deux liens:
  http://forums.ni.com/t5/LabVIEW/Community-Nugget-4​-08-2007-Action-Engines/td-p/503801
  http://www.ni.com/white-paper/7517/en
  et le meilleur pour la fin:  http://zone.ni.com/devzone/cda/epd/p/id/6375
  Cordialement,
  http://forums.ni.com/t5/LabVIEW/Community-Nugget-4​-08-2007-Action-Engines/td-p/503801
  Romain DUVAL || Application Engineer Specialist ||Certified LabVIEW Architect (CLA) || Certified TestStand Architect (CTA)
  National Instruments France

• DNS: reverse zone comes back after remove and some follow up issues

  hello community,
  after installation of OSL i had setup dns with a primary zone.
  the automatically created reverse zone for my internal network is fine.
  whenever i enter a new system the default for the ip address is 10.0.0.1 and the reverse zone is automatically setup for this ip address.
  whenever i remove this reverse zone it come back automatically after saving the dns configuration.
  with this come some follow up error.
  server admin claim that there is no name server configured for this reverse zone.
  when i configure it the configured name server entry vanished after clicking the save button.
  when i try to configure settings i can not. i get the error message that the configuration can not be saved cause of the missing name server for the reverse zone i am not using ....
  in the log file i can see that the file for reverse zone can not be found.
  when i check the dns configuration in the shell i can see that the reverse zone file is not there.
  someone has an idea
  - whats the best way to fix this?
  - why is the gui still showing the reverse zone i am not using?
  - is the dns configuration also in the ldap db with wrong entries?
  regards
  christian

  Clean out your zone definitions, and start over. Server Admin is unfortunately seemingly fussy around the authoritative server stuff and the order stuff gets entered, and it seems you can get into a sequence where it doesn't have what it needs. I had encountered couple of cases when I was in a similar state as you're in now, and I ended up clearing and deleting the primary zone and re-adding the zone and the hosts, being careful to add the authoritative server as the first step of adding a zone.

• Solaris 8 Container in Solaris 10 Zone

  Hi All,
  one of our customers wants to run Solaris 8 with Oracle 8.1.7 in a BrandZ Zone. Does anybody have an idea about how stable Solaris 8 is in a Zone environment? Are there any known issues with Solaris 8 running in a Zone?
  Since Solaris 8 is EndOfShipment, are there chances to get up-to-date Sun Hardware bundled with Solaris 8 apart of using Solaris 10 Zones?
  Thanks in Advace,
  Dog

  i didnt however i wasnt hammering it. if the load was expected to be high i would have done the io layout diff (try and follow some of oracles ideas: SAME for one, if possible).
  some depends on the load and the load from the other zones. you can use allocate resource limits to give more priority to more important zones or make sure you have enough resources to start. what type of load are you expecting?

• ISE 1.2 Time Zone

  Hi Community!!
  I have a ISE 1.2 pair, v9 patch installed and sychronized. Recently our time zone changed to summer time which is one hour later. In the CLI I can see that the reference is sent by NTP and the clock has changed but in monitoring I can still see that there is an hour difference from real time.
  I read in Cisco official documentation that time cannot be changed on ISE or else it will become unusable but the logs are not being timestamped correctly and also the time the RADIUS request are made by NAD vs the time they are recieved by ISE have one hour difference.
  Is there a way to solve this? it seems to be prone to any kind of unexpected behaviour when we are least expecting it.
  Thank you!!

  Hmm, this is very strange and it almost seems like a bug with ISE. I would recommend that you contact TAC and have them check this out. 
  The reason I think that it is a bug (Related to the timezone) is the fact that the base OS (Cent/ADE OS) appears to be running fine and keeping track of DST (Day light savings) but the actual application (ISE) installed on Cent is not. 
  I am far from NTP or Linux expert but I don't believe that NTP pushes/honors timezones. I think NTP just synchronizes the clock while timezones/DST is controlled locally. 
  If the issue is not a bug, it is perhaps due to selecting the incorrect timezone. I have never done a deployment outside of the US and the UK so I am not familiar with timezones in Chile. However, if we take Eastern Time Zone for example. I had to make sure that I select "EST5EDT" in ISE and not just EST. If I simply selected EST then DST was not observed and made things ugly :) The same applied for Pacific timzone where I had to make sure that I select "PST8PDT" With all of that being said, I checked the CLI in ISE and I don't see any Chile related timezones that would indicate DST observations. You can check for those yourself by using the following command "show timezones"
  I was able to find these but perhaps there are more and a specific one to CST/CLST. I tried searching for those but could not find anything:
  NS-ISE-01/admin# show timezones | i Santiago
  America/Santiago
  NS-ISE-01/admin# show timezones | i Chile
  Chile/EasterIsland
  Chile/Continental
  NS-ISE-01/admin# show timezones | i CLT
  NS-ISE-01/admin# show timezones | i CLST
  Let me know what you find. I would like to know the cause/resolution
  Thank you for rating helpful posts!

• Zona Franca ICMS+IPI BXZF não desconto - Ordem de Vendas

  Boa tarde;
  Estou tentanto realizar uma configuração de um cenário Zona Franca para produtos importados no qual terão incidência de imposto ICMS+IPI.
  O cenário esta configurado desta forma:
  1) Cenário normal venda Zona Franca de Produto Nacionais. Sem incidência de impostos.
  - Código do Imposto I1.
  - IVA SZ dispara a linha de desconto BXZF no qual dá o desconto ZF - OK
  2) Cenário de itens importados - materiais com origem "1", "2" ou "8" - Incidência de ICMS+IPI.
  - Código do Imposto - I3 - ICMS+IPI
  - Deve trazer o código IVA "SD" disparando cálculo de ICMS.
  - BXZF é RefConType da IBRX.
  - Não deve disparar a linha BXZF.
  - BXZF - traz o IVA SZ.
  Cenário Configurado:
  - Criado uma nova tabela 972 - País, ClassCliente, Classi Mat, Origem Material.
  - Sequencia de Acesso IZOF  - a tabela 972
  - Condição  DIZF - Seq Aces - IZOF.
  - Quando crio a ordem de vendas o sistema trata desta maneira:
  1) Ele verifica a origem do material encontra "1"
  2) Determina na condição DIZF - IVA "SD"
  3) BXZF é um RefconType da IBRX
  4) Por isso BXZF - determina "SD"
  Entretanto, a linha de desconto BXZF  esta trazendo o desconto ZF no qual se tenho o IVA SD não deveria trazer a linha.
  Alguém tem alguma ideia de como fazer a configuração?
  OBS: ZZOF é a mesma SeqAce - IZOF.
  Muito Obrigado
  Rodrigo Vieira

  Olá André;
  Então pelo que entendi para o tipo de materiais com origem 1,2 e 8 Importados que não quero que aplique a linha de desconto se hoje tenho uma tabela de condição criada 972 972 - País, ClassCliente, Classi Mat, Origem Material e associada a sequência de acesso e condição DIZF conforme abaixo irá encontrar e SD, porém irá aplicar o desconto.
  Registro de condição cadastrada.
  BR 2 1 1  Foreign - imported directly  100,000  % 01.04.2014 31.12.9999 SD
  BR 2 1 2  Foreign - acquired nationally  100,000  % 01.04.2014 31.12.9999 SD
  BR 2 1 8  National - with import content over 70%  100,000  % 01.04.2014 31.12.9999 SD
  Tenho um cenário que na mesma pricing terie produtos Nacionais origem "5" e Importados origem 1,2 e 8.
  Para o primeiro a linha de desconto precisa ser disparada por causa da isenção..
  Então o SZ na condição DIZF irá ser disparada e o desconto na BXZF séra aplicada.
  Entretando, como posso fazer para que não se aplique o desconto..
  As únicas possibilidades foi criado sequência de acesso forçando o SD, porém como a condição DIZF é determinada porque encontra origem ele força o desconto na BXZF
  Tem alguma sugestão ou ideia de ocmo posso configurar?
  Abs
  Rodrigo Vieira

• Desconto do ICMS da Zona Franca de Manaus - Registro de Entrada

  Bom dia caros colegas!
  Estou com um cenário referente ao ICMS da Zona Fanca de Manaus, como sabemos este imposto é dado como desconto no total da fatura, o cenário ora solicitado pelo usuário é o seguinte.
  Vr.Contábil  ->  65.892,29
  BC ICMS     ->   74.877,60
  Aliq.ICMS    ->    12%
  Vr. ICMS      ->     8.985,31
  A versão que estou usando é a 6.0
  Vocês sabem me informar se existe alguma configuração stander para esse cenário, sei que existe a nota 8622370 com desconto na MIRO, porém o lançamento no Registro de entrada não fica correto.
  Abs
  Nobre

  Olá Nobre,
  Não encontrei a nota que você informou.
  Contudo, seguem duas notas bem importantes com configurações da Zona Franca:
  790429 - Transfer to Tax free zone (Zona Franca) ICMS not discounted
  622370 - MIRO: ICMS-Discount by buying in Tax Free Zones(Zona Franca)
  As notas ensinam a configuração das condições especiais para Zona Franca, que são ICZF e ICZG.
  Atenciosamente,
  Carla Kunz Bussolo

• Recebimento de Transferencia na Zona Franca - Erro M7050 Saldo nao nulo. Transacao MB0A

  Pessoal,
  Boa noite,
  Estou com um problema e preciso da ajuda de vocês.
  ERRO M7050 - Saldo não nulo: 28,04 - Debito: 28,08 Credito: 0,04
  Quando realizo a entrada da transferência através da transação MB0A, ele executa esse erro. Quero acreditar que o SAP não esta considerando o valor da redução do ICMS que a Zona Franca possui, pois eh justamente o valor da redução na saída da mercadoria.
  As notas 622370 e 790429 estão aplicadas no sistema, alem de ter a condition do ICMS de credito presumido da ZF marcado como D - Imposto de transferência na cadeia de contabilização.
  Vocês sabem o que esta acontecendo?
  Obrigado.

  Oi Renan & Hernandes
  O que vcs tem na tabela J_1BCONDMAPV e J_1BTXCOND no que diz respeito a nota 790429?
  Qual versão do erp que vcs estão?
  Imagino que vcs já tenham olhado a nota.. 1826651 - STO: ICMS wrongly calculated for Full/Partial return from ZF
  Abraço
  Eduardo Chagas

• Can you program a Slave's Node ID or Zone ID using the USB-8476 as the LIN Master?

  I am planning on using the USB-8476 LIN interface as the LIN bus Master in an application.  The application would require the USB-8476 (Master) to program a Node ID and Zone ID into a slave device that is on the LIN bus.  The slave device is a PIC12F1822 mcu + MCP2021 LIN transceiver.  After reading through the User/Software Manual for the USB-8476, it does NOT seem possible to assign an ID to a slave device.  It seems like you can only communicate with slaves that already have an ID programmed into their memory.  The Node/Zone ID terminology is used by our customer and may not conform exactly to the IDs associated with LIN.  I am new to the LIN world, so please let me know if you need more information about what I'm trying to accomplish.  Can you program a Slave's Node ID or Zone ID using the USB-8476 as the LIN Master?

  No need to respond to this topic.  The company that builds the slave device has a communications specification that was recently provided to me.  I should be able to use the NI USB-8476 and a call to the ncWrite function (NI-CAN Frame API function) to accomplish my goals. 

• Zone install file system failed?

  On the global zone, my /opt file system is like this:
  /dev/dsk/c1t1d0s3 70547482 28931156 40910852 42% /opt
  I am trying to install it in NMSZone1 like this config:
  fs:
  dir: /opt
  special: /dev/dsk/c1t1d0s3
  raw: /dev/rdsk/c1t1d0s3
  type: ufs
  options: [nodevices,logging]
  But failed like this:
  bash-2.05b# zoneadm -z NMSZone1 boot
  zoneadm: zone 'NMSZone1': fsck of '/dev/rdsk/c1t1d0s3' failed with exit status 3
  3; run fsck manually
  zoneadm: zone 'NMSZone1': unable to get zoneid: Invalid argument
  zoneadm: zone 'NMSZone1': unable to destroy zone
  zoneadm: zone 'NMSZone1': call to zoneadmd failed
  Please help me. Thanks.

  It appears that the c1t1d0s3 device is already in use as /opt in the
  global zone. Is that indeed the case? If so, you need to unmount
  it from there (and remove or comment out its entry in the global
  zone's /etc/vfstab) file and then try booting the zone again.

• Is my iPhone calendar reading from the wrong time zone? How do I fix it?

  First, here is all the info that I have about all of the clocks on my phone: the date and time on my iPhone are set automatically to Vancouver's time zone, in the Clock app though, I've also added in the clocks for Seoul and Manila so that I know the time when I need to contact friends out there, etc. Location wise, everything else on my phone is fine: my map correctly shows where I am, the weather app shows the weather for my city and my clock changes automatically for daylight savings.
  Now, when I put in an event into the calendar app, while putting in the details such as start and end time, the Time Zone slot is always set to Seoul for some reason. I have to go in and change it to Vancouver manually. Even after doing this and setting everything though, the alarm always goes off at the wrong date and time - I think it' s going off at when that time reaches Seoul, not Vancouver. So then I tried setting it again, this time, leaving the time zone as Seoul in case things were somehow just 'backward' in my phone, and still the alarm went off at the wrong date and time.
  I really can't understand it and haven't got the faintest clue as to how to fix it. Any ideas??
  In case this better or further explains what I'm trying to say:
  I just opened a new event on my calendar. I set it to begin twenty minutes from now (5:20AM) and left the ending time as the default one hour later (6:20AM). I also did not change the time zone which is already reading Seoul for whatever reason. I hit done, I'm taken back to the main calendar page, and there it shows as it should: 5:20AM today. I then went to set second event for 5:15AM only this time, I changed the timezone to Vancouver. All the information looks correct, but this time, when I hit done and am taken to the main calendar page, that event is recorded as having been set to 21:15PM instead!!
  [ I have an iPhone 4 but...I don't know what CDMA or GSM means so I'm not sure which pertains to me...]

  Go to Settings>Mail, etc.>iCloud and delete the account. Then add in a new account with the details you want.

• Unable to install a zone: Copying 0 files to the zone.

  Hi forum users,
  I really hope someone has any idea what could be wrong here.
  First of all, the server is patched with security and recommended patches, except for 118344-13 -> R-- SunOS 5.10_x86: Fault Manager Patch which I will install on the next maintenance day. It already has 4 zones running without problem.
  However when I try to install a new zone now it always fails.
  # zoneadm -z blah install
  Preparing to install zone <blah>.
  Creating list of files to copy from the global zone.
  Copying <0> files to the zone.
  Initializing zone product registry.
  Determining zone package initialization order.
  ERROR: package <SUNWcsu> is not complete: skipping installation of package
  ERROR: package <SUNWcsr> is not complete: skipping installation of package
  ERROR: package <SUNWcsl> is not complete: skipping installation of package
  ERROR: package <SMCreadl> is not complete: skipping installation of package
  ERROR: cannot determine dependency ordered package list from package repository </var/sadm/pkg>
  ERROR: cannot generate dependency ordered list of packages from global zone </var/sadm/pkg>
  ERROR: failed to initialize packages from global zone </> to zone </zones/blah/root>
  ERROR: cannot copy and initialize packages from global zone to local zone <blah> path </zones/blah/root>
  ERROR: cannot create zone boot environment <blah>
  zoneadm: zone 'blah': '/usr/lib/lu/lucreatezone' failed with exit code 74.
  To me it seems obvious that the problem lies in the fact that it doesnt even copy a single file to the configured zone, therefor it can't install any packages and all the rest fails too. The big question of course is, why does it think it only needs to copy 0 files? Has anyone encountered such a problem before? I havent found anything yet on patches breaking zoneadm install but might have missed it.
  Does it looks like a HD corruption?Might be since the Sun Management Console agent does seem to freeze on that server too once in a while.

  All the packages are fine in the global zone, pkginfo -l tells me the packages are complete.
  I did try the truss wrap but it gives me so much info it is hard for me to figure out if something is wrong. The only error i think that returns often and that is not resolved is:
  ioctl(4, TCGETA, 0x080471E4) Err#25 ENOTTY
  ioctl(4, TCGETA, 0x08047294) Err#22 EINVAL
  The part where it seems to compile a list of files to copy however is very empty of truss entries:
  Preparing to install zone <gal2en-survey>.
  Creating list of files to copy from the global zone.
  Copying <0> files to the zone.
  Initializing zone product registry.
  Determining zone package initialization order.
  read(4, 0x0806DD3C, 5120) (sleeping...)
  ERROR: package <SUNWcsu> is not complete: skipping installation of package
  This issue is still unresolved for me. For now the only way to create a new zone on that server is to manually copy all files from another zone, editing the zonecfg entry and net config files for the zone, then i can boot and run it.

• Problem with zone installation on solaris 08/07

  Hello :)
  I need some help
  I install solaris 10 08/07 on my x2100 M2.Everything is ok.
  Then I try to install non-global zone named web-zone with the following commands:
  # mkdir /export/web-zone
  # chmod 700 /export/web-zone
  # zonecfg -z web-zone
  web-zone: No such zone configured
  Use 'create' to begin configuring a new zone.
  zonecfg:web-zone> create
  zonecfg:web-zone> set autoboot=true
  zonecfg:web-zone> set zonepath=/export/web-zone
  zonecfg:web-zone> add net
  zonecfg:web-zone:net> set address=192.168.0.3
  zonecfg:web-zone:net> set physical=bge1
  zonecfg:web-zone:net> end
  zonecfg:web-zone> info
  zonepath: /export/web-zone
  autoboot: true
  pool:
  inherit-pkg-dir:
  dir: /lib
  inherit-pkg-dir:
  dir: /platform
  inherit-pkg-dir:
  dir: /sbin
  inherit-pkg-dir:
  dir: /usr
  net:
  address: 192.168.0.3
  physical: bge1
  zonecfg:web-zone> verify
  zonecfg:web-zone> commit
  zonecfg:web-zone> exit
  # zoneadm -z web-zone verify
  # zoneadm -z web-zone install
  # zoneadm list -cv
  # zoneadm -z web-zone boot
  When I zlogin into zone configuration stack with:
  Fatal internal error: prompt_error called before prompt_open!
  The IP address previously set on the network interface
  is no longer available. The system state is corrupted. System identification
  can no longer continue.
  Press Return to continue
  And that�s it :)
  On interface bge1 I have 2 ip addresses, one for management processor (192.168.0.254) and one for global zone (192.168.0.2)
  The output from ifconfig �a is :
  # ifconfig -a
  lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
  inet 127.0.0.1 netmask ff000000
  lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
  zone web-zone
  inet 127.0.0.1 netmask ff000000
  bge1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
  inet 192.168.0.2 netmask ffffff00 broadcast 192.168.0.255
  ether 0:1b:24:5:4f:6f
  bge1:1: flags=4001000842<BROADCAST,RUNNING,MULTICAST,IPv4,DUPLICATE> mtu 1500 index 2
  zone web-zone
  inet 192.168.0.3 netmask ffffff00 broadcast 192.168.0.255
  Any Ideas ?? :)
  Thaks
  pp Sory for my baad english :)

  Hi
  Thank you for replay
  This is happened exactly when I zlogin for first time to complete installation.
  The installation procedure flow flawless.I set terminal type 13 (dt terminal) and everything is OK, but when I try to setup hostname I�ve got this error.
  I try this with 3 different zones on this machine with same result
  I have old x86 machines with solaris 11/06 zones installed , everything works fine (1 year uptime)
  This is not the first zone in my life :)
  Best Regards
  DJ JAM