LX(7) Standards, Environments, and Macros LX(7)

lxzone brand for running a GNU/Linux user-level environment

The lx brand uses the brands(7) framework to provide an environment for running binary applications built for GNU/Linux. User-level code, including an entire Linux distribution, can run inside the zone. Both 32-bit and 64-bit applications are supported. The majority of Linux system calls are provided, along with emulation for a variety of Linux file systems, such as , and .

The /proc file system within the zone is a subset of a full Linux /proc. Most kernel-level tuning applied to /proc is unavailable or ignored. Some tuning can be performed, but only to reduce the overall limits that have been specified on the zone's configuration. That is, within the zone there is no way to increase the resource limits set on the zone itself.

The zone must be installed using one of: an absolute pathname of a zfs(8) send stream of a dataset which contains an image of the software to be run in the zone, a name of a zfs(8) dataset to be cloned or snapshot to be promoted, or the absolute pathname of a tar(1) file or gzipped tar file.


zoneadm -z myzone install -x nodataset
zoneadm -z myzone install -s /path/to/sendstream.zfs
zoneadm -z myzone install -s name/of/dataset-to-clone
zoneadm -z myzone install -s name/of/snapshot-to@promote
zoneadm -z myzone install -t /path/to/tarball.tgz

Applications provided by the base OmniOS operating system are also available within the zone under the mount point. This allows the use of various native tools such as dtrace(8), mdb(1), or the proc(1) tools on GNU/Linux applications. However, not every native tool will work properly within an lx zone.

In addition to the standard configuration options provided by the zones(7) framework, the following additional attributes are available for lx zones. These are defined as string attributes at the top level of the zone configuration (see the example below).

The DNS domain name for the zone, used to configure name resolution within the linux environment.
Enable IPV6 within the zone, true or false (defaults to true).
Specify the Linux version that the zone is emulating. This is a string value that is used in various places, including the output of the uname command and the contents of /proc/version.
A comma-delimited list of DNS resolver IP addresses, used to configure name resolution within the linux environment.

An example lx zone configured with VNIC "lx1" using a static IP address is below:

create -t lx
set zonepath=/zones/lx1
set autoboot=true
add net
    set physical=lx1
    set allowed-address=
    set defrouter=
    set global-nic=auto
add attr
    set name=dns-domain
    set type=string
    set value=example.com
add attr
    set name=resolvers
    set type=string
    set value=,
add attr
    set name=kernel-version
    set type=string
    set value=4.3.0

The brand only supports the exclusive IP stack zone configuration.

Most modern GNU/Linux application software runs on lx, but because there are some system calls or file systems which are not currently implemented, it's possible that an application won't run. This does not preclude the application running in the future as the lx brand adds new capabilities.

As there is only the single illumos kernel running on the system, there is no support for any Linux kernel-level modules. That is, there is no support for add-on drivers or any other modules that are part of the Linux kernel itself. If that is required, a full virtual machine should be used instead of an lx branded zone.

Any core files produced within the zone are in the native illumos format.

As with any zone, the normal security mechanisms and privileges apply. Thus, certain operations (for example, changing the system time), will not be allowed unless the zone has been configured with the appropriate additional privileges.

mdb(1), proc(1), brands(7), privileges(7), resource_controls(7), zones(7), dtrace(8), zfs(8), zoneadm(8), zonecfg(8)

April 4, 2020 OmniOS