There are limitations that must be taken into consideration when installing into zones that share resources.
GSKit, the Global Security Toolkit, provides SSL (Secure Sockets Layer) processing within protocols such as SPIPE and HTTPS.
The main administration zone. Both local and remote installation is possible. GSKit installs into the standard location for Solaris, and the links are created in the standard location for Solaris.
A local zone with no shared file system resources. Local and remote installation is possible. GSKit installs into the standard location for Solaris, and the links are created in the standard location for Solaris. These locations are local to this zone and not shared with any other zone.
A local zone with some shared file system resources. Local and remote installation is possible if /opt is not a shared resource. GSKit installs into the standard location for Solaris, but the links are created in the new default location of $CANDLEHOME/gsklinks. These locations are local to this zone and not shared with any other zone.
A local zone with the default set of shared file system resources. This is a Small Local Zone with /sbin /lib /usr and /export directories shared with global zone. These directories are read-only file systems in local zone. Local and remote installation is possible. GSKit installs into the standard location for Solaris, but the links are created in the new default location of $CANDLEHOME/gsklinks. These locations are local to this zone and not shared with any other zone.
Local and remote installation is not possible. Tivoli® Monitoring installation always requires read-write access to the /opt directory. This is not only a GSKit issue. Even if CANDLEHOME is specified as the nondefault directory, read-write access to /opt/IBM/ITM/tmaitm6/links is still needed.
It is very difficult to predict all the possible shared-resource policies for small local zones and the possible side effects. It is the responsibility of the system administrator to create these policies without causing unintentional side effects between different zones and software installed.