vm-manager/brand/nebula-vm/config.xml

<?xml version="1.0"?>

<!--
  nebula-vm zone brand configuration.

  Points to lifecycle scripts and defines required privileges.
-->

<!DOCTYPE brand PUBLIC "-//Sun Microsystems Inc//DTD Zones Brand//EN"
    "file:///usr/share/lib/xml/dtd/zone_brand.dtd.1">

<brand name="nebula-vm">

  <modname>nebula-vm</modname>

  <initname>/sbin/init</initname>
  <login_cmd>/usr/bin/login -z %Z %u</login_cmd>
  <forcedlogin_cmd>/usr/bin/login -z %Z -f %u</forcedlogin_cmd>
  <user_cmd>/usr/bin/getent passwd %u</user_cmd>

  <!-- Lifecycle scripts -->
  <install>/usr/lib/brand/nebula-vm/install.ksh %z %R</install>
  <boot>/usr/lib/brand/nebula-vm/boot.ksh %z %R</boot>
  <halt>/usr/lib/brand/nebula-vm/halt.ksh %z %R</halt>
  <uninstall>/usr/lib/brand/nebula-vm/uninstall.ksh %z %R</uninstall>
  <prestatechange>/usr/lib/brand/nebula-vm/support.ksh prestate %z %R</prestatechange>
  <poststatechange>/usr/lib/brand/nebula-vm/support.ksh poststate %z %R</poststatechange>

  <!-- Privileges granted to the zone -->
  <privilege set="default" name="proc_clock_highres" />
  <privilege set="default" name="sys_admin" />
  <privilege set="default" name="sys_mount" />
  <privilege set="default" name="file_dac_read" />
  <privilege set="default" name="net_rawaccess" />

</brand>