Professional Documents
Culture Documents
Solaris™ OE Administration
Notes
Minutiae
SUN stands for Standford University Network
The logo for Sun was developed by Vaughan Pratt
# uname -n
#hostname
4)To find the RAM of your machine:
# prtconf | grep Mem
5) To find the number of hard disks attached to your machine:
# format
6) To find the release of your Operating System:
# cat /etc/release
7) To find the file system usage:
# df -k
# df -h
“k” option would fetch the output in Kilobytes
“h” option <human readable format> fetch the output in Gigabytes
8) To find the processes that are running on your machine:
# prstat
# ps -ef
# top
# sdtprocess
ROOT
[Superuser]
/var
/export/home
the same.
• /export/home : It contains the home directory of all the users, who are
created in Solaris Operating System. If a user 'simusr' is created in Solaris,
he will have his directory – by convention – created under /export/home
and would bear the same name as he login name. Hence the absolute path
to his directory would be /export/home/simusr
• /var : /var contains all logs and spools. This is a variable file system and is a
major source for support calls. Hence special care should be taken while
assigning space to the /var file system.
Note: The Kernel modules of Solaris Operating System are located in three
different directory name spaces which are mentioned below:
disk name/save
Note (2) : /etc/vfstab file contains all the file systems that needs to be
mounted during the booting process. /etc/mnttab file (it's psuedo file system)
contains all the file systems that are currently mounted.
Step 6: To unmount (to make it inaccessible) the file system:
# umount /export/home
Note: By running the command mentioned above, the device (say, /
dev/dsk/c0t0d0s7) mounted on the empty directory /export/home would be
'detached' (would become inaccessible under the /export/home directory).
Note (2): Tounmount a file system foricbly:
# umount -f /export/home
or
# fuser -cu /export/home
# fuser -ck /export/home
# umount /export/home
Step 7: Tocheck the file system inconsistency:
# fsck -y /export/home
Note: “fsck” should be run on an unmounted file system.
Note (2): fsck runs in two modes: (a) Silent/Preen mode (b) Interactive mode
Note (3) : fsck runs on raw device file. The above command is run on a mount
point. Recall that a mapping between the mount point and the raw device file
for the device mounted on that mount point exist in the /etc/vfstab file. Note
that the -y option in the aforesaid command forces fsck command to run in
silent/preen mode.
Important Files:
1. /etc/passwd --> Contains the user information
2. /etc/shadow --> Contains the “encrypted password” of
users
3. /etc/group --> Contains the information about the
groups.
System Security
/etc/default/su --> Controls the 'su' log attempts
/etc/default/login --> Restricts remote root logins
/etc/default/passwd --> System Wide Password Ageing
/etc/default/kbd --> Controls the Abort (STOP + A) Operating
/etc/ftpd/ftpusers --> List all users who are denied FTP Access
Note: You could set the default values for all the NVRAM variables by holding
the L1 + N Key continously while the Solaris machine boots up.
1. Bootprom Phase
2. Bootblock Phase
3. Kernel Initialization Phase
4. Init Phase
Init program reads the /etc/inittab file to find the default run level of Solaris.
A run level indicates a state of machine in which some / all of the services
would be running. You could find the run level of a Solaris machine by running
the following command:
# who -r
Note: All services are located under the directory /etc/init.d. All the services
located under the /etc/init.d directory have a hard link to /etc/rc#.d
directory, which # would be replaced with 2, 3 etc.
-y indicates the answer to the question “Do you want to shutdown is 'yes'.”
-g indicates that the grace time is zero seconds
-i5 indicates the run level to which the machine should be brought down is five.
If those options were not mentioned in the shutdown command, the following
would have occurred (default behaviour of the shutdown command):
Scheduling a job:
1. Use of “at” command (one time job)
2. Use a cron file
* * * * * <command to be executed>
Month
Hours
Minutes
Description: The above command would take a back up of the file system /
export/home to a tape in the drive /dev/rmt/0. The letter 'n' indicates that
the tape should not be rewound after the back up is done. The switches in the
ufsdump command denotes the following:
Configuring NFS
Step 1. Edit /etc/dfs/dfstab file to add an entry to share a file system. The
entry would be something like the one mentioned below:
# /etc/init.d/nfs.server stop
# /etc/init.d/nfs.server start
step 3. Run the following command to see whether that filesystem has been
successfully shared or not:
# dfshares
Configuring AutoFS
• AutoFS works on the client side.
• It automatically mounts and unmounts the file systems on the NFS client on
a need basis.
• Eliminates the need to populate entries in the /etc/vfstab on the client side
to mount file systems (during booting) that are shared on a remote
machine.
/home auto_home
/- auto_direct
/mnt -o ro <server_name>:/usr/share/man
smcnealy <server_name>:/export/home/smcnealy
Note: In /etc/auto_direct, the absolute path of the mount point and the
device to mount from the remote machine are mentioned; whereas in /
etc/auto_home, a relative path of the mount point and the device to mount
from the remote machine are mentioned. The mount point specified in the /
etc/auto_home file (read map) is relative to the path specified corresponding
to the Indirect map in the Master map (/etc/auto_master). Any change that is
made to the Master map (/etc/auto_master) and Direct map
(/etc/auto_direct) would require you to run the 'autmount' command. No
command needs to be executed for the changes in the /etc/auto_home
(indirect map) to take effect.
A Tip -;
Most of the files associated with RBAC are located under the directory /etc/security
Note: - Role Based Access Control was introduced in Solaris 8 and is used to
break the conventional concept of 'All or None' philosophy. All versions of
Unix allows the root user to perform all kinds of tasks, whereas a simple user
is given no power at all. RBAC lets the Administrator create some roles which
would perform certain Administrative tasks. Then the role is assigned to a
simple user. Whenever that administrative task needs to be performed, the
simple user will login to his/her normal account and then would 'su' to his role
and finally perform the administrative job that he is authorized to perform.
The files updated when a roleadd command is executed are:
1. /etc/user_attr
2. /etc/passwd
3. /etc/shadow
Jumpstart Installation
Copying the Solaris OS image from the media to the hard disk:
#./setup_install_server /export/home/install
#./add_to_install_server /export/home/install
Note:- The scripts mentioned in step 1 & step 2 could be located in the CD 1 of
2 and CD 2 of 2 of Solaris OE respectively. Step 1 and Step 2 would copy the
OS image from the media to a location /export/home/install in Jumpstart
Server.
Populate /etc/hosts & /etc/ethers file on Jumpstart Server with Client info:
#vi /etc/ethers
0:8:20:x:x:x sun1
#vi /etc/hosts
192.168.1.100 sun1
syidcfg file
terminal=dtterm
system_locale=en_US
security_policy=NONE
name_service=NONE
network_interface=PRIMARY{protocol_ipv6=no netmask=255.255.255.0
default_route-127.0.0.1}
root_password=CYTukCsj8T7FY
timezone=Singapore
timeserver=localhost
“any_machine” file [class file]
install_type initial_install
system_type standalone
partitioning explicit
filesys c0t0d0s1 1024 swap
filesys c0t0d0s3 1024 /export/home
filesys c0t0d0s0 free /
filesys c0t0d0s4 100 /globaldevices
cluster SUNWCXall
The “rules” file
any - - any_machine -
Finish Script
Begin Script
Value
Key
Put all the configuration files (sysidcfg, rules, class file) in a directory, say /
export/home/config and run the 'check' script to check the syntax of the rules and
the class file. That would create a new file named rules.ok. The same is illustrated
below:
# cd /export/home/config
#ls
sysidcfg rules any_machine check
#./check
<Output omitted>
#pwd
/export/home/config
#ls
sysidcfg rules any_machine check rules.ok
For all the clients who would use the jumpstart server run the following script:
#./add_install_client -c jumpstart_server:/export/home/config -p \
jumpstart_server:/export/home/config client_name sun4u
Note (1): The script is located in the Solaris OS CD / OS image in the hard disk.
Note (2): Once this script is executed /etc/dfs/dfstab file would be populated with
an appropriate entry for the OS image. If this script was run from the OS in the
media, /etc/dfs/dfstab file would contain the entry for the CD-ROM. It this script
was run from the OS image on the hard disk, then an entry for the directory which
contains the OS image (say /export/home/install) will be added in /etc/dfs/dfstab.
Note (3). An entry for the directory which contains the Jumpstart configuration files
NEEDS TO BE ADDED MANUALLY.
Flash Installation
Note : To perform a flash installation you need to trigger the installation either
using a media (CD-ROM /DVD) and then use the flash archive to continue
with the installation process or use the jumpstart server. In Jumpstart, the
only file that needs to be altered to perform a flash installation is the class file
(or profile file). A sample class file is included below:
install_type flash_install
archive_location nfs://server_ip/export/flarloc/js_archive
partitioning explicit
filesys c0t0d0s1 1024 swap
filesys c0t0d0s3 free /export/home
filesys c0t0d0s0 12288 /
filesys c0t0d0s4 100 /globaldevices
• server_ip is the IP address of the machine, which contains the flash archive.
• js_archive is the name of the archive that would be used during the
installation process.