Solaris Notes

Solaris™ OE Administration Notes
For Private Circulation Only
Solaris™ OE Administration
Notes
Solaris™ Operating System is Sun's Flavour of Unix®. Sun Microsystems Inc

had developed an Operating System by name SunOS during the early 1980s,
which was a derivative of BSD flavour of Unix®. Later on in the Year 1988 Sun
Microsystems Inc. along with AT & T Laboratories developed a commercial
version of Unix® named SVR4, expanded as System Five Release Four. In the
early 1990s Sun Microsystems Inc. decided to phase out their BSD flavour of
Unix (read SunOS) and develop an Operating System based on System V
Release Four, consequence of which marked the birth of Solaris Operating
System. The current version of Solaris Operating System running on
Production Servers is 10.
Minutiae
SUN stands for Standford University Network
The logo for Sun was developed by Vaughan Pratt
Know Your Sun Box and OS
1) To find the Kernel version of the Solaris running on your machine:

# uname -r
2) To find the architecture of your machine?
# uname -a
3) To find the hostname of your machine?
Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 1

# uname -n
#hostname
4)To find the RAM of your machine:
# prtconf | grep Mem
5) To find the number of hard disks attached to your machine:
# format
6) To find the release of your Operating System:
# cat /etc/release
7) To find the file system usage:
# df -k
# df -h
“k” option would fetch the output in Kilobytes
“h” option <human readable format> fetch the output in Gigabytes
8) To find the processes that are running on your machine:
# prstat
# ps -ef
# top
# sdtprocess
Note (1): “top” is a command that comes in Solaris Companion CD.

Note (2): ps -ef will fetch the 'point in time snapshot' of processes.
Note (3): sdtprocess would trigger the CDE Process Manager.
9)To list the users that are created on your machine:

# listusers
10)Tofind out the IP Address and Ethernet Address of your machine:
# ifconfig -a

Directory Structure in Solaris OE
ROOT
[Superuser]
/etc /platform /kernel
/dev /devices /usr
/var
/export/home
• Root [ / ] : Root is at the top of the directory hierarchy in Solaris OE.

Root is indicated by a forward slash ( / ). All the other directories fall
under the root directory. Root directory incidentally is the home directory
of the super user or the System Administrator. For details on Best
Administrative practices, please refer to the website www.samag.com
• /etc : “etc” directory under root contains all the system configuration
files. /etc/system is the kernel configuration file in Solaris Operating
System. If you would wish to overwrite any default values of the Solaris
Kernel, you would edit this file. Any change that you would make to /
etc/system file would require you to reboot the machine. If this file is
tampered the system will not come up. Hence make sure that a back up
copy of this file (/etc/system) is made before any modification is made on

the same.
• /export/home : It contains the home directory of all the users, who are
created in Solaris Operating System. If a user 'simusr' is created in Solaris,
he will have his directory – by convention – created under /export/home
and would bear the same name as he login name. Hence the absolute path
to his directory would be /export/home/simusr
• /var : /var contains all logs and spools. This is a variable file system and is a
major source for support calls. Hence special care should be taken while
assigning space to the /var file system.
Note: The Kernel modules of Solaris Operating System are located in three
different directory name spaces which are mentioned below:
• /kernel : It contains all Kernel modules that are platform independent.

• /platform: It contains all Kernel modules that are platform dependant.
• /usr : It contains all Kernel modules that are loaded only on user demand.
For eg:- The module required to execute a Java Program (javaexec) needs
to be loaded only during the actual execution of the program, not
necessarily during the booting process. Hence javaexec, which is a kernel
module located under the directory /usr will be loaded only when the user
would execute his first java program. Whereas the Kernel modules that are
located under /platoform and /kernel are loaded mandatorily during the
booting process. You could over ride the default behaviour (loading Kernel
modules only on user demand) by using 'forceload' directive in /etc/system
file.
• /devices: Contains the physical device names, which are hard to decode
• /dev: Contains logical device names for all devices. Used by the System
Administrators for administring the devices attached to the Solaris box.
Note: /dev is a link to /devices

Soft Link Hard Link

In Layman's language: a shortcut In Layman's language: an alias
Can be applied to both files and directories Can be applied only on files
Can exist across a file system Cannot exist across a file system
Created using “ln -s” command Created using “ln” command
What to do with a physical disk ?
Step 1. Attach the physical disk to the Sun Box.

Step 2. Run the following command to reconfigure the new device (hard disk)
connected to your box.
# devfsadm
Note: The aforesaid command does not require you to reboot the machine.
Alternatively, you could follow the below-mentioned steps to reconfigure a
new device.
1. Connect the new device.
2. Create /reconfigure file (# touch /reconfigure)
3. Power-off your machine (# init 5)
4. Switch on the new device
5. Switch on the machine
Note ( 2 ): The /reconfigure file will be deleted automatically.
Step 3. Confirm whether the new hard disk has been detected or not.
# format
Step 4. Partition the hard disk using the “format” utility. Please find the
following illustration to recollect the partioning process in Solaris Operating
System. The VTOC (Volume Table of Contents /Disk Label) is located in the
zeroth sector of the hard disk. VTOC contains the partition information. If the
VTOC is lost, the data in the hard disk becomes inaccessible to the users. A
copy of the VTOC is put into the memory when the “format” utility is run to
perform operations on a specific hard disk. The operations could include the
following:

• Partitioning of the hard disk

• Saving the partition information to a file by name /etc/format.dat,
which could be used to perform partitioning process on several
hard disks at a stretch with same geometry.
disk name/save
On Disk In Memory /etc/format.dat

label select
Step 5: Add file system to the partitions:

# newfs /dev/rdsk/c0t0d0s0
Note: “newfs” commmand works in raw device files
Step 6: Mount the device so that it becomes accessible to the users:
# mount -F ufs -o rw,logging /dev/dsk/c0t0d0s7 /export/home
Note : /dev/dsk/c0t0d0s7 is the device to mount and /export/home in the
above command is the mount point/access point. Once the above-mentioned
command is executed, the file system /dev/dsk/c0t0d0s7 becomes
accessible under the /export/home directory. If you would wish to execute
the above command, automatically, every time the system is rebooted,
populate seven fields in /etc/vfstab file. The seven fields in /etc/vfstab are:
1) Device to mount
2) Device to fsck
3) Mount Point
4)File system type
5) Fsck pass
6) Mount at boot
7) Mount options

Note (2) : /etc/vfstab file contains all the file systems that needs to be
mounted during the booting process. /etc/mnttab file (it's psuedo file system)
contains all the file systems that are currently mounted.
Step 6: To unmount (to make it inaccessible) the file system:
# umount /export/home
Note: By running the command mentioned above, the device (say, /
dev/dsk/c0t0d0s7) mounted on the empty directory /export/home would be
'detached' (would become inaccessible under the /export/home directory).
Note (2): Tounmount a file system foricbly:
# umount -f /export/home
or
# fuser -cu /export/home
# fuser -ck /export/home
# umount /export/home
Step 7: Tocheck the file system inconsistency:
# fsck -y /export/home
Note: “fsck” should be run on an unmounted file system.
Note (2): fsck runs in two modes: (a) Silent/Preen mode (b) Interactive mode
Note (3) : fsck runs on raw device file. The above command is run on a mount
point. Recall that a mapping between the mount point and the raw device file
for the device mounted on that mount point exist in the /etc/vfstab file. Note
that the -y option in the aforesaid command forces fsck command to run in
silent/preen mode.
Package & Patch Administration

1. pkgadd – To add a package
2. pkgchk – Tocheck the integrity of the package
3. pkginfo – Tofetch the information about packages/a package
4. pkgrm – Toremove a package

1. patchadd – To add a patch

2. patchrm – To remove a patch
3. patchadd -p / showrev -p – To fetch information about the patches
installed
Note: Though “showrev -p” and “patchadd -p” would throw the same output,
“showrev -p” would run a bit faster as compared to “patchadd -p” .
“Patchadd -p” is a script, “showrev -p” is binary. The patches are obtained
either from EIS CD or from sunsolve.sun.com.
User & Group Administration

1. useradd – To add a useradd
2. usermod – Modify any attributes of an existing user
3. userdel – To delete a user account
1. groupadd – To add a group

2. groupmod – To modify the attributes of a group
3. groupdel – To delete a group
Important Files:
1. /etc/passwd --> Contains the user information
2. /etc/shadow --> Contains the “encrypted password” of
users
3. /etc/group --> Contains the information about the
groups.
System Security
/etc/default/su --> Controls the 'su' log attempts
/etc/default/login --> Restricts remote root logins
/etc/default/passwd --> System Wide Password Ageing
/etc/default/kbd --> Controls the Abort (STOP + A) Operating
/etc/ftpd/ftpusers --> List all users who are denied FTP Access

Commands @ the Forth Monitor (OK Prompt)
1. boot -r --> Reconfiguration booting

2. boot -a --> Interactive booting
3. boot -s --> Boot in Single user modes
4. printenv --> Print the Environment variables
5. setenv --> Set the Environment variables
6. set-defaults --> Set the default value for all the
environment variables
7. set-default --> set the default value for a specific
environment variable
8. devalias --> List the alias names for all devices
9. nvalias --> Set an alias name for a device
10.nvunalias --> Unset an alias name
Note: You could set the default values for all the NVRAM variables by holding
the L1 + N Key continously while the Solaris machine boots up.
Solaris OE booting process
1. Bootprom Phase
2. Bootblock Phase
3. Kernel Initialization Phase
4. Init Phase
Init program reads the /etc/inittab file to find the default run level of Solaris.
A run level indicates a state of machine in which some / all of the services
would be running. You could find the run level of a Solaris machine by running
the following command:
# who -r

Note: All services are located under the directory /etc/init.d. All the services
located under the /etc/init.d directory have a hard link to /etc/rc#.d
directory, which # would be replaced with 2, 3 etc.
Some important commands:

1. init 5 – Shutdown & Poweroff
2. poweroff – Shutdown & Poweroff
3. init 0 – Brings the machine to the OK prompt
4. halt – Brings the machine to the OK prompt
5. init 6 – Reboots the machine
6. reboot – Reboots the machine
Note : Please use the “init” commands to perform shutdown operations
Note (2): You could use the following command to shutdown the machine:
# shutdown -y -g0 -i5
-y indicates the answer to the question “Do you want to shutdown is 'yes'.”
-g indicates that the grace time is zero seconds
-i5 indicates the run level to which the machine should be brought down is five.
If those options were not mentioned in the shutdown command, the following
would have occurred (default behaviour of the shutdown command):
• Ask for a confirmation

• Wait for One minute
• Brings the machine down to the single user mode
Scheduling a job:
1. Use of “at” command (one time job)
2. Use a cron file

Cron file format:
* * * * * <command to be executed>
Day of the week
Month
Day of the Month
Hours
Minutes
Note: In the “day of the week” Sunday is 0, Monday is 1, so on & so forth.
Backup & Recovery
Command to take a backup:
# ufsdump 0uf /dev/rmt/0n /export/home
Description: The above command would take a back up of the file system /
export/home to a tape in the drive /dev/rmt/0. The letter 'n' indicates that
the tape should not be rewound after the back up is done. The switches in the
ufsdump command denotes the following:
0 --> Zero level backup

u --> update the /etc/dumpdates file
f --> specify the device to which the back needs to be taken

Command to restore the backup:
# ufsrestore ivf /dev/rmt/0
i --> interactive restoration

v --> verbose mode
f --> specify the backup media
Note: Generally the backup is restored to the temporary directory /var/tmp

and then is moved to the actual location from there.
End of Solaris Admin Part I

Some Important Services and its associated daemons
Name of the Service Purpose / Daemons Started

/etc/rc2.d/S72inetsvc inetd
/etc/rc2.d/S71rpc rpcbind
/etc/rc2.d/S74syslog syslogd
/etc/rc2.d/S74autofs automountd
/etc/rcS.d/S30network.sh Sets the Ipv4 Interface
/etc/rcS.d/S30rootusr.sh Mounts the root file system
Configuring NFS
Step 1. Edit /etc/dfs/dfstab file to add an entry to share a file system. The
entry would be something like the one mentioned below:
share -F nfs /export/home
Step 2. Start and stop the NFS Service:
# /etc/init.d/nfs.server stop
# /etc/init.d/nfs.server start
step 3. Run the following command to see whether that filesystem has been
successfully shared or not:
# dfshares
step 4. On the client side run the following command:

# mount -F nfs <server_name>:/export/home /mnt
where /mnt is the local mount point.
Note : On the server side, the following files needs emphasis:

1. /etc/dfs/sharetab --> Contains all the filesystems that are currently
shared.
2. /etc/dfs/dfstab --> Contails all the filesystems that needs to be
shared during the booting process.
3. /etc/rmtab --> Contains information about the clients who are
accessing the shared resources.
Configuring AutoFS
• AutoFS works on the client side.
• It automatically mounts and unmounts the file systems on the NFS client on
a need basis.
• Eliminates the need to populate entries in the /etc/vfstab on the client side
to mount file systems (during booting) that are shared on a remote
machine.
Files (maps) associated with AutoFS Implementation:

1. /etc/auto_master --> Master Map
2. /etc/auto_home --> Indirect Map
3. /etc/auto_direct --> Direct map [Does not exist by default]
Sample entries from /etc/auto_master
/home auto_home
/- auto_direct

Sample entry from /etc/auto_direct
/mnt -o ro <server_name>:/usr/share/man
Sample entry from /etc/auto_home
smcnealy <server_name>:/export/home/smcnealy
Note: In /etc/auto_direct, the absolute path of the mount point and the
device to mount from the remote machine are mentioned; whereas in /
etc/auto_home, a relative path of the mount point and the device to mount
from the remote machine are mentioned. The mount point specified in the /
etc/auto_home file (read map) is relative to the path specified corresponding
to the Indirect map in the Master map (/etc/auto_master). Any change that is
made to the Master map (/etc/auto_master) and Direct map
(/etc/auto_direct) would require you to run the 'autmount' command. No
command needs to be executed for the changes in the /etc/auto_home
(indirect map) to take effect.
Implementing Role Based Access Control (RBAC)
A Tip -;
Most of the files associated with RBAC are located under the directory /etc/security
Checklist for implementing RBAC:

1. Create a profile --> Edit the file /etc/security/prof_attr
2. Associate the profile with a command --> Edit the file /
etc/security/exec_attr
3. Associate the profile with a role --> Use the 'roleadd' command to create a

role and associate the role with the profile

4. Associate the role with a user --> use the -R option of the
useradd/usermod command to associate the role with a user.
Note: - Role Based Access Control was introduced in Solaris 8 and is used to
break the conventional concept of 'All or None' philosophy. All versions of
Unix allows the root user to perform all kinds of tasks, whereas a simple user
is given no power at all. RBAC lets the Administrator create some roles which
would perform certain Administrative tasks. Then the role is assigned to a
simple user. Whenever that administrative task needs to be performed, the
simple user will login to his/her normal account and then would 'su' to his role
and finally perform the administrative job that he is authorized to perform.
The files updated when a roleadd command is executed are:
1. /etc/user_attr
2. /etc/passwd
3. /etc/shadow
Jumpstart Installation
Two entities that are required on a Jumpstart server are:
1. Operating System Image 2. Configuration files

a) class files
b) rules
c) check script
d) sysidcfg
e) /etc/ethers
OS from the media OS Image on the hard disk
f) /etc/hosts
CD/DVD

Copying the Solaris OS image from the media to the hard disk:
Step 1: Copy the CD 1 of 2 to the hard disk:
#./setup_install_server /export/home/install
Step 2: Copy the CD 2 of 2 to the hard disk:
#./add_to_install_server /export/home/install
Note:- The scripts mentioned in step 1 & step 2 could be located in the CD 1 of
2 and CD 2 of 2 of Solaris OE respectively. Step 1 and Step 2 would copy the
OS image from the media to a location /export/home/install in Jumpstart
Server.
Populate /etc/hosts & /etc/ethers file on Jumpstart Server with Client info:
#vi /etc/ethers
0:8:20:x:x:x sun1
#vi /etc/hosts
192.168.1.100 sun1
Note : 0:8:20:x:x:x is the Jumpstart Client's ethernet address

Note (2): sun1 is the proposed hostname of Jumpstart Client
Note (3): 192.168.1.100 is the proposed IP Address of Jumpstart Client
Create the following configuration files:

a) sysidcfg
b) class file (also known as a profile file and could be given any name)
c) rules
d) check script (checks the syntax of rules and the class file and creates rules.ok file)

syidcfg file
terminal=dtterm
system_locale=en_US
security_policy=NONE
name_service=NONE
network_interface=PRIMARY{protocol_ipv6=no netmask=255.255.255.0
default_route-127.0.0.1}
root_password=CYTukCsj8T7FY
timezone=Singapore
timeserver=localhost
“any_machine” file [class file]
install_type initial_install
system_type standalone
partitioning explicit
filesys c0t0d0s1 1024 swap
filesys c0t0d0s3 1024 /export/home
filesys c0t0d0s0 free /
filesys c0t0d0s4 100 /globaldevices
cluster SUNWCXall
The “rules” file
any - - any_machine -
Finish Script
Class File Name
Begin Script
Value
Key

Putting everything together:
Put all the configuration files (sysidcfg, rules, class file) in a directory, say /
export/home/config and run the 'check' script to check the syntax of the rules and
the class file. That would create a new file named rules.ok. The same is illustrated
below:
# cd /export/home/config
#ls
sysidcfg rules any_machine check
#./check
<Output omitted>
#pwd
/export/home/config
#ls
sysidcfg rules any_machine check rules.ok
For all the clients who would use the jumpstart server run the following script:
#./add_install_client -c jumpstart_server:/export/home/config -p \
jumpstart_server:/export/home/config client_name sun4u
Note (1): The script is located in the Solaris OS CD / OS image in the hard disk.
Note (2): Once this script is executed /etc/dfs/dfstab file would be populated with
an appropriate entry for the OS image. If this script was run from the OS in the
media, /etc/dfs/dfstab file would contain the entry for the CD-ROM. It this script
was run from the OS image on the hard disk, then an entry for the directory which
contains the OS image (say /export/home/install) will be added in /etc/dfs/dfstab.
Note (3). An entry for the directory which contains the Jumpstart configuration files
NEEDS TO BE ADDED MANUALLY.
On the Client Side:

Ok boot net – install

Flash Installation
Command to create a Flash:
# flarcreate -n “Test Archive For Solaris Notes” -a “torajeshr@netscape.net” \

-R / /var/tmp/Sol9-arch
Note : To perform a flash installation you need to trigger the installation either
using a media (CD-ROM /DVD) and then use the flash archive to continue
with the installation process or use the jumpstart server. In Jumpstart, the
only file that needs to be altered to perform a flash installation is the class file
(or profile file). A sample class file is included below:
install_type flash_install
archive_location nfs://server_ip/export/flarloc/js_archive
partitioning explicit
filesys c0t0d0s1 1024 swap
filesys c0t0d0s3 free /export/home
filesys c0t0d0s0 12288 /
filesys c0t0d0s4 100 /globaldevices
• server_ip is the IP address of the machine, which contains the flash archive.
• js_archive is the name of the archive that would be used during the
installation process.

Solaris Notes

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Solaris Notes

Uploaded by

Copyright:

Available Formats

Solaris™ OE Administration Notes

For Private Circulation Only

Solaris™ Operating System is Sun's Flavour of Unix®. Sun Microsystems Inc

Know Your Sun Box and OS

1) To find the Kernel version of the Solaris running on your machine:

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 1

Note (1): “top” is a command that comes in Solaris Companion CD.

9)To list the users that are created on your machine:

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 2

Directory Structure in Solaris OE

/etc /platform /kernel

/dev /devices /usr

• Root [ / ] : Root is at the top of the directory hierarchy in Solaris OE.

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 3

• /kernel : It contains all Kernel modules that are platform independent.

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 4

Soft Link Hard Link

What to do with a physical disk ?

Step 1. Attach the physical disk to the Sun Box.

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 5

• Partitioning of the hard disk

On Disk In Memory /etc/format.dat

Step 5: Add file system to the partitions:

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 6

Package & Patch Administration

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 7

1. patchadd – To add a patch

User & Group Administration

1. groupadd – To add a group

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 8

Commands @ the Forth Monitor (OK Prompt)

1. boot -r --> Reconfiguration booting

Solaris OE booting process

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 9

Some important commands:

# shutdown -y -g0 -i5

• Ask for a confirmation

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 10

Cron file format:

Day of the week

Day of the Month

Note: In the “day of the week” Sunday is 0, Monday is 1, so on & so forth.

Backup & Recovery

Command to take a backup:

# ufsdump 0uf /dev/rmt/0n /export/home

0 --> Zero level backup

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 11

Command to restore the backup:

# ufsrestore ivf /dev/rmt/0

i --> interactive restoration

Note: Generally the backup is restored to the temporary directory /var/tmp

End of Solaris Admin Part I

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 12

Some Important Services and its associated daemons

Name of the Service Purpose / Daemons Started

share -F nfs /export/home

Step 2. Start and stop the NFS Service:

step 4. On the client side run the following command:

Author: R Rajesh; Version: 1.0; Creation Date: Sep/03/2005 13

# mount -F nfs <server_name>:/export/home /mnt

where /mnt is the local mount point.

Note : On the server side, the following files needs emphasis:

Files (maps) associated with AutoFS Implementation:

Sample entries from /etc/auto_master