View
223
Download
0
Category
Preview:
Citation preview
7/30/2019 Solaris Admin
1/256
Solaris System Administration 1
INTRODUCTION
TOUNIX
7/30/2019 Solaris Admin
2/256
Solaris System Administration 2
Primarly influenced by Multics
First version of UNIX developed by Ken Thompson in 1969 on
DEC PDP for business, scientific and industrial users
Originally written in Assembly language for PDP-7
Transportability facilitated by Thompson in B Language
B modified by Richie as C Language
Thompson and others wrote Unix in C in 1980 to be able to port
on any computer
7/30/2019 Solaris Admin
3/256
Solaris System Administration 3
FEATURES OF UNIX
Multitasking
Multiuser
On line help
Communication and Electronic mail
7/30/2019 Solaris Admin
4/256
Solaris System Administration 4
FEATURES OF UNIX CONTINUES...
Available on micros, minis and mainframes
Hierarchical file system
Library of application software
7/30/2019 Solaris Admin
5/256
Solaris System Administration 5
SYSTEM CONCEPTS
7/30/2019 Solaris Admin
6/256
Solaris System Administration 6
UNIX
KERNEL
SHELL
APPLICATION SOFTWARE
Kernel
Shell
Applications
7/30/2019 Solaris Admin
7/256
Solaris System Administration 7
KERNEL is the heart of the UNIX operating system. It is nextto the hardware. It is responsible for scheluing tasks and
managing data storage
SHELL is the command interpreter. It is an interfacce between
the user and the kernel.
APPLICATION SOFTWARE are the specific capabilities
added on to the operating system
7/30/2019 Solaris Admin
8/256
Solaris System Administration 8
BOURNEprompt - ($)
-> DEFAULT SHELL
Cprompt - (%)
-> HAS SYNTAXSIMILAR TO C LANGUAGE
KORNprompt - ($)
-> BOURNE + ALIASING,HISTORY, ETC.
SHELLS
7/30/2019 Solaris Admin
9/256
Solaris System Administration 9
FILE SYSTEM STRUCTURE(Hierarchical Inverted-Tree Structure)
lib sbin bin
USR OPT
dsk tty
DEV ETC
ssa1 ssa2
home
EXPORT
genunix
KERNEL VAR
/ (ROOT)
7/30/2019 Solaris Admin
10/256
Solaris System Administration 10
COMMON TERMS USED
HOST
HOST NAME
IP ADDRESS
SERVER
CLIENT
NETWORK
DAEMON
MULTITASKING
MULTIUSER
DISTIBUTED PROCESSING
7/30/2019 Solaris Admin
11/256
Solaris System Administration 11
SYSTEM RUN LEVELS
Objectives :
Change Run Levels
Shutdown & Booting Commands
Reboot
7/30/2019 Solaris Admin
12/256
Solaris System Administration 12
Changing Run Levels
Init Command
e.g.
init 6
will reboot the System todefault run level
7/30/2019 Solaris Admin
13/256
Solaris System Administration 13
Boot Command
boot -[options]
devicenames cdrom
net
disk
Options -a for interactive boot
-s for booting to single
user
-r to reconfigure system
7/30/2019 Solaris Admin
14/256
Solaris System Administration 14
Shutdown Command
shutdown [-y] [-g seconds] (-init state)[message]
yes Grace period(60 sec) Init levels(0,1,5,6)
warning
e.g. shutdown -y -g 0 -I 0
will immediately shutdown the system to level 0
7/30/2019 Solaris Admin
15/256
Solaris System Administration 15
Other Boot/Reboot Commands
halt
poweroff
reboot
Not Recommended
7/30/2019 Solaris Admin
16/256
Solaris System Administration 16
OPEN BOOT PROM(OBP)
7/30/2019 Solaris Admin
17/256
Solaris System Administration 17
OPEN BOOT PROM
Resident firmware that provides basic hardwaretesting & initialization prior to booting.
It is used for testing & initializing systemhardware
determines the configuration
boots the operating system
provides interactive debugging facilities
7/30/2019 Solaris Admin
18/256
Solaris System Administration 18
SYSTEM
BOARD
BOOT
PROMCustom
Driver
ID - PROM
Third Party Sbus Card
Sbus
7/30/2019 Solaris Admin
19/256
Solaris System Administration 19
BOOT PROM VERSIONS
1.x (ORIGINAL SPARC BOOT PROM)
2.x (FIRST OPEN BOOT PROM)
3.x (OBP WITH DOWNLOADABLE FIRMWARE)
7/30/2019 Solaris Admin
20/256
Solaris System Administration 20
BASIC OBP COMMANDS
banner
boot help
printenv
setenv
set-defaults
devalias
probe scsi probe - scsi - all
probe - ide
reset
7/30/2019 Solaris Admin
21/256
Solaris System Administration 21
CHANGING DEFAULT BOOT - DEVICE
ok setenv boot - device = NET
ok reset
ok boot
7/30/2019 Solaris Admin
22/256
Solaris System Administration 22
CREATING CUSTOM DEVICE ALIASES
nvalias
nvunalias
7/30/2019 Solaris Admin
23/256
Solaris System Administration 23
EEPROM COMMAND
Lists eeprom settings
Changes need not be followed by
reset
7/30/2019 Solaris Admin
24/256
Solaris System Administration 24
STOP KEY
stop - a key sequence
puts system into obp command mode.
Use sync to synchronize file systems.
stop - n
starts/boots the system with default
values.
7/30/2019 Solaris Admin
25/256
Solaris System Administration 25
SOLARIS INSTALLATION
7/30/2019 Solaris Admin
26/256
Solaris System Administration 26
CDE Demos
CDE DT
BUILDER
CDE Man pages
SOFTWARE GROUPINGS
CDE
developer s/w
CDE
CONFIGURATION
CLUSTERS
SOFTWARE
CLUSTERS
PACKAGE
7/30/2019 Solaris Admin
27/256
Solaris System Administration 27
ENTIRE DISTRIBUTION
ENTIRE
DISTRIBUTIONPLUS OEM DRIVERS
DEVELOPER
END USER
CORE
O
P
T
I
O
NS
HARDWARE REQUIREMENTS
7/30/2019 Solaris Admin
28/256
Solaris System Administration 28
HARDWARE REQUIREMENTS
FOR SOLARIS 7 INSTALLATION
SPARC / INTEL SYSTEM
1.05 GB HDD SPACE
64 MB RAM
CD-ROM DRIVE or INSTALL SERVER
7/30/2019 Solaris Admin
29/256
Solaris System Administration 29
SYSTEM INFORMATION
HOST NAME
IP ADDRESS
NAME SERVICE SUBNET
GEOGRAPHIC LOCATION
TIME ZONE INFORMATION
ROOT PASSWORD
7/30/2019 Solaris Admin
30/256
Solaris System Administration 30
INSTALLATION TYPES
UPGRADE INITIAL
(F resh I nstal lation)I ni tial Precautions
Notify Users
Backup Files
Shutdown System
7/30/2019 Solaris Admin
31/256
Solaris System Administration 31
LOG OF INSTALLATION
/var/sadm/install_ data/install_log
7/30/2019 Solaris Admin
32/256
Solaris System Administration 32
SOLARIS BOOT PROCESS
7/30/2019 Solaris Admin
33/256
Solaris System Administration 33
PROM executes POST
Determines Boot device (eg. Disk,net,CD-ROM)
Reads Boot Block ( Sector 1- 15)
PROM loads Bootblk Program
Bootblk loads (ufsboot) program
ufsboot loads 32-bit/64-bit kernel
Loads kernel Modes
Reads \etc\system file
Kernel initialized and starts init process
Init process starts and run control scripts
BOOTS
PROM Phase
BOOT Programphase
Kernel
Initialization
phase
/sbin/init
phase
7/30/2019 Solaris Admin
34/256
Solaris System Administration 34
KERNEL
consists of a two piece static core (unix &genunix) and loadable modules.
LOADABLE MODULES
is a device driver which is loadedwhen device is accessed.
KERNEL STRUCTURE
7/30/2019 Solaris Admin
35/256
Solaris System Administration 35
KERNEL STRUCTUREResides in /platform/uname-m/kernel/unix
KERNEL
drv
Sched
exec
Strmod
fs
Sys
genunix
misc
/etc/system file
7/30/2019 Solaris Admin
36/256
Solaris System Administration 36
/etc/system file
moddir - modifies search path for kernel modules.
rootdev - determines alternate root device.
exclude - modules to be excluded even if referenced.
forceload - modules loaded forcibly at boot time.
Can be customized to change kernel configuration process
Overrides default value using variable = value
eg. set -pt-cnt =100
set npty = 100 - sets pseudo-ttys to 100.
Take backup before editing .
7/30/2019 Solaris Admin
37/256
Solaris System Administration 37
SYSTEM RUN LEVELS&
INITIALIZATION FILES
7/30/2019 Solaris Admin
38/256
Solaris System Administration 38
SYSTEM RUN LEVELS
0
PROM monitor Run level1 Single user mode
Used for performing Administrative tasks.
2
Multi-user mode (no resources shared).3 Multi-user mode (resources shared).
4 Not used.
5 Halt.
6 Reboot.
S,s Single user mode with user logins disabled.
7/30/2019 Solaris Admin
39/256
Solaris System Administration 39
/etc/inittab
S3 : 3 : wait : |sbin|rc3 >/dev/console 2 < > |dev|console
idrstate
actionCommand to execute
init process and /etc/inittab
7/30/2019 Solaris Admin
40/256
Solaris System Administration 40
init process and /etc/inittab
init process Set initdefault to level 3.
Run entries with sysinit in Action field.
Run entries with 3 in rstate field.
/etc/inittab
7/30/2019 Solaris Admin
41/256
Solaris System Administration 41
Contains scripts to start /stop
daemons/services.
Scripts starting with alphabet k.
Scripts starting with alphabet s starts
process/services eg. S71 inetinit
/etc/rc#.d
7/30/2019 Solaris Admin
42/256
Solaris System Administration 42
/etc/init.d
Contain run control scripts HARD
LINKED to start/ kill scripts in /etc/rc#.d
eg. Sendmail nfs.server etc
Services can be started/stopped in
running system eg. /etc/init.d/nfs.server start
7/30/2019 Solaris Admin
43/256
Solaris System Administration 43
DISK CONFIGURATION
&
PARTITIONING
7/30/2019 Solaris Admin
44/256
Solaris System Administration 44
LOGICAL DISK DEVICE NAMES
The /dev directory
The rdsk or dsk subdirectory
Controller number
Target number
Disk number
Slice number
/dev /[r] dsk /c n tn dn sn
VTOC - Volume Table Of Contents
7/30/2019 Solaris Admin
45/256
Solaris System Administration 45
VTOC - Volume Table Of Contents
Slice 0
Slice 1
Slice 2 VTOC (sector 0)
Disk Geometry - Describes the no. of heads , sectors andcylinders.
Partition Tables - Describes the slices on the disk.
Volume Names - Identifies the disk device (optionally assigned by the system
administrator.)
Slice Tags - name the standard mount points for each of the slices.
Slice Flags - Label whether each slice is writeable and mountable.
Displaying a Disks VTOC
7/30/2019 Solaris Admin
46/256
Solaris System Administration 46
Displaying a Disk s VTOC# prtvtoc /dev/rdsk/c0t0d0s0* /dev/rdsk/c0t0d0s0 partition map
** Dimensions* 5 12 bytes/sector* 80 sectors/track* 9 tracks/cylijnder* 720 sectors/cylinder* 2500 cylinders* 1151 accessible cylinders** Flags :* 1: unmountable* 10: readonly** First Sector Last
* Partition Tag Flags Sector Count Sector Mount Directory* 0 2 00 0 41040 41039 /* 1 3 01 41040 205200 246239* 2 5 00 0 828720 828719* 5 6 00 246240 20880 267119 /opt* 6 4 00 267120 561560 828719 /usr
PARTITIONING DISK
7/30/2019 Solaris Admin
47/256
Solaris System Administration 47
PARTITIONING DISK
partition> 0
Part Tag Flag Cylinders Size Blocks
0 root wm 0 - 41 14.77mb (42/0/0)
Enter Partition id tag[root] : Enter Partition Permission Flags[wm] :
Enter new starting cylinder[0] :
Enter Partition size[30132b, 42c, 14.77mb] : 16mb
Disk BlocksCylinders
Mbytes
Wh t M k P titi I t Fil S t
7/30/2019 Solaris Admin
48/256
Solaris System Administration 48
What Makes a Partition Into a File System
Super Block
Super Block
CPU Memory
Slice 6
Updated Every 30
seconds
Slice 1
Slice 0
Loaded into memory
at boot time
Super Blocks
(16 sectors)
Disk label
(1 sector)
Boot Blocks
(15 sectors)
7/30/2019 Solaris Admin
49/256
Solaris System Administration 49
Creating a New File System
# newfs /dev/rdsk /c0t1d0s0
newfs : construct a new file system /dev/rdsk/c0t1d0s0: (y.n) ? Y
/dev/rdsk/c0t1s0d0 : 28188 sectors in 87 cylinders of 9 tracks, 36
sectors
15.5MB in 3 cyl groups (16 c/g, 5.90MB/g, 2688 i/g )
super-blocks backups (for fsck -F ufs -o b= #) at :
32, 11632, 23232,
BACKGROUND STRUCTURES
7/30/2019 Solaris Admin
50/256
Solaris System Administration 50
BACKGROUND STRUCTURES
Created by
the newfs
command
VTOCBoot block
Super block
Backup Superblock
Cylinder group block
Inode table
Data block(s)
Backup super block
Cylinder group block
Inode table
Data block(s)
Backup Superblock
Cylinder group blockInode table
Super Block & Cylinder Group Block
7/30/2019 Solaris Admin
51/256
Solaris System Administration 51
Super Block & Cylinder Group BlockSuper Block Super Block clean flag. Number of cylinder groups
Number of data blocks. Number of fragments in data block. Size of data block. Size of a fragment. Number of tracks in a cylinder. Number of sectors in a track.
Number of sectors per cylinder. Number of cylinders in the partition.
Cylinder Group Block
Number of cylinders.
Number of data blocks.
Position of the last used data block. Number of free data blocks and their locations.
Position of the last used fragment.
Number of free fragments.
File inodes
7/30/2019 Solaris Admin
52/256
Solaris System Administration 52
File inodes
Permissions Links
and other Information
0
1
2
34
5
6
7
8910
11
12
13
inode Data blocks
Indirect blocks
2048 data
blocks
2048 datablocks
Indirect block
2048 addresses
Double indirect block
2048 addresses
7/30/2019 Solaris Admin
53/256
Solaris System Administration 53
FILE SYSTEMS STRUCTURE
7/30/2019 Solaris Admin
54/256
Solaris System Administration 54
FILE SYSTEM
Collection of files & directories used tostore & organize information
Collection of control structures & data
blocks of a partitionFile Systems
ufs hsfs pcfs NFS psuedo
Disk -basedNetwork based Cachefs etc.
Label0
7/30/2019 Solaris Admin
55/256
Solaris System Administration 55
Boot Block
Superblock
Backup superblock
Cylinder group block
Inode table
Data Blocks
Second Cylinder
group
First Cylinder
Group
1-15
16-31
32
47
7/30/2019 Solaris Admin
56/256
Solaris System Administration 56
CYLINDER GROUPS
Cylinder Group Blocks
Inode tables
Data blocks
7/30/2019 Solaris Admin
57/256
Solaris System Administration 57
Inodes
Direct Pointers
Indirect Pointers
single indirect
double indirect
triple indirect
7/30/2019 Solaris Admin
58/256
Solaris System Administration 58
The fsck utility
The fsck program is run when a system
boots
The fsck program runs in two modes :
Non-Interactive mode
interactive mode
7/30/2019 Solaris Admin
59/256
Solaris System Administration 59
checked by the fsck utility
Superblock summary information
cylinder group block
inode information
file system data block information
directory information
7/30/2019 Solaris Admin
60/256
Solaris System Administration 60
fsck Output The following is the fsck program when no inconsistencies
were discovered:# fsck /dev/rdsk/c0t3d0s7
**last mounted on /export/home
**Phase 1 - check blocks and sizes
**Phase2 - check pathnames
**Phase3 - check connectivity
**Phase4 - check Reference counts
**Phase5 - check Cyl groups2 files,9 used, 21606 free
7/30/2019 Solaris Admin
61/256
Solaris System Administration 61
MONITORING FILE SYSTEM
df du quota
df-k
capacity/usageof f i le system
display disk usage
du -a /usr
(in blocks)
disk usage by a user
quot [-af] f i lesystem
all f i lesystems and
no. of f i les
7/30/2019 Solaris Admin
62/256
7/30/2019 Solaris Admin
63/256
Solaris System Administration 63
ALTERNATIVE SUPERBLOCKS
If superblock is corrupted, run fsck to use a
backup superblock
Locate the backup superblock at offset 32 of
file system Use newfs -N to locate backup superblocks
7/30/2019 Solaris Admin
64/256
Solaris System Administration 64
MOUNTING FILES
The process by which separate file systems
are attached to the file-system hierarchy(file tree structure)
/etc/vfstab Manual mounting(from the command line)
7/30/2019 Solaris Admin
65/256
Solaris System Administration 65
EXAMPLE MOUNT COMMANDS
to mount a file system manually
# mount /dev/dsk/c0t3d0s7 /export/home
to enable UFS logging
# mount -o logging /dev/dsk/c0t3s6 /usr
to mount a file system with largefiles disabled
#mount -o nolargefiles /dev/dsk/c0t3d0s7 /export/home
to mount a file system using the content of the /etc/vfstabfile
#mount /export/home
/etc/vfstab file
7/30/2019 Solaris Admin
66/256
Solaris System Administration 66
/etc/vfstab file The /etc/vfstab virtual file system table provides default entries for mounting
file system at boot time. The format of the file is one record per line,seven
fields per record with a dash(-) indicating a null value for a field.#device device mount fs fsck mount mount#to mount to fsck point type pass at boot ops
#dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr ufs 1 yes -
/proc - /proc proc - no -
fd - /dev/fd fd - no -
swap - /tmp tmpfs - yes -
/dev/dsk/c0t3d0s0 /dev/rdsk/c0t3d0s0 / ufs 1 no -
/dev/dsk/c0t3dos6 /dev/rdsk/c0t3d0s6 /usr ufs 1 no logging
/dev/dsk/c0t3d0s3 /dev/rdsk/c0t3d0s3 /export ufs 5 yes logging/dev/dsk/c0t3d0s7 /dev/rdsk/c0t3d0s7 /export/home ufs 5 yes logging
/dev/dsk/c0t3d0s5 /dev/rdsk/c0t3d0s5 /opt ufs 8 yes logging
/dev/dsk/c0t3d0s1 - - - swap - no
-
mountall commands
7/30/2019 Solaris Admin
67/256
Solaris System Administration 67
mountall commands
mountall -l
Mounts all local filesystems
mountall -r
Mounts all remote filesystems
umountall commands
7/30/2019 Solaris Admin
68/256
Solaris System Administration 68
umountall commands
umountall -l
Unmounts all local filesystems
umountall -r
Unmounts all remote filesystems
MOUNTING DIFFERENT TYPES OF
7/30/2019 Solaris Admin
69/256
Solaris System Administration 69
FILESYSTEMS
Create a mount point
#mkdir /pcfs
specify the file system tape
# mount -F pcfs /dev/diskette /pcfs
#mount -F hsfs -o ro /dev/dsk/c0t6d0s0/cdrom
HOW FILE SYSTEM TYPE IS
7/30/2019 Solaris Admin
70/256
Solaris System Administration 70
HOW FILE SYSTEM TYPE IS
DETERMINED
/etc/vfstab file
/etc/default/fs and /etc/dfs/fstypes files
S C ACC SS
7/30/2019 Solaris Admin
71/256
Solaris System Administration 71
NFS CLIENT ACCESS
Using the dfshares and mount commands
determine NFS file system availability from a server
#dfshares sun
mount a remote resource
# mount -f nfs -o ro sun:/usr/share/man /usr/share/man
unmount a remote resource# umount /usr/share/man
7/30/2019 Solaris Admin
72/256
Solaris System Administration 72
BASIC UTILITIES
(EDITORS)
7/30/2019 Solaris Admin
73/256
Solaris System Administration 73
ed (Line Editor)
vi (Visual Editor)
7/30/2019 Solaris Admin
74/256
Solaris System Administration 74
PACKAGE ADMINISTRATION
7/30/2019 Solaris Admin
75/256
Solaris System Administration 75
Objectives
Information of Installed Packages
Adding New Packages
Deleting Packages
Checking Consistencies
Spooling Packages
7/30/2019 Solaris Admin
76/256
Solaris System Administration 76
PACKAGE CONTENTS
Description Of Package
Description Of Relationships To Target System e.g. Disk space requi red
Files To Be Installed
Pre & Post Installation Scripts
PACKAGE ADMINISTRATION
7/30/2019 Solaris Admin
77/256
Solaris System Administration 77
PACKAGE ADMINISTRATION
COMMANDS ADMINTOOL
pkginfopkgrm
pkgchk
pkgadd
PKGINFO
7/30/2019 Solaris Admin
78/256
Solaris System Administration 78
Display Software Package Information
Command Format
pkginfo [-d [device | pathname]] [-l] pkg_name
Device where
S/W resides
Displays
Detailed
Information
Name OfPackage
EXAMPLE
7/30/2019 Solaris Admin
79/256
Solaris System Administration 79
Application SUNWAxg Solaris XGL 3.3 AnswerBook
Solaris Documentation ServerSUNWab 2uSystem
b) Checking S/W packages on CD
Category System Name Name of Package
pkginfo -d /cdrom/cdrom0/s0/solaris_2.7/product |more
a) pkginfo | more
EXAMPLE
7/30/2019 Solaris Admin
80/256
Solaris System Administration 80
pkgrm
pkgrm
warns about possible packagedependencies
a shared file is removed only when last ofsharing package is removed
pkgadd
7/30/2019 Solaris Admin
81/256
Solaris System Administration 81
pkgadd
Checks Package & System Information
Verifies Package Requirements
Verifies Disk Space Requirements
Checks For Package Conflicts
Starts the Installation
Adds packages Spooling Packages
pkgadd -d package name
Stages in Package addition
PACKAGE SPOOLING
7/30/2019 Solaris Admin
82/256
Solaris System Administration 82
PACKAGE SPOOLING
Copying Package Without Installing it Package -d -s spool
Default Spool Directory is /var/spool/pkg
e.g. pkgadd -d /cdrom/cdrom0/s0/solaris_2.7/product
-s spool SUNWaudio
OR
pkgadd -d /cdrom/cdrom0/s0/solaris_2.7/product
-s /export/spool_dir SUNWaudio
PKGCHK
7/30/2019 Solaris Admin
83/256
Solaris System Administration 83
Compares various attributes & contents of package
pkgchk [ -p [path1] [path2] ]
e.g. pkgchk SUNWaudio
Important Files/Directories
7/30/2019 Solaris Admin
84/256
Solaris System Administration 84
/opt/pkgname - Preferred location for
unbundled Packages /opt/pkgname/bin
OR Preferred location for
/opt/bin executables/var/opt/pkgname
OR log files of packages
/etc/opt/pkgname /var/sadm/install/contents - package map of entire
system
7/30/2019 Solaris Admin
85/256
Solaris System Administration 85
PATCH ADMINISTRATION
OBJECTIVES
7/30/2019 Solaris Admin
86/256
Solaris System Administration 86
OBJECTIVES
Obtain Patch Information
Verify Current Patches Installed
Install Patches
Remove Patches
PATCH NUMBERING
7/30/2019 Solaris Admin
87/256
Solaris System Administration 87
www.sunsolve.com www.sun.com
metalab.unc.edu
PATCH DISTRIBUTION
WWW FTP Server CDROM
for SunServiceCustomer
(revision number)
1011945-34
PATCH FORMATS
7/30/2019 Solaris Admin
88/256
Solaris System Administration 88
PATCH FORMATS
zip Files (.z) compressed
tar
gzip files
# Extracted using
zcat path.z | tar xvf
# Extracted using
tar xvf
# Extracted using
gzip utility
(www.gzip.org)
IMPORTANT
7/30/2019 Solaris Admin
89/256
Solaris System Administration 89
Never modify/edit contents of files in
/var/sadm/patch
/var/sadm/patch has historical information of
patches installed on system.
PATCH VERIFICATION
7/30/2019 Solaris Admin
90/256
Solaris System Administration 90
PATCH VERIFICATION
showrev -p or patchadd -p
displays complete patch information like
incompatibles , packages etc.
PATCH REMOVAL
patchrm
7/30/2019 Solaris Admin
91/256
Solaris System Administration 91
USER ADMINISTRATION
OBJECTIVES
7/30/2019 Solaris Admin
92/256
Solaris System Administration 92
OBJECTIVES
Use admintool to create new groups & users
setup password aging/locking
useradd/usermod/userdel commands
ADMINTOOL
7/30/2019 Solaris Admin
93/256
Solaris System Administration 93
ADMINTOOL
GUI utility to maintain system databases
for
users groups
hosts
printers serial ports
software
useradd command
7/30/2019 Solaris Admin
94/256
Solaris System Administration 94
Creates new user account
new login remains locked until password
command is used
Options:
-comment e.g -c trainee
-d e.g -d /home/trainee -e e.g -e 10/6/99
-f e.g -f 10
-g e.g -g other
-u e.g -u 100
-s e.g -s /bin/sh
-o allows duplication of uid
usermod command
7/30/2019 Solaris Admin
95/256
Solaris System Administration 95
usermod command
Modifies a existing user account
e.g
usermod -g other -d /export/home/trainee -m -l guest trainee
group New directory
moves users directory
to new location
New loginname
userdel command
7/30/2019 Solaris Admin
96/256
Solaris System Administration 96
userdel command
Deletes user account
userdel [-r] login
removes users home directory
System initialization files for users
7/30/2019 Solaris Admin
97/256
Solaris System Administration 97
System initialization files for users
Initialization files contains a series of commands that are executed
when a shell is started
Customize the environment for that shell
Shell System(Read first)
User(Read second/third)
Template/etc/ skel
Bourne /etc/profile $HOME/.profile Local.profile
Korn /etc/profile $HOME/.profilethen$HOME/.login
Local.profile
C /etc/profile $HOME/ .cshrcthen $HOME/.login
Local.profile
dtprofile File
7/30/2019 Solaris Admin
98/256
Solaris System Administration 98
.dtprofile File
is used by CDE users
resides in users home directory
is created the first time a user logs in
/etc/profile Script
7/30/2019 Solaris Admin
99/256
Solaris System Administration 99
/etc/profile Script
exports environment variables
exports PATH
sets TERM
displays /etc/motd
sets default permissions checks for mail
/etc/skel directory
7/30/2019 Solaris Admin
100/256
Solaris System Administration 100
/etc/skel directory
skel
Local .profile.profile
Local .login
Local .cshrc
Rereading the initializing files
7/30/2019 Solaris Admin
101/256
Solaris System Administration 101
Rereading the initializing files
Bourne and korn shells
$ cd
$ . ./.profile$ . ./.kshrc
C shell
% source ~/.login
% source ~/.cshrc
7/30/2019 Solaris Admin
102/256
Solaris System Administration 102
SYSTEM SECURITY
OBJECTIVES
7/30/2019 Solaris Admin
103/256
Solaris System Administration 103
OBJECTIVES
Security Overview of files
Superuser Account
Effective user ids & group ids
Administrating File Ownerships
Monitoring System Access
SECURITY IN SOLARIS
7/30/2019 Solaris Admin
104/256
Solaris System Administration 104
SECURITY IN SOLARIS
Password authentication
File access permissions
ACLs
SECURITY FILES
7/30/2019 Solaris Admin
105/256
Solaris System Administration 105
SECURITY FILES
/etc/password
/etc/shadow
/etc/password
7/30/2019 Solaris Admin
106/256
Solaris System Administration 106
/etc/password
Contains entry for each system user
Contains the following information:
login ID username
x placeholder for password
UID number used by system to
recognize the user
GID number representing users
primary group
comment
home directory
login shell
/etc/shadow
7/30/2019 Solaris Admin
107/256
Solaris System Administration 107
Contains encrypted password
login ID password(Encrypted form)
lastchg - no. of days between last password change and 1 Jan
1970
min- minimum no of days between password change
max
warn
inactive
expire
/etc/group
7/30/2019 Solaris Admin
108/256
Solaris System Administration 108
/etc/group
Defines all system groups a user belongs to
fields :
groupname
password
GID
userlist
SUPERUSER ACCOUNT
7/30/2019 Solaris Admin
109/256
Solaris System Administration 109
SUPERUSER ACCOUNT
Performs administrative tasks shutting down system
backing up & restoring file systems
mounting & unmounting file resources
user management etc.
password aging should be enabled
password should be changed frequently
id command
7/30/2019 Solaris Admin
110/256
Solaris System Administration 110
id command
Identifies user
id -a
displays uid ; name ; gids of groups.
su command
7/30/2019 Solaris Admin
111/256
Solaris System Administration 111
su command
Used to change to other users A/C
su -
provides the environment of user
all su attempts are logged in /var/adm/sulog
Administrating File Ownership
7/30/2019 Solaris Admin
112/256
Solaris System Administration 112
Administrating File Ownership
chown chgrp
(changes file ownership) (changes group name of
file)
e.g. e.g.
chown user1 chgrp grp1 file1
or
chown -R dir1or
chown -R user:grp1 dir1
/etc/default directory
7/30/2019 Solaris Admin
113/256
Solaris System Administration 113
/etc/default directory
passwd login su
controls system-wide restricting logging su
password aging super user access attempts
variables: variables:
-MAXWEEKS -PASSREQ-MINWEEKS -CONSOLE
-PASSLENGTH
Monitoring System Access
7/30/2019 Solaris Admin
114/256
Solaris System Administration 114
who finger last sulog
who -u displays detailed login & logout /var/adm/suloguser a/c information information
7/30/2019 Solaris Admin
115/256
Solaris System Administration 115
PROCESS CONTROL
OBJECTIVES
7/30/2019 Solaris Admin
116/256
Solaris System Administration 116
ps command
kill command & options
pgrep & pkill
at / crontab commands
structure of crontab file & process scheduling
Process Status
7/30/2019 Solaris Admin
117/256
Solaris System Administration 117
Lists processes currently running on system
options -e :- information of all processes
-f :- full listing
-u :- processes of particular users
ps
The kill command
7/30/2019 Solaris Admin
118/256
Solaris System Administration 118
Command format
kill [-signal] PID(s)
Signals 44 signals
SIGTERM,signal 15,is default signal sent
Process termination# kill 1400
pgrep pkilldisplays process id kills the process
7/30/2019 Solaris Admin
119/256
Solaris System Administration 119
displays process id kills the process
of process matching pattern matching pattern
Usage
pgrep [-options] pattern
pkill [-options] pattern
Options-u :- matching UID
-f :- a regular expression
-t :- matching the terminal-G :- matching GID number
e.g pkill -U user1 mails
Process Manager
7/30/2019 Solaris Admin
120/256
Solaris System Administration 120
g
Tools( CDE option)
find process
proctool
at command
7/30/2019 Solaris Admin
121/256
Solaris System Administration 121
Executes a command or script at a specified time
/etc/cron.d/at.deny:-identifies users who cannot
use at command
USAGE:
at [-m] [-r job] time [date]
send mail removes a
to user previouslyon completion scheduled jobs
Running commands at specified time
7/30/2019 Solaris Admin
122/256
Solaris System Administration 122
Running commands at specified time
Displaying the crontab file :
crontab -l
using root crontab file
/etc/cron.d/logchecker
/usr/lib/newsyslog
controlling crontab access /etc/cron.d/cron.allow
/etc/cron.d/cron.deny
User access to CRON
7/30/2019 Solaris Admin
123/256
Solaris System Administration 123
By default the cron.deny file prohibits crontabuse from the following system users: daemon
bin
smtp nuucp
listen
nobody
noaccess
The cron.allow file does not exist by default
The crontab file format
7/30/2019 Solaris Admin
124/256
Solaris System Administration 124
The crontab file consists of entries with six fields in each
entry. The fields are separated by spaces or tabs.
10 3 * * 0 /usr/lib/newsyslog
The day of week field,values 0-6 .0 is sunday
The day of month field,values 1-31
The month field,values 1-12
The hour field,values between 0-23
The minute field,values between 0 and 59
The command field
How to edit a users crontab file
7/30/2019 Solaris Admin
125/256
Solaris System Administration 125
Set the editor variable to specify the editor to use
Edit the crontab file using crontab -e
View the current crontab file using crontab -l
7/30/2019 Solaris Admin
126/256
Solaris System Administration 126
ADVANCED FILE PERMISSIONS
FILE PERMISSIONS REVIEWED
7/30/2019 Solaris Admin
127/256
Solaris System Administration 127
The Octal Mode
Octal mode is based on the base eight numbering system(0-
7 are the available numerals).
Each permission has an octal value as follows:
Octal Values Permissions
4 Read
2 Write
1 Execute
The octal values for the permissions set are :
7/30/2019 Solaris Admin
128/256
Solaris System Administration 128
Octal Value Permissions
7 r w x6 r w -5 r - x4 r - -3 - w x2 - w -1 - - x
0 - - -
umask filter
7/30/2019 Solaris Admin
129/256
Solaris System Administration 129
Determine the default permissions for files
and directories
Assigns permissions during the creation ofnew files and directories
Displays your umask
$ umask
022
Enables users to set their own umask value
Changing the umask value In the current shell
7/30/2019 Solaris Admin
130/256
Solaris System Administration 130
$ umask 027
$ umask027
PERMANENTLY CHANGING umask
$ vi .profile
# @(#)local.profile 1.4 93/09/15 SMI
#
stty istrip
Path=.:/usr/bin:/usr/usb:/etc
export PATH
umask 027
ACCESS CONTROL LISTS(ACLS)
7/30/2019 Solaris Admin
131/256
Solaris System Administration 131
Provides greater control over file
permissions
Provides traditional UNIX file protection
and more
setfaclcommand
7/30/2019 Solaris Admin
132/256
Solaris System Administration 132
Syntax
setfacl [options] acl_entry filename1 [filename2...]
Options
-m Creates or modifies an ACL
-s Replaces the entire ACL with new ACL-d Deletes ACL entries
-r Recalculates ACL permissions
acl_entry Is an ACL entryfilename Is a file or directory which contains the
ACL entries
EXAMPLES
7/30/2019 Solaris Admin
133/256
Solaris System Administration 133
Adding read/write permissions for ssa20
$ setfacl -m user:ssa20:6 ch3.doc
Checking if a file has an ACL$ ls -l ch3.doc
-rwxr-----+ 1 william sysadmin 163 Nov 11 11:12
Deleting an ACL entry$ setfacl -d user:ssa20:6 ch3.doc
getfacl command
7/30/2019 Solaris Admin
134/256
Solaris System Administration 134
Used to verify that an ACL was set on the file
SYNTAX
getfacl [options] filename1 [filename2]
OPTIONS
-a displays the file name,owner,group, and
ACL entries for the specified file or directory
-d displays the file name,owner,group and
default ACL entries for the specified directory
setuid and setgid
7/30/2019 Solaris Admin
135/256
Solaris System Administration 135
These special permissions enable you to control the
modification of files and create shared directories executable programs
directories
setuid and setgid permissions
e.g.
$ ls -l /bin/passwd /etc/shadow
-r-sr-sr-x 3 root sys 99640 sep 1 1998 /bin/passwd
-r-------- 1 root sys 493 Apr 12 16:13 /etc/shadow
Using setuid and setgid permissions
7/30/2019 Solaris Admin
136/256
Solaris System Administration 136
Setting setuid and getuid permissions
numeric or symbolic notation
controlling modification of files
e.g.
#chmod 4755 setuid_program
#chmod 2755 setgid_program
creating shared directories#chmod g+s some-directory
The STICKY bit Determining the characteristics of a directory with set sticky bit
7/30/2019 Solaris Admin
137/256
Solaris System Administration 137
Determining the characteristics of a directory with set sticky bit
identifying sticky permission
$ ls -ld /var/tmp
drwxrwxrwxt 2 sys sys 512 may 26 11:02 /var/tmp
setting the sticky permission
# chmod 1777 project
# ls -ld project
drwxrwxrwxt 2 root other 512 nov 15 14:30 project
#chmod a=rwxt project
$ ls -ld projectdrwxrwxrwxt 2 root other 512 nov 15 4:30 project
7/30/2019 Solaris Admin
138/256
Solaris System Administration 138
DEVICE ADMINISTRATION
Logical device Name
7/30/2019 Solaris Admin
139/256
Solaris System Administration 139
Used by system administrator to reference
devices
These names are symbolically linked to
their corresponding physical device name
The logical names are located in the /devdirectory and are created at the time when
the physical names are created
SCSI h t d t
System boardt0
scsi ctlr
t1
scsi ctlr
t6
scsi ctlr
7/30/2019 Solaris Admin
140/256
Solaris System Administration 140
SCSI host adapter
c0
fas0
scsi ctlr
d0 d1 d2
s0
s1
s5
s6
s0
s6
/dev/dsk/c0t0d0s0
/dev/dsk/c0t0d0s1 /dev/dsk/c0t0d0s5
/dev/dsk/c0t0d0s6
/dev/dsk/c0t0d0s0
/dev/dsk/c0t0d0s6
DEVICE
NAMING
CONVENTIONS
/dev/[r]dsk/c# t# d# s#
7/30/2019 Solaris Admin
141/256
Solaris System Administration 141
Controller number
Target number
Logical unit number
Slice number
PHYSICAL DEVICE NAMES
7/30/2019 Solaris Admin
142/256
Solaris System Administration 142
Devices
psuedo
pci
PCI
fdthree se sddad
ide
Devices directory structure
Device Instances
7/30/2019 Solaris Admin
143/256
Solaris System Administration 143
Kernels abbreviation for a device
dmesg displays instance names
Instance disk is an abbreviation for the
physical device name
e.g. /dev/sd0 represents an instance of a HDD.
BSD NAMES
7/30/2019 Solaris Admin
144/256
Solaris System Administration 144
located in the /dev directory
used for backward compatibility
# ls -l /dev/sd0a
lrwxrwxrwx 1 root root 12 oct 20 16:05 /dev/sd0a dsk/c0t3d0s0
dmesg command
7/30/2019 Solaris Admin
145/256
Solaris System Administration 145
Identifies the devices connected to the system
uses instance names and physical device names
stores output in a buffer(get overwritten)
The /etc/path_to_inst fileThe following is from the /etc/path to inst file on an ultra 1 system using
7/30/2019 Solaris Admin
146/256
Solaris System Administration 146
The following is from the /etc/path_to_inst file on an ultra 1 system using
one SCSI controller :
/sbus@1f,0 0 sbus
/sbus@1f,0/espdma@e,84000 0 dma
/sbus@1f,0/espdma@e,84000/esp@e,88000 0 esp
/sbus@1f,0/espdma@e,84000/esp@e,88000/sd@3,0 3 sd
/sbus@1f,0/espdma@e,84000/esp@e,88000/sd@2,0 2 sd /sbus@1f,0/espdma@e,84000/esp@e,88000/sd@1,0 1 sd
/sbus@1f,0/espdma@e,84000/esp@e,88000/st@3,0 3 st
/sbus@1f,0/espdma@e,84000/esp@e,88000/st@5,0 5 st
/sbus@1f,0/espdma@e,84000/esp@e,88000/st@4,0 4 st
/sbus@1f,0/espdma@e,84000/esp@e,88000/st@1,0 1 stses
/sbus@1f,0/espdma@e,84000/esp@e,88000/ses@0,0 0
ses
7/30/2019 Solaris Admin
147/256
RECONFIGURING DEVICES
7/30/2019 Solaris Admin
148/256
Solaris System Administration 148
To add new devices
1. Create a /reconfigure file.
2. Set the SCSI target number.
3. Connect the new disk to the system.
4. Turn on the power.
5. Boot the system.
7/30/2019 Solaris Admin
149/256
Solaris System Administration 149
SOLARIS NETWORKING
IP ADDRESSING
7/30/2019 Solaris Admin
150/256
Solaris System Administration 150
Class A Class B Class C
very large networks large networks Small/Mid size Network
(upto 16 million) (upto 65000) (upto 254)
1-127 128-191 192-223
NETWORKING FILES
7/30/2019 Solaris Admin
151/256
Solaris System Administration 151
/etc/inet/hosts or /etc/hosts
/etc/nodename
/etc/hostname.hme0
/etc/inet/hosts
7/30/2019 Solaris Admin
152/256
Solaris System Administration 152
Stores ip addresses for host names
linked to /etc/hosts
network entry 127 is reserved for local host
network number
network entry with keyword loghostidentifies IP address of host
/etc/hostname.hme0
7/30/2019 Solaris Admin
153/256
Solaris System Administration 153
identifies ethernet interface to beconfigured at boot up
contains hostname or its ip address
/etc/nodename
contains system host name
REMOTE ACCESS
7/30/2019 Solaris Admin
154/256
Solaris System Administration 154
Files Commands
/etc/hosts.equiv$home/.rhosts
rlogin
rsh
rcp
/etc/hosts.equiv
7/30/2019 Solaris Admin
155/256
Solaris System Administration 155
Identifies remote machines as trusted hosts
does not exist by default
e.g.
$ cat /etc/hosts.equiv
hostname1 userlist
hostname2 userlist
$HOME/. rhosts
7/30/2019 Solaris Admin
156/256
Solaris System Administration 156
Does not exist by default
e.g$ cat $HOME/.rhosts
hostname1 -> all users of hostname1
hostname2 -> user1 of hostname2
rlogin
7/30/2019 Solaris Admin
157/256
Solaris System Administration 157
Logging in remotely
syntax :-
rlogin hostname [-l username]
Remote hostname
rsh
7/30/2019 Solaris Admin
158/256
Solaris System Administration 158
Running commands remotely
syntax :-
rsh [-l username] hostname
e.g.
rsh -l ssa1 venus ls - al /var/mail
rcp
7/30/2019 Solaris Admin
159/256
Solaris System Administration 159
Copying files across the network
rcp source-file hostname:destination file
7/30/2019 Solaris Admin
160/256
Solaris System Administration 160
NETWORK FILE SYSTEM&
MOUNTING
THE NFS FILE SYSTEM
7/30/2019 Solaris Admin
161/256
Solaris System Administration 161
Some benefits of NFS file system are :-
centralized files
common software
files appear to be local
NFS TERMINOLOGY
7/30/2019 Solaris Admin
162/256
Solaris System Administration 162
NFS SERVER -- An NFS file server designates
local file resources to be shared with other systems
on the network
NFS Client -- An NFS client machine mounts file
resources that are shared over a network and treats
the file systems if they were local
NFS server NFS ClientDaemons: Daemons:
mountd nfsd statd statd and lockd
7/30/2019 Solaris Admin
163/256
Solaris System Administration 163
mountd,nfsd,statd statd and lockd
and lockedFiles: Files:
/etc/dfs/dfstab /etc/vfstab and
/etc/dfs/sharetab /etc/mnttab
/etc/rmtab
Commands: Commands:
share,unshare, mount,umount,
shareall, mountall,
unshareall, umountall,
dfshares and dfmounts dfshares and dfmounts
7/30/2019 Solaris Admin
164/256
The /etc/dfstab file
7/30/2019 Solaris Admin
165/256
Solaris System Administration 165
The /etc/dfs/dfstab file is read when
the system enters run level 3
root executes the shareall command
the /etc/init.d/nfs.server script runs
THE SHARE COMMAND
7/30/2019 Solaris Admin
166/256
Solaris System Administration 166
SYNTAX
share [-F Fstype] [-o options] [-d description]pathname
OPTIONS ro
rw
root = client
ro = access - list
rw = access - list
unshare command
7/30/2019 Solaris Admin
167/256
Solaris System Administration 167
Command Format
unshare [ -F nfs ] pathname
Options
-F nfs
pathname
shareall and unshareall commands
7/30/2019 Solaris Admin
168/256
Solaris System Administration 168
Command format
shareall [-F nfs]
unshareall [-F nfs]
NFS File Server configuration
7/30/2019 Solaris Admin
169/256
Solaris System Administration 169
Edit the /etc/dfs/dfstab file.
Start the server daemons
verify the intended sharing
The dfshares command
7/30/2019 Solaris Admin
170/256
Solaris System Administration 170
Command formatdfshares [-F nfs] [ host]
Examples
#dfsharesresource server access transportvenus:/usr/share/man venus - -
#dfshares marsresource server access transportmars:/export mars - -
The dfmounts command
7/30/2019 Solaris Admin
171/256
Solaris System Administration 171
Command format
dfmounts [-F nfs]
Example
# dfmounts
Resource Server Pathname CLIENTS- venus /usr/share/man earth,pluto
The mount command
7/30/2019 Solaris Admin
172/256
Solaris System Administration 172
Command formatmount [ -F ][ -o options] server : pathname mount_point
Options
-F nfs
-o options
server : pathname
mount_point
#mount venus:/usr/share/man /usr/share/man
Entries in /etc/vfstab file
7/30/2019 Solaris Admin
173/256
Solaris System Administration 173
To mount remote file systems at boot
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
venus:/usr/man - /usr/man nfs - yes soft.bg
The NFS Client Setup
7/30/2019 Solaris Admin
174/256
Solaris System Administration 174
Displays resources currently available from server
mounts the desired resources
setups automatic mounting of the resources
unmounts the resource when it is no longer needed
7/30/2019 Solaris Admin
175/256
7/30/2019 Solaris Admin
176/256
Solaris System Administration 176
BACKUP & RESTORATION
7/30/2019 Solaris Admin
177/256
UFSDUMPTO.. Argument For Example
Do a full 0 option
7/30/2019 Solaris Admin
178/256
Solaris System Administration 178
Do a full
backup
0 optionufsdump 0ucf /dev/rmt/0 /
Do an incremental
backup1-9 option ufsdump 9ucf /dev/rmt/0 /
backup individual
files
Specify a file or a
directoryufsdump ucf /dev/rmt/0/export/home/kryton
Specify a cartidge
tape-c option ufsdump 9ucf /dev/rmt/0/export/home/
Backup local filesystem to a remote
system tape drive
Remote systemdump file ufsdump oucf pluto : /dev/rmt/0/export/home
7/30/2019 Solaris Admin
179/256
tar
tar & cpio
7/30/2019 Solaris Admin
180/256
Solaris System Administration 180
It copies files and directorie subtresss to a single tape
It is available on most UNIX operating systems
Public domain versions are readily available
It is not awrae of filesystems boundaries
The full path name length can not exceed 255 characters It does not copy empty directories or special files such as
device files
cpio It copies special files or filesystems those require multiple
7/30/2019 Solaris Admin
181/256
Solaris System Administration 181
It copies special files or filesystems those require multiple
tape volumes
It packs data onto tape more efficiently than tar
It skips over any bad sectors in atape while restoring
It provides options for writing files with different header
formats (tar, cdc, crc etc) for portability between different
system tapes
It creates multiple tape volumes
Copying All Files in Directory to a Tape (cpio)
The following example copies all the files in the directory
7/30/2019 Solaris Admin
182/256
Solaris System Administration 182
/export/home/kryten to the tape in the tape drive 0.
$ cd /export/home/kryten
$ ls | cpio -oc > /dev/rmt/0
8 blocks
$ cpio -civt < /dev/rmt/0drwxr-xr-x 2 kryten users 0 Jun 9 15:56 1998, letters
drwxr-xr-x 2 kryten users 0 Jun 9 15:56 1998, memos
drwxr-xr-x 2 kryten users 0 Jun 9 15:56 1998, reports
8 blocks$
How to Retrieve All Files From a Tape (cpio)
1. Change to the directory where you want to put the files.
2 Insert the tape into the tape drive
7/30/2019 Solaris Admin
183/256
Solaris System Administration 183
2. Insert the tape into the tape drive.
3. Copy all the files from the tape to the current directory using thecpio command.
$ cpio -icvd < /dev/rmt/n
- i Reads in the contents of the tape.- c specifies the cpio should read files in ASCII
character
- v Displays the files being retrieved in the format
similar to the output from the ls command.
- d Create directories as needed.< /dev/rmt/n Specifies the output file.
4. Verify the files copied by listing the contents of the current directory
7/30/2019 Solaris Admin
184/256
How to Retrieve Files From a Tape (tar)
1. Change to the directory where you want to put the files.
2 Insert the tape into the tape drive
7/30/2019 Solaris Admin
185/256
Solaris System Administration 185
2. Insert the tape into the tape drive.
3. Retrieve files from the tape using the tar command.$ tar xvf /dev/rmt/n [filename ...]
x Indicates that files should be extracted from the
specified archive file. All of the files on the tape in the
specified drive are copied to the current directory.
v Displays the name of each file as it is archived.
f /dev/rmt/n Indicates the tape device containing the
archive.
filename Specifies a file to retrieve.
4. Verify the files are copied by listing the contents of the currentdirectory.
$ ls -l
Retrieving Specified Files From theTape(cpio)
Th f ll i l t i ll th fil ith th ffi h t
7/30/2019 Solaris Admin
186/256
Solaris System Administration 186
The following example retrieves all the files with the suffix chapter
from the tape in drive 0.
$ cd /home/smith/book
$ cpio -icv *chapter < /dev/rmt/0
Boot.chapterDirectory.chapter
Install.chapter
Intro.chapter
31 blocks$ ls-l
7/30/2019 Solaris Admin
187/256
Device Naming
B k l (S OS 4 )
7/30/2019 Solaris Admin
188/256
Solaris System Administration 188
/dev/rmt/XAbn
Berkeley(Sun OS 4.x)
Compatibility
Optional No-rewind
n no-rewind omit for rewind
Optional Densityl lowm mediumh highu ultrac compressed
Drive0
1234n
Displaying Tape Drive Status
7/30/2019 Solaris Admin
189/256
Solaris System Administration 189
$ mt -f /dev/rmt/0 statusArchive QIC-150 tape drive:
sense key (0x0) = No Additional Sense residual=0 retries=0
file no =0 block no=0
$ mt -f /dev/rmt/1 status
Exabyte EXB-8200 8mm tape drive:sense key(0x0) = No Additional Sense residual=0 retries=0
file no =0 block no=0
Rewinding a Magnetic Tape Cartridge$ mt -f /dev/rmt/1 rewind
7/30/2019 Solaris Admin
190/256
7/30/2019 Solaris Admin
191/256
netstat
Shows network status
7/30/2019 Solaris Admin
192/256
Solaris System Administration 192
Syntax netstat [-i][-p][-r] -I interface -P protocol
Options
-i shows state of the interface. -p shows ARP tables
-r Routing tables or static routes
-I shows states of a particular interface
-P statistics of a particular protocol
snoop Used for capturing & inspecting network packets.
Can only be run by supervisor
7/30/2019 Solaris Admin
193/256
Solaris System Administration 193
Can only be run by supervisor.
Displays contents of highest level protocol
e.g. Examine Broadcast packets
# snoop broadcastUsing device -d (promiscous mode)
mach 1 -- 128.50.255.255 RUSERS C
mach 5 -- 128.50.255.255 RUSERS C -v verbose can be used for detailed information
7/30/2019 Solaris Admin
194/256
ping
7/30/2019 Solaris Admin
195/256
Solaris System Administration 195
Used to check network connectivity
Uses Icmp
Syntax :ping [-s] -I[internal] host
-s -- continuously sends data packets.
traceroute
7/30/2019 Solaris Admin
196/256
Solaris System Administration 196
Prints the route taken by ICMP packets to
reach a network host from another
Used to check fault on a network
Syntax :
#traceroute
7/30/2019 Solaris Admin
197/256
Solaris System Administration 197
LP PRINT SERVICES
PRINT SERVICE ARCHITECTURE
7/30/2019 Solaris Admin
198/256
Solaris System Administration 198
Client-server model Print server
Print client
Printing System Print service software
Sunsoft Print client software
Print filters Hardware
7/30/2019 Solaris Admin
199/256
LP PRINT SERVICE DIRECTORIES
Directory Contents
7/30/2019 Solaris Admin
200/256
Solaris System Administration 200
Directory Contents
/usr/bin The LP print service user commands.
/etc/lp LP server configuration files.
/usr/share/lib The terminfo database directory.
/usr/sbin The LP print service administrationcommands.
/usr/lib/lp LP daemons, directories for binary files,and PostScriptfilters.
/var/lp/logs LP daemon logs/var/spool/lp Spooling directory for pending requests.
7/30/2019 Solaris Admin
201/256
7/30/2019 Solaris Admin
202/256
PRINTING ENVIRONMENT
7/30/2019 Solaris Admin
203/256
Solaris System Administration 203
Local Printer
Remote Printer
FINDING THE PRINTER
7/30/2019 Solaris Admin
204/256
Solaris System Administration 204
Determining the printer name The command-line interface
The users PRINTER orLPDEST
environmental variables for a default printer
_defaultin $%HOME/.printer
_defaultin/etc/printer.conf
_defaultin a network name services database
lp/lprLpsched
schedules
i t t
LOCAL PRINT MODEL
7/30/2019 Solaris Admin
205/256
Solaris System Administration 205
PRINTERDOCUMENT
lpsched
Selects printer/var/spool/lp/requests/system
/var/spool/lp/tmp/system
Filter request
Interface Program
print request
REMOTE PRINTING
7/30/2019 Solaris Admin
206/256
Solaris System Administration 206
inetd In.lpd lpsched
Spool area
To printer
CONFIGURING PRINT SERVICES
7/30/2019 Solaris Admin
207/256
Solaris System Administration 207
Setting up the printer
Setting up the print server
Setting up the print client
PRINT SERVER REQUIREMENTS
7/30/2019 Solaris Admin
208/256
Solaris System Administration 208
Minimum of 20-25 Mbytes in spoolingdirectory.
At least 32 Mbytes of RAM.
Enough swap space to augment RAM and
support print services.
lp command
Command Name Description
7/30/2019 Solaris Admin
209/256
Solaris System Administration 209
lp Sends file to a printerlpstat Displays print service status
cancel Cancels print requests
lpadmin Performs various administration tasks
accept Enables queuing of print requestsreject Prevents queuing of further print requests
lpmove Moves print requests
enable Enables printer to print requests
disable Disables printer from printing requests
lpstat command
Used to display a users print queue
7/30/2019 Solaris Admin
210/256
Solaris System Administration 210
Syntax : lpstat [-options]
-a Reports whether print destinations are accepting requests.
-d Displays the name of the default printer.
-o Displays the status of all output requests on printers.
-p Displays the idle or busy status and availability of allprinters.
-s Determines what printers are configured for the system on
which you are working. -t Displays all status information, the combined output of all
other options, plus the list of queued print requests.
PRINTER ADMINISTRATIONCOMMANDS
Designating a default destination
7/30/2019 Solaris Admin
211/256
Solaris System Administration 211
Designating a default destination
# lpadmin -d sparky
# lpstat -d
system default destination: sparky
Setting a user default printer variable (Bourne shell)
$ LPDEST=spock; export LPDEST
Setting a user default printer variable (C Shell)
venus %setenv LPDEST spock
TROBLESHOOTING A PRINTER
Check the status of the queues.
7/30/2019 Solaris Admin
212/256
Solaris System Administration 212
$ lpstat -o
Stop and restart daemons.
# /etc/init.d/lp stop
# /etc/init.d/lp start
Print services started.
7/30/2019 Solaris Admin
213/256
Solaris System Administration 213
JUMPSTART
INSTALLATIONS
NETWORK INSTALLATION
Servers Required
7/30/2019 Solaris Admin
214/256
Solaris System Administration 214
Install Server
Boot Server
Name Server
INSTALL SERVER
Creating Install Server
7/30/2019 Solaris Admin
215/256
Solaris System Administration 215
Sun System with CD ROM as install Server
Mount CD ROM Drive
Run setup_install_server
eg ./setup_install_server /export/install
BOOT SERVER
Creating Boot Server
7/30/2019 Solaris Admin
216/256
Solaris System Administration 216
Sun System with CD ROM as Boot Server
Mount CD ROM Drive
Run setup_install_server -b
eg ./setup_install_server -b /export/install
Boot server is only required if the install server is on
another subnet
ADDING CLIENTS
add_install_client
7/30/2019 Solaris Admin
217/256
Solaris System Administration 217
-c server:jumpstart_dir_path
-s install_server:install_dir_path
-e ethernet address
-p server:sysidcfg_path
host_name
platform_group
TASKS
Create Jump start directory on the server
7/30/2019 Solaris Admin
218/256
Solaris System Administration 218
Enable all clients to access that directory
Creating Profiles
Creating a rules file
Using check to validate the rules file
Creating a jumpstart directory
Create Jump start directory on the server
7/30/2019 Solaris Admin
219/256
Solaris System Administration 219
eg mkdir /jmpstart
Share this directory
eg add share -F nfs -o ro,anon=0 /jmpstart in
/etc/dfs/dfstab file followed by unshareall and
shareall
Creating a jumpstart directory
Copy the contents of auto_install_sample
7/30/2019 Solaris Admin
220/256
Solaris System Administration 220
directory from Solaris CD into the jumpstart
directory
eg cp -r auto_install_sample/* /jmpstart
Accessing jumpstart directoryTwo ways of making client access the jumpstart
directory
7/30/2019 Solaris Admin
221/256
Solaris System Administration 221
y
Using -c option of add_install_client command
everytime system is added for network installation
Editing the bootparams file and updating the name
service if required
eg * install_config=server:jumpstart_dir_path
What is a profile?
Profile is a text file used as a template by the
7/30/2019 Solaris Admin
222/256
Solaris System Administration 222
custom jump start installation software
It defines how to install solaris software on a
system
It consists of one or more profile keywords and
their values
Requirements for profiles
The install_type profile keyword is required
7/30/2019 Solaris Admin
223/256
Solaris System Administration 223
Only one profile keyword can be on a line
Creating profile
Create a new file or edit one of the sample
7/30/2019 Solaris Admin
224/256
Solaris System Administration 224
profiles in the jumpstart directory
Profile keywords and their values are case
sensitive
profile should be owned by root and have
permissions equal to 644
Profile Examples
# Profile keywords profile values
7/30/2019 Solaris Admin
225/256
Solaris System Administration 225
install_type initial_install
system_type standalone
partitioning default
filesys any 60 swap
cluster SUNWCall
package SUNWman delete
Rules file
Rules file is a text file used to create the
7/30/2019 Solaris Admin
226/256
Solaris System Administration 226
rules.ok file
Rules file is a look-up table consisting of one
or more rules that define matches betweensystem attributes and profiles
Creating Rules file
Create a new file with name rules or edit the
7/30/2019 Solaris Admin
227/256
Solaris System Administration 227
existing rules file in jumpstart directory
Add a rule in the rules file for each group of
systems that need to be installed
The rules file must have at least one rule
Rule must have at least a rule keyword, a rule
value, and a corresponding profile
Syntax[!] rule_keyword rule_value [&& [!]
7/30/2019 Solaris Admin
228/256
Solaris System Administration 228
rule_keyword rule_value] begin profilefinish
! Symbol used to indicate negation
[] indicates an optional expression or field
rule_keyword - predefined keyword that
describes a general system attribute such as
host name or memory size
Syntax(Contd.) Rule_value- Value that provides the specific
7/30/2019 Solaris Admin
229/256
Solaris System Administration 229
system attribute for the corresponding rulekeyword
&& Symbol used to logically AND
begin - name of an optional bourne shell script
that can be executed before the installation
begins. If no begin script exists, enter a minus
sign(-) in this field
Syntax(Contd.) Profile- Name of text file used as a template
7/30/2019 Solaris Admin
230/256
Solaris System Administration 230
that defines how to install solaris on a system finish- Name of an optional bourne shell script
that can be executed after the installation
completes
Rule ExampleRule keyword and value begin script profile finish script
hostname noida-1 - prof1 -
7/30/2019 Solaris Admin
231/256
Solaris System Administration 231
memsize 16-32 && - prof2 -
arch sparc
any - genprof -
Rules file Rules file must have file name rules
7/30/2019 Solaris Admin
232/256
Solaris System Administration 232
Rules.ok file is a generated version of the rulesfile and is required by the jumpstart installation
software to match system to a profile
rule_value, begin and finish fields must have a
valid entry or a minus sign
Important rule keyword Hostname
7/30/2019 Solaris Admin
233/256
Solaris System Administration 233
karch
memsize
network
Check file Check script is used to validate the rule and
7/30/2019 Solaris Admin
234/256
Solaris System Administration 234
profile file. It does the following Checks the rule file for syntax
check the profile file for syntax
If no errors are found, check creates the rule.ok
file
./check -r file_name
Check file Check script is used to validate the rule and
7/30/2019 Solaris Admin
235/256
Solaris System Administration 235
profile file. It does the following Checks the rule file for syntax
check the profile file for syntax
If no errors are found, check creates the rule.ok
file
./check -r file_name
7/30/2019 Solaris Admin
236/256
Solaris System Administration 236
NIS+
What is NIS+? Network name service that stores information
7/30/2019 Solaris Admin
237/256
Solaris System Administration 237
such as workstation addresses, securityinformation, mail information, ethernet
interface information at a central location
where all workstations on a network can access
it
It uses client server model to store andaccess information
What is NIS+?
Each domain is supported by a set of servers
7/30/2019 Solaris Admin
238/256
Solaris System Administration 238
Prinicipal server is called the master server
Backup server is called replica server
Network information is stored in 16 standardNIS+ tables
Changes made to the NIS+ data on the master
server are automatically propagated to the replicas
Name Service Switch It controls how the client obtains network
7/30/2019 Solaris Admin
239/256
Solaris System Administration 239
information Switch is called nsswitch.conf and is stored
in the /etc directory
Nsswitch.conf file This file identifies a particular type of network
information, such as host, password and group,
7/30/2019 Solaris Admin
240/256
Solaris System Administration 240
, , p g p,
followed by one or more sources, such as NIS+
tabkes, dns or local /etc
This file is loaded in every workstations
/etc directory along with three template
versions viz nsswitch.nisplus, nsswitch.nis
and nsswitch.files
NIS+ Scripts Three NIS+ scripts are required to set up a
NIS+ namespace
7/30/2019 Solaris Admin
241/256
Solaris System Administration 241
p
nisserver
nispopulate
nisclient
7/30/2019 Solaris Admin
242/256
Solaris System Administration 242
Configuring NIS+
Setting up Root Servers Defaults used in root server
7/30/2019 Solaris Admin
243/256
Solaris System Administration 243
Security level 2(DES)
System information files(/etc) as the source of
name service information
admin.domainname is the default NIS+ group
Setting up Root Servers(Contd.) Set the superusers PATH variable to include
/usr/lib/nis
7/30/2019 Solaris Admin
244/256
Solaris System Administration 244
If using DES authentication, specify the diffie-
hellman key length eg nisauthconf dh640-0 des
Run nisserver to configure a root master server
nisserver -r -d nis_domainname
Populating NIS+ tables Check for no spurious entries in /etc files
7/30/2019 Solaris Admin
245/256
Solaris System Administration 245
Remove all dots and underscores in host names Better make copies of /etc files and populate
only the information you want to populate
Domain must have been configured and its
master server must be running
Run nispopulate -F -p /nis+files -d
domain_name
Setting up NIS+ Client Domain must have been configured and master
server must be running
7/30/2019 Solaris Admin
246/256
Solaris System Administration 246
Master server of the domains tables must be
populated
Log in as super user on the machine that is
going to become NIS client
Setting up NIS+ Client(Contd.) Specify the Diffie-Hellman key length
O h i h f h
7/30/2019 Solaris Admin
247/256
Solaris System Administration 247
On the master server type nisauthconf. Use theoutput of this as an argument to nisauthconf on
the client
Run nisclient on the client machine
nisclient -i -d domain_name -h root_server
7/30/2019 Solaris Admin
248/256
Initializing NIS+ Client Users Run the following command on the client
machine
7/30/2019 Solaris Admin
249/256
Solaris System Administration 249
nisclient -u
NIS+ Servers Client machines can be changed into NIS+
servers of the following types
7/30/2019 Solaris Admin
250/256
Solaris System Administration 250
Root Replicas- to contain copies of the NIS+
tables that reside on the root master server
To be master servers of subdomains of the root
domain
To be replicas of master servers of subdomains
of the root domain
NIS+ Servers Run the following command on the client
machine
7/30/2019 Solaris Admin
251/256
Solaris System Administration 251
rpc.nisd
Root Replica The domain must have been configured and its
master server must be running
7/30/2019 Solaris Admin
252/256
Solaris System Administration 252
The tables of master server must be populated
rpc.nisd must be started on the replica server
Log in as root on the root master server
Root Replica Run the following command on the root master
server
7/30/2019 Solaris Admin
253/256
Solaris System Administration 253
nisserver -R -d domain_name -h client_name
Creating Subdomain The parent domain must have already been
configured and its master server must be
7/30/2019 Solaris Admin
254/256
Solaris System Administration 254
running
The parents domains tables must be populated
New client machine must have been initialized
rpc.nisd must be running on the client
Log in as root on the parent master server
Creating Subdomain Run the following command on the master
server
7/30/2019 Solaris Admin
255/256
Solaris System Administration 255
nisserver -M -d new_domain -h client_name
where client_name is the name of the client
machine that will become the root domain
7/30/2019 Solaris Admin
256/256
Recommended