UNIX Solaris System & Network Administrator

Training Professional Training Professional CenterCenter

11

CourseCourse

UNIX Solaris System & UNIX Solaris System & Network Administrator Network Administrator

Instructor:Instructor: Suwit Suwit SaiphanSaiphan

วิ�ทยากรวิ�ทยากร:: สุวิ�ทย สุายพั นธ์สุวิ�ทย สุายพั นธ์


22

IntroductionIntroduction

Course Introduction Instructor & Trainer Assistance Attendees / Trainees

Expectations Course Goals and Contents


33

Instructor & Trainer AssistanceInstructor & Trainer Assistance

Suwit Saiphan - สุ�วิ�ทย์� สุาย์พั�นธ์� Unix System and Network Administration

(Solaris, Linux, FreeBSD) Microsoft Windows 2003

System Environment, Active Directory, Network Infrastructure

Cisco Network Fundamental Information Security Consultant

Trainer Assistance - ผู้��ช่�วิย์วิ�ทย์ากร


44

Attendees / TraineesAttendees / Trainees

First-Last Name Responsibilities Expectations


55

ExpectationsExpectations

Upgrade Linux Solaris Unix System Security Solaris Administration Gain Knowledge in Unix Customer Services


66

จุดประสุงค์ และค์วิามร��พั��นฐานจุดประสุงค์ และค์วิามร��พั��นฐาน หลั�กสุ�ตรน��เหมาะสุ�าหร�บ

Unix System Administrator (Solaris) ผู้��ท��สุนใจเก��ย์วิก�บระบบย์�น�กซ์�

ควิามร� �พั$�นฐาน Course: Fundamentals of Unix Solaris Course: Intermediate System Administration for Solaris OE Perform basic Unix tasks Understand basic Unix commands Use vi text editor Interact with a windowing system


77

เน��อหาของหล กสุ�ตรเน��อหาของหล กสุ�ตร

Day 1 – Installation Introduction to Solaris 10 System Concepts and Choosing Hardware

Solaris 10 Installation Initialization, OpenBoot PROM, and Run Levels


88

เน��อหาของหล กสุ�ตรเน��อหาของหล กสุ�ตร ((ต#อต#อ))

Day 2 – System Essentials Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts

Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling Process Management


99


Day 3 – Security System Security File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Kerberos and Pluggable Authentication


1010


Day 3,4 – Managing Devices Device and Resource Management Installing Disks and File Systems File System and Volume Management Backup and Recovery

Printer Management Pseudo File Systems and Virtual Memory System Logging, Accounting, and Tuning


1111


Day 4 – Networking Basic Networking DHCP and NTP Routing and Firewalls Remote Access Internet Layer (IPv6)


1212


Day 5 – Services, Directories, and Applications Network File System and Caching File System Sendmail Domain Name Service Network Information Service (NIS/NIS+) Lightweight Directory Access Protocol (LDAP) Samba Application Development and Debugging Web Applications and Services


1313


1414

Day1 - InstallationDay1 - Installation

Introduction to Solaris 10 System Concepts and Choosing Hardware



1515

HistoryHistory

AT&T Develop from Game Application AT&T Microsoft, Sun, IBM, HP The same core OS Sun – Free source code

Manual page $> man Editor vi (Visual Editor)


1616

Introduction to Solaris

UNIX Operating System Multiuser Multitasking Multithreading

Developed by Sun Microsystem System V (AT&T) Berkeley (BSD)

Operating Environment


1717


Solaris (Operating Environment) SunOS (Operating System)

Solaris 10 = SunOS 5.10 Solaris 9 = SunOS 5.9 Solaris 8 = SunOS 5.8


1818


Solaris 10 is to support: Database servers Message Queues XML Web Services J2EE application servers

Sun’s hardware solution based on UltraSPARCSupport for SMP more than 100 processors in

single server


1919


Sun’s innovations move from server to desktop Develop Java – Cross Platform support JVM

Write Once – Run Anywhere Promote free version of Solaris

SPARC and Intel


2020

Solaris InnovationsSolaris Innovations

Server Tools scalability, availability, security, integrity and manageability

Clustering Grids, Zones, and Resource Management Volume Management

RAID 0,1,5 and Mirror, Strip Live Upgrade System Management

SMC – System Management Console Tool Security Innovations

Kerberos Version 5 IPv6 and IPSec


2121

SPARC and IA System Admin DifferenceSPARC and IA System Admin Difference

CategoryCategory SPARCSPARC IAIASystem operation before kernel load

OpenBoot PROM BIOSSolaris Device Config AssistantMDB (Multiple Device Boot)

Booting system Command Option at PROM Command Option at MDB


2222


CategoryCategory SPARCSPARC IAIABoot Program bootblk (Pri. boot program)

ufsboot (Sec. boot program)load kernel

mboot (MBR)pboot (Solaris Partition boot program)

Bootblk (Pri. boot program)ufsboot (Sec. boot program)load kernel


2323


CategoryCategory SPARCSPARC IAIASystem Shutdown shutdown,init w/o

interventionshutdown,init w/ intervention

Disk Controller SCSI, IDE SCSI and IDE

Disk slice and partition Max. 8 slices (0-7) DiskMax. 4 fdisk partition

Sol fdisk 10 slices (0-9) but 0-7 store data

Diskette drive 3.5-inch diskette drive 3.5, 5.25-inch


2424

Solaris System Software EvolutionSolaris System Software Evolution

ReleaseRelease FeatureFeatureSolaris 1.0 (SunOS 4.x) Berkeley (BSD) Unix

Solaris 2.0 (SunOS 5.0) SVR4 (AT&T) and BSD

Solaris 2.1 (SunOS 5.1) Admin ToolsGUI, Print/Accout Manager,

Solaris 2.2 (SunOS 5.2) Vol ManagerCDROM

Solaris 2.3 (SunOS 5.3) VFS,Online Backup, PAM, PPP, CacheFS (NFS), NIS+

Solaris 2.4 (SunOS 5.4) Motif GUI (Installation)

Solaris 2.5 (SunOS 5.5) PAX,Soltice Admin Suite, Process Tool (/proc), Telnet client (4.4 BSD version), Improve rlogind, telnetd

Solaris 2.5.1 (SunOS 5.5.1) UserID,GroupID extend to max. sign integer

Solaris 2.6 (SunOS 5.6) Printing Software (NIS,NIS+), Large file support (UFS,NFS, CacheFS), NFS Kerberos use DES, RPC (GSS-API), Y2K compliance, WebNFS, JVM 1.1


2525

ReleaseRelease FeatureFeatureSolaris 7 (SunOS 5.7) 64bits (SPARC only), LDAP, Dynamic reconfiguration, AnswerBook2, Unicode,

RPC security, CDE (new tools)

Solaris 8 (SunOS 5.8) IPv6, Naming LDAP, Java2, Wizard (Installation), UDF (Universal Disk Format), DVD, Smart card, PDA, Multilanguage (90 locals,37 langs), XServer (X11R6.4), RBAC (Role-Based Access Control)

Solaris 8 (SunOS 5.8) (6/00) Mobile IP, Removable Media (DVD,Zip,Jaz,CDROM,diskette)

Solaris 8 (SunOS 5.8) (10/00) IP Multipathing with NICs, WBEM (Web-Based Enterprise Management, Print USB

Solaris 8 (SunOS 5.8) (1/01) LDAP+iPlanet WebServer, SMC 2.0 (RBAC), WBEB (init.wbem, update security, SMC Log viewer), USB (Sun Blade 100, 1000 and Sun Ray system)

Solaris 8 (SunOS 5.8) (4/01) New BIND, sendmail 8.10, IP multipathing with dynamic reconfiguration (DR), Mobile IP (reverse tunnel)

Solaris 8 (SunOS 5.8) (7/01) PPP 4.0 (async,sync comm., PAP, CHAP), NCA (Solaris Network Cache Accelerator), IP Multipathing (IPMP reboot safe)

Solaris 8 (SunOS 5.8) (10/01) DR 3.0 (Automated DR), USB (KB,Mouse,Printer,Audio)

Solaris 8 (SunOS 5.8) (2/02) RPC (Sun ONC+ async protocol)



2626

ReleaseRelease FeatureFeatureSolaris 9 (SunOS 5.9) Resource Manager (allocate resource), Fixed-priority (FX), Web Start Flash

Install (master,clone), Live Upgrade, New option (df, du, ls, 1K unit), pargs and preap (process debugging), NIS+ LDAP, Sun Internet FTP Server, sendmail 8.12, Improve NCA, IPMP (link-up-down), Mobile IP (advertise dynamic if), BIND 8.2.4, Solaris volume manager, SMC 2.1 (6 new tools), smpatch, Solaris Secure Shell, cdrw (Write CD)

Solaris 10 (SunOS 5.10) X86/X64, SPARC

Solaris Container – Grid Container (Isolate App, Service, Allocate resource, Increase resource utilization)

Solaris Secure Execution (File Integrity and Secure Execution, User&Process Right Management, IP Filter Firewall, Cyptographic Service/Secure, Enterprise Authentication – LDAP,PW,MD5,Kerberos,Smartcard)

Solaris Dynamic Tracing (easy to analyze, debug, optimize system, App in Realtime, Patch Management)

Solaris Predictive Self Healing (Auto diagnostic, isolate recovery from H/W, App fault)



2727


2828

Server PreparationServer Preparation

Enable 2 Solaris systems (By VMWare) Copy 2 VMs

Introduce VMWare with Solaris

Introduce to Windows System on Solaris CDE – Common Desktop Environment

JDS – Java Desktop System


2929

Desktop Resolution SettingDesktop Resolution Setting

1. Command Login prompt2. Login as root3. # kdmconfig4. Follow step

- Xsun/Xorg server- XF86 VMWare- MutipleFrequency 56kHz- 800x600 @16777777


3030


Define IP address and Hostname Open Text Editor # gedit vi command # vi

Command Mode ESC

Edit Mode Key ESC+i Insert after cursor Key ESC+a Append after cursor

Exit vi ESC :q! , ZZ

Save text ESC :wq!


3131


File /etc/hosts (Map IP – Hostname)Type 192.168.1.73 suwit001

File /etc/hostname.pcn0 (ก$าหนด IP ให� NIC)Type suwit001 (ก$าหนดให�ตรงก บไฟล /etc/hosts)

File /etc/nodename (hostname – login screen)Type suwit001 (ก$าหนดให�ตรงก บไฟล /etc/hosts)

Restart Machine# init 6 (reboot)

Or# shutdown –y –i6 –g0


3232

Solve warning ‘loghost’Solve warning ‘loghost’

File /etc/inet/ipnodes File /etc/inet/hosts /etc/hosts

127.0.0.1 localhost loghost xxx.yyy.zzz.aaa hostname


3333

Solve warning ‘sendmail’Solve warning ‘sendmail’

‘sendmail’ try to determine FQHN

(Fully-Qualified Host Name)

# /usr/sbin/check-hostname File /etc/inet/hosts /etc/hosts

127.0.0.1 localhost xxx.yyy.zzz.aaa hostname host.domain

File /etc/nsswitch.confhosts: file dnsipnodes: file dns


3434

Solve warning ‘sendmail’Solve warning ‘sendmail’

File /etc/defaultdomain mydomain.domain.domain


3535

System Concepts and Choosing HardwareSystem Concepts and Choosing Hardware

Key Concepts UNIX and the Kernel

Kernel Hierarchical file system, begins with root (/) System hardware devices logically on file system

The special file (/dev/pty, for pseudoterminals) Process based (Process ID = PID) Set of command-line utilities for text and numeric processing (cat, head,

tail, troff, col, tbl etc.) User processes are created (spawned) from shell

(Bourne Shell - sh) Multiple processes can be executed with & in background Multiple users can execute commands from pseudoterminals


3636



3737


Key Concepts The Shell

Bourne shell (sh) The original UNIX shell used to write all system scripts

Korn shell (ksh) Provides enhanced input/output features, including the print and read commands

C shell (csh) Offers a command syntax similar to the C programming language

Bourne Again shell (bash) An open source, much improved version of the Bourne shell

Z shell (zsh) A freely available Bourne-like shell with a focus on sophisticated scripting features


3838


Key Concepts The File System Multiuser, Multitasking, and Zoning Client/Server Networks Processes Naming Services Java 2 Enterprise Edition (J2EE) SPARC Hardware Supported Platforms Intel Hardware Devices Supported Under Solaris Intel


3939


Key Concepts The File System

cachefs The CacheFS cached file system hsfs The High Sierra file system nfs The Network File System (NFS) pcfs The MS-DOS file system tmpfs A file system that uses memory ufs The standard UNIX File System (UFS)

The default local file system type /etc/default/fsThe default remote file system type /etc/default/fstype

s


4040


Key Concepts Multiuser, Multitasking, and Zoning

Multiple users execute multiple application concurrently Multiple threads in single process SMP – Symmetric Multiprocessing Zone – Virtual instance work in resource management

framework

Client/Server Networks Remote Procedure Call (RPC) technology, NFS Remote Method Invocation (RMI) technology, Java

Networking and Distributed computing


4141


Key Concepts Processes

(PID with UID and GID) Signal

Naming Services (DNS, NIS, NIS+, LDAP)

Java 2 Enterprise Edition (J2EE) JVM Java Web Application


4242


Key Concepts SPARC Hardware

Scalable Processor ARChitecture (SPARC) High-speed buses, Fast I/O performance

UltraSPARC (workstation, server) PCI local bus, USB, SVGA


4343


Key Concepts Supported Platforms


4444


Key Concepts Intel Hardware Devices Supported Under Solaris Intel


4545


Examples System Components

Base unit (aka “pizza box”), which contains the motherboard, SCSI controller, and SBUS cards

Frame buffer or graphics card SCSI or IDE units connected by SCSI or IDE cables to the SCSI or IDE co

ntroller in the pizza box CD-ROM drive, internal or external (SCSI or IDE) DVD-ROM drive, internal on newer systems Speaker box and microphone, external Two serial ports (A and B) A parallel port A tape drive, internal or external (DDAT/DDS/QIC and so on) Mouse (mmechanical or infrared) and keyboard (type 4 or type 5)


4646


Examples Example Systems

Workstation Server


4747


Procedures System Configuration

# prtconf

Basic Networking Terminology /etc/hostname.hmen

where n is the interface number and

hme is the interface type


4848


Basic Networking Terminology Define multiple network interfaces

/etc/hostname.hmeNwhere N = interface number and

hme = interface type Assign different IP addresses to the same network interface. Hosti

ng “virtual” interfaces. /etc/hostname.hmeX:Ywhere X = physical device interface

Y = virtual interface number Define subnet mask for each of interfaces

/etc/netmasks


4949

Solaris 10 InstallationSolaris 10 Installation

Preinstallation Planning Disk Space Planning Device Names SPARC Preinstallation Intel Preinstallation


5050

Pre-InstallationPre-Installation

1. Host name(# uname –n, # hostname)

2. Protocol (IP) address(# ifconfig)

3. Name service type (LDAP, NIS, NIS+, DNS or non)

4. Subnet mask (/etc/netmasks file)

5. Geographic location and time zone (GMT+7)

6. Root password7. Language


5151

Method: Solaris 10 InstallationMethod: Solaris 10 Installation

Web Start Wizard JumpStart suninstall Live Upgrade


5252


Disk Partitions Disk Formatting and Virtual Memory The Boot Manager Web Start Wizard Installation


5353


Web Start Wizard Installation Configuration Network Support DHCP Server Hostname IP Address Netmask IPv6 Support Kerberos Server Name Services

DNS Server NIS/NIS+ Server LDAP Server


5454


Web Start Wizard Installation Router Time Zone and Locale Power Management Proxy Server 64-Bit Support Disk Selection and Layout Root Password Software Selection


5555

Solaris 10 InstallationSolaris 10 Installation Server Preparation

Add new 3 HDDs Enable BIOS to boot from CDROM first Insert Solaris 10 x86 Installation CD Power On

Installation Option: 1. Solaris Interactive Language: 0 Network DHCP Name Service DNS IPv6: No Kerbeos: No Domain Name: Yourname.com Server IP: 192.168.1.1


5656

Solaris OE Software GroupsSolaris OE Software Groups


5757

Create Virtual Machine via VMWareCreate Virtual Machine via VMWare


5858


Web Start Wizard Installation Network Installation suninstall Installation JumpStart


5959


JumpStart Boot Servers Installing Servers Boot Clients sysidcfg


6060


sysidcfg


6161


sysidcfg


6262

Post-Check after InstallationPost-Check after Installation

Software Package after installationFile /var/sadm/install/contents

View file contents# grep “showrev” /var/sadm/install/contents# more /var/sadm/install/contents# cat /var/sadm/install/contents

Patches & Updatehttp://www.sun.com Download Patch & Updatehttp://sunsolve.sun.com


6363


6464

Initialization, OpenBoot PROM, and Run LevelsInitialization, OpenBoot PROM, and Run Levels

OpenBoot (Stop-A) Boot the system, by using the boot command

ok> boot [cdrom|net]

Perform diagnostics on hardware devices by using the diag command ok> diag ok> probe-scsi-all ok> probe-ide

Test network connectivity by using the watch-net command Help

ok> help


6565

Executing Boot PROM Commands Executing Boot PROM Commands


6666

OpenBoot Architecture StandardOpenBoot Architecture Standard

Test and initialize system h/w Determine the system h/w configuration Boot the operating environment Provide an interactive interface for configuration

testing and debugging Enable the use of 3rd device

# /usr/platform/’uname –m’/sbin/prtdiag –vcheck version of OpenBoot


6767

OpenBoot Architecture StandardOpenBoot Architecture Standard

1.X SPARC system

2.X The first Openboot PROM

3.X UltraSPARC

4.X 64-bits UltraSPARC

5.X Sun Enterprise 3500-3800 etc.


6868

Introducing Boot PROM Fundamentals Introducing Boot PROM Fundamentals


6969

POST = Power On Self TestPOST = Power On Self Test

Probes the memory and then the CPU Probes bus device, interprets their devices, and build a device tree Install console

* After boot PROM initialize the system, the banner displays on the console

Controlling the POST PhaseStop+D = switch to diagnostic mode (diag-switch? Is set to true)Stop+N = Clear to the default valuesStop+A =


7070


/sbin/init


7171


/sbin/init


7272

The The initinit phase phase


7373

The /etc/inittab fileThe /etc/inittab file

id:rstate:action:processid:rstate:action:process


7474

The The initinit process process


7575


7676

Solaris OE Run LevelSolaris OE Run Level

# who -r


7777

Solaris OE Run LevelSolaris OE Run Level

0 = System is running the PROM monitorS,s = Single-user mode with critical file system mounted and

accessible1 = Single-user administrative state with access to all

available file system2 = The system is support multi-user,Multiple users can

access the system, All system daemon are running except for the NFS server

3 = The default run level in the /etc/inittab file (multi-user operation) and has NFS resource sharing)

4 = Not implemented5 = The Solaris is shutdown and sytem (h/w) is power-off6 = The Solaris is shutdown and reboot


7878

Identifying the Phases of the Boot ProcessIdentifying the Phases of the Boot Process Boot PROM phase

PROM runs POST boot Locates boot-device boot Reads bootblk boot Loads bootblk

Boot Program Phase bootblk Loads Secondary Boot Program (ufsboot) ufsboot Loads kernel 32-bit or 64-bit kernel

kernel = genunix / unix

The kernel Initialization Phase kernel Reads Configuration File /etc/system kernel Initializes itself and Load Modules


7979

The kernel initialization PhaseThe kernel initialization Phase

Module subdirectories in /kernel drv = device drivers exec = Executable file formats fs = File system types, for example, ufs, nfs and proc misc = Miscellaneous modules (virtual swap) sched = scheduling classes (process execution scheduling) strmod = Stream modules (generalized connection between users

and device driver) sys = System calls (defined interfaces for application to use)

/kernel/drv contains all of the device drivers that are use system boot

/usr/kernel/drv used for all other device drivers


8080

Kernel and Modules Loaded In MemoryKernel and Modules Loaded In Memory


8181

The /etc/system file can explicitly controlThe /etc/system file can explicitly control

The search path for default kernel modules to be loaded at boot time

The root file system type and device The modules that are excluded from loading

automatically at boot time The modules to be forcibly loaded a boot time,

rather than a first access The new values to override the default


8282

Starting Up SystemsStarting Up Systems

Run Control Scripts /sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 and /sbin/rc6 /sbin/rcS

Finding Run Level for System who -r


8383


Run Control Script Form

S,K[0-9][a-z][A-Z] S = Start script K = Stop script

S10webserver S20dbserver

/etc/rc3.d S10webserver S20dbserver


8484

Writing Run Control ScriptWriting Run Control Script


8585

Run Control ScriptRun Control Script /etc/init.d

script1 script2 script3

/etc/rc1.d K10xxxx /etc/init.d/script1 K20yyyy /etc/init.d/script2

/etc/rc3.d S10xxxx /etc/init.d/script1 S20yyyy /etc/init.d/script2

Run RC script$> /etc/init.d/script1 [start | stop]$> /etc/rc#.d/S10xxxx [start | stop]$> /etc/rc#.d/K10xxxx [start | stop]


8686

Check hard links between 2 filesCheck hard links between 2 files

Inode # Inode #


8787

Run Control ScriptRun Control Script

Initialize, Booting# /sbin/rc# /etc/rc#.d/* start

# /sbin/rc3 /etc/rc3.d/K##xxxx start# /sbin/rc3 /etc/rc3.d/K##yyyy start# /sbin/rc3 /etc/rc3.d/K##zzzz start# /sbin/rc3 /etc/rc3.d/S##xxxx start# /sbin/rc3 /etc/rc3.d/S##yyyy start# /sbin/rc3 /etc/rc3.d/S##zzzz start


8888

Step of starting up systemStep of starting up system

Boot PROM check hardware (SPARC) Intel x86 (BIOS)

Bootblk Kernel initialize system init Init /sbin/rc# /etc/rc#

Start script /etc/init.d เก&บ Scripts ท��เป็(นมาตรฐานในการใช่�งาน /sbin/rc# จะร�น Scripts ใน /etc/rc#.d/


8989


Change Run Level Become root / superuser # telinit [run level] (Recommend) # init [run level]

Shutdown shutdown –y –g [period] –i [run level] [message] # shutdown –y –g 30 –i 6 “System will shutdown”


9090


Booting Protocols SPARC Platform (OpenBoot PROM)

bootblk ufsboot kernel init

IA Platform (PC BIOS) mboot (Master Boot Record) pboot (Partition boot program) bootblk ufsboot kernel init


9191


Booting System Turn off system power because of power outage Change kernel parameters in /etc/system Perform system maintenance, backup or restore

system data Repair system configuration file /etc/system Changing pseudo device parameters in /etc/system Add or remove hardware from system Boot kernel debugger to track down system problem


9292


View Boot Message /var/adm/messages

Crash Dump & Reboot system halt –d (save in swap file system) /tmp dumpadm (configure crash dump) savecore (/var/crash/hostname)

Boot System for Recovery Purpose SPARC IA


9393


Boot System for Recovery Purpose Boot from Solaris 10 Installation CD SPARC

Press Stop-A ok> boot cdrom

IA Screen selection mode

b –s # mount /dev/dsk/c0d0s0 /a # cd /a/etc # vi passwd (in case of user recorvery) # vi shadow (in case of password recovery)


9494


Search text in file grep “search string” filename # grep “Aug 22 13:56” /var/adm/message # grep –i “Aug 22 13:56” /var/adm/message egrep

Create file with zero byte # cat > filename

Type content Ctrl-C

# touch filename # vi filename (save and exit)


9595

Check boot configurationCheck boot configuration

# cd /usr/platform/i86pc# eeprom


9696

Shutting down SystemShutting down System

Recommendation /usr/sbin/shutdown /etc/telinit and /sbin/init

Not recommendation /usr/sbin/halt /usr/sbin/reboot /usr/sbin/uadmin 2 0


9797


9898

Review Day1Review Day1

Introduction to Solaris 10 System Concepts and Choosing Hardware



9999


100100

Day 2 – System EssentialsDay 2 – System Essentials

Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts



101101

Introducing the Solaris OE Directory Introducing the Solaris OE Directory HierarchyHierarchy

Introducing / (root) Subdirectories


102102

Important System DirectoriesImportant System Directories /bin – Symbolic link to /usr/bin (binary files of standard

system command) /dev – Primary directory for logical device names - soft link

point to device files in /devices /cua – Dialup device - modem /dsk – Block disk device /fbs – Frame buffer device /fd – File descriptors (fd0=stdin, fd1=stdout, fd2=stderr) /md – Logical volumn management metadisk devices /pts – Pseudo disk devices /rdsk – Raw disk devices /mnt – Tape device /sound – Audio device /term – Serial devices

/devices – Primary directory for physical device name


103103

Important System DirectoriesImportant System Directories

/etc – Host specific configuration file, database file /acct – Configuration info accounting /cron.d – Configuration cron utility /default– Default info for various program /inet – Network services /init.d – Script for changing between run levels /lib – Dynamic linking libraries /lp – Printer subsystem /mail – mail subsystem (sendmail – free) /nfs – NFS server logging /opt – Optional packages /rc#.d – Script enter/leave specific run level number /skel – Default shell initialization files for new user accounts


104104

Important System DirectoriesImportant System Directories

/export – Default community shared file user account /home – Default directory or mount point for

user’s home directory when AutoFS is running /kernel – Platform-independent loadable kernel modules /mnt – Temporary mount point for file systems

(mount /dev/dsk/cdrom /a) /opt – Add-on application packages /platform – Platform-dependent loadable kernel modules /sbin – Essential executable files /tmp – Temporary directory, cleaned when boot /usr – Programs, applications, scripts


105105

Important System DirectoriesImportant System Directories /usr – Contain program, scripts and libraries used by users

usr = UNIX System Resources /bin – Standard system commands /ccs – Compilation programs and libs /demo – Demo program and data /dt – Common Desktop Environment (CDE) software /includes – Header files C program /java – Java program and lib /kernel – Platform-independent loadable kernel module that are not

generally required /lib – Various program lib, bin /opt – Configuration file for program /sbin – System command /spool – Symbolic link to /var/spool directory

/var – Temporary, Logging, Status Files


106106

Introducing File ComponentsIntroducing File Components

File Name - Name of file Inode Number - Owner, permission, size Data Blocks - Data


107107

Identify File TypesIdentify File Types

Regular files Directories Symbolic links – Soft links Device files

Block-special device file Character-special device file


108108

Regular Files / DirectoriesRegular Files / Directories


109109

Symbolic LinksSymbolic Links


110110

Device files – Block/Character-special device filesDevice files – Block/Character-special device files


111111

Regular FilesRegular Files

File1 Inode 1282 Data Block


112112

Regular FilesRegular Files


113113

DirectoriesDirectories

dir1 Inode 4221 Data Block

File1 = Inode 1282


114114

DirectoriesDirectories


115115

Symbolic LinksSymbolic Links


116116

Device FilesDevice Files


117117

Device Files ExampleDevice Files Example


118118

Introducing Introducing Hard LinksHard Links


119119

Creating new Hard LinksCreating new Hard Links


120120

Create and Remove - Soft and Hard LinksCreate and Remove - Soft and Hard Links

Character-special devices = raw devicesBlock-special devices = block device

# ln –s file1 link1 soft link # ln file1 file2 hard link # ls –l # ls –li inum = 1282 # find . –inum 1282 # rm file1


121121

Comparison Soft – Hard LinkComparison Soft – Hard Link

Soft Link Hard Link Differ inode Same inode # ln –s file1 link1 # ln file1 file2 rm file1, link2 can’t use rm file1, file2 exists Files, Directories File only, same FS

** Size link1 = No of char path name number of link


122122


123123

Managing Local Disk DevicesManaging Local Disk Devices

Physical disk structureComponents of a Disk

Data organization on disk platters Disk Platter Component

Sector = 512 bytes (Disk Block) Track = Sector + Sector Cylinder = Track + Track


124124

Data organization on disk platters - SectorData organization on disk platters - Sector


125125

Data organization on disk platters - TrackData organization on disk platters - Track


126126

Data organization on disk platters - CylinderData organization on disk platters - Cylinder


127127

Manage Disk DeviceManage Disk Device

Disk Slices Disk Division Disk Slices

Partitions on a disk Grouping of cylinders

Slice0 – Root system file (/ [root]) Slice1 – Swap Slice2 – Entire disk, Don’t Touch Slice5 – Optional software (/opt) Slice6 - /usr file system Slice7 – User data files (/export/home)


128128

Disk Division/SlicesDisk Division/Slices


129129

Disk SlicesDisk Slices


130130

Disk Slice Naming ConventionsDisk Slice Naming Conventions


131131

Disk Slice Name SCSI ConfigurationDisk Slice Name SCSI Configuration

Small Computer System Interface = SCSI

Disk Number = Logical Unit Name (LUN)


132132

Disk Slice Name IDE ConfigurationDisk Slice Name IDE Configuration

Integrated Drive Electronics (IDE)


133133

Check Solaris ReleaseCheck Solaris Release

# cat /etc/release


134134

Introducing Solaris OE Device Naming Convent.Introducing Solaris OE Device Naming Convent.

Logical device names


135135


Physical device names - The /devices Directory structure


136136


Instance namesdadn (direct access device)

Where n = 0 or 1,2,3…

sdn (scsi disk)

where n = 0 or 1,2,3…

st (tape device)


137137

Listing a System's DevicesListing a System's Devices

Listing a System's Devices The /etc/path_to_inst file The prtconf command The format command

Check instance nameprtconf = print configuration# prtconf | more# prtconf | grep –v ‘not’ | more


138138

Reconfiguring DevicesReconfiguring Devices

Reconfiguring Devices Performing a reconfiguration boot Using the devfsadm command

# devfsadm

Performing a reconfiguration boot Create file /reconfigure (0 byte)

# touch /reconfigure # init 5

Cleanup that remove unreferenced# devfsadm –C


139139

Partitioning the Hard DiskPartitioning the Hard Disk


140140

Partitioning the Hard Disk – Wasted SpacePartitioning the Hard Disk – Wasted Space


141141

Partitioning the Hard Disk – OverlappingPartitioning the Hard Disk – Overlapping


142142

Introducing disk partition tableIntroducing disk partition table


143143

Using the Using the formatformat command command Partitioning a disk Partitioning a disk


144144



145145



146146



147147



148148



149149



150150



151151



152152



153153

Saving a partition table to the Saving a partition table to the /etc/format.dat/etc/format.dat file file


154154

Using the customized partition tableUsing the customized partition table


155155

Using the customized partition tableUsing the customized partition table

format > verify


156156

Setting up Disk SlicesSetting up Disk Slices

SliceSlice File systemFile system DescriptionDescription Client/ServerClient/Server

0 root Hold files and directories that make OS Both

1 swap Provide virtual memory or swap space Both

2 backup Refer to the entire disk, by format command Both

3 - Up to design Both

4 - Up to design Both

5 /opt Hold App software added to the system Both

6 /usrHold OS command, run by users, document, system program

Both

7 /export/home Hold home folder from remote system Both

8 -Contain the boot slice info at the beginning of Solaris partition – enable boot from HDD

Both

9 -Provide area reserved for alternative disk block. Alternative sector slice.

Both


157157

Partitioning the Hard DiskPartitioning the Hard Disk

VTOC = Volume table of content

Reading a disk VTOC# prtvtoc /dev/rdsk/c1t0d0s2# prtvtoc /dev/rdsk/c1t0d0s2 > /vtoc/c1t0d0

Populate / Update VTOC to harddisk# fmthard –s /vtoc/c1t0d0 /dev/rdsk/c#t#d#s2

Caution: The fmthard command cannot write a disk label on the unlabeled disk.Use the format utility for this purpose


158158

Format Partion TableFormat Partion Table

# newfs /dev/rdsk/c2t0d0s7

Automatic mount at boot# mkdir /export/software# gedit /etc/vfstab

# init 6

Check auto-mounting# df –h# cd /export/software

/dev/dsk/c2t0d0s7 /dev/rdsk/c2t0d0s7 /export/software ufs yes 1 -


159159

Automatic mount at bootAutomatic mount at boot

Field ‘fsck pass’ = 1 Ensure sequential fsck checking= 2 Do not ensure sequential fsck checking


160160

Adding new HarddiskAdding new Harddisk

Mount on booting Edit in file /etc/vfstab


161161


162162

Managing the Solaris OE File SystemManaging the Solaris OE File System

Disk-based file systems ufs = unix file system (Berkeley fast file system) hsfs = high sierra file system (CD-ROM) pcfs = PC file system (DOS, FAT32) udfs = universal disk format file system (Optical

storage DVD, CD-ROM)


163163


Distributed file systems nfs = network file system, allows users to share file

Pseudo file systems tmpfs = temporary file system (/tmp), created and

destroyed every time the system is reboot swapfs = swap file system is used by kernel to

manage swap space on disk fdfs = file descriptor file system /dev/fd/0, /dev/fd/1

#/dev/fd/0 = stdin = < 0<#/dev/fd/1 = stdout = > 1>#/dev/fd/2 = stderr 2>#/dev/fd/3 = file name

procfs = process file system contains a list of active processes in /proc such as #ps

mntfs = mount file system provides read-only info from kernel


164164



165165



166166

Create a New UFS file systemCreate a New UFS file system

Disk label VTOC

Boot Block The bootstrap program (bootblk) resides in the 15 disk sector

(Sector 1-15), Only the / (root) file system has an active boot block.

Primary Superblock (Sector 16-31) The number of data blocks The number of cylinder groups The size of a data block and fragment A description of the h/w, derived from the label The name of the mount point File system state flag: clean, stable, active, logging or unknown


167167


Backup Superblock (Sector 32) The replication protects the critical data in the superblock

Cylinder group blocks The number of Inodes The number of data blocks in the cylinder group The number of directories Free blocks, free inodes, and free fragments in the cylinder

group The free block map The used inode map


168168


The ufs inode The type of file and the access mode The UID and GID The size of the file The link count The time the file was last accessed and modified and the inode

change The total number of data block used by or allocated to the file Two types of pointer direct pointers and indirect pointers


169169

InodesInodes

Twelve-8 bytes = 96 bytes


170170

Data Block and fragmentationData Block and fragmentation

1kbyte * 8 = 8196 bytes


171171

Using the newfs commandUsing the newfs command

# newfs /dev/rdsk/c1t3d0s0

Newfs: construct a new file system/dev/rdsk/c1t3d0s0 : (y/n)? Y

This process also creates a lost+found directory for ufs file system,which is directory that is used by the file system check andrepair (fsck command) utility (1-10% of disk space)

# newfs –m %free /dev/rdsk/c1t3d0s0# newfs –m 20 /dev/rdsk/c1t3d0s0

# fstype –v /dev/rdsk/c0t0d0s0 | head -10 check % of lost+found dir.# tunefs –m 1 /dev/rdsk/c1t3d0s0Minimum percentage of free space change from 10% to 1%


172172

Checking the File system by Using fsck commandChecking the File system by Using fsck command


173173

Checking the File system by using Checking the File system by using fsckfsck command command

Data Inconsistencies checked by fsck command


174174

Checking the File system by Using fsck commandChecking the File system by Using fsck command

Caution: Never run the fsck command on a mounted file system,/ (root), /usr and /var if need run on single mode (# init 0)

Checking the File system

# fsck –y /dev/rdsk/c0t0d0s0

# fsck –y /export/home mount point

# fsck –o f,p /dev/rdsk/c0t0d0s5

where f = forces a file system check state of regardless mark clean flag

p = Check and fix file system


175175

Checking the data consistency of File systemChecking the data consistency of File system

# fsck /dev/rdsk/c0d1s0

Finding whether need to checking /dev/rdsk/c0d1s0 /export/data # umount /export/data # fsck –m /dev/rdsk/c0d1s0 If need, init S or s # fsck /dev/rdsk/c0d1s0 # man fsck


176176

Become single user mode – To use fsck commandBecome single user mode – To use fsck command


177177

Resolve File System InconsistenciesResolve File System Inconsistencies Reconnecting an allocated unreferenced file Adjusting a link counter Salvaging the free list Using backup superblocks

Error Message:- Cannot mount file system name- Device name is not the fstype- Cannot mount /dev/dsk/c0t0d0s7

# fsck –o b=32 /dev/rdsk/c1t3d0s0

# newfs –N /dev/rdsk/c0t0d0s7where N = To view the file system parameter that you use to create a new file system without


178178

Resolve File System InconsistenciesResolve File System Inconsistencies


179179

Resolve File System InconsistenciesResolve File System Inconsistencies


180180

Monitoring File System UseMonitoring File System Use

Using the df command Using the du command Using the quot command Using the SMC usage tool


181181

Monitoring File System Use - Monitoring File System Use - dfdf

dfdf

display the number of free disk block-a = report on all file system

-b = print the total number of Kbytes free

-e = print only the number of file

-k = display disk allocation in Kbytes

-h = acts like –k (14K, 234M etc)

-l = report on local file system only

# df –k

# df –h


182182

Monitoring File System UseMonitoring File System Use - - dudu

dudu

display the number of disk block used by directory and file, each disk block consist of 512 bytes-k display disk use in Kbytes

-s display only the summary in 512 bytes block

-a display the number of block used all files

# du –k

# du –ak /opt

# du –sk /opt


183183

Monitoring File System Use - Monitoring File System Use - quotquot

quotquot

display how much disk space in Kbytes, is being use by users-a = report on all mountd file system

-f = includes the number of files

# quot –af

# quot –f /dev/dsk/c1t0d0s5


184184

Monitoring File System Use - Monitoring File System Use - quotquot


185185

Working with Mounting FundamentalsWorking with Mounting Fundamentals

Virtual file system table: /etc/vfstab

The /etc/vfstab file lists all the file system to be automatically mounted at system boot time, with the exception of the /etc/mnttab and /var/run file system

# more /etc/vfstab

# more /etc/mnttab


186186

Clear passwdClear passwd # sync # init 0 Insert Solaris Installation CD ok> boot cdrom –s # EDITOR=vi # TERM=sun # export EDITOR TERM # mount /dev/dsk/c0t0d0s0 /a # vi /a/etc/passwd # vi /a/etc/shadow # pwcov

Stop+A = OK prompt

sync commandท�าการเขี�ย์นขี�อม�ลัจาก NVRAM HDDUnix boot from NVRAM

Export Global Assigned Variable# echo $TERM


187187

Performing Mounts - optionsPerforming Mounts - options

# mount /dev/dsk/c0t0d0s7 /export/home

read/write = r/w are allowed on the file systemsetuid = Permit the execution of setuid program in the file systemintr/nointr = Allow and forbid keyboard interupts to kill a process that is

waiting for an operation on locked file systemnologging = indicate that logging is not enabled for the ufs file systemlargefile = allow for the creation of file larger than 2GBxattr = supports extended attributes not found in std unixnoatime = Suppress the time-last-access modification on inodesonerror = action (panic, lock, mount)

- panic = causes a forced system shutdown, this is the default- lock = applies a file system lock to the file system- umount = forcibly unmount the file system


188188

Performing MountsPerforming Mounts

Automatic read from /etc/vfstab# mount /export/home

# mount –o ro /dev/dsk/c0t0d0s6 /usr# mount –o ro,nosuid /dev/dsk/c0t0d0s7 /export/home# mount –o noatime /dev/dsk/c0t0d0s7 /export/home# mount –o nolargefile /dev/dsk/c0t0d0s7 /export/home# mount –o logging /dev/dsk/c0t0d0s7 /export/home# mountall mount at /etc/vfstab file# mountall -l


189189

Performing MountsPerforming Mounts

Mounting a new file system

# mkdir /database

# mount /dev/dsk/c1t4d0s0 /database

# mount

check to determine if the file system is mounted

# vi /etc/vfstab

add line entry for the new file system /dev/dsk/c1t4d0s0 /dev/rdsk/c1t4d0s0 /database ufs 1 yes logging


190190

File System TypeFile System Type

# cat /etc/default/fs (LOCAL=ufs)# cat /etc/dfs/fstypes the first line entry in fstypes determines the

default remote file system type

Using the fstyp command# fstyp /dev/rdsk/c0t0d0s7

Specifying a hsfs file system type# mount –F hsfs –o ro /dev/dsk/c0t6d0s0 /cdrom

Specifying a pcfs file system type# mkdir /pcfs# mount –F pcfs /dev/diskette /pcfs


191191

Performing UnmountPerforming Unmount

# umount /export/home /etc/vfstab# umount /dev/dsk/c0t0d0s7

# umountall# umountall –l

Error MessageUmount: file system name busy- A program is accessing a file or dir in file system- A user is accessing a file or dir- A program has a file open- The file is being share


192192

Fuser CommandFuser Command

List all of the process that are accessing and kill them if necessary

# umount –f command Force the umount of a file system

# fuser –cu mount_point# fuser –ck mount_point

Send SIGKILL to each process# fuser –c mount_point# umount mount_point

Using the umount –f command# umount –f mount_point


193193

Repairing Important file if boot FailsRepairing Important file if boot Fails

1. Insert Solaris Installation CD2. Press Stop-A3. ok boot cdrom –s4. # fsck /dev/rdsk/c0t0d0s05. # mount /dev/dsk/c0t0d0s0 /a6. # TERM=sun7. # EDITOR=vi8. # export TERM EDITOR9. # vi /a/etc/vfstab

:wq!10. # cd /11. # umount /a12. # init 6 (reboot)


194194

Access DevicesAccess Devices

Accessing file system on a diskette

/floppy/floppy0

# volcheck

If the vold daemon detects that the diskette contains a file system the vold daemon mount the device to the /floppy mount point

If the vold daemon detects that the diskette does not contains a file system the vold daemon mount the device to the /vol/dev/aliases mount point


195195

Directory LocationDirectory Location

First diskette drive /floppy/floppy0

First CD-ROM or DVD /cdrom/cdrom0

First Jazz Drive /rmdisk/jaz0

First Zip Drive /rmdrive/zip0

First PCMCIA /pcmem0

First USB/FlashDrive == /dev/???/uhci0


196196

Directory LocationDirectory Location

List the path for mounted device that do not contain file system /vol/dev/aliases/floppy0, cdrom0, jaz0, zip0, pcmem0

Volume Configuration file /etc/vold.conf /etc/rmmount.conf

removable media mounter that is executed by the volume manager daemon

Stopping Volume Management # /etc/init.d/volmgt stop

Starting Volume Management # /etc/init.d/volmgt start


197197

Troubleshooting Troubleshooting voldvold problem problem

If a CDROM fails to eject from the drive, as the root user attempt to stop volume management. If this is unsuccessful kill the vold daemon

# /etc/init.d/volmgt stop

# pkill -9 vold

# /etc/init.d/volmgt start

# eject cdrom


198198

Review - Day 2Review - Day 2

Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts


199199


200200

Day 3Day 3


System Security File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Kerberos and Pluggable Authentication


201201


202202

Performing Solaris OE Package AdministrationPerforming Solaris OE Package Administration

Introducing the Fundamentals of Package Administration Software packages The /var/sadm/install/contents file

Freeware URL http://sunfreeware.com


203203

Performing Solaris OE Package AdministrationPerforming Solaris OE Package Administration

Administering Packages From the Command Line Displaying information about installed software

packages Displaying information for all packages Displaying information for a specific package Displaying information for software packages

Adding a software package Checking a package installation Removing a software package Adding packages by using a spool directory Reviewing package administration


204204

Package InstallationPackage Installation

Web Start Wizard Insert CDROM package # cd /cdrom/cdrom0 # ./installer Select desire to install

Command Line # pkginfo [Package Name] check if exist. # pkgrm [Package Name] remove package # pkgadd –d [datastream, Path] [Package Name]

install package


205205


APP - FW

OS

H/W

Hacker

Scanport

Core

Core Firewall


206206


View the name of the cluster configuration# grep METACLUSTER /var/sadm/system/admin/.clustertoc

Determine which cluster configuration

has been installed on the system

# cat /var/sadm/system/admin/CLUSTER


207207

Solaris Product RegistrySolaris Product Registry

# prodreg GUI

- View software package installed in system

- Add/Remove software package


208208

The pkginfo CommandThe pkginfo Command

# pkginfo | more

# pkginfo –l | more

# pkginfo –l SUNWman

# pkginfo | wc –l How many packages are installed

# pkginfo –d /cdrom/cdrom0/Solaris_10/Packages | more

# cd /cdrom/cdrom0/Solaris_10/Packages

# ls –l Check package name

# pkgadd –d . SUNWns6m add packages


209209

The pkginfo CommandThe pkginfo Command


210210

Check Package Installation AccuracyCheck Package Installation Accuracy

# pkgchk SUNWns6m check packages# pkgchk –v SUNWns6m# pkgchk –p /etc/shadow

To determine if the contents and attributes of a file have change since it was installed with its s/w package

# pkgchk –l –p /usr/bin/showrev-l option list information about selected file that make up a package


211211



212212



213213

The pkgadd / pkgrm CommandThe pkgadd / pkgrm Command

# cd /cdrom/cdrom0/Solaris_10/Packages

# ls –l Check package name

# pkgadd –d [path] [packageName]

# pkgadd –d . SUNWns6m add packages

# pkginfo –l | more

# pkgrm SUNWns6m remove a s/w package


214214

Spooling Packages and Remove PackagesSpooling Packages and Remove Packages

Adding Package by using a Spool Directory/var/spool/pkg

# pkgadd –d /cdrom/cdrom0/Solaris_10/Packages –s spool SUNWns6m

Transferring <SUNWns6m> package instance

# ls -al /var/spool/pkg

# pkgrm –s spool SUNWns6m remove from spool

# pkgadd –d /cdrom/cdrom0/Solaris_10/Packages –s /export/pkg SUNWns6m# pkgrm –s /export/pkg SUNWns6m


215215

Workshop: Package InstallationWorkshop: Package Installation

Enable FTP server Enable root access FTP server

Edit /etc/ftpd/ftpusers #root comment out

Transfer file Open browser: ftp://192.168.9.57 Login FTP user/password Copy files to local host


216216


Uncompress packages # gunzip [package] # gunzip top-3.6-xxxx

Install package # file filename check file type # pkgadd –d [datastream, package] # pkgadd –d top-3.6-xxxx

Following the steps of package installation


217217


Top – Process Monitor Utility


218218


Top – Process Monitor Utility


219219

Enable ‘root’ to remote loginEnable ‘root’ to remote login

# gedit /etc/default/login #CONSOLE=/dev/console Comment out

Enable / Change Language – localization – locale

# gedit /etc/default/init

LANG=C Default English POSIX©

** Comment out others #LC_*


220220

Transfer file from FTP serverTransfer file from FTP server


221221

Remote login via XwindowRemote login via Xwindow

Logout to login-screen Click ‘Option’ Select ‘Remote Login’ Select ‘Host Name/IP address’ Select ‘Choose from List’


222222


223223

Managing Software Patches on the Solaris OEManaging Software Patches on the Solaris OE

Preparing for Patch Administration Introducing Solaris OE patches

Type of Patches Signed / Unsigned – Digital Signature

Accessing patch documents Checking patch levels Obtaining patches Preparing patches for installation

Patch contents


224224

Managing Software Patches on the Solaris OEManaging Software Patches on the Solaris OE

Installing and Removing Patches Installing a patch Removing a patch Installing patch clusters


225225

Managing Software Patches on Solaris OEManaging Software Patches on Solaris OE

http://sunsolve.sun.com Recommend Cluster Patch

Checking Patch Levels# showrev –p# patchadd –p

# ls /var/sadm/patch


226226

Managing Software Patches on Solaris OEManaging Software Patches on Solaris OE

Preparing Patches for installation# cd /var/tmp# /usr/bin/unzip 10500-01.zip

Installing patches one by one# cd /var/tmp# patchadd 10500-01

Removing patches# patchrm 10500-01

Installing cluster patches# mkdir /tmp/cluster# cd /tmp/cluster# gunzip 10_x86_Recommended.zip# ./install_cluster


227227


228228

Live UpgradeLive Upgrade

Separate boot environment (BE) Install new OE files to alternative location System need to be rebooted only once If new boot environment fails, the old will take

action System layout and configuration can be different

from existing Allow to fine-tune the existing configuration


229229

Live UpgradeLive Upgrade


230230

Live UpdateLive Update

1. Update patch of LiveUpgrade ** From Installation CD/DVD2. Add HDD for new BE3. Become to runlevel 1 (Single User Mode)# init 1

or# /etc/telinit 1

# lu Live Upgrade Application


231231


232232

Visual Display Editor (vi)Visual Display Editor (vi)

3 Modes Command Mode Edit Mode Last line Mode

Command Mode

EditModeLast line

Mode

:

Escหร�อ Auto switch

a,i,o,A,I,O

Esc

:q = quit from vi:w = save to file:q! = force to quit (save?):w! = force write (read only?)


233233

Text-Processing UtilitiesText-Processing Utilities Operation

> Redirects standard output to file >> Appends standard output to file < Redirects file contents to standard input << Appends file contents to standard input # echo “This is Redirection 1” > /tmp/output.txt # echo “This is Redirection 2” >> /tmp/output.txt # more < /tmp/output.txt # more << /tmp/output.txt

Man # man man

Cat / More / less # cat filename.txt

Head # head filename.txt

Tail # tail filename.txt


234234

Text-Processing UtilitiesText-Processing Utilities

Grep # grep “keyword” filename.txt

Echo # echo “Text” > filename.txt # echo $PATH

Sort # sort filename.txt # sort filename.txt > filename-sort.txt

Diff # diff file1.txt file2.txt


235235


236236

Understanding ShellsUnderstanding Shells


237237

Tasks Common to All ShellsTasks Common to All Shells

Aliases Command-line editing Enhanceed cd. History list Ignore CTRL-D .profile .cshrc Job control Logout file Protection of file from overwriting (noclobber)


238238

Changing Shells from command lineChanging Shells from command line

# sh Bourne Shell

# csh C Shell

# ksh Korn Shell

# bash Bourne Again Shell

# zsh Z Shell

Exit from Shells

# exit


239239

Unix ShellUnix Shell

Bourne Shell (/bin/sh - Default shell) เป็(นมาตรฐานขีองระบบ Unix ท�กต�วิ

C Shell (/bin/csh) ม�ขี�ดควิามสุามารถสุ�งกวิ�า Bourne Shell ใช่�ไวิย์ากรณ์�ขีองภาษาซ์� C-Programming

Korn Shell (/bin/ksh) ด2งเอาควิามสุามารถขีอง Bourne แลัะ C Shell มาใช่� ม�ขีนาดใหญ่� ป็ระสุ�ทธ์�ภาพัมากขี��น

Bourne-Again Shell (/usr/bin/bash) Incorporate both C and Korn Shell


240240

Prompt ShellPrompt Shell Bourne Shell ($) C Shell (%) Korn Shell ($)

Admin (#) ไม�วิ�าจะใช่� Shell อะไร

การเร�ย์กใช่� Shell# /bin/sh# /usr/bin/bash# /bin/csh# /bin/ksh

การออกจาก Shell# exit


241241

Shell VariablesShell Variables

Bourne/Korn C Shell ค์วิามหมาย HOME home Home Direcoty LOGNAME user Userid/name PS1 prompt แสุดง Prompt PATH path Search Path PWD pwd Current Direcoty

ขีอด�ราย์การขีอง Shell Variables# set# env

# echo $variablename# echo $HOME# echo $PATH


242242

การก$าหนดค์#า การก$าหนดค์#า Shell VariableShell Variable

Bourne/Korn# PS1=“MyPrompt> ”# PS1=MyPrompt># PATH=$PATH:/usr/bin:/usr/java/bin

การก�าหนดค�าต�วิแป็รแบบ Public# Variable=Value# export Variableม�ค�าเท�าก�บ# Variable=Value; export Variable

# PS1=MyPrompt>; export PS1# PATH =$PATH:/usr/bin:/usr/java/bin; export PATH

C Shell%> set prompt=“MyPrompt> ”%> set path=($path /usr/bin /usr/java/bin)


243243

Bash ShellBash Shell

การก�าหนด PromptPS1=‘\s-\v\$ ’

bash-3.00# __PS1=‘\u@\h<\w>$ ’

root@host</tmp>$ __

\s = Shell name\v = Version\u = User id\h = Hostname\w = Working Directory


244244

Bash Shell - CompletionBash Shell - Completion

Key – Tab

# bashbash# cd /e [tab]etc/ export/

bash# cd /ex [tab]bash# cd /export

bash# pr [tab]pr prxxx pryyy przzz


245245

Bash Shell – Session HistoryBash Shell – Session History

Key – Up / Down

# history [enter] (List history command)

# !no [enter]

# !4 [enter]


246246

Korn Shell - CompletionKorn Shell - Completion

# set –o emacs

# cd /ex [esc][esc]

# cd /export

# cd /t [esc][esc]

# cd /tmp


247247

Korn Shell – Session HistoryKorn Shell – Session History

ต�องการเลั$�อนด�ค�าสุ��งเก�าKey Ctrl+P = Previous commandKey Ctrl+N = Next command

ด�ราย์การ# history

ต�องการร�นค�าสุ��ง# r [No of command]# r 38


248248

C Shell – Session HistoryC Shell – Session History

เร�ย์กใช่�งาน# csh%

ด�ราย์การ% set history=10% history

ต�องการร�นค�าสุ��ง% ![No of command]% !11


249249

Review – Day 3Review – Day 3

Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling


250250


251251

Day 4Day 4

Process Management File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Backup and Recovery Printer Management Basic Networking


252252

Start / Stop processStart / Stop process

# processname [&] [&] is for running as background process

# processname CTRL-Z # bg # fg (For running as forground process

# find / -name init –print CTRL-Z # bg

# find / -name init –print &

# ps –ef | grep processname # kill [process id] # pkill [processname]


253253

Start / Stop processStart / Stop process

Show all SIGNALs# kill –l

Send SIGNAL to process# kill [-signal_name] pid# kill [-signal_number] pid

# kill -1 728 Send SIGHUP to PID=728# kill -HUP 728 Send SIGHUP to PID=728


254254

Scheduler with CrontabScheduler with Crontab

# man cron /usr/sbin/cron

# man crontab

# cd /var/spool/cron/crontabs root username

# cd /etc/cron.d File cron.allow File cron.deny

255255

ค์$าสุ )ง ค์$าสุ )ง CrontabCrontab

crontab [-u user] {-l|-r|-e}

- u user- u user ก�าหนดพั�จารณ์าไฟลั� ก�าหนดพั�จารณ์าไฟลั� cron cron ขีองผู้��ใช่�ท��ต�องการ ถ�าไม� ขีองผู้��ใช่�ท��ต�องการ ถ�าไม� ระบ�ค$อ ระบ�ค$อ User User ท��ใช่�อย์��ท��ใช่�อย์��

-l-l แสุดงราย์ลัะเอ�ย์ดภาย์ในไฟลั� แสุดงราย์ลัะเอ�ย์ดภาย์ในไฟลั� croncron

-r-r ลับไฟลั� ลับไฟลั� cron cron ท��สุร�างท��สุร�าง

-e-e เขี�าไป็แก�ไขีโดย์โหลัด เขี�าไป็แก�ไขีโดย์โหลัด vi vi อ�ตโนม�ต�อ�ตโนม�ต�

Crontab –e เขี�าไป็แก�ไขี

256256

ค์#าท*)ก$าหนดในตาราง ค์#าท*)ก$าหนดในตาราง crontabcrontab

“ Minutes” “Hours” “Day of month” “month” “Day of week” job

MinutesMinutes ค�าท��ก�าหนด ค�าท��ก�าหนด -059-059

HoursHours ค�าท��ก�าหนด ค�าท��ก�าหนด -023-023

Day of month Day of month ก�าหนดได� ก�าหนดได� -131-131

MonthMonth ก�าหนดได� ก�าหนดได� -112-112

Day of week Day of week ก�าหนดได� ก�าหนดได� - 06- 06 ค�า ค�า 0 0 ค$อวิ�นอาท�ตย์�ค$อวิ�นอาท�ตย์�

jobjob โป็รแกรมหร$อสุคร�ป็ต�โป็รแกรมหร$อสุคร�ป็ต�

257257

ต วิอย#างการพั�มพั และการตรวิจุสุอบต วิอย#างการพั�มพั และการตรวิจุสุอบ พั�มพั� crontab –e * * * * * /bin/echo "Do every 1 minute:” `date` 0 , 30 * * * * /bin/echo "Do every half hour:” `date` *19*** 1 190/bin/echo "Do hour since :

- 01959: : ” `date` eeeeeeeee ee eeee e e e **22**22 ” `date` ***3* /bin/echo "Do everytime in March: ”

`date` ****4 /bin/echo "Do everytime in Friday: ”

`date` 0192234 22/bin/echo "Do once on Friday

19:00: ” `date` พั�มพั� crontab –l


258258

LAB:LAB: Cron vs At commandCron vs At command

Edit file crontab # crontab -e

OR # vi /var/spool/cron/crontab/root

30 11 * * * /tmp/echo.sh $> chmod +x /tmp/echo.sh

# ps –ef | grep cron # kill [cron pid] restart cron to read new crontab # date check time/date Execute /tmp/echo.sh

/var/spool/cron/atjobs/[jobid] # at –m 1141 at> /tmp/echo.sh CTRL-D


259259

LAB:LAB: CrontabCrontab 10:10 25 Jan 2007 /tmp/echo.sh

10 10 25 01 04 /tmp/echo.sh 10 10 25 1 4 /tmp/echo.sh 10 10 25 1 * /tmp/echo.sh

Run command every 3 hours * 0 * * * command * 3 * * * command * 6 * * * command * 9 * * * command * 12 * * * command * 15 * * * command * 18 * * * command * 21 * * * command


260260

Mail client - mailboxMail client - mailbox

# mail

? [enter] Show command for mail client

Mailbox of sendmail

# more /var/mail/[username]


261261


262262

Introducing to Solaris Management ConsoleIntroducing to Solaris Management Console

# smc &

SMC Service# /etc/init.d/init.wbem status# /etc/init.d/init.wbem stop# /etc/init.d/init.wbem start

** Console / Terminal** Slow loading…


263263



264264



265265

Solaris Management Console (SMC)Solaris Management Console (SMC)

# smc & (background running)# smc (forground running)

Key ‘Ctrl-Z’ Key ‘bg’ Key ‘fg’

Find Disk space# df –k (1K block)# df –h (1K unit – KB, MB,GB)

Find Disk Usage# du –k [pathname] (1k block)# du –h [pathname] (1K unit – KB, MB,GB)


266266

Finding User Information

# who –r

# finger

# w


267267


268268

User Accounts and GroupsUser Accounts and Groups


269269

Tools for adding and admin user accountsTools for adding and admin user accounts

# smc &

# useradd

# userdel

# usermod

Creating password for user

# passwd username


270270

Setting Up & Admin GroupsSetting Up & Admin Groups

# groupadd mygroup# groupadd mysale# groupadd mygroup2 Group Name <= 8 Chars Groupid automatic generate (gid=100) File /etc/group เก&บขี�อม�ลัขีอง Group

Modify group information# groupmod –g [gid] –n [newname] oldgroup


271271

Adding User AccountsAdding User Accounts

# useradd –d /export/home/user1 –m –g mygroup user1# useradd –d /export/home/user2 –m –g mysale user2# useradd –d /export/home/user3 –m –g mygroup2 user3

Check Home directory# cd /export/home# ls –l

Check File ท��เก��ย์วิขี�อง File /etc/passwd File /etc/shadow

Change PasswordLogin as root# passwd userid


272272

หล กการต �ง หล กการต �ง Password Password ท*)ถู�กต�องท*)ถู�กต�อง Password ต�องย์าวิอย์�างน�อย์ 8 ต�วิอ�กขีระ Password ต�องป็ระกอบด�วิย์ อ�กษร ต�วิเลัขี ต�วิอ�กขีระ

พั�เศษ p@ssw0rd

Password ต�องเป็ลั��ย์นบ�อย์ๆ (เด$อนลัะคร��ง) Password ต�องไม�ซ์��าก�น Password ต�องจ�าได�ด�วิย์


273273

Modify user informationModify user information

# usermod –u [uid] –s [default shell] –g [gid] user1

หา PATH ขีอง Bash Shell

# which bash

# whereis bash /usr/bin/bash

# usermod –s /usr/bin/bash user1


274274

Login user by ‘su’ commandLogin user by ‘su’ command

su – Substitution User

# su userid/username จะไม�ได� ค�า Environment/Profile ขีอง User

# su - userid/username จะได� ค�า Environment/Profile ขีอง User ด�วิย์

Environment/Profile user Home directory .profile (Bourne) .bashrc (Bash Shell) .cshrc (C Shell) .kshrc (Korn Shell)

List / View Profile $> ls –la /export/home/user1 $> more /export/home/user1/.profile

Log File of SU/var/adm/sulog

Configuration File of SU/etc/default/su


275275

Login by using Login Screen (CDE/JDS)Login by using Login Screen (CDE/JDS)

Start machine Popup Login screen Type

username: password:


276276

Link ProfileLink Profile

Create Soft / Symbolic Link# ln –s [source file] [destination file]# ln –s [source dir] [destination dir]

Link Files# ln –s .profile .bashrc# ln –s .profile myprofile

Link Directory# ln –s /usr/bin /bin

Remove Link# rm linkname


277277

Link ProfileLink Profile

# ls -l .bashrc .profile myprofile .profile


278278


279279

Rights and RolesRights and Roles


280280

RBAC DatabasesRBAC Databases

Key concepts:

sudo

allow privileged role to be assigned to various users (has some limitation)

RBAC – Role-Based Access Control

To define role for managing special tasks or set of tasks.


281281

RolesRoles

Primary Administrator – PA

Assigns rights to other users and is responsible for security

System Administrator – SA

Is responsible for day-to-day administration that is not security-related

Operator

Performs backups and device maintenance


282282

RolesRoles


283283

RolesRoles


284284

RolesRoles


285285

Command to Manage RBACCommand to Manage RBAC


286286



287287



288288


289289

Administering Systems


290290

Determine HostidDetermine Hostid

Check HostId = HEX 8 Bytes# hostid# sysdef –h

04990A1A

# sysdef > /tmp/sysdef.txt

Host Information# uname –a# more /etc/release

Display System Information# prtconf


291291

How long a system has been upHow long a system has been up

Invoke by command# uptime

Find system was booted# who –b

View system date / time# date

Set system date / time# date mmddHHMMyy

mm = Month (1-12)dd = Day of Month (1-31)HH = Hour (0-23)MM = Minute (0-59)yy = Year


292292

Changing TimezoneChanging Timezone

Edit in file /etc/TIMEZONE TZ=“Asia/Bangkok”

The complete list of time zone variables /usr/share/lib/zoneinfo


293293


294294

File Systems, Backup and Recovery


295295

Backup & Restore File SystemBackup & Restore File System

Tape Device /dev/rmt/0 Tape 1 /dev/rmt/1 Tape 2

Backup file system# ufsdump 0cuf /dev/rmt/0 /dev/dsk/c0d0s0

# man ufsdump

Restore file system# ufsrestore

# man ufsrestore


296296


Backup Strategy Full Backup Differential Backup Incremental Backup

Full

Full

Full

D

TUEMON WED THU FRI

DIFF

INC

NORM Full Full Full Full

D D D

I I I I


297297

Incremental Backup StrategyIncremental Backup Strategy


298298

Using the Using the ufsdumpufsdump command command


299299


/dev/dsk/c0d0s0 /dbasefile /dev/dsk/c0d1s0 /backup

# ufsdump 0a /backup/full.dat /dev/dsk/c0d0s0 /backup/full.dat

# ufsdump 0c /dev/rmt/0 /dev/dsk/c0d0s0


300300


List table of content# ufsrestore ta /backup/full.dat

Extract data from backup device# ufsrestore ia /backup/full.dat

ufsrestore> helpufsrestore> lsufsrestore> add [filename]ufsrestore> extract


301301


Disk Duplicate - backup full disk space# dd if=/dev/dsk/c0d0s2 of=/dev/dsk/c0d1s2

Create tar file# cd /# tar cvf /export/data/full.tar ./etc

Extract tar file# cd /export/extract# tar xvf /export/data/full.tar [.]

# compress –f full.tar full.tar.Z $> uncompress full.tar.Z tar xvf full.tar


302302


Creating tar/gzip format # tar cvf - ./etc | gzip - > /export/data/full.tgz

Extracting tar/gzip format # gunzip full.tgz tar xvf full.tar

OR # gzcat /export/data/full.tgz | tar xvf -

Quota ManagerQuota Manager


303303

Webmin and Quota ManagerWebmin and Quota Manager


304304

SyslogSyslog


305305

Webmin and SyslogWebmin and Syslog


306306


307307


308308


309309

Printing Service


310310

Introducing Network Printing FundamentalsIntroducing Network Printing Fundamentals


311311

Locating the destination printerLocating the destination printer

lp / lpr

1. Option command line2. PRINTER, LPDEST3. $HOME/.printers4. /etc/printers.conf5. Name service

(NIS,NIS+,LDAP)6. No printer


312312

Introducing the local print processIntroducing the local print process


313313

Introducing the remote print processIntroducing the remote print process


314314

Printer ManagerPrinter Manager

# /usr/sadm/admin/bin/printmgr & Name service = File Click Menu Printer

Add Attached Printer Add Network Printer

# lpadmin

# lpq Network Printer

Attached Printer


315315

Setting Print ServerSetting Print Server

Printer Name Server Name Network printer access name IP address for the printer Protocol (TCP)


316316

Setting Print ServerSetting Print Server

Login as root# lpadmin –p HPLJ4050 –v /dev/null# accept HPLJ4050# enable HPLJ4050# lpstat –p HPLJ4050# lpstat –p HPLJ4050 –l For more Infomation

Printing# lp –d HPLJ4050 –n 1 filename

Cancelling Printing# lpstat –p HPLJ4050 Find request-id# cancel [request-id]


317317


318318

Network Services & Remote AccessNetwork Services & Remote Access


319319

InternetInternet


320320

Internet Internet ค์�ออะไรค์�ออะไร เคร$อขี�าย์ท��น�าโฮสุต�ต�างๆท��วิโลักมาเช่$�อมต�อก�น ป็<จจ�บ�นม�มากกวิ�า 60 ลั�านโฮสุต�


321321

ใค์รเป,นค์นด�แล ใค์รเป,นค์นด�แล InternetInternet

องค�กรด�แลัมาตรฐาน องค�กรด�แลัเคร$อขี�าย์ องค�กรด�แลัช่$�อท��ใช่�


322322

องค์กรด�แลมาตรฐานองค์กรด�แลมาตรฐาน

IAB

Internet Activity Board

IRTF IETF

IRSGIRSGIRSG IRSG IESGIESGIESG IESG

ร�างมาตรฐาน สุน�บสุน�นResearch Task Force Engineering Task Force

Research Steering Group Engineer Steering Group

http://www.iab.org

RFC


323323

องค์กรด�แลเค์ร�อข#ายองค์กรด�แลเค์ร�อข#าย

IANA

Internet Assign Name Authority

AfriNIC APNIC ARIN RIPE LACNIC

JP TH SG

203.xx202.xx

199.xx

www.iana.orgWhois > IP addressName space

201.xx


324324

องค์กรด�แลชื่�)อท*)ใชื่�องค์กรด�แลชื่�)อท*)ใชื่�

InternicGTLD

ICANN

CCTLD

.com .net .gov

.th .jpRegistrar

www.icann.orgWhois : Name space

www.internic.net

www.thnic.net


325325

Root Server (.)Root Server (.)

IANA

AFNIC APNIC ARIN RIPE LACNIC

a. b. c. d. e. f. g. h.i. j. k. l. m.

DNS ถ�กด�แลัโดย์ ICANNRoot hint > a.root,b.root,c…

a.root หมาย์เลัขี น�าไป็ตรวิจสุอบวิ�าต��งอย์��ในโซ์นใด


326326

Root Server Root Server ((ต �งเองต �งเอง))

Delegated DNS

DNS Server

Delegated DNS

“.”

“.com”

Delegated DNS

“abc.com”

S4

S3

S1

Root hintS1S2

ก�าหนดเอง

S2

S5

“xyz.com”Forwarder


327327


328328

Simple NetworkSimple Network


329329

Class of IP AddressesClass of IP Addresses


330330

OSI vs TCP/IP ModelOSI vs TCP/IP Model


331331

The The bannerbanner command command


332332

Solaris 10 Network InstallationSolaris 10 Network Installation

Multiple IP address in One NIC Interface name (pcn0,pcn1,…) Sub interface (pcn0:0, pcn0:1, pcn0:2)

Create file hostname.pcn0:0 hostname.pcn0:1 hostname.pcn0:2

Multi-Home (NICs) Create file

/etc/hostname.pcn0 /etc/hostname.pcn1 /etc/hostname.pcn2 /etc/hosts

192.168.1.1 hostname0 192.168.1.2 hostname1 192.168.1.3 hsotname2


333333

Configure Host and IP address w/ Multi-IPConfigure Host and IP address w/ Multi-IP

# cd /etc # vi hosts

IP address1 hostname1 IP address2 hostname2 IP address3 hostname3

/etc/hostname.[interface]:[1-99] hostname.pcn0:1 hostname1 hostname.pcn0:2 hostname2 hostname.pcn0:3 hostname3


334334

Configure Host and IP address w/ Multi-NICsConfigure Host and IP address w/ Multi-NICs # touch /reconfigure # init 5 Install Network Cards Power On # cd /etc # vi hosts

IP address0 hostname0 IP address1 hostname1 IP address2 hostname2

/etc/hostname.[interface] hostname.pcn0 hostname0 hostname.pcn1 hostname1 hostname.pcn2 hostname2


335335

Network Setting UpNetwork Setting Up

Define IP address [Static IP] Edit /etc/hosts

192.168.1.200 suwit001 Edit /etc/hostname.pcn0

suwit001 Edit /etc/nodename

suwit001

DHCP Client# /sbin/dhcpagent

Request Network Information from DHCP Server


336336

Checking Network SetupChecking Network Setup

# ifconfig –a Check ip address

# netstat –rn netstat –r –n Check routing table (Look for line default)

# more /etc/resolv.conf nameserver 202.xx.yy.zz Check nameserver (DNS)

# more /etc/defaultrouter [Static ip]

Manually add routing table# route add default [gateway ip]# route add default 192.168.1.1


337337

Network Setting with Multiple NICsNetwork Setting with Multiple NICs

pcn0 pcn1

203.151.100.0 / 24203.151.100.0 / 24 192.168.1.0 / 24192.168.1.0 / 24

203.151.100.1203.151.100.1

.10.10

Route add [NetworkID] [Gateway IP]# route add 0.0.0.0 203.151.100.1# route add default 203.151.100.1

192.168.1.1192.168.1.1

192.168.9.0 / 24192.168.9.0 / 24

Route add [NetworkID] [Gateway IP]# route add 192.168.9.0 192.168.1.1# route add 192.168.9.9 192.168.1.1

.10.10

File /etc/rc3.d/S69staticrouteroute add [networkid] [gateway ip]


338338

Checking Packet from NetworkChecking Packet from Network

# snoop# snoop –o /tmp/packet.txt Capture to file# snoop –d pcn1# snoop | grep hostname1[192.168.1.190]

Other tools# ethereal &# nmap

Read from captured file# snoop –i /tmp/packet.txt


339339

Check which Port binding by ProcessCheck which Port binding by Process

http://www.sunfreeware.com# /usr/local/bin/lsof –l | grep TCP | more

Process name Binding Port

Package InstallationGet file lsof.4.74*local.gz# gunzip lsof4.74.gz# lsof4.74*local# pkgadd –d lsof*local

/usr/local/bin /usr/local/man

# man –M /usr/local/man lsof

340340

สุถูานะการณ์ในการต �ง สุถูานะการณ์ในการต �ง Solaris Solaris เป,น เป,น RouterRouter

ด�ฟอลัท�เป็(น Static Route

Computer

192.168.9.1

192.168.1.3 192.168.1.1

192.168.1.2

Internet

Routing table

Route add 0.0.0.0 gw 192.168.1.1Route add 192.168.2.0 gw 192.168.1.2

192.168.2.0

Route ด� Routing table


341341

342342

บร�การ บร�การ NFSNFS

Data share

/data/public/home

/mnt/data/mnt/public

/mnt/data/mnt/public

Computer

ComputerNFS Server


343343

NFS (Network File System)NFS (Network File System)

Server Login as root $> ps –ef | grep nfsd $> mkdir /export/share $> share –F nfs –o rw /export/share

/etc/init.d/nfs.server start $> share Check sharing $> dfshares Check sharing

Client $> mkdir /export/share $> mount –F nfs hostname:/export/share /export/share $> mount Check mounting $> df Check mounting


344344

NFS (Network File System) - /etc/dfs/dfstabNFS (Network File System) - /etc/dfs/dfstab


345345

NFS (Network File System)NFS (Network File System)

Client

# umount /export/share/xxx

Server

# unshare /export/share

# /etc/init.d/nfs.server stop

346346

DNS HistoryDNS History

30 ป็=ท��แลั�วิพับวิ�าม�เคร$�องโฮสุต�ใช่� Internet อย์��ป็ระมาณ์ 500 โฮสุต�

ซ์2�งการใช่�หมาย์ IP ไม�สุะดวิก SRI-NIC >> ไฟลั� Hosts

192.168.1.55 local.domain192.168.1.56 r1.domain


Change

347347

BINDBINDRoot>> Delegate


Change

Computer ComputerComputer

202.44.33.11 www.abc.com202.44.33.11 s1.abc.com

Computer ComputerComputer

Webmin and DNSWebmin and DNS


348348

SSHSSH


349349

Webmin and SSHWebmin and SSH


350350


351351


352352

Review – Day 4Review – Day 4

Process Management File System Access Control Role-Based Access Control Users, Groups, and the Solaris Management Console Backup and Recovery Printer Management Basic Networking Network File System and Caching File System


353353


354354

Day 5Day 5

Basic Networking Webmin Administrator Tools (Solaris, Linux) Network Information Service (NIS/NIS+) Domain Name Service Lightweight Directory Access Protocol (LDAP) Sendmail Samba Application Development and Debugging Web Applications and Services DHCP and NTP Routing and Firewalls Remote Access Internet Layer (IPv6)


355355

Webmin InstallationWebmin Installation

Components Webmin Server

web server: bind port 10000 Webmin Client

Web browser IE, Netscape,Firefox,Opera

InstallationGet package from http://www.webmin.com

File webmin-1.310.tar.gz# cd /usr/local# gzcat /xxx/webmin-1.310.tar.gz | tar xvf –# cd /usr/local/webmin-1.310# ./setup.sh


356356


* Default answer Enter* User: admin* Password: xxxx* Start webmin at boot: y/n

Start & Stop Webmin Server# /etc/init.d/webmin [start | stop]

Client Access- Windows XP: Open IE- Solaris: Open Browser

http://192.168.9.130:10000


357357


Client Access

http 10000

http://webminserver1:10000

https Install Perl SSLeay package

https://webminserver1:10443

358358

การเล�อกระบบ การเล�อกระบบ AuthenticationAuthentication

File Server File Server File Server

Computer

Computer

Authentication Server

NAS

NAS

NAS

RADIUSActive DirectoryLDAPTACACSSingle Sign On (SSO)


359359

Name Services - SolarisName Services - Solaris

NIS / NIS+ Network Information Service (Server)

DNS Domain Name Service (Server)

LDAP Lightweight Directory Access Protocol (X.500)

vs MS ActiveDirectory (X.500)


360360

NIS Setting upNIS Setting up

NIS Server

# svcadm enable network/nis/server

# svcs network/nis/server

# domainname training.net

File /etc/defaultdomain training.net

# ypinit –m

# ypstart


361361

Service AdministrationService Administration


362362


Output


363363


YP DB

passwdgrouphostsipnode

user1

user1

192.168.9.1 w1192.168.9.2 w2192.168.9.3 w3192.168.9.4 w4192.168.9.5 w5192.168.9.6 s1

NIS Client

YP DB

NIS MasterNIS Slave


364364

NIS Setting upNIS Setting up

NIS Client

# domainname training.net

# ypinit –c

# ypstart

Edit file /etc/nsswitch.conf passwd: nis file hosts: nis dns file


365365


366366

Service Ports (TCP / UDP)Service Ports (TCP / UDP)

Service: 1-65535 Server Service: 1-1023 Client/App Service: 1024 – 65535

Check current service ports

# netstat –an | more

R* commandR* command


367367

SSL

Telnet

Rlogin

SSH


368368

Remote LoginRemote Login

Desktop ManagerClick Remote LoginClick Choose from list…

Terminal Remote Login# rlogin hostname [ip address of remote system]# telnet hostname [ip address]

service port = 23# exit logout from remote host

Root for remote loginEdit file /etc/default/loginComment line “#CONSOLE=….”


369369

Remote LoginRemote Login

Remote host must be configured

# /etc/hosts.equiv

# $HOME/.rhosts

hostname username

192.168.9.196 root,user1,user2

+ All hosts, users


370370

Remote commandRemote command

# rlogin –l user1 192.168.9.130

# rup 192.168.9.130

# rsh –l user1 192.168.9.130 prstat

# rcp [email protected]:/etc/passwd /tmp/passwd

# rcp /tmp/passwd [email protected]:/etc/passwd


371371

Check remote system how long be upCheck remote system how long be up

# rup hostname [ip address]

Check remote system alive

# ping hostname [ip address]

# ping –s hostname (infinity loop - Solaris)

# ping –t hostname (infinity loop - Windows)

FTP Server (ftpd)FTP Server (ftpd)


372372

Computer

FTP Server FTP Client

20 Data21 Control

/var/ftp/pub/var/ftp/pub


373373

FTP – File Transfer ProtocolFTP – File Transfer Protocol

# cd /etc/ftpd# ftp hostname [ip address]

Login / password

ftp> helpftp> get [filename] downloadftp> mget [filename *.*] multiple getftp> put [filename] uploadftp> mput [filename *.*] multiple putftp> binary Binary file (exe, jpg, gif)ftp> ascii Text file (txt)ftp> prompt Toggle interactive modeftp> hash Show Progress print ‘#’ftp> quit / bye

Webmin and ftpdWebmin and ftpd


374374


375375

What is apache?What is apache?

Apache เป็(นแอพัพัลั�เคช่��นท��ให�บร�การ Web Server บน Internet

ระบบป็ฏิ�บ�ต�การ Solaris รองร�บเวิ&บท��ช่$�อ apache


376376

377377

What is HTTP?What is HTTP?

httpServer- Apache

httpClient

IE, Netscape, OperaFirefox, Mozilla

url

.htm, .html

.php

.asp

.idc

.etc

Tcp 80

Computer


378378

Solaris Web Server (Apache)Solaris Web Server (Apache)

Start script file /etc/rc3.d/S50apache [start|stop]

Configuration file# cp /etc/apache/httpd.conf-example httpd.conf

# /etc/rc3.d/S50apache start Check http running

# ps –ef | grep httpd Web Browser

IE, Webbrowser http://[hostname, ip address][:80]


379379

Configuration file - /etc/apache/httpd.confConfiguration file - /etc/apache/httpd.conf

Web page location

Webmin and apache configurationWebmin and apache configuration


380380

Webmin and apache configurationWebmin and apache configuration


381381


382382


383383

Solaris IP Filter FirewallSolaris IP Filter Firewall

http://www.muine.org/~hoang/solnat.html Lock down the box Setup network interfaces in the Solaris box Enable packet forwarding, dhcp, firewall and

network address translation Configure machines behind NAT Familiarize with IPFilter IPsec Reference


384384

What is SAMBA?What is SAMBA?

ค$อแอพัพัลั�เคช่��นท��ท�าให�ระบบป็ฏิ�บ�ต�การ UNIX ต�ดต�อก�บ Microsoft Networking


385385

SambaSamba

Linux Windows NT/XP/2000/2003

My Network Places

137-139


387387

SAMBA ConfigurationSAMBA Configuration

SMB – Server Message Box (Microsoft)

Script file location# /etc/rc3.d/S90samba [start|stop]

Create configuration file# cp /etc/sfw/smb.conf-example smb.conf

# /etc/rc3.d/S90samba start


388388

Creating SAMBA userCreating SAMBA user

Convert Unix user to SAMBA user Webmin Interface # /usr/sfw/bin/smbpasswd

This form allows you to synchronize the Unix and Samba user list. When Samba is using encrypted passwords, a separate list of users and passwords is used instead of the system user list. The list of users not to convert can contain usernames, UIDs, group names prefixed with an @, or UID ranges like 500-1000 or 500-

Change UID greater than 1000# usermod –u 1001 user1

Webmin and SambaWebmin and Samba


389389


390390


391391

DNS SettingDNS Setting

Map DomainName IP address

Components DNS Server

Zone – Domain name Record (MX – Mail Server, NS – Name Server, A – ServerIP) Configuration file /etc/named.conf

DNS Client # nslookup www.webmin.com

66.35.250.210


392392

DNS OperationDNS Operation

www.google.com

http://www.google.com

66.xxx.xxx.xx66.xxx.xxx.xx

www.google.com

66.xxx.xxx.xx


393393

Create Master ZoneCreate Master Zone

Create master zone: training.net /etc/training.net.hosts NS – Record

192.168.9.130 A – Record

serverA – 192.168.9.149

DNS Client # nslookup

> server 192.168.9.130> serverA.training.net> 192.168.9.149


394394

DHCP Setting – Automatic IP settingDHCP Setting – Automatic IP setting

DHCP Server DHCP Client

DHCP – Dynamic Host Configuration ProtocolPort: 67 and 68

MAC1 MAC2 MAC3 MAC4

# ifconfig –a ethers: 00:00:00:00:00:00

IP Range – 192.168.9.10-200

IP: 192.168.9.10MAC: MAC1Lease TimeIP: ?

MAC: MAC1


395395

DHCP Setting – Automatic IP settingDHCP Setting – Automatic IP setting

DHCP Server # /usr/sbin/dhcpd Configuration file /etc/dhcpd.confLocation /etc/dhcp/*.*

DHCP Client# dhcpagent DHCP Client# /etc/dhcp.[interfaceName]# /etc/dhcp.pcn0


396396

Tuning & Recognizing File Access ProblemsTuning & Recognizing File Access Problems

397397

E-mailE-mail DNS: MX

SMTPPOP3/IMAP4

[email protected] >> [email protected]

khajorn

[email protected]

lumplang.com

1

2

3

SMTP 4

[email protected]

wichai

MIME

5


398398

Recognize Problem with Search PathsRecognize Problem with Search Paths

Problem: Command not found / No such file or directory

# echo $PATH

Borne/Korn Shell PATH=$PATH:/sbin:/opt/sfw/bin:. export PATH # . [.profile] Full Path of profile

C Shell setenv path ( $path /sbin /opt/sfw/bin . ) %> source [.cshrc] Full Path of profile

# which [command]# whereis [command] Show fullpath of command


399399

Recognize Problem with Permission, OwnershipRecognize Problem with Permission, Ownership

Change permission of file for execution Create Shell script

# chmod [nnn] [shell script] nnn = 755 rwxr-xr-x

# chmod +x [shell script] Change ownership of file/directory

# chown [userid]:[groupid] [file, directory]

# chown –R [userid]:[groupid] [file, directory]

-R = Recursive changes


400400


401401

New Features Enhancement in Solaris 10New Features Enhancement in Solaris 10


402402

Solaris Zone Partitioning TechnologySolaris Zone Partitioning Technology

Create virtual OE (Operating Environment) Zone

Separate file system, device, network, resource, security


403403

Zone configurationZone configuration


404404

Zone configurationZone configuration


405405


406406

Wrapping up SessionWrapping up Session

Further information www.sun.com Main web site www.bigadmin.com Discussions/Forums www.sunfreeware.com Free Software sunsolve.sun.com Updates & Patches docs.sun.com Documents


407407

Thank YouThank You