Note: This web page was automatically created from a PalmOS "pedit32" memo.

Solaris notes


Did you try putting /usr/local/lib into the system runtime linking environment with "crle" first? In other words, something like this (Solais 8/9/10 only): crle -c /var/ld/ld.config -l /usr/local/lib:/usr/lib
meter-ferrante) pvs /bin/chmod libc.so.1 (SUNW_1.1); meter-ferrante)
According to Francisco, the fix is to change mounting of dcslib from /dcspdb/sun4-5 to /dcspdb/solaris-2.6
Just wanted to share the info below with the group. Using the info below, I've just expanded the /usr filesystem on a test box while it was still mounted (single user mode) but should still work for mutliuser mode as well. Let me know if you have any question on this. Will be using this to resolve a small /var filesystem on a client box without having to re-install or repartition/reformat. On Tue, Feb 08, 2005 at 01:40:36PM -0800, Tri H. Tran wrote: > Thanks Dan. That was the hint that I needed. Googling for more > info on this resulted in the below link for further detail: > > http://www.unixguide.net/sun/expandsolarisfilesystems.shtml > > http://www.unixguide.net/unixguide.shtml > > On Tue, Feb 08, 2005 at 12:26:06PM -0800, Dan Stromberg wrote: > > for UFS - use mkfs -M on a mounted filesystem, or mkfs -G on an > > unmounted > > filesystem. (These flags are undocumented by the way) > > > > On 9 it's growfs, on earlier releases of Solaris, one of these flags may do it. > >
Mounting individual partitions of a Solaris CD-ROM on a linux system: seki-root> fdisk -l /dev/hda Note: sector size is 2048 (not 512) Disk /dev/hda (Sun disk label): 1 heads, 640 sectors, 2048 cylinders Units = cylinders of 640 * 512 bytes Device Flag Start End Blocks Id System /dev/hda1 r 0 752 240640 4 SunOS usr /dev/hda2 r 752 1984 394240 2 SunOS root /dev/hda3 1984 1988 1280 0 Empty /dev/hda4 1988 1992 1280 0 Empty /dev/hda5 1992 1996 1280 0 Empty /dev/hda6 1996 2000 1280 0 Empty Thu Feb 17 15:41:53 seki-root> bc bc 1.06 Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc. This is free software with ABSOLUTELY NO WARRANTY. For details type `warranty'. 640*512 327680 327680*752 246415360 Thu Feb 17 15:42:13 seki-root> mount /dev/hda /mnt/root Thu Feb 17 15:42:19 seki-root> bc Thu Feb 17 15:42:20 seki-root> mount -o offset=246415360 /dev/hda /mnt/usr Thu Feb 17 15:42:28 seki-root> cd /mnt/usr Thu Feb 17 15:42:31 seki-root> d ./ bin@ devices/ kernel/ opt/ reconfigure .swappart@ .tmp_proto/ ../ cdrom/ etc/ lib/ platform/ sbin/ system/ usr/ a/ dev/ .java@ mnt/ proc/ .swapinfo@ tmp/ var@ /mnt/usr Thu Feb 17 15:42:32 seki-root>
>What I heared the SPARCs require some minimum number of MHz for >Solaris 10 to run. Is there a similiar minimum requirent? That's because of a CPU bug; what we really require is UltraSPARC-II or later (which means no UltraSPARC <= 200MHz qualifies)
Ultrasparc I's do not run Solaris 10 - due to the CPU bug they have, they were declared not supported. ISTR Ultra 1's came in 137 and 167 MHz.
For more on NFS v4: nfs(4) nfsmapid
It appears that Solaris 10 defaults to bit bucketing connections rather than giving a nice "connection refused" by default
sshd trouble on solaris 10: This supposedly fixes it: "svcadm enable svc:/network/ssh:default" Sun apparently sees it as a bug (only in the CD install), but we're getting it when autoinstalling the FCS :-S This gave a "next state" of online: "svcadm clear ssh" This script fixed it: #!/bin/sh SSHD_DIR=/etc/ssh export SSHD_DIR if [ -f "$SSHD_DIR/ssh_host_key" ] then : else maxtime 180 /usr/bin/ssh-keygen -trsa1 -b 1024 -f "$SSHD_DIR/ssh_host_key" -N '' fi if [ -f "$SSHD_DIR/ssh_host_dsa_key" ] then : else maxtime 180 /usr/bin/ssh-keygen -d -f "$SSHD_DIR/ssh_host_dsa_key" -N "" fi if [ -f "$SSHD_DIR/ssh_host_rsa_key" ] then : else maxtime 180 /usr/bin/ssh-keygen -t rsa -f "$SSHD_DIR/ssh_host_rsa_key" -N "" fi
root -X benefits from X11UseLocalhost no ...in /etc/ssh/sshd_config Also helpful with X11 forwarding? (Analogous to the fix required on Fedora Core 3) # IPv4 only ListenAddress 0.0.0.0 # IPv4 & IPv6 # ListenAddress :: A poster on comp.unix.solaris suggests I may be able to add sshd flags to /lib/svc/method/sshd
Interesting command: svcs -l ssh
Automounting has changed somehow - auto_dcslib isn't working. Statically mounting dcslib on jesus.nac.uci.edu for the time being.
/dcs/bin/man is making a mess of solaris 10 man pages
Interesting URL: http://www.mathematik.uni-marburg.de/sys/os/solaris/solaris10.html
> - sshd could use different PAM service names for the different auth types. > (eg "sshd-public-key", "sshd-password", "sshd-gssapi-with-mic" and fall > back to "sshd" if these don't exists. This would probably be tricky to > write because you'd have to stop and start PAM for each auth attempt.) Solaris 10's sshd does this. See: http://docs.sun.com/app/docs/doc/816-5166/6mbb1kqh7?a=view#indexterm-768 The service names it uses are: - sshd-none - sshd-password - sshd-kbdint - sshd-pubkey - sshd-hostbased - sshd-gssapi (for both, gssapi-keyex and gssapi-with-mic)
Need to google for "bootenv.rc" sometime
On first autoinstall 1) ypbind isn't communicating with ypcat. ypbind not running. 2) sshd didn't get started up 3) /dcs/bin/man is broken on sun manual pages 4) First reboot after an autoinstall asks for an NFSv4 domain 5) lsof in dcslib isn't working 6) scsiinfo in dcslib isn't working (may need sol 9 too) 7) top seems fine 8) nfswatch seems fine 9) memconf might like to be upgraded, though prtconf and/or prtdiag may replace it 10) libtool may be broken on solaris 10 (2005-02-24) 11) /etc/hosts is coming up misconfigured. May also need to do something with /etc/inet/ipnodes: A new feature of Solaris 10 is sourcing the "ipnodes" name service prior to "hosts" for IPv4 addresses. Reference "/etc/nsswitch.conf". /\/\/\/\/\ This will cause problems when updating the IP address of your IPv4 interfaces by only updating "/etc/hosts" aka "/etc/inet/hosts". Updating "/etc/inet/ipnodes" will also be necessary. /\/\/\/\/\ you can't have IPv6 addresses in hosts. you can put IPv4 addresses into ipnodes, but you don't have to. if ipnodes will not give an answer, hosts will be used. BTW: it's a feature from all IPv6 enabled Solaris versions. /\/\/\/\/\ > you can't have IPv6 addresses in hosts. Sure you can. The parser just ignores them. 12) srsh isn't bootstrapping itself correctly 13) NIS client needed to be enabled with "svcadm enable network/nis/client"
There's only one Solaris/x86 version. It can be booted in both 32 and 64 bit mode. Most programs are 32 bit and shared between the 32 and 64 bit runtime. The first publicly available build of S10 which supported an 64 bit kernel was build 72. The GA build is 74L2a (cat /etc/release) If it doesn't boot in 64 bit mode after install you need to run: eeprom boot-file='' (empty means: take default)
svc:/system/fmd:default (Solaris Fault Manager) (another thing to google for)
Changing the community string on solaris 9: Go to /etc/*/snmpd.conf Edit read-community field to have the value you want
Solaris 10: smpatch analyze ...along the lines of yum/apt/up2date
SunPCI version for Sol 7/8/9 reportedly works fine on Solaris 10
New in solaris 10: 1) ipfilter Solaris 10 ships with IP filter (ipf) and does NAT as well. http://docs.sun.com/app/docs/doc/816-4554/6maoq023d?a=view Put config files in /etc/ipf Remember to enable the network interface in "pfil.ap" and restart. ipfstat -hio 2) Configuring CUPS on solaris 10: /usr/sadm/admin/bin/printmgr 3) fmstat A server running a late build of Solaris 10 detected a CPU fault, and offlined the CPU on the fly - no impact to the system at all. In order to test it, FMA was disabled, and the CPU was re-enabled. 4) inetd is "legacy?" svc.startd 5) If you remove SUNWftpr, the ftp service will be automatically deleted from the smf repository. 6) As Casper pointed out, in Solaris 10 every process is multithreaded, in principle. That is, all of the functionality of libthread has been moved into libc and the system-reserved %g7 register is used to point to the internal thread structure and the thread-local storage of each thread. /\/\/\/\ Traditional single-threaded processes are still single-threaded in the sense that only one thread of control is present, so unless you mess with %g7, it is really not possible to detect the difference, unless you try really hard. No behaviorial changes are incurred. 7) Restart a network interface: svcadm clear network/physical 8) Fine grained privileges system? Have a look at 'ppriv -l -v' - I think you want proc_setid. 9) Using NFS v4 (which is available in Solaris 10), "mountd" and "lockd" are obsolete. NFS v4 uses the well-defined port 2049, thus improving firewall support. 10) These functions (gethostbyname and friends) have been superseded by getipnodebyname(3SOCKET), getipnodebyaddr(3SOCKET), and getaddrinfo(3SOCKET), which provide greater portability to applications when multithreading is performed or technolo- gies such as IPv6 are used. For example, the functions described in the following cannot be used with applications targeted to work with IPv6. 11) Another interesting command: svcprop -p config rpc/bind 12) libSQlite comes with the OS? Does this mean ndbm is finally deprecated, and NIS won't have silly limits? 13) We appear to be getting Tomcat on port 898/tcp
Items for further study: 1) Also go to http://www.sun.com/bigadmin and search on 'smf' /\/\/\/\/\ The Internet services daemon, inetd(1M), has been rewritten as part of SMF. It stores all of its configuration data in the SMF database, rather than /etc/inet/inetd.conf, allowing the SMF tools to be used to control and observe inetd-based services.
Experiments to get NIS working on Solaris 10: jesus-root /etc) ypcat passwd can't communicate with ypbind jesus-root /etc) svcs network/nis/client STATE STIME FMRI disabled 14:51:03 svc:/network/nis/client:default jesus-root /etc) svcadm enable network/nis/client jesus-root /etc) svcs network/nis/client STATE STIME FMRI online 17:33:58 svc:/network/nis/client:default jesus-root /etc) ypwhich Domain YP.dcs.uci.edu not bound on jesus.nac.uci.edu. Problem was largely due to /etc/hosts breakage (?), noted previously.
NFSv4, Inspect domain: cat /var/run/nfs4_domain
Nice article about Solaris 10. Mostly covers DTrace (very interesting system information it can provide), Zones (half way between XEN/UML and chroot in terms of isolation - only one kernel runs, but more effective than chroot), and SMF (svcs, svcadm - very like AIX *src). Solaris 10 features an entirely new network stack named FireEngine. The BSD tools are installed in /usr/ucb, the GNU tools in /usr/sfw, Solaris development tools in /usr/ccs, /usr/X11 contains Xorg and /usr/X contains openwin. http://madpenguin.org/cms/?m=show&id=3542&page=2
Checking why an SMF (Service management framework) service is having problems: bash-3.00# svcs -x ssh svc:/network/ssh:default (SSH server) State: maintenance since Fri 11 Mar 2005 08:43:23 PM PST Reason: Start method failed repeatedly, last exited with status 1. See: http://sun.com/msg/SMF-8000-KS See: sshd(1M) See: /var/svc/log/network-ssh:default.log Impact: This service is not running. bash-3.00#
Enabling NIS on Solaris 10 went like: 15 svcs -a | less -sc 16 svcadm enable svc:/network/nis/client 17 svcs -x svc:/network/nis/client 18 ypcat passwd
Trying to enable NIS and sshd using: jesus-root> cat site.xml <?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> <service_bundle type='profile' name='site'> <service name='network/rpc/keyserv' version='1' type='service'> <instance name='default' enabled='true'/> </service> <service name='network/nis/client' version='1' type='service'> <instance name='default' enabled='true'/> </service> <service name='network/ssh' version='1' type='service'> <instance name='default' enabled='true'/> </service> </service_bundle> Mon Mar 14 14:18:53 jesus-root> pwd /var/svc/profile Mon Mar 14 14:18:56 This method appears to work pretty well. :)
svcprop looks interesting. As does svccfg.
Useful info on SMF (which is the generic name for this svcadm, svcs, svcprop, svccfg stuff) man 5 smf_bootstrap SEE ALSO pkgadd(1M), pkgrm(1M), svcadm(1M), svccfg(1M), svc.startd(1M), libscf(3LIB), service_bundle(4), attri- butes(5), smf(5), smf_security(5)
From a comment in /etc/inittab, which is now very small in Solaris 10: # For modifying parameters passed to ttymon, use svccfg(1m) to modify # the SMF repository. For example: # # # svccfg # svc:> select system/console-login # svc:/system/console-login> setprop ttymon/terminal_type = "xterm" # svc:/system/console-login> exit
About SMF rebuilding its repository after a cloning: > QUESTION: Is that what happened-- the SMF rebuilt the repository? And, > since all the files from the original disk were transferred to the new disk > via the ufsdump/ufsrestore clone operation, why did the SMF rebuild the > repository? Yes, that is what happened. The hashes used by the automatic import process to detect manifest file changes include the inode number of the file, which wouldn't be retained by ufsrestore.
> I think you can just toss any odd such command into: > > /a/var/svc/profile/upgrade > > and they will be executed on next boot (and the file is then renamed > away) > > Casper I don't believe we've committed that interface at any public level, so I would not encourage its use. Writing your own one-time service is quite easy and would be preferable. Dave /\/\/\/\/\/ This is interesting. So far I implemented such post installation modifications and additions through a one-time manifest in /var/svc/site/ which would run a script to do these modifications and then disable itself at the end. I modelled it after the inetd-upgrade.xml manifest. But it would be much simpler to use the upgrade profile. At which point in the reboot process is it run, i.e., is the network and nfs client functionality available? /\/\/\/\/\/\ (Casper confirms that we need a service, not the upgrade script)
Removing an SMF service from the repository, and re-adding it, in case of a strange SMF problem. This example uses rpcbind, but this could be applied to other fault management resource identifier (FMRI)'s: # svcadm disable network/rpc/bind # svccfg delete network/rpc/bind # svccfg import /var/svc/manifest/network/rpc/bind.xml # svcadm enable network/rpc/bind Is there any more information in /var/svc/log/network-rpc-bind:default.log? Do you get output that looks something like this from this command:? # svcprop -p config rpc/bind config/allow_indirect boolean true config/enable_tcpwrappers boolean false config/verbose_logging boolean false
Solaris 10's rpcbind at least supports tcp wrappers. However, there is no warm start option (2005-03-16).
The -d and -D switches are generally helpful to check dependencies - what multi-user-system is dependant on. EG, svcs -d svc:/milestone/multi-user-server:default STATE STIME FMRI disabled Jan_14 svc:/network/rpc/bootparams:default disabled Jan_14 svc:/network/nfs/server:default disabled Jan_14 svc:/network/rarp:default disabled Jan_14 svc:/network/dhcp-server:default online Jan_14 svc:/network/ssh:default online Jan_14 svc:/milestone/multi-user:default
I've only skimmed this so far, but it appears to be a very good URL about defining your own SMF services: http://www.sun.com/bigadmin/content/selfheal/sdev_intro.html
On debugging memory problems, using libumem and MDB: http://access1.sun.com/techarticles/libumem.html
A PDF about DynFS, AKA DFS, which I believe is new in Solaris 10: http://members.visi.net/~thedave/sun/DynFS.pdf
/usr/ccs/bin/what /usr/bin/ssh Shows ssh's revision history
Solaris 10, SMF stuff: Run all services: boot -m milestone=all Go to multiuser (not ^D anymore) : svcadm milestone -t all Verbose boot: boot -mverbose
SMF Guide by Sun: http://docs.sun.com/app/docs/doc/817-1985/6mhm8o5n6?a=view
Native SMF facilities should not modify inittab or inetd.conf
Nice inittab doc: http://docs.sun.com/app/docs/doc/816-5174/6mbb98ug1?a=view
Nice blog with lots of SMF-related things: http://blogs.sun.com/roller/page/sch
Profile application The first time the existence of each of the three service profiles listed below is detected, svc.startd(1M) automati- cally applies the profile. /var/svc/profile/generic.xml /var/svc/profile/platform.xml /var/svc/profile/site.xml
2005-03-30 As a means of getting ssh to come up enabled out of the box, after an autoinstall, on Solaris 10, I've: 1) Created an "ssh-keys.xml" under manifest/network, which should be able to create the keys, using sun's provided sshd startup script. This script is derived from sun's ssh.xml script, which strangely doesn't seem to be setting up the keys itself, even though it knows how - nothing is calling that code - at least not until I set up ssh-keys.xml 2) I've added an enabling of ssh-keys from the profiles directory, in site.xml. site.xml should be used once and then ignored by the system, after an install.
nfsstat -m gives nice statistics
2005-04-01 OK, now we've got sshd and NIS coming up upon an initial install. But: 1) limited-fingerd is coming up misconfigured in /etc/inetd.conf 2) /etc/inetd.conf is a bit of a hack in Solaris 10; may want to move these things to SMF 3) Need a complement of patches for Solaris 10 4) We're getting two lines for the hostname of the machine in /etc/hosts 5) sendmail needs an overhaul; should use vendor daemon and m4 6) Take a crack at making sshd use a machine's hostname instead of localhost in $DISPLAY 7) Xprint configured, but no printers configured? Using "native" printsystem 8) /etc/rc2.d/S74autofs no longer exists - may want a different way of adding -DTYPE=sun4-5 9) We could probably reenable rpcbind restriction on Solaris 10... 10) srsh is not enabled on first boot; it's configured via inetd.conf; will a second boot enable it? 11) stel -is- enabled, even though it's configured via inetd.conf 12) Took a crack at $ROOT'ing 600-tcpiss 13) yup isn't running; it's in inetd.conf; another reboot? 14) telnet isn't disabled, and it isn't giving a "don't use this" banner 15) limited-fingerd problem is a tail problem in set-nth-inetd-field: + set-nth-inetd-field finger 7 /dcslib/allsys/etc/limited-fingerd +usage: tail [+/-[n][lbc][f]] [file] + tail [+/-[n][l][r|f]] [file] 16) "native" printsystem is doing: + make-link ../init.d/spc S80spc + make-link ../init.d/lp S80lp 17) 994-harden is wanting to look in inetd.conf still
Despite enabling X11 forwarding in sshd_config, when I try to run an X program over ssh from an FC3 system to a Solaris 10 system, I'm getting no $DISPLAY. truss'ing the top-level sshd shows that it's trying to bind to a large number of IPv4 ports, and failing each time, although the IPv6 binds appear to be working. I've modified sshd_config to use only IPv4 and ignore IPv6, hoping that'll help matters. The change was: # IPv4 only ListenAddress 0.0.0.0 # IPv4 & IPv6 #ListenAddress :: Despite this change and reboot, sshd is still trying both IPv4 and IPv6. Now I'm trying: # If port forwarding is enabled, specify if the server can bind to INADDR_ANY. # This allows the local port forwarding to work when connections are received # from any remote host. GatewayPorts yes I found a better way around this: I've adapted root and groot to work with localhost:* $DISPLAY's
gnome keyboard doesn't work out of the box, even in a VNC session. This URL: http://forum.sun.com/thread.jspa?threadID=22448&start=30&tstart=15 ...has what appears to be a good way around the problem, which I've put in each/600-gnome-keyboard
Looks like apache is in /usr/apache/bin/httpd on Sol 10
Sol 10 includes a BSD listener, in.lpd, as well as an IPP listener, I'm not 100% sure yet, but the IPP listener appears to be hung off of apache. :) print-svc is apparently still "lpsched", so that IPP-apache thing is probably just a configuration GUI. The rumors were that Sol 10 would include CUPS, however, I'm seeing only vestiges of CUPS so far.
Looks like e-mail is broken with our autoinstall config, which gives all the more impetus to modernize it. OK, maybe it's not 100% broken: 1) I sent a test message via the "mail" program, and it never arrived 2) I sent another test message via /usr/lib/sendmail -bs, and that worked fine. It may turn out that /bin/mail is invoking sendmail with an option our old sendmail daemon doesn't understand, or similar.
Solaris 9 and 10 have /usr/sadm/bin/smpatch. However, 9 doesn't appeart to have the relevant daemon running on it out of the box, while 10 does.
smpatch: Located in /usr/sadm/bin/smpatch Useful commands: smpatch analyze - show what's needed smpatch update - apply what's needed Sol 9's smpatch help is terse Sol 10's smpatch help is quite long
Nice article on Zones: http://blogs.sun.com/roller/page/fintanr/20050130#zones_message_queues_and_preliminary Includes a list of links to other articles about zones.
From: Toomas Soome <Toomas dot Soome at microlink dot ee> Newsgroups: comp.unix.solaris Date: Tue, 12 Apr 2005 16:54:00 +0300 Roland Mainz wrote: > Dan Stromberg wrote: > >>Yesterday at the Solaris 10 bootcamp, the instructor told us that ZFS is a >>128 bit filesystem. >> >>My question is, "Is ZFS 2^128 blocks, 2^128 bytes, or 2^128 bits, or what?" hm, I have numbers like 3*10^26 TB per file system and 2^48 snapshots 2^48 filer per file system 2^56 attributes per file 2^56 entries per directory 16Exbyte max fs size 16Exbyte max file size 16Exbyte max attribute size 2^62 devices per pool 2^62 pools per system 2^62 fs per pool I hope those numbers are correct:)
Relationship between ZFS and SVM: ZFS can handle huge filesystems, as well as mirroring. No word yet on whether it'll do RAID 5 though. SVM is still good for mirroring the root filesystem, as well as for mirroring or RAID 5'ing UFS filesystems, swap partitions and database partitions.
Solaris and offlining individual RAM pages and CPU's: >>At the "solaris 10 bootcamp" I attended yesterday, the lecturer was going >>kind of fast, but I semi-thought that he said that Solaris 10 can offline >>individual pages of RAM when a memory error is detected in a page. >> >>Is this true, or was I filling in the bits I didn't hear with my own >>wishful thinking? > > > It's true. What's more, Solaris 8 and 9 do the same (dependant on kernel > patch). Same story for CPUs. While Solaris 8 and 9 can retire individual pages of memory etc they do so without the benefit of the Solaris 10 self-healing framework. Among other things this means that page retirements are not persistent across reboot on 8 and 9. /\/\/\/\/\/\ 1. page will be removed if given threshold of ecc recoverable errors would be exceeded - so far no data is lost so you can safely "remove" the page 2. if uncorectable error occurs - then I guess id depends. if page contains kernel data then probably system panic will be forced, if in userland then killing application would be enough probably and then is app was under SMF it will be properly started. I think I saw document explaining this but can't find it right now.
clear_locks can release NFS locks for a given host
If you are looking for additional information about Sun's Solaris 10 OS, then please visit: http://www.sun.com/software/solaris/ Other helpful sites include: http://www.sun.com/bigadmin -- A portal designed for Sun users and administrators. http://docs.sun.com -- Includes all Sun documentation. www.solarisinternals.com -- Presentation
I've modified /dcslib/allsys/etc/check-Inetd.conf in a way that I anticipate will work with Solaris 10. 2005-04-21
Very unhelpful: bash-3.00# /usr/sbin/svccfg import site.xml svccfg: couldn't parse document Somewhat helpful: bash-3.00# xmllint --valid site.xml site.xml:5: parser error : error parsing attribute name <service name='network/yup-tcp' version='1' type='service'> ^ site.xml:5: parser error : attributes construct error <service name='network/yup-tcp' version='1' type='service'> ^ site.xml:5: parser error : internal error <service name='network/yup-tcp' version='1' type='service'> ^ site.xml:5: parser error : Couldn't find end of Start Tag service_bundle line 4 <service name='network/yup-tcp' version='1' type='service'> ^ site.xml:5: parser error : Extra content at the end of the document <service name='network/yup-tcp' version='1' type='service'> ^ bash-3.00#
Very good URL about SMF (Greenfield): http://www.rfcgr.mrc.ac.uk/~ptribble/Solaris/smf.html Uses setting up Postfix with spamassasin and clamav as an example, and covers methods; manifests; dependencies (both file and service); checking a service's status; disabling, deleting, editing and recreating a service to get past problems; and creating a service based on inetd information, without needing to create an inetd.conf.
Another good URL on SMF, this time using samba as an example: http://lists.samba.org/archive/samba/2005-March/101303.html
When upgrading the CPU's in an Ultra 2, things you may need to do: 1) Upgrade firmware 2) Add dongle to indicate you have one rather than 2 CPU's 3) Make sure CPU module(s) are seated correctly - the levers do NOT ensure this 4) Change jumper J2301 to indicate new MHz of CPU(s) http://www.sun.com/products-n-solutions/hardware/docs/pdf/805-0936-14.pdf
The major concern in current Solaris (also 10) is that with UFS you can get no more than 16TB in one FS. After crossing the 1TB limit certain restrictions apply: for example you cannot have more than 1.000.000 inodes per TB. This results in rather large average files. If tha's a problem you will have to buy a filesystem like Veritas or wait for ZFS to be part of S10. For pure performance getting about 64MB/s isn't hard to do if you read/write larger junks of data. Almost any disk setup using stripes with 4+ disks should be able to deliver that. We currently run our servers on top of unexpensive hardware RAID-5 boxes using SATA drives internaly. Major thing to consider is a battery backed up large cache (1GB) which really helps a lot if you read/write small files/junks Thomas
New storage product from Sun in the pipeline, likely going to use Opteron, Solaris 10 and ZFS: http://www.theregister.co.uk/2004/10/01/sun_thumper_revealed/
Creating a root mirror on a SunFire V440: esmft1-root /opt) format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c1t0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@0,0 1. c1t1d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@1,0 2. c1t2d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@2,0 3. c1t3d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@3,0 Specify disk (enter its number): ^D esmft1-root /opt) raidctl -c c1t0d0 c0t1d0 Disks must be on the same controller. esmft1-root /opt) raidctl -c c1t0d0 c1t1d0 Volume 'c1t0d0' created esmft1-root /opt) format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c1t0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@0,0 1. c1t2d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@2,0 2. c1t3d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@1f,700000/scsi@2/sd@3,0 Specify disk (enter its number): ^D esmft1-root /opt) raidctl RAID RAID RAID Disk Volume Status Disk Status
c1t0d0 RESYNCING c1t0d0 OK c1t1d0 OK
A cron job for a V440's hardware RAID monitoring: #!/bin/bash expected=3 result="$(raidctl | tr '\t' '\012' | grep -c OK)" if [ "$result" != "$expected" ] then echo Got "$result OKs, should have gotten $expected" | /bin/mailx -s "RAID problem on $(uname -n)" dcs@dcs.nac.uci.edu fi
Checking a device definition in the NV RAM: The solution was to edit the nvalias's to include the ide CDROM Procedure get to ok prompt show-disks command select ide cdrom nvalias cdrom ^Y - and add specific device 2,0:f to end of ^Y nvstore - to write away Then you can boot cdrom from IDE CDROM
Two articles on Solaris (and others?) password aging: http://open.itworld.com/5040/nls_unixpasswordage1/page_1.html http://open.itworld.com/5040/nls_unix_aging2051013/page_1.html
Enabling serial console on an x86 sun: 1. Enable console redirection in the BIOS: A. Boot or reboot the server. B. When prompted, press <F2> to enter BIOS setup. C. Select the Advanced menu from the category selections along the top. D. Select Console Redirection. 2. Modify some settings in the OS: A. Edit the /etc/grub.conf (to allow the OS messages to pass thru console): -comment out the 'splashimage' -add 'serial -unit=1 --speed=9600' -add 'terminal --timeout=1 console serial' -append to the kernel line, 'console=tty0 console=ttyS0,9600n8' -See InfoDoc 71430 for additional explanation B. Edit the inittab (to allow console login): -add 'co:2345:respawn:/sbin/agetty -t 60 ttyS0 9600 vt100' to the end of the second-to-last section of the config -See InfoDoc 74452 for additional explanation C. Make sure that the /etc/securetty file contains: -ttyS0 3. Reboot the platform OS, so that these changes will take affect.
Thanks to John Malick, Rob McMahon and Darren Dunham. To find the FRMI for a specific process one can: # svcs -a | grep -i xfs which returns online Jan_17 svc:/application/x11/xfs:default # svcs -l x11/xfs which returns info on the FMRI. or /bin/ps -o ctid -p <PID> To get the contract ID and then svcs -o ctid,fmri | fgrep <contract id> The reason the process was not being killed when I disabled it was this service is historically a inetd controlled service and there was no stop method in the manifest. I also was directed to the inetadm command.


Back to Dan's palm memos