Scsa Part 1

SUN SOLARIS 10 OS
Sun Solaris 10 Operating System Page 2 of 145
Acknowledgements
I can no other answer make, but, thanks, and thanks to my well wisher, evergreen admiring
personality Mr. T. Gurubalan, Sun Microsystems Inc, who influenced, crafted, guided, cooked me
to taste Sun.
Words cannot convey my gratitude, you can have no idea how much it means to me. It’s
stunning. Special Thanks to My Trainees, who fueled me to explore more heights technically.
Raja, Aravindh, Sathish, Senthil, Hari Krishnan, Murali, Raman, Rakesh, Prabakar, Md.Mukram,
Manikandan, Ibrahim, Ravi,Prabhu, Shyam, Abbas, Kamal.
Aravindh - induced me to script this valuable document.
Raja – kindle, always inspiring me to go little far on extra miles in all aspects.
Sources are always precious and unavailable, additional thanks to Hari Krishnan on his
consistent work of collecting the resource, with great fuss.
Last but not the least, I would thank all persons behind lights from the bottom of my heart, but
for you all my heart has no bottom. Thanks! Thanks! Thanks!
Fingered by: Manickam Kamalakkannan

# 103, Housing Unit
Rajagopalapuram
Periyar Nagar
Pudukkottai – 62203
Tamil Nadu
Mail: kamalmanickam@yahoo.co.in
kamalmanickam@gmail.com
Mobile: + 91-99946 11237
Blog: solaris-unlimited.blogspot.com
Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

Solaris Certified System Administrator - SCSA
SCSA - Part 1 - 310-200

1. Directory Hirearchy
2. Disk Administration
3. File System
4. Performing mounts & umounts
5. Installation of Solaris Operating System
6. Package Administration
7. Patch Administration
8. Process mointoring & Scheduling process
9. Performing system security
10. OBP
11. Boot up & shutdown procedures
12. User & Group Administration
13. Printer Administration
14. Performing Offline backup & restore
15. Performing Online backup (snapshot) & restore
16. Service Management Facility - SMF
SCSA PART -2: 310-202

1. Introduction to network interfaces
2. Client & server model
3. SMC - Solaris Management Console
4. Swap configuration
5. Crash,core & dump configuration
6. NFS - Network File System
7. Autofs
8. NIS - Network Information Service/System
9. Jumpstart Installation
10. Flash Installation
11. RBAC - Role Based Access Control
12. ACL - Access Control List
13. SDS/SVM - Solaris Solstice Disk Suite/Solaris Volume Manager
14. System messaging
15. Zone Adminstration

Basic Unix commands
# pwd
Present working directory
Displays the location where the user is currently working
# ls
to list the contents of the directory
similar to dir command in DOS
# ls -p
will display / and end of every directory
# ls -l
d r-x r-x r-x 6 root root 512 Jun 7 21:45 vol

A B C D E F G H J K
where
A = specifies the name is a file or a directory

if d = directroy
- = file
B = Permissionship for the owner of a file or dir
C = Permissionship for the group of a file or dir
D = Permissionship for the other
E = Specifies the link count
F = Owner of the file or directory
G = Specifies the group to which the file or directory belongs
H = Size of the file or directory
J = Date and time of creation
K = Name of the file or directory
# ls -lh
Displays the size of the file or directory with human readable format
# ls -t
Displays the files and directory based on the time stamp.
# mkdir
to create a directory
syn: # mkdir <dir_name>

eg: # mkdir jai
syn: # mkdir -p <path_of_the_dir>

eg: # mkdir -p /ims/solaris/delhi
It creates the parent directory /ims/solaris along with the directory delhi.
# cat - to view the contents of the file, create a file, appending the contents to the file
syn: # cat <file_name>

eg: # cat > hai
will create the file named hai in the current directory
syn: # cat <path_of_the_file>

eg: # cat /ims/solaris/delhi/new
will create a file named new under the above mentioned location.
syn: # cat >> <file_name>

eg: # cat >> hai
# cat >> /ims/solaris/delhi/new
To append the contents to the file
syn: # cat <file_name>

eg: # cat hai
To view the contents of the file
# cat -n <file_name>
will display the contents of the line with line number (only temp)
# cat -n > <file_name>

eg: # cat -n > jack
will create a new file named "jack" along with the line number
# cd - to chage the directory
eg: # cd /ims/solaris
will move to the location /ims/solaris
# echo $SHELL
To know the parent shell of the user
# echo $?
will say the status of the exection of the command
# clear
to clear the screen
NOTE:
In BASH shell:
ctrl+l = to clear the screen

# ls -a
will display all the files and directories along with hidden file &
dir
# ls -R
to see the contents of dir along with its sub-dir and files
R - recurrsive
# date
To view the date and time
# cal
will display the current month of the current year
# cal 2009
will display the cal of 2009
# cal 14 1987
will display the 10th month of 1987
# hostname
To view the name of the host
SYN: # hostname <host_name>

eg: # hostname sun
will assign the hostname as sun, but temp.
# ifconfig -a
to view the ip address of the machine
# which - displays the location of the command script from where it is running
syn: # which <command>

eg: # which ls
# wall - used to broadcast the message to all the users who are currenlty logged in.
syn: # wall
type the message
ctrl+d = to save the message
# write - used to send a message only to the particular user who is currently logged in
syn: # write "user_login_name"

eg: # write "shiva"
# wc = to count the number of words, lines, characters in a file
syn: # wc <file_name>
eg: # wc new
syn # wc -lwc <file_name>

eg: # wc -lwc new

where
l = displays the number of lines in the specified file
w = displays the number of words in the specified file
c = displays the number of characters in the specified file
# cat -n <file_name>
will display the contents of the file along with the line number
# cp - to copy a file or a directory
syn: # cp <source_file> <destination_file>

eg: # cp rose jack
here the contents of the file named rose is copied to new file named jack in the same location
# cp rose /Desktop/jack
will copy the contents of the file named rose to the location /Desktop with the file name as jack
# cp rose /Desktop/
will copy the contents of the file named rose to the location /Desktop with the same file name.
# cp -r <source_dir> <destination>
where
-r = recurrsive
To copy all the files and sub-directories inside a directory
# mv - to rename or move or to cut and paste the file or directory
# mv jack rock
will rename the file jack as rock in the current location
# mv jack /Desktop/rock
will move the file jack to the location /Desktop with the file name as rock.
NOTE: Source file "jack" will not be present after moving
No option is required to move a directory
Only with bash shell:
ctrl+l = to clear the screen

ctrl+c = to terminate the process
crtl+z = to run the process at the background
crtl+a = to bring the cursor at the begining of the command
crtl+e = to bring the cursor to the end of the command
crtl+r = to search the command in the history
!n = to execute the nth command. will be working only if the list of commands available in the
history.
# history
will display the commands executed in the particular shell

# history -c
to clear the history
# alias - to assign the shortname to a command
# alias c=clear
this is only temp
c will perform the function of clear command
both c and clear command will work
alias work only with bash shell
To change the shell:

# sh - to change to bourne shell
# bash - to change to bash (bourne against shell)
# csh - to change to 'c' shell
# ksh - to change to korn shell
# tcsh - to change to tc shell
# zsh - to chage to 'z' shell
To come out of the shell:

# exit
# ctrl+d
Note:
Arrow keys work with BASH shell and NOT with Bourne shell.
Default shell for Sun Solaris = Bourne (sh)

Default shell for Red Hat Linux = Bash (bash)
# bc = binary calculator
# bg = to view the process running at the back ground
# fg n
to bring the process to the fore ground
where n is the number of the process that is dispalyed whist executing the command bg.
Daemons:
Is the system process that run at the background.
# grep - to search a key word
# ls | grep rose
this command will look for the dir or file named rose under the current location and display the
same if it is present in the present working directory
# grep <keyword> <file-name>

# grep one rose
will search for the keyword 'one' in the file named rose
and will display the same
# grep -i one rose

will search for the keyword 'one' by ignoring the case and will display the same

# grep -v one rose

will dispaly all the lines and words expect 'one' from the file rose.
# grep -h good rose jai

will look for the word 'good' in miltiple files named rose and jai respectively.
To search a particular word from the file and to display the name of the file having the search
keyword.
# cat > new
hai
good
have a nice day
bash-3.00# cp new old
bash-3.00# grep -l hai new
new
bash-3.00# grep -l hai /opt/test/
bash-3.00# grep -l hai /opt/test/*
/opt/test/new
/opt/test/old
bash-3.00# cat > jack
jack
rose
bash-3.00# grep -l hai /opt/test/*
/opt/test/new
/opt/test/old
# ls --help
will provide the options for ls command to work with
ls can be replaced with any command
# man - will provide the help mannual about the commands, its syntax, options and its functions
# man ls
# rm - to remove the file

# rm <file-name>
# rm rose/Documents
to remove or to delete the file named rose
# rmdir - to remove or delete the directory

# rmdir <dir-nam/Documentse>
# rmdir delhi
will remove the directory name delhi only if it is empty
# rm -rf <dir-name>
# rm -rf delhi
will remove the contents of the directory named delhi and delete the directory delhi.
where
-r = recurrsive
-f = forcefully
-i = interactive
# domainname - to view the information about, to which domain or network the host belongs to
and to assign the domianname
# domainname <name>
will assign the domain name
# arch
will display the arch of the machine
# uname -m
display the arch
# uname -n
display the host name
# uname -X
will provide the info about the hostname, arch, operating system installed, kernel id
# cat /etc/release
will provide the info about the version or release of the operating system installed
# more <file_name>
# more /etc/passwd
to view the contents of the file in pagewise
# less <file-name>
# less /etc/passwd
to view the contents of the file in pagewise
# head -n <file-name>
# head -4 /etc/passwd
to view the first 4 lines of the specified file
# tail -n <file-name>
# tail -5 /etc/passwd
to view the last 5 lines of the specified file
# compress <file-name>
# compress passwd1
to compress the file
the file extension is .Z
# uncompress <file-name>.Z
# uncompress passwd1.Z
to uncompress the file
it's mandatory to use the file extension
# zcat <file-name>.Z
# zcat passwd1.Z
to view the contents of the compressed file without uncompressing
# gzip <file-name>
# gzip passwd2
to zip the file
the file extension is .gz
# gunzip <file-name>.gz
# gunzip passwd2.gz
to unzip the file

# bzip2 <file-name>
# bzip2 passwd3
to zip the file
file extension is .bz2
# bunzip2 <file-name>.bz2
to unzip the file
# tar - Tape ARchieve
# tar -cvf <file-name>.tar <source-file>

# tar -cvf one.tar passwd6
here
-c = to create the archieve
-v = verbose (detail) mode
-f = forcefully
here a tar file named one.tar is created from the source file
passwd6
# tar xvf <file-name>.tar

# tar xvf one.tar
will extract the file to the current location
here
-x = to extract
# strings <file_name>
will display only the contents of the file by omitting the unwanted spaces

Editors
1. vi
2. vim - vi improved
3. emac
4. pico
5. gedit - graphical editor - works only with graphics
VI - Editor
# vi - is one of the powerful editor

used to create a file, edit a file, view the contents of the file
esc+i - to insert the characters to the file

esc+A - to bring the cursor to the end of the line and to add the contents to the line
esc+$ - to bring the cursor to the end of the line
esc+G - to bring the cursor to the end of the file
esc+x - to delete a single character
esc+dw - to delete a single word
esc+dd - to delete a line
esc:n - to move the cursor to the nth line
esc:10 - to move the cursor to the 10th line
esc+O - to create a empty line above the cursor
esc+o - to create a empty line below the cursor
esc/<keyword> - to search the keyword
esc:set nu - to set the line number
esc:set nonu - to remove the line number
esc+R - to replace the number of characters
esc+r - to replace a single character
esc:n,md - to delete number of lines
where
n = starting line to be deleted
m = end line to be deleted
d = delete the lines
esc:w - to save/write and go back to the location

esc:q - to quit without saving the contents to the file
esc:wq - to save and quit from the file
esc:wq! - to save and quit from the file forcefully
esc+h - to move the cursor to the left side

esc+l - to move the cursor to the right side
esc+k - to move the cursor upward
esc+j - to move the cursor downward
esc+J - to joinin the line
esc+yy - to copy the line
esc+p - to paste the line
esc+nyy - to copy n number of lines
esc+5yy - to copy 5 number of lines from the cursor

esc:nd - to delete the nth line
esc:3d - to delete the 3rd line
esc+I - to bring the cursor to the beginning of the line
esc+u - undo operation
esc:wq <file-name> - to save the contents to another file

esc:wq /Destop/vieditor - will save the contents to file named /Desktop/vieditor
MISC:
f10 - to maximize the screen
f9 - to minimize the screen
ctrl+esc aut - to open the terminal
a - applications
u - utilities
t - terminal
ctrl++ = to maximize the size of the characters

crtl+- = to minimize the size of the characters
crtl+N = to open a new terminal

crtl+T = to open a new terminal in the same
# vi -R <file-name>
# vi -R new
to open the file as Read Only
# vi -x <file-name>
# vi -x rose
will prompt for the key/password.
the contents of the file will be encrypted
the contents cannot be seen by cat or vi editor.
the contents can be seen only by inserting the option -x with vi editor and by providing the
password.
even the source file is copied to another location, the password is applicable for the destination
file also.m

Directory Structure
/ = root
/ = It's the home directory of the root user.
/bin = binaries. Both root user and non-root user executable comands
resides here. It's symbolic link or soft link to /usr/bin.
Hence the informations under /bin and /usr/bin remains same.
/sbin = It has the root user accessible commands. These commands are
available when /usr/bin is NOT mounted. It contains many system
administrative commands and utilities.
/usr = Unix System Resource

/usr/bin = binaries. Executables that can be executed by both
root user and non-root user.
/usr/ccs = 'C' compling programs
/usr/include = Header files for 'C' programs
/usr/dt = CDE programs and files
/usr/java = java programs and its libraries
/usr/tmp = symbolic link to /var/tmp
/usr/opt = Configuration information for optional packages
/usr/sadm - system administration files and directories
/dev - provides logical information about the devices connected to the

system
/dev/dsk = Is a block device. A block device is a device
with a file system.
/dev/rdsk = Is a raw disk. A device without the file system.
NOTE:
1. The entries to the /dev/dsk and /dev/rdsk remains same.
2. The entries is dependent on the hardware specification.
/dev/sound - sound driver inforamation

/dev/term - provides information on the serial ports
/dev/pts - provides information on the pseudo terminals
/dev/swap - information on default swap device
/dev/md - Solaris Volume Manager meta device information
/dev/rmt - raw magnetic tapes
/devices - provides information about the physical devices.

All the logical devices (/dev/dsk and /dev/rdsk) are linked
with the physical device.
/etc - holds the system configuration

/etc/hosts - a file having the information about the host
names and ip-addresses of the systems connected
in the same network.
/etc/motd - Message Of The Day
The contents of this file will be dispalyed for
every user at the time of login.
/etc/issue - The contents of the this file will be displayed
to all before login to the system.
/etc/default - is a directory which holds the number of
default parameters of the system

/export/home - default location for creating a user's home directory

it's shared directory.
/home - used to mount the home directories's of remote server.
/opt - is optional, is the location to install the 3rd party

softwares.
/mnt - is the optional directory to tempary mounts
/var - its important for system adminstrators

will have the logs of the system
/proc - process directory. This directory stores current process related information. Every process
has its own sub-directory in /proc.
/tmp - this is a buffer, a temp directory
/lost+found - will be empty and is created at the time of creating a file system.
/system/contract - Used by SMF to track processes that compose a service. A file system used for
creating, controlling & observing contracts, which are relationships between processes & syste
resources. ( This directory can be seen in Sun Solaris 10)
/lib - library modules
/kernel - is independent of hardware. Core of the operating system.

(genunix) will have the initial booting modules.
/platform - is dependent on hardware and will be loaded followed by

/kernel
NOTE: SEEN ONLY AT X-86 HARDWARE:

/boot - will provide the information about the boot loaders, will provide the provision to choose
the operating system (if more than one operating system is installed).
Links:
1. Links are of two types.

2. a. Hard link
b. Soft link or symbolic link
Hard link:
1. Both the source file and the destination file will have the same contents.
2. Any number of links can be created
3. Both the source file and the destination linked file will have the same inode numbers.
4. If the source file is removed or deleted unfortunately still the datas can be assessed from the
destination.
5. When hard links are created, link counts will be increased. And if the hard links are removed
or deleted, link count decreases automatically.
6. Permissionship on the source file will have the impact on the destination file permissionship.
7. # ln <source_file> <destination_file.
Eg: # ln /4students/jai /new
8. The size of the files (both source and destination) remains same.

Soft or Symbolic link:

1. Both the source file and the destination file will have the same contents.
2. But the inode number of the source file and destination file will be different.
3. The permissionship of the soft link destination will be differ from the source file.
4. Link count will not be increased nor decreased.
5. If the source file is deleted, contents cannot be seen from the destination file.
6. Size of the file will be equal to the number of the characters of the file name
7. # ln -s <source_file> <destination_file>
Eg: # ln -s /4students/jai /soft
NOTE:
Only to the regaular files and directories its possible to store the datas.
To the device files (character device and special character block device) it's not possible to store
the data.
- = to a regaular file
d = to a directory
l = to soft or symbolic link
c = character special device
b = block device
# ls -l /dev/dsk
Will display the default symbolic links created in that dir.
# ls -l /devices
will dispaly the default device files

DISK ADMINISTRATION
NOTE:
In the case of swap memory:
If RAM < 2gb = Double the size of physical memory
If RAM is between 2gb and 8gb = 75% of physical memory
If RAM > 8gb = 50% of physical memory
Naming conventions:
1. Logical Name
2. Physical Name
3. Instance Name
Logical Name:
ON SUN HARDWARE : SPARC - Sacalar Processor ARCH
c#t#d#s#
c = controller
t = target
d = disk
s = slice
# = number
These logical names are linked to physical devices.

For eg:
c0t3d0s5
In SPARC, it's possible to create 7 slices per disk drive.

0 to 7,
where slice-2 cannot be used nor created.
ON X-86 HARDWARE:
Targets will not be shown.
Hence
c#d#s#
It's possible to create 7 slices.
But will have 0 - 9
slice 8 and 9 = holds the boot loaders.
Physical Device Name:

Physical device name is seen in /devices dir.
Physical devices will be followed with the Instance name.
Using physical name it's possible to understand the type of the disk drive connected. For eg IDE
or SCSI.
Note:
1. The devices performing input/output operations need device driver files.
Eg: Hard disk, printer...
2. The devices not performing input/output operations do not need device driver files.
Eg: Communication devices Hub, Router, Switch.
Since these devices going to transmit only the datas and not any other operations, they do not
need the device driver files.

Instance Name:
dad = direct access device (Only for IDE)
sd = scsi disk drive
Instance name are generated by the Kernel to each hardware.
cmdk = common disk
/etc/path_to_inst
1. This file has the information about the physical device name and their corresponding instance
name.
2. This file will be with the permission r--r--r-- (444)
3. This file is NOT recommended to edit.
# prtconf
This command provides the following informations:
1. physical memory size
2. Arch of the system
3. Machine model
4. What are the devices connected to the system along with the driver
# prtconf | grep -v not

will display only the attached devices to the system.
# format
This is a utility which provides the following
1. How many hard disk drives are attached and recongnised by the OS.
2. Physical name and logical name of the disk
3. Volume name assigned to each disk
To skip the utility:

Ctrl+c
# echo | format
will also the above mentioned information
# format
command has two tires.
format>
where we can view only the disk drive infomation
partition>
to create, delete, modify the slices.
format> help
will provide the help, list out the commands that can be used in format tire.
format> verify
will list out the partition layout of the current disk drive selected.

Output:
Primary label contents:
Volume name = < >

ascii name = <SEAGATE-ST39103LCSUN9.0G-034A cyl 4924 alt 2 hd 27 sec 133>
pcyl = 4926
ncyl = 4924
acyl = 2
nhead = 27
nsect = 133
Part Tag Flag Cylinders Size Blocks
0 root wm 294 - 3484 5.46GB (3191/0/0) 11458881
1 swap wu 20 - 293 480.44MB (274/0/0) 983934
2 backup wm 0 - 4923 8.43GB (4924/0/0) 17682084
3 unassigned wm 3485 - 4069 1.00GB (585/0/0) 2100735
4 unassigned wm 0 0 (0/0/0) 0
Here,
part = the slice number
It varies from 0 to 7.
Tag = a name given to the slice

Only permitted names can be assinged.
Permitted Names: root, swap, backup, unassigned, home, usr, var, stand, alternates, boot,
reserved
NOTE: Tag names can be repeated.
Flag = defines the status of the slice

wu = write mountable
wu = write unmountable
rm = read mountable
ru = read unmountable
Always swap slice will be wu.

By default all other slices are wm.
Cylinders:
Shows the starting point and the end point of the each slice.
Size:
shows how much of size is assigned or created to the slice
Blocks:
Shows the size of the disk in blocks.
format>disk
will list out the hard disk drives recognised by the operating system.
Will also provide the option to choose the next disk drive
But by default it selects the current disk.
format>p
format>partition
will move from the first tire to the second.
partition> help
will provide the help, commands that can be used in partition menu.
partition> print
pratition> p
will print the layout out the current disk drive.
Output is similar to the format> verify.
partition> q
to quit from parittion menu and move to format>
format> q
to quit from format utility.
format> l
format> label
partition> l
partition> label
To save the newly created/modified/deleted slices inforation to the operating system.
To delete the partition: for eg: slice 5

OUTPUT:
partition> 5
5 unassigned wm 2456 - 2741 501.48MB (286/0/0) 1027026
Enter partition id tag[unassigned]:

Enter partition permission flags[wm]:
Enter new starting cyl[2456]:
Enter partition size[1027026b, 286c, 2741e, 501.48mb, 0.49gb]: 0
partition> l
Ready to label disk, continue? y
Here, the partition size has to be given as 0.

i.e starting point is 2456 and the ending point is 2456+0.
So, the slice is deleted.
To make the changes to come into effect, label it.
Note:
1. labeling the disk after creation/moidifcation/deletion of the slices is mandatory.
2. saving the changes done to the partition table is optional.
To create a partition:
1. Print the partition table and make sure about the available cylinders.
Avoid overlapping and wasting of the cylinders whilst creating the slices.

OUTPUT:
partition> p
Current partition table (unnamed):
Total disk cylinders available: 4924 + 2 (reserved cylinders)

0 alternates wm 585 - 1000 729.42MB (416/0/0) 1493856
1 unassigned wu 1001 - 2169 2.00GB (1169/0/0) 4197879
2 backup wm 0 - 4923 8.43GB (4924/0/0) 17682084
4 unassigned wm 2170 - 2455 501.48MB (286/0/0) 1027026
7 unassigned wm 0 - 584 1.00GB (585/0/0) 2100735
partition> 5
Enter partition id tag[unassigned]:

Enter partition permission flags[wm]:
Enter new starting cyl[0]: 2456
Enter partition size[0b, 0c, 2456e, 0.00mb, 0.00gb]: 2g
partition> l
Ready to label disk, continue? y
Here,
1. we have seen the partition table
2. Determined the starting point of the cylinders
3. Slice is defined in terms of size (gb)
Note:
Slice sizes can be defined in terms of clinders, gb, mb.
for eg:
Enter partition size[0b, 0c, 2456e, 0.00mb, 0.00gb]: 2g (in terms of gb)
Enter partition size[0b, 0c, 2456e, 0.00mb, 0.00gb]: 2048m (in terms of mb)
Enter partition size[0b, 0c, 2456e, 0.00mb, 0.00gb]: 3400e (in terms of cylinders)
partition> modify
Note:
1. This option is used only for the disk drives which is not having any mounted slices
2. This option CANNOT be used for the disk drive which is having Operating System.
FREE HOG:
When using the format utility and change the size of the disk slices, a temporary slice is
automatically designate that expands & shrinks to accomodate the slice resizing operations. This
temporary slice is refered to as the free hog & it represents the unused disk space on the disk
drive.
partition> name
will prompt for a table name with 8 characters

format> save
NOTE:
1. Before using this option, it's mandatory to name the partition table at the partition menu.
2. By default the save option will save the updated partition table information to the file
./format.dat
3. The location can be changed and the file name can be anything.
4. After doing updations, we can save the changes to the same file. This file will be updated and
not over written.
format>volname
will prompt for the disk name
NOTE:
format> volname
will assign name to the disk drive
partition> name
will assign the name to the partition table.
format> !cmd
partition> !cmd
eg:
format> !clear
partition> !ls
this is used to run the shell commands without quitting from the format utility.
format> current
Current Disk = c0t12d0: 5student
<SEAGATE-ST39103LCSUN9.0G-034A cyl 4924 alt 2 hd 27 sec 133>
/pci@1f,4000/scsi@3/sd@c,0
will provide the information about the current disk drive.
format> type
will provide the information about the disks supported.
Only with X-86 hardware:
format>fdisk
this option is used to delete the partitions of windows using Solaris.
Output truncated:
# prtvtoc /dev/dsk/c0t0d0s2
* /dev/dsk/c0t0d0s2 partition map
*
* Dimensions:
* 512 bytes/sector
* 248 sectors/track
* 19 tracks/cylinder
* 4712 sectors/cylinder
* 7508 cylinders
* 7506 accessible cylinders
*
* Flags:
* 1: unmountable
* 10: read-only
*
* Unallocated space:
* First Sector Last
* Sector Count Sector
* 18433344 16934928 35368271
*
* First Sector Last
* Partition Tag Flags Sector Count Sector Mount Directory
0 2 00 0 18433344 18433343
# prtvtoc
prints the Volume Table Of Contents
Following informations will be provided:
1. disk (volume name)
2. disk information, about the sectors, tracks. cylinders..
3. the created slices inforation along with the flags
Re-labling a disk:
# prtvtoc /dev/dsk/c0t0d0s0 > /var/tmp/test_disk0
Redirecting the output of # prtvtoc to the file

/var/tmp/test_disk0
# fmthard -s /var/tmp/test_disk0 /dev/rdsk/c0t10d0s2

Copying the VTOC of disk c0t0d0 to new disk c0t10d0s2
# fmthard
this command is used to create/copy the layout of one disk drive to another.
NOTE:
# fmthard
command can be used only if both the source disk and the destination disk drive geometry
remains same.
Reconfiguring the disk:

It can be achieve by 3 ways
1. At OK prompt
OK boot -r
will boot the system and reconfigure, identifies the newly connected disks.
2. # touch /reconfiure
Create a file named "reconfigure" under root.
# init 6
Restart the system
Now, when the system restarts, the newly connected disks will be identified.
NOTE: Once the system is rebooted, the reconfigured file will be removed automatically.
3. # devfsadm -Cv
will be applicable when the system supports hot pluggable disk drives.
here
-C = to clear and create a new list of newly identified disk drives
-v = verbose. detailed output

FILE SYSTEM
Mainly classified into 3 types

1. Disk Based file system
2. Pseudo file system
3. Distributed file system
1. Disk based file system:

ufs = unix file system.
Default file system for Sun Solaris
NOTE: The default file system for Linux is ext2, ext3.
hsfs = high sierra file system

used by optical media. both cdrom and dvd
Note: In the case of linux-iso9660
pcfs - personal computer file system

which supports dos
udfs - universal disk file system

for re-writable optical media
IN SOLARIS 10
zfs - zetta byte file system.
4 bit = 1 nibble
8 bit = 1 byte
1024 byte = 1 killo byte
1024 kb = 1 mega byte
1024 mb = 1 giga byte
1024 gb = 1 terra byte
1024 tb = 1 penta byte
1024 pb = 1 exa byste
1024 hb = zetta byte
256 quadrillion zetta bytes.
Distributed file system:

NFS - Network file system
Used to access the shared resources.
Pseudo file system:

Pseudo means false.
swapfs - swap file system
tmpfs = temp file system, used by /tmp directory
procfs = process file system, used by /proc directory
mntfs = mount file system
fdfs = file descriptor file system, used by the devices
VTOC = Volume Table Of contents

Resides at Track 0, Sector 0
Occupies 512 bytes

Boot block (bootblk):

It's similar to bsl (boot strap loader)
Resides between Track 0, sector 1 to Track 0, sector 15
In X-86 it's said to be as GRUB (Grand Unified Boot Loader)
Will be active only at the root disk
Primary super block:

Resides between Track 0 , sector 16 to Track 0, sector 31
It occupies 16 sectrors
Providies the information about
the data blocks, inodes and more.
Secondary backup block:

It always starts and occupies Track 0, sector 32.
Backup super blocks will be created at the time of file system creation
At the time of file creation, number of backup super blocks will be created
Cylinder group blocks:
provides the information about the cylinder per groups

free data block, size available, number of inodes and more.
# newfs
This command is used to create a new file system.
When this command is invoked to create a new file system, it refers to the file
/etc/default/fs
OUTPUT:
# cat /etc/default/fs
LOCAL=ufs
This file will have the above mentioned entry and hence only ufs file system will be created by
default.
# newfs command at the time of creation will provide the following information:
1. where the slice was mounted earlier,
2. geometry of the slice
3. secondary backup blocks
OUTPUT:
# newfs /dev/rdsk/c0t12d0s0
newfs: /dev/rdsk/c0t12d0s0 last mounted as /mnt/sone
newfs: construct a new file system /dev/rdsk/c0t12d0s0: (y/n)? y
Warning: 5166 sector(s) in last cylinder unallocated
/dev/rdsk/c0t12d0s0: 1027026 sectors in 168 cylinders of 48 tracks, 128
sectors
501.5MB in 13 cyl groups (13 c/g, 39.00MB/g, 18624 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 80032, 160032, 240032, 320032, 400032, 480032, 560032, 640032, 720032,
800032, 880032, 960032
# newfs -N /dev/dsk/c0t12d0s0
Will not create the file system, instead display the information about the geomerty of the disk
slice and the super backup blocks, if file system is created.
# newfs -T /dev/rdsk/c0t12d0s0
will create a file system that can support terrabyte.
# newfs -m 1 /dev/rdsk/c0t12d0s0
will create the file system, with the minfree value as 1%
Minfree:
A certain % of space is reserved for every slices.
To know : OUTPUT:
# fstyp -v /dev/dsk/c0t12d0s0 | grep -i min
minfree 10% maxbpg 2048 optim time
To change the minfree value:

# tunefs -m 1 /dev/dsk/c0t12d0s0
minimum percentage of free space changes from 10% to 1%
# fsck
file system check
It can be done in two ways
1. Non-interactive - only at the time of booting
2. Interactive - at any time
NOTE:
Before running # fsck, it's recommended to unmount the slice
OUTPUT:
# fsck -y -o b=160032 /dev/dsk/c0t12d0s0

Alternate super block location: 160032.
** /dev/rdsk/c0t12d0s0
** Last Mounted on
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3a - Check Connectivity
** Phase 3b - Verify Shadows/ACLs
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cylinder Groups
UPDATE STANDARD SUPERBLOCK? yes
2 files, 9 used, 483015 free (15 frags, 60375 blocks, 0.0% fragmentation)
***** FILE SYSTEM WAS MODIFIED *****
Where
-o = to specify the option
b = to specify the block number
-y = to confirm "yes"
NOTE:
fsck command will check file system consistency, inode consistency, cylinder groups consistency.

# df -h
will provide
1. what are the devices mounted
2. Whenre it is mounted
3. what is the total size of the slice
4. how much of space is used
5. how much of available space
6. space utilized in %
Where
-h = to view the information in human readable format.
# du -h /<dir>
# du -h /mnt/sone
will provide how much of space is occupied by each file and directory
where
-h = human readable format
# quot -h /dev/dsk/c0t12d0s0
/dev/rdsk/c0t12d0s0:
9 root
will show the ownership.

PERFORMING MOUNTING AND UNMOUNTING OPERATION
Mounting is the process of getting ready to access the newly created slices.
Mounting can be done only if the slice is having the file system.
To mount a device mount point is essential.
By default only one device can be mounted at a single mount mount.
# mount
This command can be used only by the root user.
This provides the information about what are the devices mounted along with its property.
This will show both the permanent and temp mounted devices information along with the
newtwork mounted informations.
Output truncated:
# mount
/ on /dev/dsk/c2t0d0s0
read/write/setuid/devices/intr/largefiles/logging/xattr/onerror=panic/dev=1d8000
8 on Sat Jul 18 20:05:48 2009
/devices on /devices read/write/setuid/devices/dev=4b80000 on Sat Jul 18
20:05:36 2009
/system/contract on ctfs read/write/setuid/devices/dev=4bc0001 on Sat Jul 18
20:05:36 2009
/proc on proc read/write/setuid/devices/dev=4c00000 on Sat Jul 18 20:05:36 2009
/etc/mnttab on mnttab read/write/setuid/devices/dev=4c40001 on Sat Jul 18
20:05:36 2009
/etc/svc/volatile on swap read/write/setuid/devices/xattr/dev=4c80001 on Sat Jul
18 20:05:36 2009
/system/object on objfs read/write/setuid/devices/dev=4cc0001 on Sat Jul 18
20:05:36 2009/usr on /dev/dsk/c2t0d0s3
read/write/setuid/devices/intr/largefiles/logging/xattr/onerror=panic/dev=1d8000
b on Sat Jul 18 20:05:49 2009
/platform/sun4u-us3/lib/libc_psr.so.1 on /platform/sun4u-
us3/lib/libc_psr/libc_psr_hwcap1.so.1 read/write/setuid/devices/dev=1d80008 on
Sat Jul 18 20:05:44 2009
/platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 on /platform/sun4u-
us3/lib/sparcv9/libc_psr/libc_psr_hwcap1.so.1
read/write/setuid/devices/dev=1d80008 on Sat Jul 18 20:05:45 2009
/dev/fd on fd read/write/setuid/devices/dev=4e80001 on Sat Jul 18 20:05:49 2009
# df -h
will also provide the information about the device currenlty mounted.
This command can be used by the non-root users.
To know the file system type of the slice
# fstyp <logical_device_name>
OUTPUT:
eg: # fstyp /dev/dsk/c2t1d0s0
ufs
This shows the type of the file system created on the slice

/etc/mnttab
1. is non-editable file even by the root user
2. this file can be updated by executing the command "#mount"
3. has the information about the currenlty mounted slices
4. provides the information about the device mounted, mount point of the device, how it's
mounted (state - ro/rw, nosuid, intr/nointr, largefiles/noloargefiles,xattr, on
error=panic/unmount/lock), type of the file system.
5. While mounting the slice we can provide the following options:
ro = read only
rw = read & write (Default)
nosuid = will not support the suid file scripts. By default it's supported
intr = accepts the keyboard intrupts (Default)

nointr = will not support
largefiles = will support the file size more than 2gb (Default)
nolargefile = will not support the files with more file size.
xattr = extreme attributes, to provide compatability with unix flavors.
on error = three actions can be performed

panic = displays the message (Default)
lock = will lock the slice from performing any actions
unmount = will unmount the slice forcefully.
Ouptput truncated:
# cat /etc/mnttab
/dev/dsk/c2t0d0s0 / ufs
rw,intr,largefiles,logging,xattr,onerror=panic,dev=1d80008 1247927748
/devices /devices devfs dev=4b80000 1247927736
ctfs /system/contract ctfs dev=4bc0001 1247927736
proc /proc proc dev=4c00000 1247927736
mnttab /etc/mnttab mntfs dev=4c40001 1247927736
swap /etc/svc/volatile tmpfs xattr,dev=4c80001 1247927736
objfs /system/object objfs dev=4cc0001 1247927736
/dev/dsk/c2t0d0s3 /usr ufs
rw,intr,largefiles,logging,xattr,onerror=panic,dev=1d8000b 1247927749
/platform/sun4u-us3/lib/libc_psr/libc_psr_hwcap1.so.1 /platform/sun4u-
us3/lib/libc_psr.so.1 lofs dev=1d80008 1247927744
To mount the device :

# mount <device> <mount_point>
Eg: # mount /dev/dsk/c2t0d0s6 /six6
Example to mount slice with manually with different options:
# mount -o ro,nolargefiles,nosuid /dev/dsk/c2t1d0s1 /mnt/slice1
To check:
# tail -1 /etc/mnttab
/dev/dsk/c2t1d0s1 /mnt/slice1 ufs
ro,nosuid,intr,nolargefiles,logging,xattr,onerror=panic,dev=1d80001
1247930672

where
-o = to specify the options
NOTE:
If the properties of the mounted slice has to be changed, then the slice has to be unmounted and
want to be mounted once again.
By default, the # mount command mounts the slice having the ufs file system. This is b'coz:
LOCAl=ufs
/etc/vfstab
1. This file is editable file, by the root user.
2. Will have the entries of the devices that has to mounted permanently, even after reboots.
3. At the time of booting only this file will be checked.
4. The entries to this file and /etc/mnttab differs.
OUTPUT:
# cat /etc/vfstab
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
fd - /dev/fd fd - no -
/proc - /proc proc - no -
/dev/dsk/c2t0d0s1 - - swap - no -
/dev/dsk/c2t0d0s0 /dev/rdsk/c2t0d0s0 / ufs 1 no
-
/dev/dsk/c2t0d0s3 /dev/rdsk/c2t0d0s3 /usr ufs 1 no
-
/dev/dsk/c2t0d0s4 /dev/rdsk/c2t0d0s4 /var ufs 1 no
-
/dev/dsk/c2t0d0s7 /dev/rdsk/c2t0d0s7 /export/home ufs 2
yes -/devices - /devices devfs - no -
ctfs - /system/contract ctfs - no -
objfs - /system/object objfs - no -
swap - /tmp tmpfs - yes -
5. Will have number of fields

a. device to mount = logical name of the device that has to be mounted
b. device to fsck = logical name of the raw device is specified to check the file system
consistency to check the integrity
c. mount point = to where the slice has to be mounted
d. Fs type = to specify the file system of the slice to be mounted
e. fsck pass = to assign the priority
f. mount at boot = either "yes" or "no"
only if the option is "yes" the slice will be mounted after reboot
g. mount options = to specify the options of the slice while mounting, for eg: ro, nosuid...
NOTE:
/, /usr, /var
will have the option mount at boot = no
but, before reading this file entry, those slices will be mounted by running a script.
Hence these above 3 were execetption.
# mountall
# umountall
will mount all /unmoutall the slices which have the option mount at boot = yes
Note:
1. After making updations to the file /etc/vfstab
we can make the slice available by
a. # mountall
b. # mount <mount_point>
Eg: # mount /fiv
To umount the device:

# umount <mount_point>
or
# umount <logical_device_name>
Eg: # umount /mnt/slice0

# umount /dev/dsk/c2t0d0s0
NOTE:
Before unmounting make sure, we are away from the mount point.
To know which user is using the mount point:
# fuser -cu <mount_point>

Eg: # fuser -cu /fiv
will display which user is using the specified mount point.
# fuser -ck <mount_point>

Eg: # fuser -ck /fiv
will kill all the process related with the specified mount point.
Then it's possible to umount the slice normally.
# umount -f <mount_point>
# umount -f <logical_device_name>
Eg: # umount -f /fiv

# umount -f /dev/dsk/c2t0d0s5
will forcefull umount the device.
where
-f = forcefully
To mount the cdrom:

Can be performed by 2 methods.
1. mounting the device manually
2. mounting the device using volume management.

To mount the device using volume management:

# /etc/init.d/volmgt start
- To start the service
# /etc/init.d/volmgt stop
- To stop the service
NOTE:
Once if the device (cdrom) is mounted using volume magement, its possible to eject the media,
before unmounting.
The above command will check the configuration file /etc/vold.conf

/etc/vold.conf
- Volume Management Configuration file which holds the actions to tbe performed.
vold - is the daemon which will be running at the background while the volume management
process is started.
/etc/rmmount.conf
- is the configuration file for the removable media.
NOTE:
1. Volume management (VOLD) features automatic detection of the CD-ROM. However, it does
not detect the presence of diskette that has been inserted in the drive untill volcheck command is
run, This command instructs the vold daemon to check the diskettte drive for any inserted media.
Volme management can mount ufs, pcfs, hsfs & udfs file system.
To determine the file system:

# mount
# cat /etc/vfstab
# cat /etc/dfs/dfstypes
# fstyp /dev/dsk/c2t1d0s7
To mount the cdrom manually:

First determine the logical name of the device:
# iostat -En
- will provide the information about the removable media where it is connected.
For eg: to which controller, target.
# iostat -en
- will provide the above information, along with the hardware and software errors.
# mount -F <file_system> -o <options> <device_name> <mount_point>

Eg: # mount -F hsfs -o ro /dev/dsk/c2t6d0s0 /mnt/cdrom
This mount the cdrom manually.

Only after umounting the device, it's possible to eject the media.
To mount the network resource:

# mount -F <file_system> <source-ip/host-name:/<shared-resource> <mount_point>
Eg: # mount -F nfs 192.168.0.100:/source /current

INSTALLING THE SUN SOLARIS SOFTWARE
Can install the Sun Solaris Operating System by

1. cd or dvd
2. Jumpstart
3. Flash
4. NFS
5. WLAN
NOTE:
1. To invoke graphics, mouse has to attached to the system
2. Requires 512 Mb of physical memory (Sun Solaris-10)
Sun Solaris Cluster Software Group:

Cluster = is a collection
a. Reduced Networking Support Software Group - SUNWCrnet
b. Core System Support Software Group - SUNWCreq
c. End User Solaris Software Group - SUNWCuser
d. Developer Solairs Software Group - SUNWCprog
e. Entire Solaris Software Group - SUNWCall
f. Entire Solaris Software Group with OEM - SUNWCXall
SUNWC = Stanford University Network Worldwide Cluster
# cat /var/sadm/README
this file provides the information about the old software release, install log files and
new software release.
OUTPUT:
# cat /var/sadm/softinfo/INST_RELEASE
OS=Solaris
VERSION=10
REV=0
# cat /var/sadm/install_data/install_log
provides number of informations
it also provides the information about the Sun Solaris Software Cluster Group installed.
OUTPUT:
# cat /var/sadm/system/admin/CLUSTER
CLUSTER=SUNWCall
will only provide the information about the Sun Solaris Software Cluster Group installed.

PACKAGE ADMINISTRATION
# pkgadd = to install/add the packages

# pkgrm = to remove the packages
# pkginfo = to gather the information about the installed packages
# pkgchk = to check the installed packages to the system
# pkgtrans = to create a package cluster
NOTE:
The format of the packge in Sun Solaris is DATASTREAM.
# pkginfo
will provide all the installed, both completely installed and partially installed packes.
Displays the information about the packages in 3 coloumns.
Output trucnated:
# pkginfo | more
system CADP160 Adaptec Ultra160 SCSI Host Adapter
Driver
system HPFC Agilent Fibre Channel HBA Driver
system NCRos86r NCR Platform Support, OS
Functionality (Root)
system SK98sol SysKonnect SK-NET Gigabit Ethernet
Adapter SK-98xx
system SKfp SysKonnect PCI-FDDI Host Adapter
system SUNW1251f Russian 1251 fonts
system SUNW1394 Sun IEEE1394 Framework
system SUNW1394h Sun IEEE1394 Framework Header Files
ALE SUNW5xmft Traditional Chinese (BIG5) X
Windows Platform
minimum required Fonts Package
system SUNWGlib GLIB - Library of useful routines
for C programming
system SUNWGtkr GTK - The GIMP Toolkit (Root)
system SUNWGtku GTK - The GIMP Toolkit (Usr)
GNOME2 SUNWPython The Python interpreter, libraries
and utilities
1st coloumn = provide the information about the category to which the package belongs too.
There are 4 categories available:
System, application, CTL (Complex Text Layout), ALE (Alternate Language Environment)
2nd coloumn = provide the information about the name of the package
3rd coloumn = provide the short description of the package
# pkginfo -p
provides ONLY the PARTIALLY installed packages

# pkginfo -l <packge_name>
for eg: OUTPUT:
# pkginfo -l SUNWbash
PKGINST: SUNWbash
NAME: GNU Bourne-Again shell (bash)
CATEGORY: system
ARCH: i386
VERSION: 11.10.0,REV=2005.01.08.01.09
BASEDIR: /
VENDOR: Sun Microsystems, Inc.
DESC: GNU Bourne-Again shell (bash) version 3.0
PSTAMP: sfw10-x20050108013321
INSTDATE: Jul 22 2009 14:37
HOTLINE: Please contact your local service provider
STATUS: completely installed
FILES: 3 installed pathnames
2 shared pathnames
2 directories
1 executables
1197 blocks used (approx)
will provide the following informations:

a. name of the package
b. arch of the system to which the package is installed
c. category of the package
d. base dir to which the package is installed
e. how of disk space it's approximately occupied
f. when the specified package is installed
# pkginfo | wc -l
will list out how many packages is installed to the system
# cat /var/sadm/install/contents
Provide the information about the packages installed to the system
# cd /var/sadm/pkg
Provide what are the packages installed to the system
To install a package:
Let's consider the OS cd/dvd is mounted under /mnt/cdrom
# pkgadd -d <path_of_the_package> <package_name>

# pkgadd -d . <package_name>
# pkgadd -d /mnt/cdrom/Solaris_10/Product SUNWbash

To install a specified package
# cd /mnt/cdrom/Solaris_10/Product
# pkgadd -d . SUNWbash
To install the specified package from the current location
# pkgadd -d /mnt/cdrom/Solaris_10/Product -s SUNWbash

will copy the pacakge to the default spool directory.
Location of the default spool directory = /var/spool/pkg

# pkgadd -d /mnt/cdrom/Solaris_10/Product -s /pkg_bkp SUNWbash

will copy the specified packaged to the customised location (/pkg_bkp)
# pkgrm <package_name>
For eg:
# pkgrm SUNWbash
to remove the specified package
Package cluster:
Package cluster is a collection of packages.
# pkgtrans -s <source_of_the_pkg_dir> <name_of_pkg_cluster> <pkg1,pkg2,pkg3>

for eg:
# pkgtrans -s /mnt/cdrom/Solaris_10/Product /test.pkg SUNWbash SUNWman
will combine the packages and form a software cluster named test.pkg under /
NOTE:
Name of the cluster can be anything.
To install a package using a software cluster:

# cd /
# pkgadd test.pkg
It'll prompt for the number of package to be installed.
#pkgchk <pkg_name>
# pkgchk SUNWbash
if the package is installed, nothing will be shown as a output.
But if the package is NOT installed, a error report will be generated
OUTPUT:
# pkgchk -v SUNWbash
/usr
/usr/bin
/usr/bin/bash
will provide the information about the specified package installed path names, executable file and
directory.
# pkgchk -l SUNWbash
will display the detailed list about the file names associated with the specified package
Output truncated:
# pkgchk -l SUNWman | more
Pathname: /usr/man
Type: symbolic link
Source of link: ./share/man
Referenced by the following packages:
SUNWdoc SUNWman
Current status: installed
Pathname: /usr/share
Type: directory
Expected mode: 0755
Expected owner: root
Expected group: sys

SUNWocfd SUNWcsu SUNWjdmk-base SUNWesu SUNWTiff
SUNWjpg SUNWgnome-base-libs-shareSUNWgnome-config-shareSUNWgnome-
vfs-shareSUNWgnome-libs-share
SUNWgnome-help-viewer-shareSUNWcacaort SUNWbrg SUNWj5rt
SUNWswmt
SUNWscpu SUNWdtdst SUNWgnome-panel-shareSUNWswupcl

SUNWocf
SUNWxwsvr SUNWjato SUNWpdas SUNWscgui SUNWgnome-
terminal-share
# pkgchk -p <file_name>
will provide the information about when the file is modified.
OUTPUT:
# pkgchk -p /etc/shadow
ERROR: /etc/shadow
modtime <11/09/06 10:18:10 PM> expected <07/20/09 11:20:32 AM> actual
file size <296> expected <703> actual
file cksum <20180> expected <48117> actual
OUTPUT:
# pkgchk -l -p /etc/shadow
Pathname: /etc/shadow
Type: editted file
Expected mode: 0400
Expected owner: root
Expected group: sys
SUNWcsr
Current status: installed
will provide
a. name of the package the specified file is associated with
b. permissionship of the file
c. ownership and group of the file
d. status of the package
Points to remember:
# pkginfo -p
-l
where
-p = provide the partially installed packages
-l = provide the detailed information about the packages installed
# pkgadd -d
to specify the source directory of the package

# pkgtrans -s
to specify the source directory of the package
# pkgchk -v <pacage_name>
to provide the information about the files the specified file is assicated with.
# pkgchk -p <file_name>
-p = to specify the path
will provide the information about the modified time of the file
# pkgchk -l -p <file_name>
-l = to privide the detailed information about the file specified
-p = to specify the path of the file

Patch Administration
In earlier versions of Solaris OE the format of the patch is .tar
But the newer releases from Solaris 8 the format of the patch is .zip
NOTE:
Before installing a patch, it's recommended to check whether patch going to be installed is a right
patch to fix the problem.
It's recommended to have a backup of the installed OS. Since the patch is going to directly
interact with the kernel (os), the above option is recommended.
The patches informations will be stored to the location /var/sadm/patch
# showrev -p
# pathchadd -p
will display the information about the currenlty installed patches.
Patches can be downloaded from the site

sunsolve.sun.com
It can be downloaded through http or by ftp as a anonymous user.
Patches normally come with numbers
105050-01.zip
A B
A = is called as the base code
B = is the revision number of the patch.
To install a patch:
1. Unzip the downloaded patch.
2. # patchadd <patch_number>
# patchadd 105050-01
NOTE:
Before installing a patch, soon after unzipping the patch,
A README file will be extracted. It's recommended to read that file.
That file will provide the information about, which problem will be fixed by installing the patch,
pre-requestie to install the patch.
# patchadd -d <patch_number>
# patchadd -d 105050-01
will NOT save the patch to the disk. Once the system is rebooted, the information will be
vanished.
# patchrm <patch_number>
# patchrm 105050-01
To remove the installed patch.
NOTE:
# smpatch command can also be used to install the patch.

OBP – Open Boot PROM
OBP - Open Boot PROM

BootPROM
init 0
all the above are same
OBP is a firmware.
It can be compared with X-86 bios.
NOTE:
- The possible values of the boot-device parameter include

only the following
disk, net and cdrom
- Stop key have the impace/effect on OBP only
- Can only control the POST only by using the Sun keyboard
- Sun can replace the NVRAM with the same host id and ehternet address
- Stop+A kay sequence can cause Solaris OS file system corruption which can be
difficult to repair.
# kbd -t
displays the keyboard type
OK prompt / OBP - OpenBoot PROM / Boot PROM Monitor Mode / init 0
Ok nvramrc
NVRAMRC contents are displayed
OK banner
displays the system information, inclusing the physical memory, processor, obp version
and the system model.
Ok oem-logo?
If true, displays customized oem logo specified by oem-logo
ok boot net - install

Jumpstart boot. Boot off the network jumpstart server and install/upgrade the operating system.
[NOTE: There is a space both before and after the -. The â€“ serves as a place holder argument for
the command.]
Ok boot -a
Ask me. Interactive mode prompts for the names of the boot files.
[Helpful if you need to boot off an alternate /etc/system file after kernel unable modifications.]

Ok boot -r
Reconfigure boot. Boot and search for all attached devices, then build device entries for anything
which does not already exist. Useful when new devices are added to the system.
Ok boot -s
Single user. Boots the system to run level 1.
Ok boot -v
Verbose boot. Show good debugging information.
Ok boot -V
Verbose boot. Show a little debugging information.
Ok .enet-addr
Displays the enternet address
Ok .version
Display version and date of the boot PROM
(pritconf â€“V in a shell when booted)
Ok .speed
Display processor and bus speeds
Ok sync
Call the operating system to write information to hard disk drive
Ok firmware-version
Displays major/minor CPU firmware
Ok reset
Reset entire system [similar to performing a power cycle]
Ok reset-all
Reset entire system [similar t performing a power cycle]
Ok set-defaults
Reset all the PROM settings to the factory settings
Ok eject
Ejects the drive
Ok eject cdrom
Ok test device
Test the specified device
Ok test net
Test the primary network controller
Ok test-all
Test all devices available with the self-test capability
Ok test scsi
Test the primary SCSI controller

Ok watch-net
Monitors network broadcast packets for default interace
. for a good packet
X for a bad packet
Ok watch-net-all
Monitors network broadcast packets for all the interfaces
Obdiag
Invokes an optional interactive menu tool which lists all self-test methods available on a system;
provides commands to run self test. (More for servers and very machine specific. Reference the
specific hardware manual for the machine to get additional information on running obdiag.
Ok nvedit
Enter the NVRAMRC editor. If data remains in the temporary buffer from a previous nvedit
session, resume editing those previous contents. IF not, read the contents of NVRAMC into the
temporary and begin editing it.
NVRAMRC [nvedit] Editor Commands:
Control-b = Moves backward one character.

Escape b = Moves backward one word.
Control-f = Moves forward one character.
Escape f = Moves forward one word.
Control-a = Moves backward to beginning of line.
Control-e = Moves forward to the end of the line.
Control-n = Moves to the next line of the script edit buffer.
Control-p = Moves to the previous line of the script edit buffer.
Return (Enter) = Inserts a new line at the cursor position and advances to the
next line.
Control-o = Inserts a new line at the cursor position and stays on the
current line.
Control-k = Erases from the cursor position to the end of the line, storing
the erased characters in a save buffer. If at the end of the line
joins t he next line to the current.
Delete = Erases the previous character.
Backspace = Erases the previous character.
Control-h = Erases the previous character.
Escape h = Erases from beginning of word to just before the cursor,
storing erased characters in the save buffer.
Control-w = Erases from beginning of word to just before the cursor,
storing erased characters in a save buffer.
Control-d = Erases the next character.
Escape d = Erases from the cursor to the end of the word, storing the
erased characters in a save buffer.
Control-u = Erases the entire line, storing the erased characters in a
save buffer.
Control-y = Inserts the contents of the save buffer before the cursor.
Control-q = Quotes the next character (allows you to insert control chars)
Control-r = Retypes the line.
Control-l = Displays the entire contents of the editing buffer.
Control-c = Exits the script editor, returning to the OpenBoot command
interpreter. The temporary buffer is preserved, but is not
written back to the script. (Use nvstore to write it back.)

Ok show-devs
Display list of installed and probed devices
Ok show-pci-devs
Display all PCI devices
Ok show-disks
Display a list of known disks in format for use in creating device alias.
Ok show-tapes
Display a list of know tape device drives conneced to the system
Command hold down the keys/keys during the power-on sequence:
Stop-A Abort
Stop-D Enter detailed diagnostic mode
Stop-N Reset NVRAM content to default values
Setting Security Variables:

Not recommended to do practice or implement.
The NVRAM security variables control the set of operations users are allowed to perform from the
OpenBoot PROM user interface and can be set with the following:
OK setenv security-password password
Sets the PROM security password to what is specified in the password filed. This password must
be between zero and eight characters [any characters after eight are ignored] and the passwords
takes effect immediately â€“ no reset is required. Once set, if we enter an incorrect password
there is a delay of around 10 seconds, before we are able to try again and the security-#badlogins
counter is incremented. The password is never shown as we type it or with the printenv.
OK printenv security-mode
Displays the current mode for the PROM security
OK setenv security-mode mode
Where mode can be

1.none
a.No password is required
b.Default
2.command
a.All commands expect for boot and go require password
3.full
a.All commands expect for go require the password

Caution:
We must set our security password before setting the security mode. [The password is
blank by default, but if already set by someone, we wonâ€™t know what it is and will not be able
to disable it] If we forgot the security password, we may not be able to use our system and must
call the vendor for a replacement of a PROM.
Ok printenv security-#badlogins
Display the number of failed security password attempts
Ok setenv security-#badlogins number
Reset the security-#badlogins counter. This counter keeps track of the nuber of failed security
password attempts.
Changing the power-on banner:

The banner information seen from the power-on can be modified with the oem-banner and oem-
banner? Configuration settings. By default the banner shows information like processor type,
speed, PROM revision, memory, hosted and the Ethernet address.
Ok banner
Display the power-on banner
Ok setenv oem-banner string

Set the power-on banner to the string
Ok setenv oem-banner? True

Activate the custom banner
Ok setenv oem-banner? False

Restore the original system power-on banner
OK devalias
- to view the alias name assigned to the physical device at the Boot PROM monitor mode
OK nvalias <alias_name> <physical_device_name_along_with_LUN>

- to assign the alias name to the physical device
for eg:
OK nvalias cdrom /pci@8,700000/scsi@6/sd@6,0:f
To assign the alias name to the cdrom.
To remove the alias name:

OK nvunalias <alias_name>

eg:
OK nvunalias cdrom
OK sifting <part_of_the_command>
eg:
OK sifting bo
it'll act simialr to grep command and search for the keyword 'bo" at OK prompt
To search/probe for the devices:
OK probe-scsi
OK probe-scsi-all
OK probe-ide
OK go
will resume back to the OS, shell, if we have used stop-A key sequence.
# eeprom
- can be used by root user only.
- can be used while the system is in the running state
- is used to change the environmental variables of OK prompt while
the system is in the running state.
- this will have a impact once the system is restarted
- will dispaly only the currently assinged values
NOTE:
where as, OK printenv
- will display the currently assinged values and the default parameter that can be
assinged.
If
auto-boot? false
at the OK prompt, then, whenever the system is rebooted, OK boot command has to be
executed.
whereas
auto-boot? ture
then the system boots from the default device automatically
NOTE:
- stop keys will function irrespective of the user account. i.e stop keys are independent.
If the machine is at OK prompt, the machine is NOT running, so user account will have no
impact.
- It's not recommended to use stop+A to move to Ok prompt, since it'll abort the process
running.
- To move to OK prompt, execute # init 0

To disable the stop+A sequence:
1. Edit the file /etc/default/kbd
Output (Only relevant lines are displayed):
# Uncomment the following line to disable keyboard or serial device

# abort sequences:
KEYBOARD_ABORT=disable
2. # kbd -i
- to initiate the changes done
To enable:
1. Edit the file /etc/default/kbd
Output (Only relevant lines are displayed):
# Uncomment the following line to disable keyboard or serial device

# abort sequences:
#KEYBOARD_ABORT=disable
2. # kbd -i
to initate
This is permanent.
To enable or disable only for the current session:

# kbd -a enable
# kbd -a disable

Bootup & Shutdown Procedures
Solaris - Run levels
init - to initate the runlevels
S or s = System maintenance mode

1 = Single user mode (No network support will be available, only text mode is available)
2 = Multi user mode without NFS support (Only text mode is available)
3 = Default run level. Multi user mode with NFS support in GUI mode
4 = Un used
5 = To shutdown the system
6 = To restart the system
0 = OK prompt mode/OBP mode/BootPROM mode/Forth monitor mode
Additional information:
Linux - Run levels
S or s = System maintenance mode

0 = To shut down the system
1 = Single user mode
2 = Multi user without NFS support in Text mode
3 = Multi user with NFS support in Text mode
4 = Un used
5 = Default run level. Multi user with NFS support in GUI
6 = To restart the system
Short comparison:
Disk administration:
Solaris Linux
# format # fdisk -l
Displays the disk availabilty Displays the disks & partitions availability
/dev/(r)dsk/c#t#d#s# /dev/hda,/dev/hdb,/dev/sda,/dev/sdb
# mount /dev/dsk/c#t#d#s# /mnt/slice # mount /dev/hda# /mnt/new

# mount -F hsfs /dev/dsk/c#t#d#s# /mnt/cdrom # mount -t iso9660 /dev/cdrom /mnt/cdrom
File system:
ufs ext3
# newfs /dev/rdsk/c#t#d#s# # mkfs -t ext3 /dev/hda#
Mounts & Unmounts:
/etc/mnttab /etc/mtab
/etc/vfstab /etc/fstab

Package administation:
# pkgadd <package> # rpm -ivh <package>

# pkginfo # rpm -qa
# pkgrm <package_name> # rpm -e <package_name>
Process monitoring:
# prstat # top
# free
uptime,last,who,w = works with both
Backup & restore:
# ufsdump # dump
# ufsrestore # restore
Linux Directory structure:
/ = root
/root = root's home directory
/home = non-root user's home directory
/etc = system configuration directory
/dev = logical disk drive informations
/mnt = optional directory to mount the devices
/opt = optional directory to install 3rd party softwares
/usr = unix system resource
/var = system logs
/media = default mount point for optical media (RHEL5 - Red Hat Enterprise Linux 5)
/selinux = security enhanced linux ( Seen in RHEL 5)
/lib = library modules
/bin = non root user executable binaries
/sbin = root user executable binaries
/proc = provides system hardware information & generate the pid's
/lost+found = used at the time of fsck
/boot = have the boot loader information
Solaris bootup & shutdown procedures:
To shutdown the system:
# init 5
# shutdown -g 90 -i 5
Where
-g = to specify the grace period
-i = to inform the system to move the specified runlevel
# poweroff
To restart the system:

# init 6
# shutdown -g 30 -i 6
# reboot

Bootup phases:
1. Boot PROM phase:

a. PROM runs POST (Power On Self Test). It checks whether all the devices recives the proper
power supply. If not received messages will displayed at the console
b. Identifies the first boot device or boot device
c. Reads the bootblk from the secondary storage
d. Loads the bootbld from the secondary storage to physical memory
2. Boot Program phase:

a. Bootblk loads secondary boot program (ufsboot)
b. Kernel identifies the hardware spec - 32 bit or 64 bit, X86/sparc and so on
Has two part in it
Unix - Independent of hardware
Genunix - Dependent of hardware
3. Kernel Initialization phase:

a. Reads the entry from the file /etc/system
Note: This file is recommended NOT to edit
b. Kernel initates itself
4. Init phase:
a. Kernel starts the /etc/init
It has the the services that has to be started at the time of boot
/etc/init.d/
list out the number of services that start at the time of boot
/etc/inittab
Reads this file to identify, in which run level the system has to be started
After reading the entry of the file
accordingly,
b. It starts rc Scripts
rc = run control scripts
Output truncated:
# ls /etc/init.d
1 boot.server imq mipagent samba
PRESERVE cachefs.daemon init.dmi mkdtab sendmail
README deallocate init.sma ncakmod slpd
acct devlinks init.snmpdx ncalogd swupboots
OUTPUT:
# cat /etc/inittab
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.

# Use is subject to license terms.
#
# The /etc/inittab file controls the configuration of init(1M); for more
# information refer to init(1M) and inittab(4). It is no longer
# necessary to edit inittab(4) directly; administrators should use the
# Solaris Service Management Facility (SMF) to define services instead.
# Refer to smf(5) and the System Administration Guide for more
# information on SMF.
#
# For modifying parameters passed to ttymon, use svccfg(1m) to modify

# the SMF repository. For example:
#
# # svccfg
# svc:> select system/console-login
# svc:/system/console-login> setprop ttymon/terminal_type = "xterm"
# svc:/system/console-login> exit
#
#ident "@(#)inittab 1.41 04/12/14 SMI"
ap::sysinit:/sbin/autopush -f /etc/iu.ap
sp::sysinit:/sbin/soconfig -f /etc/sock2path
smf::sysinit:/lib/svc/bin/svc.startd >/dev/msglog 2<>/dev/msglog </dev/consol
e
p3:s1234:powerfail:/usr/sbin/shutdown -y -i5 -g0 >/dev/msglog 2<>/dev/msglog
Every run level has their own rc scripts dir.

/etc/rc#.d/
has the number of services that has to be started/killed when the particular run level invokes
For eg:
OUTPUT:
# ls /etc/rc2.d/
K03samba K27boot.server S42ncakmod S81dodatadm.udaplt
K05appserv README S47pppd S89PRESERVE
K06mipagent S10lu S70uucp S94ncalogd
K15imq S20sysetup S72autoinstall S98deallocate
K16apache S40llc2 S73cachefs.daemon
The scripts starts with "S" will be started

The scripts starts with "K" will killed
The services will be started in sequence.
This happens in the earlier versions till Solaris 9

But in the case of Solairs-10
SMF - Service Management Faciltiy take care of starting/killing the sevices parallely at the time of
boot, which reduces the boot time.
# who -r
will provide the following information
a. current run level
b. date & time of the last run level change
c. number of times at this runlevel since the last rebppt
d. previous run level
OUTPUT:
# who -r
. run-level 3 Aug 12 12:22 3 0 S
Note:
# init q
# /etc/telinit q
will re-read the /etc/inittab file
To shutdown/restart:
/etc/telinit 5 = to shutdown the system

/etc/telinit 6 = to restart the system
To change the run level:
# init 2
#/etc/telinit 2
/etc/telinit = is executeable file
Output:
# file /etc/telinit
/etc/telinit: ELF 32-bit LSB executable 80386 Version 1, dynamically linked,
stripped

BOOT LOADER - GRUB
GRUB - GRand Unified Bootloader
Grub is stored to the /boot directory.

Seen only on the X86 arch machines.
Provides the option to interact with the system to choose an operating system to work in case of
more than one operating system is installed.
Terminology:
1. Boot Loader:
eg: Grub - solaris, linux (very popular boot loader)
Lilo - Linux Loader
Boot.ini - windows
Always the boot loader will be residing at the starting location of the disk which is having the
operating system.
Note:
GRUB can be compared with bootblk in Sparc arch.
The boot loader is the first software program that runs after you turn on a system. This program
begins the boot process.
2. Boot archive:
A boot archive is a collection of critical files that is used to boot the solaris os.
Two boot archives are maintained by the system
a. Primary boot archive - Used to boot the Solaris OS on the system
b. Solaris Fail Safe - Used for recovery when the primary boot archive is damaged.
On X86 based systems, the miniroot is copied to the system to be
used as failsafe boot archive.
3. Grub edit menu:

Located under /boot/grub
Name of the file = menu.lst
Can be edited by the root user, and edtions will have the impact only on the next reboot.
This menu.lst file (boot menu file) lists the operating systems taht are installed on a system.
Note:
1. If we install an operating system other than the Solaris OS, we must modify/edit the
/boot/menu.lst file manually to include the new installed OS instance. Adding this entry will
provide the option on next reboot.
2. The default OS is usually the first entry that is displayed in the grub menu.
Eg: Entry from the file /boot/grub/menu.lst

Output displayed in only relevant to the topic:
bash-3.00# bootadm list-menu

The location for the active GRUB menu is: /boot/grub/menu.lst
default 0
timeout 10
0 Solaris 10 11/06 s10x_u3wos_10 X86
1 Solaris failsafe
From the above output,

The default option is 0 -> Solaris 10 11/06 s10x_u3wos_10 X86
The default sec, that the grub menu displayed to the user is 10 sec.
To make the grub menu displayed untill, the option is choosen, edit the /boot/grub/menu.lst
file
OUTPUT:
# vi /boot/grub/menu.lst
# default menu entry to boot
default -1
This makes the grub to be displayed out of time.
Output from the file /boot/grub/menu.lst - Only relevant information is displayed
#---------- ADDED BY BOOTADM - DO NOT EDIT ----------

title Solaris 10 11/06 s10x_u3wos_10 X86
root (hd0,0,a)
kernel /platform/i86pc/multiboot
module /platform/i86pc/boot_archive
#---------------------END BOOTADM--------------------
#---------- ADDED BY BOOTADM - DO NOT EDIT ----------
title Solaris failsafe
root (hd0,0,a)
kernel /boot/multiboot kernel/unix -s
module /boot/x86.miniroot-safe
Here,
Once the default option is selected, i.e 0, then, the menu.lst will read the following,
root (hd0,0,a)
1 2 3
where
1 = First hard disk drive. (In the case of second disk drive hd1)
2 = First partition (bootable partition)
3 = First slice
Precedence of before and after grub:

ON -> BIOS -> GRUB (Stage1 & stage2) -> OS kernel (Multi-boot,boot-archive-unix) -> sched
(PID:0) -> init (PID:1) -> SMF (PID:7)-> Invokes the services.
This is how the Grub boots.
stage1 = installed on the first sector of the solaris fdisk partition

stage2 = installed in a reserved area in the solaris fdisk partition. Is the core image of the GRUB.
menu.lst = is typically located to /boot/grub directory. GRUB stage2 file reads the menu.lst file.
How to boot the system to single usermode from grub:
1. Once the grub screen is displayed, use arrow keys to select, then press 'e' to edit accordingly.
For instance
0 Solaris 10 11/06 s10x_u3wos_10 X86
1 Solaris failsafe
if we choose 0, then pressed 'e'

then,
root (hd0,0,a)
kernel /platform/i86pc/multiboot
module /platform/i86pc/boot_archive
now choose the second line and edit as,
To boot the system in single user mode from the grub menu:
kernel /platform/i86pc/multiboot -s
now press, 'esc' followed by 'b' to boot the system in single user mode.
Similarly, to boot the system in reconfiguration mode, edit as
kernel /platform/i86pc/multiboot -r
can be compared with sparc: OK boot -r
To boot the system with milestone options:
kernel /platform/i86pc/multiboot -m milestone=single-user
can be compared with sparc: OK boot -m milestone=single-user
To boot the system in verbose mode:
kernel /platform/i86pc/multiboot -m verbose

To boot the system in interactive mode:
kernel /platform/i86pc/multiboot -a
can be compared with sparc: OK boot -a
Properties of Failsafe boot archive:

1. Is self sufficient
2. Can boot on its own
3. Is created by default during installation on the OS
4. Requires no maintenance
Contents of the primary boot-archive/failsafe boot archive:

1. All of the kernel modules, driver.conf files, plus a few configuration files located to /etc
directory.
The kernel reads the file in the boot archive before the root / file system is mounted. After the
root / file system is mounted, the kernel discards the boot archive form the memory.
Output:
bash-3.00# bootadm list-archive

etc/rtc_config
etc/system
etc/name_to_major
etc/driver_aliases
etc/name_to_sysnum
etc/dacf.conf
etc/driver_classes
etc/path_to_inst
etc/mach
etc/devices/devid_cache
etc/devices/mdi_scsi_vhci_cache
etc/devices/mdi_ib_cache
kernel
platform/i86pc/biosint
platform/i86pc/kernel
boot/solaris.xpm
boot/solaris/bootenv.rc
boot/solaris/devicedb/master
boot/acpi/tables
list the archive files related to boot.

Output:
# cat /boot/solaris/bootenv.rc

#
#ident "@(#)bootenv.rc 1.32 05/09/01 SMI"

#
# bootenv.rc -- boot "environment variables"
#
setprop kbd-type US-English
setprop ata-dma-enabled 1
setprop atapi-cd-dma-enabled 0
setprop ttyb-rts-dtr-off false
setprop ttyb-ignore-cd true
setprop ttya-rts-dtr-off false
setprop ttya-ignore-cd true
setprop ttyb-mode 9600,8,n,1,-
setprop ttya-mode 9600,8,n,1,-
setprop lba-access-ok 1
setprop prealloc-chunk-size 0x2000
setprop bootpath /pci@0,0/pci-ide@5/ide@0/cmdk@0,0:a
setprop console 'text'
Will provide the boot path of the physical device, from which the opearting system is loaded.

SMF – Service Management Facility
SMF - Service Management Facility an important feature of Sun Solaris 10 0S.
Runs with the daemon: svc.startd with the process id-7
Features of SMF includes,
1.Provides service management via service configuration database [list of services and their
various supported methods].
2.Proves legacy rc script support [old programs will work].
3.Facilitates service dependencies
4.Permits automatic restarts of failed and/or stopped service.
5.Provides service status information [0nline/offline, dependencies]
6.Causes each defined service to log individually to : /var/svc/log
7.Defines a Fault Management Resource Identifier [FMRI].
FMRI provide categories of services
a.network
b.milestone
8.Can load mutually exclusive services in parallel.
9.SMF support multiple instances of services.
SMF checks the services on the following category:

1. application
2. network
3. devices
4. system
5. platform
6. site
7. milestone
Status of the SMF:
Degraded: The service instance is enabled, but is running at a limited capacity
Disabled -> Services are not enabled and not running

Disabled: The service instance is not enabled and is not running.
Legacy_run - > the services are not controlled by SMF

Legacy_run: The legacy service is not managed by SMF, but can be observed.
This state is only used by legacy services that are started with RC scripts
Maintenance -> this state needs rootsâ€™s interrogation. In this case the services has to be make
available manually
Maintenance: The service instances has encountered an error that must be resolved by the
administrator

Offline -> Services are enabled but not running

Offline: The service instance is enabled; the service is not yet running or available to run.
Online -> Services are enabled and its running

Online: The service instance is enabled and has successfully started.
Uninitialized: This state is the initial state for all services before their configuration has been
read.
3-primary SMF utilities:
1. # svcs - Lists services and provides additional information
2. # svcadm - Service administration utility,

Permits interaction with services, including state transitions
3. # svccfg - Service configuration

Permits interaction with service configuration database
svc.startd - Is the default service manage/restarter
inetadm - Is the default, delegated service restarter for INETD daemon
Monitoring the services:
# svcs -a
-a option will display all services, including disabled services.
Output truncated:
# svcs -a
STATE STIME FMRI
legacy_run 14:42:55 lrc:/etc/rcS_d/S50sk98sol
legacy_run 14:42:59 lrc:/etc/rc2_d/S10lu
legacy_run 14:42:59 lrc:/etc/rc2_d/S20sysetup
legacy_run 14:42:59 lrc:/etc/rc2_d/S40llc2
.
.
.
disabled 14:42:57 svc:/network/rexec:default
disabled 14:42:57 svc:/network/shell:default
disabled 14:42:57 svc:/network/shell:kshell
disabled 14:42:57 svc:/network/talk:default
online 14:42:49 svc:/system/svc/restarter:default
online 14:42:50 svc:/system/installupdates:default
online 14:42:50 svc:/network/pfil:default
online 14:42:50 svc:/milestone/name-services:default
online 14:42:50 svc:/network/loopback:default
online 14:42:50 svc:/system/filesystem/root:default

# svcs
List out that are the services running (online), status of the service, FMRI
Output truncated:
# svcs
STATE STIME FMRI
legacy_run 14:42:55 lrc:/etc/rcS_d/S50sk98sol
legacy_run 14:42:59 lrc:/etc/rc2_d/S10lu
legacy_run 14:42:59 lrc:/etc/rc2_d/S20sysetup
legacy_run 14:42:59 lrc:/etc/rc2_d/S40llc2
legacy_run 14:42:59 lrc:/etc/rc2_d/S42ncakmod
legacy_run 14:42:59 lrc:/etc/rc2_d/S47pppd
legacy_run 14:42:59 lrc:/etc/rc2_d/S70uucp
legacy_run 14:42:59 lrc:/etc/rc2_d/S72autoinstall
.
.
.
online 14:42:49 svc:/system/svc/restarter:default
online 14:42:50 svc:/system/installupdates:default
online 14:42:50 svc:/network/pfil:default
# svcs -l
-l option will give detailed information about a service, includes the FMRI, status of the
service,
bane if the service, when it was started.
Eg: svcs -l network
# svcs -l <FMRI>
Eg: # svcs -l telnet
Output:
# svcs -l telnet
bash-3.00# svcs -l telnet
fmri svc:/network/telnet:default
name Telnet server
enabled true
state online
next_state none
state_time Mon Aug 24 14:42:57 2009
restarter svc:/network/inetd:default
# svcs -d
-d option lists the services or service instances upon which the given service instance
depents.
Eg: svcs -d milestone/network:default
svcs -d milestone/multi_user
svcs -d network/inetd

Output truncated:
bash-3.00# svcs -d milestone/multi-user
STATE STIME FMRI
disabled 14:42:50 svc:/network/ntp:default
disabled 14:42:50 svc:/system/auditd:default
disabled 14:42:50 svc:/system/mdmonitor:default
disabled 14:42:50 svc:/system/rcap:default
online 14:42:50 svc:/milestone/name-services:default
online 14:42:52 svc:/system/name-service-cache:default
online 14:42:52 svc:/system/rmtmpfiles:default
online 14:42:53 svc:/system/power:default
# svcs -D
-D option will display the other services depends on a given service.
eg: svcs -D milestone/multi-user
Output:
bash-3.00# svcs -D milestone/multi-user
STATE STIME FMRI
disabled 14:42:50 svc:/network/dhcp-server:default
disabled 14:42:50 svc:/application/management/common-agent-container-
1:default
online 14:43:05 svc:/milestone/multi-user-server:default
online 14:43:28 svc:/system/webconsole:console
# svcs -p
-p option is to view the processes associated with a service instance.
eg: svcs -p svc:/network/inetd:default.
Output:
bash-3.00# svcs -p network/inetd:default
STATE STIME FMRI
online 14:42:56 svc:/network/inetd:default
14:42:56 288 inetd
# svcs -x
If a service fails for some reason and can not be restarted, you can list the service using
the â€“x option.
Output:
bash-3.00# svcs -x telnet
svc:/network/telnet:default (Telnet server)
State: online since Mon Aug 24 14:42:57 2009
See: in.telnetd(1M)
See: telnetd(1M)
Impact: None.

Service Administration: [using svcadm]
# svcadm - manipulate service instances
# svcadm enable <FMRI>

Starts the service
Eg: # svcadm enable telnet
# svcadm disable <FMRI>

Disables the service
eg: # svcadm diable telnet
# svcadm enable -t <FMRI>

Starts the service temp, for this session. When restarted the service will no longer available
Eg: # svcadm enable -t telnet
Output:
bash-3.00# svcadm disable -t telnet
bash-3.00# svcs -l telnet
fmri svc:/network/telnet:default
name Telnet server
enabled false (temporary)
state disabled
next_state none
state_time Mon Aug 24 16:44:23 2009
restarter svc:/network/inetd:default
# svcadm enable -s <FMRI>

Will start all the instance that is associated with specified FMRI
# eg: # svcadm enable -s telnet
# svcadm restart <FMRI>

To re-read the changes performed to the configuration file.
# svcadm -v refresh <FMRI>

To re-read the changes performed to the configuration file.
NOTE:
milestone/single-user => run level S of previous versions of Solaris

milestone/multi-user => run level 2 of previous version of Solaris
milestone/multi-user-server => run level 3 of previous versions of Solaris.
Note:
1. The svc.stard daemon can obtain information about the services from the repositry. This was
previously the responsibilty of init process.
2. svc.stard daemon takes on the role of starting the appropritae process for the achieved run
level.
3. A corrupt repositry prevents the system from booting.

4. Configuration information about the services and system is stored to /etc/svc/repository.db
To restore when the SMF repository is corrupted:

# cd /lib/svc/bin
# ./restore_repositry
To work with svccfg configuration of smf:
Output truncated:
bash-3.00# svccfg
svc:> select network
svc:/milestone/network> select telnet
svc:/network/telnet> listprop
general framework
general/entity_stability astring Unstable
general/restarter fmri svc:/network/inetd:default
inetd framework
inetd/endpoint_type astring stream
inetd/isrpc boolean false
inetd/name astring telnet
inetd/proto astring tcp6
inetd/stability astring Evolving
inetd/wait boolean false
Service Administration: [using inetadm]
# inetadm - observe or configure inetd-controlled services
1.INETD is a super-server which proxies connection to servers.

2.INETD services are traditionally defined in /etc/inetd.conf
3.inetadm permits control of key/value or ns of services
ame/value pair
/etc/svc - directory have the informations about the smf services and its repository database.
/etc/svc/repository.db
will have the data base about the services.
It is used to check the integrity of the services.
# inetconv - convert inetd.conf entries into smf service manifests, import them into
SMF repository

# inetadm - Displays what are the services that are controlled by â€œinetdâ€
# inetadm -l <FMRI>
Displays detailed information about the FMRI specified.
Eg: # inetadm â€“l telnet
# inetadm -d <FMRI>
To disable the specified service
Eg: # inetadm -d telnet
# inetadm -e <FMRI>
To enable the specified service
Eg: # inetadm â€“e telnet
# inetadm -p
Displays the global setttings
# inetadm -l telnet
Output:
bash-3.00# inetadm -l telnet
SCOPE NAME=VALUE
name="telnet"
endpoint_type="stream"
proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/sbin/in.telnetd"
user="root"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=TRUE
Note: The scope values cannot be changed.
To change the default value:
# inetadm -M tcp_trace=TRUE
Output:
bash-3.00# inetadm -M tcp_trace=TRUE
bash-3.00# inetadm -l telnet
SCOPE NAME=VALUE
name="telnet"
endpoint_type="stream"

proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/sbin/in.telnetd"
user="root"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=TRUE
default tcp_wrappers=TRUE
# netservices open
1. Will open or enable all the network related services
2. Needs the system to be restarted.
Output:
bash-3.00# netservices open
restarting syslogd
restarting sendmail
restarting wbem
bash-3.00# cd /var/svc/profile/
bash-3.00# ls -l generic.xml
lrwxrwxrwx 1 root root 18 Aug 24 16:59 generic.xml ->
./generic_open.xml
To check:
# svcs -a | grep ftp
Output:
bash-3.00# svcs -a | grep ftp
online 16:47:14 svc:/network/ftp:default
# netservices limited
1. Will disable all ther services except ssh.
2. Need the system to be restarted
Output:
bash-3.00# netservices limited
restarting syslogd
restarting sendmail
restarting wbem
dtlogin needs to be restarted. Restart now? [Y] n
dtlogin not restarted. Restart it to put it in local-mode.
bash-3.00# cd /var/svc/profile/
bash-3.00# ls -l generic.xml
lrwxrwxrwx 1 root root 25 Aug 24 17:02 generic.xml ->
./generic_limited_net.xml

To check:
# svcs -a | grep ftp
disabled 17:02:01 svc:/network/ftp:default
But,
# svcs -a | grep ssh
online 14:42:58 svc:/network/ssh:default

File permissions
r= read
w=write
x=execute
u = owner of the file

g = group
o = others
a = all
+ = to add the permissionship
- = to remove the permissionship
= = to assign the permissionship
# chmod
To change the file and directory permissionship
# chown
To change the ownership of the files and directories
# chgrp
To change the group of the files and directories
# chmod 777 dir1

ABC
A = defines the permissionship for the user/owner
B = defines the permissionship for the group
C = defines the permissionship for others
or
# chmod a+rwx dir1
This command will assign or add the following permissionship
rwx = owner of the directory
rwx = group permission to which the dir/file belong to
rwx = other permission
# chmod 644 file1

# chmod u+rw,g+r,o+r fil2
This command assign the permission as follows:
rw- = owner of the file/dir
r-- = group permission to which the dir/file belong to
r-- = other permission
Note:
1. # chown and
# chgrp
commands can be used only by the root user.
# chown shivan dir1

Here ownership of the dir/file named "dir1" is changed to shivan.
Here the ownership changed only to the parent directory.
# chown -R shivan dir

The owneship will be changed to the parent directory and for the sub-directories and files inside
the dir "dir1"
-R = recurrsive
# chgrp admin dir1

Here the group has been changed to "admin" for the directory
"dir1"
The group is changed only to the parent directory
# chgrp -R admin dir1

will change the group to the parent directory and all its sub-directories and files.
# chown hari:admin dir2

will change the ownership and group for the directory "dir2".
Only the parent directory "dir2" ownership and group is changed.
# chown -R hari:admin dir2

will change the ownership and group for the parent directory "dir2" and its sub-directories and
files.
Advanced file permissionship:
1. SETUID - set user id - 4

2. SETGID - set group id - 2
3. STICKY BIT - 1
To give SUID,SGID, Sticky bit - 7
Setuid:
1. When the SUID is assigned to a file, all the users who are accessing the file become the owner
of the file at that moment.
2. SUID will be effective for a script file.
A good example for the SUID is # passwd command
OUTPUT:
# ls -l /usr/bin | grep passwd

-r-sr-sr-x 1 root sys 22620 Jan 23 2005 passwd
# chmod 4644 one

To assign the SUID to the file "onw" with the default permission
SUID will have the impact on in the user's/owner's EXECUTIION area.
s => indicates EXECUTION permission is ENABLED
S => indicates EXECUTION pemission is DISABLED
NOTE: This is applicable for SGID too.
OUTPUT:
# chmod 4644 one
-rwSr--r-- 1 root root 0 Jul 23 14:44 one

OUTPUT:
# chmod 4744 one

-rwsr--r-- 1 root root 0 Jul 23 14:44 one
SGID:
1. SGID will be effective for a directory
2. If SGID permission is assigned to a directory, then the files and sub-dir
created under the parent dir (dir impletemented with SGID) will be inheriting the group of the
parent directory.
Assign the SGID for the dir two
OUTPUT:
# chmod 2644 two

drwxr-sr-x 2 root root 512 Jul 23 14:48 two
Sticky bit:
1. It'll be effective for a directory.
2. If a directory is with impletemented with sticky bit, every user in that system has the right to
create a file/directory inside that dir (provided with permission), but only the owner of the file can
delete the file.
Note: This can be override by root user.
OUTPUT:
# chmod 1777 three

drwxrwxrwt 2 root root 512 Jul 23 14:52 three
NOTE:
Used to identify what are the files/dir that are having SGID permission.
Output truncated:
# find /-user root -perm -2000
/usr/bin/mail
/usr/bin/mailx
/usr/bin/passwd
/usr/bin/write
/usr/lib/sendmail
/usr/openwin/bin/Xprt
/usr/openwin/bin/lbxproxy
/usr/platform/i86pc/sbin/eeprom
/usr/sbin/amd64/prtconf

Used to identify what are the files/dir that are having SUID permission.
Output truncated:

/usr/bin/amd64/newtask
/usr/bin/amd64/uptime
/usr/bin/amd64/w
/usr/bin/i86/newtask
/usr/bin/i86/uptime
/usr/bin/i86/w
/usr/bin/at
/usr/bin/atq
Used to identify what are the files/dir that are having Sticky bit permission

USER & GROUP ADMINISTRATION
The important files includes:

/etc/passwd - holds the information about the user account or user properties
/etc/shadow - holds the information about the user's password and password aging information
/etc/group - holds the information about the group and it's properties
/etc/skel - a directory from where the default user properties will be inherited.
/etc/passwd
thiyagu:x:517:1: :/export/home/thiyagu:/bin/sh
A B C D E F G
A - specifies the user's login name

B - refer to the file /etc/shadow
C - user's unique user id
D - user's primary group id
E - comment about the user
F - user's home directory
G - parent shell of the user defined by the root
Commands:
# useradd - to create the user account

# userdel - to delete the user account
# usermod - to modify the user account
# groupadd - to create the group account

# groupdel - to delete the group account
# groupmod - to modify the group account
When the # useradd command is executed, the following 2 files will be updated.
1. /etc/passwd
2. /etc/shadow
To create a simple user account:

# useradd -d /export/home/che -m che
This command will create the user named che with the home directory
/export/home
Output from the file /etc/passwd:
che:x:522:1::/export/home/che:/bin/sh
Output from the file /etc/shadow:

che:*LK*:::::::
Note:
Whenever the user is created, that user account will be "locked" intially untill password to the
user is defined.

To assign the password to the user:

# passwd <user_name>
# passwd che
Output from the file /etc/shadow:

che:o39wAwzjt0BjE:14449::::::
# useradd -m -d <home_dir_path> -u <uid> -g <gid> -c <comment> -s <shell>

-G <GID> login_name
where
-m = to create the home directory and provide the ownership of the dir to the newly created user
account
-d = to specify the home directory path
-u = to specify the unique user id of the user
-g = to specify the primary group id or group name to which the user belongs too
-c = to specify the comment about the user
-s = to specify the parent shell
-G = to specify the secondary group id or group name to which the user belongs too
login_name = user's login name
Note:
An user should be a member of 1 primary group and can be member of 15 secondary groups.
eg:
# useradd -u 5001 -d /export/home/us -s /bin/bash -m -g sun -c "basketball" -G 507,509,510
jordan
here, the user account is created with the following properties

login name = jordan
user uid = 5001
home directory path = /export/home/us
parenth shell = bash
primary group = sun
secondary group(s) = 507,509,510 (tech,linux,windows ref: /etc/group)
comment = basketball
To duplicate the user id to another user:

# useradd -d /export/home/karl_marx -g sales -G windows,linux,sun -c "proxy" -m -s /bin/bash
-u 0 -o karl
here
-o - is used to duplicate the user id to another user
Note:
1. DO NOT duplicate the user id of root (0) to any other user, if it happens, then, security
breech will happen.
2. We can also assign root priviledges to user through Authorization. Ref: RBAC-Topic

# useradd -m -d /export/home/kobe -g windows -G sun,sales,linux -c "test" -s /bin/bash -k

/etc/skel_basketball kobe
-k - to specify the customized path of the skel dir
Note:
.profile file under /etc/skel
have a impact when the user login to the system.
Hence some scripts can also be added to that.
# useradd -D
will provide the information about the default property and options of the users to be created.
OUTPUT:
# useradd -D
group=other,1 project=default,3 basedir=/home
skel=/etc/skel shell=/bin/sh inactive=0
expire= auths= profiles= roles= limitpriv=
defaultpriv= lock_after_retries=
# passwd -d <user_name>
# passwd -d shiva
will remove the password and assign "blank" password to the user
OUTPUT:
# grep shiva /etc/shadow

shiva::14452::::::
# passwd -w <warning_days> -n <minmum_days> -x <maximum> <login_name>

# passwd -w 40 -n 30 -x 60 shiva
OUTPUT:
shiva::14452:30:60:40:::
# useradd -m -d /export/home/sithan -e 12312009 sithan

here
-e = to specify the expire date to the user account.
Date will be specified with the mmddyyyy format
OUTPUT:
sithan:pmk2TEdOcjhXo:14452:40:50:30: :14609:
A B C D E F G H
where
A = login name of the user account
B = encypted password for the user
C = no of days logged in. (Calculated from 1 jan 1970)
D = password minimun age (not to change password until 40 days)
E = password maximum age ( have to change the password after 50 days)
F = a warning will be displayed to the user after 30 days to change password
G = number of inactive days
H = expire days
/etc/security/policy.conf
this file is responsible for genereating the encrypted password to any user.
This file will have number of cryptographic algorithm to be followed while generating a password
to any user.
eg: 1, 2a, md5
Output truncated:
# crypt(3c) Algorithms Configuration
#
# CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to
# be used for new passwords. This is enforced only in crypt_gensalt(3c).
#
CRYPT_ALGORITHMS_ALLOW=1,2a,md5
/etc/defult/passwd
will provide number of informations related to the password security policy
1. defines the length of the password
2. default minumum password age
3. default maximum password age
4. maintaining the history of the password
5. name check (login name cannnot be used as the password)
6. dict word ( dictionary word cannot be used a password)
7. alphpa numeric,special characters to password
Note:
1. Normally the password security policy is not enforced(commented). It can be enabled.
2. If the useraccounts are created through CLI, password security policy can be override.
Output truncated:
Contents to the file /etc/default/passwd
MAXWEEKS=
MINWEEKS=
PASSLENGTH=6
#NAMECHECK=NO
#HISTORY=0
#MINDIFF=3
#MINALPHA=2
#MINNONALPHA=1
#MINUPPER=0
#MINLOWER=0
#MAXREPEATS=0
#MINSPECIAL=0
#MINDIGIT=0
#WHITESPACE=YES
#DICTIONLIST=
#DICTIONDBDIR=/var/passwd

# passwd -l <login_name>
# passwd -l tom
will lock the user account
Note:
Eventhough the user has the password the account is locked.
OUTPUT:
tom:*LK*QK7lo.vinkpQs:14452::::::
# passwd -u <login_name>
# passwd -u tom
To unlock the user account
OUTPUT:
tom:QK7lo.vinkpQs:14452::::::
To delete the user account:

# userdel <login_name>
# userdel tom
This command will only delete the user account and the dir,files created by the user and his/her
home dir is NOT deleted.
# userdel -r <login_name>
# userdel -r tom
Will delete the user account along with the user's home dir.
ASSINGNING THE PASSWORD TO A GROUP

Step:1
# groupadd solaris
this command creates a group named `solaris`
Step 2.A :
# useradd -m -d /export/home/shiva -g solaris -s /bin/bash shiva
# passwd shiva
these above commands creates the user account shiva belongs to the group solaris & assign the
password to them.
Step 2.B:
# useradd -m -d /export/home/lingesh -s /bin/bash lingesh
# passwd lingesh
these commands creates & assings the password to the user account lingesh
Step 3:
As a root user or as any user create a file.
Here let’s create a file with the root user account
# mkdir /new
# cd /new
# cat > one
# ls -l
this will display the default permission ship and the group the owner (here root) belongs to.
# chmod 664 one
This command will change the permission ship to file 'one'

# chgrp Solaris one

this command will change the group to 'Solaris' for the file 'one'
Step 4:
To assign the password to a group
a. Copy the second field (encrypted password) of any user account from the file /etc/shadow
b. Paste the same to the second field of the file /etc/group
Step 5: To check
a. Login as the user (shiva - who belongs to solaris group)
and make the changes to the file. It'll change.
b. Login as the other user (lingesh - who DOESNT belong to solarsi group)
and try to make the changes to the file.
We'll be prompted with "permission denied"
To avoid this login to the solaris group
c. # newgrp solaris
this command will prompt for the password of the group Solaris
and allows to take the group permission ship.
NOTE: When the user is login to the group the shell changes.
How to duplicate the user id to another newly creating user ?

Step 1:
For eg:
# useradd -m -d /export/home/redhat -s /bin/bash -g admin -u 3000 redhat
# passwd redhat
this command will create the user account with the following
login name: redhat

home dir/base dir : /export/home/redhat
user id : 3000
primary group : admin
shell: bash
# useradd -m -d /export/home/suse -s /bin/ksh -g solaris -u 3000 -o suse

# passwd suse
this command will create the user account with the following
login name: suse

home dir/base dir : /export/home/suse
user id : 3000 NOTE: Duplicated using the option -o
primary group: solaris
shell: korn
NOTE: DONOT duplicate the root id to any user, if happens it leads to security breech.
MISC :
1. # /usr/ucb/vipw -> opens the /etc/passwd file in the text layout.

works only in the init level 3
User friendly to edit the file
2. # pwck => checks the entry of the file /etc/passwd and if any errors
it'll be displayed

3. # grpck => checks the entry of the file /etc/group and if any errors it'll be displayed
4. # echo $? => provides the info status on the command executed

if its 0 -> command is executed successfuly
if other than 0 -> its shows error occurance
To add multiple user's to multiple group:

/etc/group
file has to be edited
/etc/group
Example entry to the file
unix:Hsba96iR2vYXI:116:root,bhutia
A B C D
where
A - group name
B - encypted password to the group
Note:
Password to the group can be copied from /etc/shadow file.
No command is used to assign the password to the group.
C - group id
D - group members.
Note:
Only secondary group member names can be seen in the file
To modify the user login name:

# usermod -l <new-name> <old-name>
# usermod -l rose jack
will change the login name jack to rose.
Note:
The file ownership will be changed accordingly but the home directory will be owned by the old
owner.
Which will restrict to create any files in the home dir, hence the permissionship & ownership has
to be changed.
/usr/sadm/defadduser
this file have the entries of the default parameters of the useradd command
# useradd -D
reads the entry fromt this file
This file entries can be customized.

OUTPUT:
# cat /usr/sadm/defadduser
# Default values for useradd. Changed Tue Jul 28 04:28:53 2009
defgroup=1
defgname=other
defparent=/home
defskel=/etc/skel
defshell=/bin/sh
definact=0
defexpire=
defauthorization=
defrole=
defprofile=
defproj=3
defprojname=default
deflimitpriv=
defdefaultpriv=
deflock_after_retries=
# id <login_name>
# id bryant
will provide the information about the user's id and their primary group along with id.
OUTPUT:
$ id bryant
uid=1028(bryant) gid=110(sun)
# id -a <login_name>
# id -a bryant
will provide the information about the user's id, primary group id and name, secondary group id
and names
OUTPUT:
$ id -a bryant
uid=1028(bryant) gid=110(sun) groups=110(sun)
# finger -m <login_name>
# finger <login_name>
# finger bryant
# finger -m bryant
will provide the informations about the user's home dir, parent shell, when they logged in.
OUTPUT:
$ finger bryant
Login name: bryant In real life: test
Directory: /export/home/kobe Shell: /bin/bash
Never logged in.
No unread mail
No Plan.

To add a group:
# groupadd <group_name>
# groupadd sun
# groupadd -g 1000 linux

to create a group with the specified id 1000
# groupadd -g 1000 -o redhat

To create a group with duplicate id 1000.
# groups
# groups <user_name>
will provide the information about to which group the user belong to.
OUTPUT:
# groups scbose
other
According to this ouptput, the user scbose belongs only to the group other.
# listusers
will display the information about the user's available in the system.
Output truncated:
# listusers
castro
che
hari
karl
lenin
noaccess No Access User
nobody NFS Anonymous Access User
nobody4 SunOS 4.x NFS Anonymous Access User
rosan
rose
scbose
# listusers -g <group_name>
Will display the user's belong the specified group
# listusers -g other
OUTPUT:
# listusers -g sun
new
old
test
# pwconv
installs and updates /etc/shadow with information
from /etc/passwd
Performance monitoring
#w
will list out the following informations
1. who is logged in to the system
2. where they have logged in
3. when they have logged in
4. what they are doing
5. how much time they were idle
6. cpu utilization for each user's process
OUTPUT:
# w
4:37pm up 2:41, 3 users, load average: 0.04, 0.05, 0.04
User tty login@ idle JCPU PCPU what
root console 1:57pm 2:40 /usr/bin/gnome-session
root pts/3 3:05pm 3 3 w
che pts/4 4:37pm -bash
# users
will list out who are the user's logged to the system
OUTPUT:
# users
root root che
# who
will listout
1. who is logged into the system
2. where they have logged in
3. when they logged in
4. from where they have logged in (in the case of remote)
OUTPUT:
# who
root console Jul 29 13:57 (:0)
root pts/3 Jul 29 15:05 (:0.0)
che pts/4 Jul 29 16:37 (192.168.0.157)
# whodo
will listout out the information about
1. who are logged and what are they doing
2. what process they are doing
3. the process id of the process
OUTPUT:
# whodo
Wed Jul 29 16:41:11 IST 2009
sunfire103
console root 13:57

? 628 0:00 Xsession

pts/2 700 0:00 sdt_shell
pts/2 710 0:00 bash
pts/2 737 0:00 Xsession2.jds
pts/2 740 0:00 gnome-session
pts/2 792 0:00 xscreensaver
pts/2 787 0:06 gconfd-2
pts/2 790 0:00 gnome-keyring-d
? 706 0:00 dsdm
pts/3 root 15:05

? 1878 0:03 gnome-terminal
? 1879 0:00 gnome-pty-helpe
pts/3 1881 0:00 bash
pts/3 2205 0:00 whodo
pts/4 che 16:37

pts/4 2191 0:00 bash
# logins -p
will display who are the user's who don't have password.
OUTPUT:
# logins -p
che 2004 other 1
new 2013 other 1
old 2014 other 1
# rusers
will list out who are the remote users logged to the syste
# rusers -l <ip_name_of_the_system>
#rusers -l 192.168.0.252
# vmstat
will display the virtual memory status
# pagesize
will display the page size of the system
OUTPUT:
# pagesize
4096
Note:
In case of x86 systems page size = 4096
In case of sparc systems page size = 8192
# last
will display the informations of the system reboot and boot time
It'll read the entry from the file /var/wtmp
will also provide the information about who is currently logged in to the system

Output truncated:
# last
che pts/4 192.168.0.157 Wed Jul 29 16:37 still logged in
che pts/4 192.168.0.157 Wed Jul 29 16:34 - 16:35 (00:00)
root pts/4 :0.0 Wed Jul 29 15:31 - 15:36 (00:05)
root pts/3 :0.0 Wed Jul 29 15:05 still logged in
root pts/4 :0.0 Wed Jul 29 15:03 - 15:04 (00:00)
root pts/3 :0.0 Wed Jul 29 15:01 - 15:05 (00:04)
root pts/3 :0.0 Wed Jul 29 14:59 - 15:00 (00:01)
root pts/3 :0.0 Wed Jul 29 14:52 - 14:55 (00:03)
root pts/3 :0.0 Wed Jul 29 13:59 - 14:46 (00:46)
root console :0 Wed Jul 29 13:57 still logged in
reboot system boot Wed Jul 29 13:56
reboot system down Wed Jul 29 13:54
root pts/4 :0.0 Wed Jul 29 12:34 - 13:54 (01:19)
che pts/6 solaris Wed Jul 29 12:21 - 13:54 (01:33)
root pts/5 :0.0 Wed Jul 29 12:03 - 12:23 (00:19)
# last -n 5 reboot
will display last 5 times reboot
OUTPUT:
# last -n 5 reboot
reboot system down Wed Jul 29 13:54
reboot system down Tue Jul 28 20:02
reboot system boot Tue Jul 28 18:10
# uptime
will display
1. the status of how many hours the system is in running state
2. how many users are logged to the system
3. cpu load average
OUTPUT:
# uptime
4:53pm up 2:56, 3 users, load average: 0.07, 0.08, 0.06
# /usr/ucb/whoami
will dispaly the effective user, who is currently working
# who am i
will display the real user, who directly login to the system
OUTPUT:
# /usr/ucb/whoami
root
bash-3.00# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
-bash-3.00$ /usr/ucb/whoami

che
-bash-3.00$ who am i
root pts/3 Jul 30 11:35 (:0.0)
-bash-3.00$
Here,
che is the user logged in thorugh "su".
He is the effective user
where as root is the real user, who direclty logged to the system.
# su <user_name>
# su che
will permit the user's to switch as another user, but cannot take the ownership of the
switch user's home directory.
Note:
1. When root user is trying to switch as any user's system will not prompt for any password.
2. If any non-root user is trying to switch as any other user then the system will prompt for the
password
Output:
# su che
bash-3.00$ pwd
/
bash-3.00$ touch one two three
touch: two cannot create
touch: three cannot create
# su - <user_name>
# su - che
will switch user along with the home directory
Output:
# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
-bash-3.00$ pwd
/export/home/che
The switch user's log (SULOG) will be stored to the file

/var/adm/sulog
Output truncated:
# cat /var/adm/sulog | more

SU 07/13 23:59 + pts/1 root-client1
SU 07/14 00:42 + pts/1 root-root
SU 07/30 11:48 - pts/3 root-castro
SU 07/30 11:48 - pts/3 root-castro
Here this file will provide the following information:

SU = Switch User
Date & Time = when they logged in
+ = implies the sucessful event login
- = implies the failure even login
pts = terminal where they tried to login
user who executed the command.
as which user to login
This file will be updated automatically,whenever the "su" command is executed
/var/adm/loginlog:
1. This file will not be available by default
2. Has to be created mannualy
3. Has to be owned by "sys' group
4. This file logs/records the 5 consecutive failure logins of any user
5. Permission of the file is 600
# touch /var/adm/loginlog
# chmod 600 /var/adm/loginlog
# chgrp sys /var/adm/loginlog
Output truncated:
# cat /var/adm/loginlog
scbose:/dev/pts/11:Wed Jul 29 00:08:56 2009
mpandey:/dev/pts/11:Wed Jul 29 00:10:12 2009
hari:/dev/pts/4:Wed Jul 29 10:55:36 2009
# /usr/dt/bin/sdtprocess &
1. will invoke a pop-up menu
2. & - to indiacate the shell can be used to do another task
Will provide number of information:

1. process id of every process
2. Owner of the process
3. Cpu utilization to the process
4. Memory utilization to the process
5. What process is running by every user
6. When the process was stated
It will also provide filter options to choose for a particular user.
Note:
This command can be used only in the graphical environment.

# prstat
will provide/update the following informations
1. process id of every process
2. Owner of the process
3. Cpu utilization to the process
4. Memory utilization to the process
5. What process is running by every user
6. When the process was stated
It will also provide filter options to choose for a particular user.
Output trucnated:
# prstat
PID USERNAME SIZE RSS STATE PRI NICE TIME CPU PROCESS/NLWP
509 root 38M 40M sleep 42 0 0:02:09 4.4% Xorg/1
790 root 53M 16M sleep 49 0 0:00:01 0.1% gnome-terminal/2
780 root 47M 9880K sleep 59 0 0:00:04 0.1% mixer_applet2/1
796 root 64M 27M sleep 59 0 0:00:07 0.1% gedit/1
712 root 12M 9904K sleep 59 0 0:00:02 0.0% gconfd-2/1
776 root 48M 11M sleep 59 0 0:00:01 0.0% clock-applet/1
761 root 54M 17M sleep 59 0 0:00:01 0.0% gnome-panel/1
# prstat -U <user_name>
# prstat -U che
will display only the process running by the user che
OUTPUT:
# prstat -U che
PID USERNAME SIZE RSS STATE PRI NICE TIME CPU PROCESS/NLWP
986 che 2456K 1636K sleep 49 0 0:00:00 0.0% bash/1
# prstat -t
will display the summary of the process
OUTPUT:
# prstat -t
NPROC USERNAME SIZE RSS MEMORY TIME CPU
65 root 945M 348M 17% 0:02:53 8.0%
1 noaccess 175M 92M 4.5% 0:00:12 0.0%
1 che 2456K 1636K 0.1% 0:00:00 0.0%
1 lp 2644K 1076K 0.0% 0:00:00 0.0%
1 smmsp 6644K 1432K 0.1% 0:00:00 0.0%
2 daemon 6216K 3080K 0.1% 0:00:00 0.0%
Note:
The process id of sched = 0

The process id of init = 1
The process id of svc.startd (SMF) = 7
9 = starts the svc.configd deamon
related to SMF - start the services configuration deamon

# netstat
is used to monitor the network status
1. List connections of all protocol & address to and from the machine.
Address families include:
a. INET - ipv4
b. INET6 - ipv6
c. UNIX - Unix domain Sockets (Solaris/BSD/Linux/HP-UX/IBM-AIX/etc)
Protocols include:
TCP, IP, ICMP (which controls ping, echo), IGMP, RAWIP, UDP (DHCP, TFTP)
2. Lists routing table
3. Lists DHCP status for various interfaces
4. Lists net-to-media table. Network to MAC table
# netstat usage:
OUTPUT:
# netstat
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
accel1.telnet intel.32961 49640 0 49640 0 ESTABLISHED
Where
1 => hostname of the sender
2 => port/protocol
3 => hostname of the receiver / remote
4 => port/protocol of remote
Note:
1. # cat /etc/services
Displays the well known port number and their corresponding services
2. Hostname is displayed while using the # netstat command can be possible only of the
/etc/hosts file is having the entry of the ip-address and corresponding hostname [resolve].
This file will be indirectly checked.
When issuing the # netstat command it will read the file /etc/nsswith.conf and this file redirect
to read the file /etc/hosts [provided the entry is made].
4.Sockets are found only for TCP connections [connection oriented].
5.Sockets are NOT found for UDP connections since they are connection less.
6.No need to remember all the ports, just ‘grep’ from /etc/services.
Eg: # grep syslog /etc/services
# netstat –a
a.Shows the state of all packets
b.All routing table entries / all interfaces, both physical & logical
c.Returns ALL protocols for ALL address families [TCP/UDP/UNIX].

OUTPUT:
#netstat -a
UDP: IPv4
Local Address Remote Address State
-------------------- -------------------- -------
*.route Idle
*.sunrpc Idle
*.* Unbound
*.32771 Idle
[Output truncated]
# netstat –n
a.Shows network addresses as numbers. Normally # netstat displays addresses as
symbols.
b.It disables name resolution of hosts and ports and hence displays the ip-address.
TCP: IPv4
-------------------- -------------------- ----- ------ ----- ------ -------
192.168.0.100.23 192.168.0.19.32961 49640 0 49640 0 ESTABLISHED
192.168.0.100.32921 192.168.0.5.6000 500576 0 49640 0 ESTABLISHED
127.0.0.1.32923 127.0.0.1.32879 49152 0 49152 0 ESTABLISHED
[Output truncated]
# netstat –i
a.Returns the state of the physical interfaces. Pay attention to
errors/collisions/queue whilst troubleshooting.
b.When combined with ‘-a’ options displays report on logical interfaces.
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue
lo0 8232 loopback localhost 131536 0 131536 0 0 0
hme0 1500 accel1 accel1 186731 0 189733 0 0 0
NOTE:
mtu - Maximum Transmission Unit
In general the loopback address mtu will be high.
# netstat –m
a.Show the STREAMS memory
[How much TCP packets is working on the system]
streams allocation:
cumulative allocation
current maximum total failures
streams 300 336 2463 0
queues 742 756 5539 0
mblk 488 1778 192771 0
dblk 489 2009 1062735 0
linkblk 7 169 8 0
syncq 17 50 77 0
qband 2 127 2 0
917 Kbytes allocated for streams data

# netstat –p
Returns net-to-media information
[MAC/layer-2 information] i.e., to arp table.
Net to Media Table: IPv4

Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
hme0 192.168.0.5 255.255.255.255 00:16:41:ef:d5:ff
hme0 accel1 255.255.255.255 SP 08:00:20:c4:a2:fb
hme0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
# netstat –P <protocol>
Returns active sockets for specified protocol
Eg: # netstat –P tcp
Note:
1.Protocols should be specified with small letters
2.The following protocols are only allowed ip|ipv6|icmp|icmpv6|tcp|udp|rawip|raw|igmp
TCP: IPv4
-------------------- -------------------- ----- ------ ----- ------ -------
accel1.telnet intel.32961 49640 0 49640 0 ESTABLISHED
accel1.32921 192.168.0.5.6000 500576 0 49640 0 ESTABLISHED
localhost.32923 localhost.32879 49152 0 49152 0 ESTABLISHED
[Output truncated]
# netstat –r
a.Returns routing table
b.Normally, only interface, host, network & default routes are displayed
c.Combined with ‘-a’ option, all routes will be displayed, including cache.
Routing Table: IPv4

Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 accel1 U 1 19 hme0
224.0.0.0 accel1 U 1 0 hme0
localhost localhost UH 47 133672 lo0
# netstat –D
Returns DNCP configuration [includes releases/renewal etc]
# netstat –an –f [inet|inet|6|unix]
-f => allows to specify the family address
Eg: # netstat –an –f inet

Displays only ipv4 information

UDP: IPv4
Local Address Remote Address State
-------------------- -------------------- -------
*.520 Idle
*.111 Idle
*.* Unbound
*.32771 Idle
*.* Unbound
[Output truncated]
# ps -ef
will list out what are the process running
Output truncated:
# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 0 0 0 11:31:55 ? 0:51 sched
root 1 0 0 11:32:02 ? 0:00 /sbin/init
root 2 0 0 11:32:02 ? 0:00 pageout
root 3 0 0 11:32:02 ? 0:03 fsflush
daemon 191 1 0 11:32:10 ? 0:00 /usr/sbin/rpcbind
root 7 1 0 11:32:04 ? 0:01 /lib/svc/bin/svc.startd
root 9 1 0 11:32:04 ? 0:02 /lib/svc/bin/svc.configd
root 126 1 0 11:32:08 ? 0:00 /usr/lib/picl/picld
To kill the process:
# kill <process_id>
# pkill <process_id>
# kill 3753
# pkill 3753
will kill the process specified

Performing system security
FTP IMPLEMENTATION:
Wu – ftpd => Washington University ftpd daemon
1. FTPD binds to TCP port 21 and is running by default.

2. SMF controls FTP service configuration.
3. # svcs –a l ftp
Displays the status of the ftp service.
4. # pkginfo –l | grep ftp*
Displays the detailed information about ftp service.
5. # pkginfo –x | grep ftp*
Displays package information
a. ftpcount, ftpwho [displays the connected users & process information]
b. ftpconfig – utility is used to setup anonymous/guest ftp

c. SUNWftpr – includes
1. /etc/ftpd
ftpaccess – primary configuration file for wu-ftpd
ftphost – allow/deny access to users from hosts
ftpservers – allows root to define virtual hosts
ftpusers – users listed are NOT permitted(denied)to access the server via ftp
ftpconversions – facilitates tar, compress, gzip support
Note:
By default root user is denied to use ftp.
wu –ftp daemon supports 2 types of ftp connections
1. PORT – Active ftp

a. Client -> TCP:21 [Server-Control-Connection]
b. Client executes ‘ls’ -> results in server initiating a connection back to the client usually on
TCP:20 [ftp-data]
2. PASU – Passive ftp

a. Client -> TCP:21 [Server-Control-Connection]
b. Client executes ‘ls’ -> results in server opening a high port and instructing the client to
source (initiate) a connection to a server.
c. Client sources data connection to high port on server.
# ftpcount
Shows current number of users in each ftp server class
-v Displays the user counts for ftp server classes defined in virtual host [ftpaccess]
-V Display program copyright and version information then terminate
OUTPUT:
# ftpcount
Service class realusers - 1 users (no maximum)
Service class guestusers - 0 users (no maximum)
Service class anonusers - 0 users (no maximum)

# ftpwho
Shows current process information for each ftp server user
1. It’ll display which user is logged in along with the process id
2. Status of the user will be displayed
3. Will also display the password given by the anonymous user
OUTPUT:
# ftpwho
Service class realusers:
bhagat 1157 0.0 0.2 4852 2628 ? S 12:48:03 0:00 ftpd:
192.168.0.157: bhagat: IDLE
- 1 users (no maximum)
Service class guestusers:
Service class anonusers:
Here,
a real user named - bhagat is logged through ftp
Note:
Login time via ftp is defined in the file /etc/ftpd/ftpaccess
Time out in seconds.
Anonymous ftp configuration:
# ftpconfig
Setup anonymous ftp
Note:
1. If the /var/ftp dir does’nt exist, this above command will create and update the dir for
anonymouns ftp.
2. This can also be achieved by using GUI web browser to check the anonymous login using ftp.
# mkdir /var/ftp
# ftpconfig -d /var/ftp
# ftpconfig /var/ftp
# cd /var/ftp
# ls –l
or
# ftpconfig /var/pub
At location bar of the web browser:
ftp://192.168.0.100
1. Will by default show the anonymous user

Ftpd – class support:
Facilitates the grouping of users for the purpose of assigning directives
3- default classes:
1. Real users:
a. Can login using shell [ssh/telnet]
b. Can browse the entire directory
2. Guest users:
a. Are temporary users
3. Anonymous user:
a. General public for download capability
All the 3 default classes is defined to the file /etc/ftpd/ftpaccess
Restart the ftp service

# svcadm restart ftp
Note:
Guest users are similar to real users, except guest users are jailed/chrooted.
Denying Anonymous User account:
FTP SERVER FIRE2 192.168.0.100
# mkdir /ftp_anonymous
bash-3.00# ftpconfig -d /ftp_anonymous/
Updating directory /ftp_anonymous/
bash-3.00# ls /ftp_anonymous/
bin dev etc lib pub usr
bash-3.00# ftpconfig /ftp_anonymous/
Updating directory /ftp_anonymous/
bash-3.00# svcs -a |grep ftp
disabled 14:40:42 svc:/network/ftp:default
bash-3.00# svcadm enable ftp
bash-3.00# svcs -a |grep ftp
online 15:24:31 svc:/network/ftp:default
bash-3.00# ftpwho
ftp 2096 0.0 0.1 2232 1600 ? S 15:24:48 0:00 ftpd: fire1:
anonymous/anonymous"gmail.com: IDLE
1 users (no maximum)
given denied access in ftpusers in Server machine

# vi /etc/ftpd/ftpusers

"/etc/ftpd/ftpusers" 18 lines, 193 characters

# ident "@(#)ftpusers 1.5 04/02/20 SMI"
#
# List of users denied access to the FTP server, see ftpusers(4).
#
daemon
bin
sys
adm
lp
uucp
nuucp
smmsp
listen
gdm
webservd
nobody
noaccess
nobody4
anonymous
# ftpwho
FTP CLIENT
# ftp 192.168.0.100
Connected to 192.168.0.100.
220 fire2 FTP server ready.
Name (192.168.0.100:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230-The response 'anonymous"gmail.com' is not valid
230-Next time please use your e-mail address as your password
230- for example: joe@fire1.network
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is current directory.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
bin
dev
etc
lib
pub
usr
226 Transfer complete.
30 bytes received in 5.8e-05 seconds (508.94 Kbytes/s)
ftp> cd pub

250 CWD command successful.

ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
new
226 Transfer complete.
5 bytes received in 2.9e-05 seconds (170.78 Kbytes/s)
ftp> cat new
?Invalid command
ftp> bye
221-You have transferred 0 bytes in 0 files.
221-Total traffic for this session was 927 bytes in 2 transfers.
221-Thank you for using the FTP service on fire2.
221 Goodbye.
Anonymous user disabled in ftpusers:
# ftp 192.168.0100
bash-3.00# ftp 192.168.0.100

Connected to 192.168.0.100.
220 fire2 FTP server ready.
Name (192.168.0.100:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
530 Login incorrect.
Login failed.

PROCESS SHCEDULING
# at => executes the command only once

every user has the right to execute the at command
syn: # at <time>
eg: # at 1030
at
OUTPUT:
# at 13:10
at> mkdir -p /mnt/pen/root/test
at> <EOT>
commands will be executed using /usr/bin/bash
job 1249026000.a at Fri Jul 31 13:10:00 2009
Options with at command:

# at now
# at now +2hour
# at now +30min
# at now next week
# at 12pm sunday
# at 12pm aug 31
# atrm <jobid>.a
# atrm 1249026000.a
# at -r 1249026000.a
to remove the scheduled tasks.
# atq
will provide the info abt the scheduled task along with their id.
OUTPUT:
# atq
Rank Execution Date Owner Job Queue Job Name
1st Jul 31, 2009 13:10 root 1249026000.a a stdin
# at -l
will provide the info abt the job id and the user who scheduled the process
OUTPUT:
# at -l
user = root 1249026000.a Fri Jul 31 13:10:00 2009
/var/spool/cron/atjobs
Is the directory which holds the information about the scheduled tasks and it's id
# ls /var/spool/cron/atjobs
will listout the jobs in schedule.

OUTPUT:
# ls /var/spool/cron/atjobs/
1249026000.a
It's possible to read the what are the tasks shceduled by using cat command:
Output truncated: ( At the end of the file we can see the tasks scheduled)
# cat /var/spool/cron/atjobs/1249026000.a
cd /
umask 22
mkdir -p /mnt/pen/root/test
/etc/cron.d/at.deny
this file will have the login name of the users who are denied to use the at command.
Here default system user's are listed.
OUTPUT:
# cat /etc/cron.d/at.deny
daemon
bin
nuucp
listen
nobody
noaccess
/etc/cron.d/at.allow
this file will not be present by default.
this file has to be created mannualy
this file holds the login name of the users who are having the permission to access the at
command.
Note:
1. In general system will check for the /etc/cron.d/at.allow file first and then moves to the file
/etc/cron.d/at.deny.
2. If a user is given entry to both the files, then he is permitted to use the commands (in both
at,crontab)
/var/cron/log
this file logs the at command shceduling
In the case of crond

We have the file /etc/crond.d/cron.deny
OUTPUT:
# cat /etc/cron.d/cron.deny
daemon
bin
nuucp
listen
nobody
noaccess
The file /etc/cron.d/cron.allow

will not exist, it needed it can be created.
Note:
The function of the files remains same at at.allow and at.deny
# cron => will execute the process recurssively

it has number of fileds
1. minute filed - 0 to 59
2. hour filed - 0 to 23
3. day of month - 1 to 31
4. month filed - 1 to 12
5. day of the week - 0 to 6
NOTE:
0 = sunday
1 = monday
respectively
6. command field => what command has to be executed
* => on every month/day
# crontab -l
will list out what are the tasks scheduled in the system
# crontab -l <user_name>
# crontab -l che
will list out what are the tasks scheduled only by the user che.
# crontab -e
to edit or to add the schedules to the crond.

Performing system security
Note:
By default the Telnet service to the root is dened, and rest users are permitted to login through
telnet.
This function is defined in the file /etc/default/login
Output: (Partially added relevant to the topic)
# vi /etc/default/login
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console
1. By default
the file entry will be
CONSOLE=/dev/console
And this entry denies the root access through telnet.
2. To make the root user to access through telnet

the file has to be edited as,
#CONSOLE=/dev/console
This entry will allow the root user to access through telent
3. To deny the root user to login to the local system (console)

The file has to be edited as,
CONSOLE=
This entry will restrict root user to login to the local system.
To view the status of the telnet service: (Solaris - 10)

# svcs -a | grep telnet
OUTPUT:

online 12:03:15 svc:/network/telnet:default
To disable the telnet service to the local system:

# svcadm disable network/telnet
or
# svcadm disable svc:/network/telnet:default
or
# svcadm disable telnet
OUTPUT:
# svcadm disable network/telnet

disabled 12:32:46 svc:/network/telnet:default
To enable telnet:
# svcadm enable telnet
or
# svcadm enable network/telnet
#svcadm enable svc:/network/telnet:default
OUTPUT:
# svcadm enable telnet

online 12:34:58 svc:/network/telnet:default
Output: (Partial output relevant to the topic)
# cat /etc/default/login
# PASSREQ determines if login requires a password.

#
PASSREQ=YES
Determines whether password is required at time of login
# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
# abandoning a login session.
#
TIMEOUT=300
While login throug telnet, the login prompt will be displayed to 300 sec.
It can be decreased.
Determines number of retries if the password is wrogly typed.

# RETRIES determines the number of failed logins that will be

# allowed before login exits. Default is 5 and maximum is 15.
# If account locking is configured (user_attr(4)/policy.conf(4))
# for a local user's account (passwd(4)/shadow(4)), that account
# will be locked if failed logins equals or exceeds RETRIES.
#
#RETRIES=5

# vi /etc/default/telnetd
# Suppress the telnet banner by supplying a null definition.

#
BANNER="Only if u r authenticated, login to the system "
Can edit the message, this will be displayed at the time of telnet login.

PRINTER CONFIGURATION
# printmgr &
=> This above command opens a menu
=> Printer configuration can be menu driven
NOTE:
1. Before configuring the printer make sure about the compatablity with the sun microsystems.
2. Check the make and the type
3. The port to which the printer is connected physically.
Once the menu is opened,

1. Enable the "confirm actions" from the main menu
2. Select the newly attached printer
a. give the printer name ( can be any name )
b. description can also be anything
c. choose the correct port
(here we have choosen /dev/pts/7 for our eg. In thiscase if we want to specify the
port choose " other')
d. select the type of the printer
e. select -> the banner options if required or never print banner
f. user access list -> by default every user is given the right to sent the request to the
printer. If we want to restrict,add the specific users from the user list.
g. apply the changes
# lp <file_name>
eg: # lp check_printer
will the print the file named "check_printer" to the default printer
# lpstat -d
displays which is activated as the default printer if we have configured more than one printer
# lpstat -p
displays status of all the printers that are configured to the system
# lpadmin -d <printer_name>
eg: # lpadmin -d hp
will activate "hp" as the default printer if we had configured more than one printer.
# reject <printer_name>
eg: # reject hp
this command will reject the requests to the printer named "hp"
ie.. hp printer will not accept the requests from any user including the root.
Note:
In the above case, printer is physically connected, activated but the request will not be fulfilled or
not accepted.

OUTPUT:
# reject 5stars_bkp
destination "5stars_bkp" will no longer accept requests
# lp -d 5stars_bkp /etc/shadow
5stars_bkp: requests are not being accepted
# accept 5stars_bkp
destination "5stars_bkp" now accepting requests
# lp -d 5stars_bkp /etc/shadow
request id is 5stars_bkp-12 (1 file(s))
# lpstat -d
system default destination: 5stars
# lpstat -p
printer 5stars is idle. enabled since Fri Jul 31 16:34:22 2009. available.
printer 5stars_bkp is idle. enabled since Fri Jul 31 16:39:54 2009. available.
# lpadmin -d 5stars_bkp
# lpstat -p
printer 5stars is idle. enabled since Fri Jul 31 16:34:22 2009. available.
printer 5stars_bkp is idle. enabled since Fri Jul 31 16:39:54 2009. available.
# lpstat -d
system default destination: 5stars_bkp
# accept <printer_name>
eg: # accept hp
this command will start sending the request to the printer named "hp"
In other words printer starts printing the desired output.
# disable <printer_name>
eg: # disable hp
this command will disable the printer. In other words printer is not activated.
# enable <printer_name>
eg: # enable hp
will activate/enable the printer specified.
/var/lp/logs/requests -> provides the information on the print logs which inclues
1. which user given the print request
2. date & time of the request
3. size of the file
4. user id, group id
5. file name
6. location of the file
# lpq
provide the information about the request in the queue.

Backup & Restore
1. slice 4 and slice 5 with 1 gb each

2. Slice 6 and slice 7 with 2 gb each
Now, we are going to mount slice 4 under /mnt/source.

Lets add some data to the slice.
Since we are discussing about OFFLINE backup, lets umount the slice4.
Here let us consider slice6 as the backup media.

It should be a COMPLETE backup since its our first time.
# ufsdump <level_of_the_backup>uf <back_media> <slice_to_be_backedup>

# ufsdump 0uf /dev/rdsk/c1d0s6 /dev/dsk/c1d0s4
Here
0 = level of the backup (Complete backup)
u = to update the information about the backup on the file
/etc/dumpdates
f = to specify the device
/dev/rdsk/c1d0s6 = backup media where the backed up informations are
stored
/dev/dsk/c1d0s4 = is the slice which is having the datas to be backed
up
OUTPUT:

DUMP: Date of this level 0 dump: Tue Aug 04 23:08:33 2009
DUMP: Date of last level 0 dump: the epoch
DUMP: Dumping /dev/rdsk/c1d0s4 to /dev/rdsk/c1d0s6.
DUMP: Mapping (Pass I) [regular files]
DUMP: Mapping (Pass II) [directories]
DUMP: Writing 32 Kilobyte records
DUMP: Estimated 16560 blocks (8.09MB).
DUMP: Dumping (Pass III) [directories]
DUMP: Dumping (Pass IV) [regular files]
DUMP: 16446 blocks (8.03MB) on 1 volume at 48370 KB/sec
DUMP: DUMP IS DONE
DUMP: Level 0 dump on Tue Aug 04 23:08:33 2009
OUTPUT:
# cat /etc/dumpdates
/dev/rdsk/c1d0s3 0 Mon Aug 3 12:32:52 2009
/dev/rdsk/c1d0s3 1 Mon Aug 3 12:41:49 2009
/dev/rdsk/c1d0s4 0 Tue Aug 4 23:08:33 2009
From this file we can understand,

c1d0s3 had been completely (0) backed up on Aug 3 12:32
c1d0s3 had been incremental backup (1) on Aug 3 12:41
Now lets mount the slice4 once again at the same mount point.
Do some updates to the created file and create some new file or directory at the mount point.
Then unmount the slice4
Since we are going to discuss on incremental backup, specify the level of the backup whilst
backuping.
# ufsdump <level_of_the_backup>uf <backup_media>

<device_to_be_backedup>
here
1 = specifies the level of backup (Incremental)
Only the updated informations is backed up
u = update the file /etc/dumpdates
f = specifies the device
/dev/rdsk/c1d0s7 = is the backup media
/dev/dsk/c1d0s4 = the slice having the data
# ufsdump 0S /dev/dsk/c1d0s4
will display how much of space is required to take a complete backup.
OUTPUT:
8478720
will display how much of sapce is required for incremental level(1) backup.
How to restore the data?
Note:
1. Backup media need not to be have the file system.
2. Only after resotring the COMPLETE backup, incremental backup can be done.
3. However selected files and directories can also be restored.
4. After restoring a file named "restoresysmtable" will be created at the restored point.
It is not readale and not recommended to delete this file. This file will be used while restoring the
incremental backup.
5. Restore can be done at any point.
# ufsrestore rf <backuped_device>
# ufsrestore rf /dev/rdsk/c1d0s6
where
r = specifies recurssively. will restore all the files and directories
that is backed up to the media /dev/rdsk/c1d0s6
f = specifies the device
# ufsresotre -if /dev/rdsk/c1d0s6

i = interactive
Can be possible to know what are the files and directories are backed up and can be listed out.
Is possible to restore the selected files.

# ufsrestore -if /dev/rdsk/c1d0s6

Now the prompt will be changed.
ufsrestore>
ufsrestore>ls
will list out what are the files and directories that are backed up the media (/dev/rdsk/c1d0s6)
Online backup or Snapshot
# fssnap -F <filesystem> -o bs=<any-dir> <mount_point>
Snapshot or online backup is used to take a snapshot of the mounted slice.
# fssnap -F ufs -o bs=/var/tmp /mnt/source

here
-F = specifies the filesystem
-o = to specify the options
bs = backing store. which will hold only the updates of the snapshot
/var/tmp = backing store directory
/mnt/source = mount point or the source to be snapshoted.
This command will create a virtual snap device as follows

/dev/fssnap/0
OUTPUT:
# fssnap -F ufs -o bs=/var/tmp /backing_store

/dev/fssnap/0
Note:
This virtual device (/dev/fssnap/0) can be mounted as READ ONLY.
Hence the virtual device can be mounted as read only
# mount -o ro /dev/dsk/fssnap/0 /mnt/virtual
Then to make a backup of the virtaul device,

# ufsdump 0uf /dev/rdsk/c1d0s7 /dev/fssnap/0
here
0 = complete backup. level of the backup
u = to update the file /etc/dumpdates
f = to specify the device
/dev/rdsk/c1d0s7 = backup media
/dev/fssnap/0 = device to be backed up
# fssanp -i
will display the informations about the snap devices available in the system and their
corresponding source.

OUTPUT:
# fssnap -i
0 /backing_store
# fssnap -i /dev/fssnap/0
0 /backing_store
will provide the information about which mount point is backed up
# fssnap -d <snap_device>
# fssnap -d /dev/fssnap/0
To delete the specified snap device.
Note:
Restoring the data is as similar to normal offline backup.
Taking a backup of a root slice:
NOTE:
1. Enter into the system maintenance mode
2. Then check the destination size of the tape/disk
3. Proceed with the backup.

here, slice6 is taken as backup device which has nearly 4gb of space
Restoring the root backup
1. Boot from the cd

2. DONOT mount the root slice (ie s0)
3. Create the file system for the root slice
4. Mount the root slice in /a dir
5. Move to the /a dir
6. restore the backedup information
7. a. install the bootblk in the case of SPARC
b. install the grub in the case of X86/X64
8. restart the system.
# cd /
# newfs /dev/rdsk/c1d0s0
# mount /dev/dsk/c1d0s0 /a
# cd /a
# ufsrestore rvf /dev/rdsk/c1d0s6
# rm restoresysmtable
# cd /usr/platform/ùname -m`/lib/fs/ufs
# installboot bootblk /dev/rdsk/c1t1d0s0 -> SPARC
# installgrub -fm /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c1d0s0
-> X86/X64 arch
where
-f => suppresses interaction when overwriting the master boot record
-m => installs GRUB stage1 on the master boot sector interactively
# cd /
# umount /a
# init 6

SCSA PART -2: 310-202

1. Introduction to network interfaces
2. Client & server model
3. SMC - Solaris Management Console
4. Swap configuration
5. Crash,core & dump configuration
6. NFS - Network File System
7. Autofs
8. NIS - Network Information Service/System
9. Jumpstart Installation
10. Flash Installation
11. RBAC - Role Based Access Control
12. ACL - Access Control List
13. SDS/SVM - Solaris Solstice Disk Suite/Solaris Volume Manager
14. System messaging
15. Zone Adminstration

Configuring, Controlling & Monitoring the network interfaces
To identify the instance name of the intercace:

# grep network /etc/path_to_inst
This will display the output only in the case of SPARC-Sun hardware
# dladm show-dev
will also display the instance name and status of the interface
OUTPUT:
# dladm show-dev
nge0 link: up speed: 100 Mbps duplex: full
nge1 link: unknown speed: 0 Mbps duplex: unknown
bge0 link: unknown speed: 0 Mbps duplex: unknown
bge1 link: unknown speed: 0 Mbps duplex: unknown
Note:
nge - Nvidia Gigabit ethernet
bge - Boradcam Gigabit ethernet
rtls - Real Tek ethernet
hme - happy meal ethernet
qfe - quad fast ethernet
To view the mac address:
OK banner
# ifconfig -a
# ifconfig -a
will provide the following
a. ipaddress of the machine
b. mac address of the machine
c. status flag of the interface
d. instance name of the interface
e. broadcast id
OUTPUT:
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index
1
inet 127.0.0.1 netmask ff000000
nge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.0.120 netmask ffffff00 broadcast 192.168.0.255
ether 0:1b:24:5b:d8:d6
bge1: flags=1000803<UP,BROADCAST,MULTICAST,IPv4> mtu 1500 index 3
inet 192.168.0.145 netmask ff000000 broadcast 192.255.255.255
To assign the ipaddress to the interface:
1. Make sure the interface is plumbed.

Plumbing will make the kernel to recoginize the interface
# ifconfig bge1 plumb

To update the kernel
OUTPUT:
# ifconfig bge1 plumb

#ifconfig -a
1
bge1: flags=1000802<BROADCAST,MULTICAST,IPv4> mtu 1500 index 4
inet 0.0.0.0 netmask 0
# ifconfig bge1 unplumb

# ifconfig -a
1
# ifconfig bge1 192.168.0.100 up

To assign the ip to the bge1 interface and set the status as up.
OUTPUT:
# ifconfig bge1 192.168.0.100 up

# ifconfig -a

1

# ifconfig bge1 down

To logically down the specified interface
OUTPUT:
# ifconfig bge1 down

# ifconfig -a

1
bge1: flags=1000802<BROADCAST,MULTICAST,IPv4> mtu 1500 index 4
To make the interface up once again.

It's not necessary to specify the ip
OUTPUT:
# ifconfig bge1 up
# ifconfig -a

1
To view the mac & ip of the particular interface:
OUTPUT:
# ifconfig bge1
Note:
# ifconfig
1. is used to assign and view the ipaddress of the system
2. Ip address assigned using ifconfig command will persists only for the current session.
Once if the system is restarted, the ip address assinged to the interface will be vanished.
To assign the ip address permanently to the interface:

Edit the file /etc/hotname.XXn

where
XXn - logical name of the interface
For eg:
# cat > /etc/hostname.nge0
192.168.0.120
Save this file.

This file may have the hostname of the system or the ip.
To assign virtual ip to the interface:
WTD:
1. Plumb the interface
2. Asssign the ip to the interface
3. Create a file /etc/hostname.XXn and add entry to the file
HTD:
1. # ifconfig nge0:1 plumb
2. # ifconfig nge0:1 192.168.0.170 up
3. # cat > /etc/hostname.nge0:1
192.168.0.170
Ctrl+d => to save
OUTPUT:
# ifconfig nge0:1 plumb

# ifconfig nge0:1 192.168.0.170 up
# cat > /etc/hostname.nge0:1
# ifconfig -a
1
nge0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 10.0.0.10 netmask ffc00000 broadcast 10.63.255.255
To assign broadcast id if it's subnetted:
# ifconfig nge0:1 10.0.0.10/10 up
OUTPUT:
# ifconfig nge0:1 10.0.0.10 up

# ifconfig nge0:1
inet 10.0.0.10 netmask ff000000 broadcast 10.255.255.255

# ifconfig nge0:1 10.0.0.10/10 up

# ifconfig nge0:1
inet 10.0.0.10 netmask ffc00000 broadcast 10.63.255.255
Now, we can host the difference in the broadcast id
/etc/hosts
/etc/inet/hosts
1. Both the files are linked.
2. Both the files have the same entries
3. File is used to resolve the ip with the name locally in the network
Note:
It's not necessay that all /etc/hosts file in the network should be mapped correctly.
OUTPUT:
# cat /etc/hosts
# Internet host table

#
127.0.0.1 localhost
192.168.0.120 accel loghost
192.168.0.170 bge1
192.168.0.121 virtual1
192.168.0.122 virtual2
# cat /etc/inet/hosts
# Internet host table

#
127.0.0.1 localhost
192.168.0.120 accel loghost
192.168.0.170 bge1
192.168.0.121 virtual1
192.168.0.122 virtual2
/etc/nodename
This file will have the nodename.
This file will be reffered at the time of every boot/reboot and accordingly the hostname will be
taken.
# hostname <new_name>
For eg:
# hostname aita
will change the host name only for the current session, once the system is rebooted, the
hostname will not exit.
To make the hostname permanent, edit the file /etc/nodename
# cat > /etc/nodename

accel
/etc/services
/etc/inet/services
Both files are linked

Will provide the information about the services & corresponding static port numbers
Output truncated:
# cat /etc/services
#ident "@(#)services 1.32 01/11/21 SMI"

#
#
# Copyright (c) 1999-2001 by Sun Microsystems, Inc.
# All rights reserved.
#
# Network services, Internet style
#
tcpmux 1/tcp
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
# cat /etc/inet/services
#ident "@(#)services 1.32 01/11/21 SMI"

#
#
# Copyright (c) 1999-2001 by Sun Microsystems, Inc.
#
# Network services, Internet style
#
tcpmux 1/tcp
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
# sys-unconfig - undo a system's configuration

sys-unconfig does the following: - Don't run this command
Saves current /etc/inet/hosts file information in /etc/inet/hosts.saved.
If the current /etc/vfstab file contains NFS mount entries, saves the
/etc/vfstab file to /etc/vfstab.orig.
Restores the default /etc/inet/hosts file.

Removes the default hostname in /etc/hostname. interface files for all interfaces
configured when this command is run. To determine which interfaces are configured,
run the command 'ifconfig-a'. The /etc/hostname.interface files
corresponding to all of the interfaces listed in the resulting output, with the
exception of the loopback interface (lo0), will removed.
Removes the default domainname in /etc/defaultdomain.
Restores the timezone to PST8PDT in /etc/TIMEZONE.
Disables the Network Information Service (NIS) and Network Information Service
Plus (NIS+) if either NIS or NIS+ was configured.
Removes the file /etc/inet/netmasks.
Removes the file /etc/defaultrouter.
Removes the password set for root in /etc/shadow.
# snoop
is used to monitor the network between particular machine, on a specified interface
Generally this snoop command without any options will monitor to all the interface of the system
Output truncated:
# snoop
fire1 -> accel TELNET C port=32890
accel -> fire1 TELNET R port=32890 basic_commands
solaris-remote -> (broadcast) ARP C Who is 192.168.0.1, 192.168.0.1 ?
solaris-remote -> (broadcast) ARP C Who is 192.168.0.1, 192.168.0.1 ?
solaris-remote -> virtual1 TELNET C port=32869 l
virtual1 -> solaris-remote TELNET R port=32869 l
solaris-remote -> virtual1 TELNET C port=32869
solaris-remote -> virtual1 TELNET C port=32869 s
virtual1 -> solaris-remote TELNET R port=32869 s
virtual1 -> solaris-remote TELNET R port=32869
virtual1 -> solaris-remote TELNET R port=32869 Desktop day
# snoop -d <interface>
will monitor only to the specified interface
For eg:
# snoop -d nge0
Output truncated:
# snoop -d nge0
Using device /dev/nge0 (promiscuous mode)
accel -> fire1 TELNET R port=32890 ^C
accel -> fire1 TELNET R port=32890 \r\n-bash-3.00#

fire1 -> accel TELNET C port=32890 c
accel -> fire1 TELNET R port=32890 c
# snoop -D -d nge0
where
-D = used to monitor the dropped packet information
-d = used to monitor for the specified interface
Output tuncated:
#snoop -D -d nge0
fire1 -> 224.0.0.22 drops: 0 IGMP v3 membership report

fire1 -> 192.168.0.255 drops: 0 RIP C (1 destinations)
fire1 -> 224.0.0.2 drops: 0 ICMP Router solicitation
fire1 -> 192.168.0.255 drops: 0 RIP C (1 destinations)
100.0.0.2 -> (broadcast) drops: 0 ARP C Who is 100.0.0.2, 100.0.0.2 ?
fire1 -> (broadcast) drops: 0 ARP C Who is 192.168.0.120, accel ?
accel -> fire1 drops: 0 ARP R 192.168.0.120, accel is
0:1b:24:5b:d8:d6
fire1 -> accel drops: 0 TELNET C port=32890
accel -> fire1 drops: 0 TELNET R port=32890
fire1 -> accel drops: 0 TELNET C port=32890 swap -
l\r\0s\3swassssss
accel -> fire1 drops: 0 TELNET R port=32890 ^Cswap -l\r\nsswasssss
fire1 -> accel drops: 0 TELNET C port=32890
accel -> fire1 drops: 0 TELNET R port=32890 \r\n\r\n-bash-3.00#
# snoop -S -d nge0
-S = to monitor the size of the packets
Output truncated:

fire1 -> accel length: 60 TELNET C port=32891 \33[A
accel -> fire1 length: 67 TELNET R port=32891 cd /class_doc
fire1 -> accel length: 60 TELNET C port=32891
fire1 -> accel length: 60 TELNET C port=32891 \33[D
accel -> fire1 length: 55 TELNET R port=32891
# snoop -a
To gather the audio
# snoop accel fire1

will monitor the transmission only between the specified machine
Output truncated:
# snoop accel fire1
fire1 -> accel TELNET C port=32891 s
accel -> fire1 TELNET R port=32891 s
fire1 -> accel TELNET C port=32891 i
accel -> fire1 TELNET R port=32891 i
fire1 -> accel TELNET C port=32891 _
accel -> fire1 TELNET R port=32891 _
fire1 -> accel TELNET C port=32891 o
accel -> fire1 TELNET R port=32891 o
# snoop -V
Displays the information in verbose summary mode
Output truncated:
# snoop -V -d nge0
________________________________
fire1 -> accel ETHER Type=0800 (IP), size = 60 bytes
fire1 -> accel IP D=192.168.0.120 S=192.168.0.150 LEN=43,
ID=4610, TOS=0x0, TTL=64
fire1 -> accel TCP D=23 S=32891 Push Ack=2427569954 Seq=1197333170
Len=3 Win=49640
fire1 -> accel TELNET C port=32891 \33[A
________________________________
accel -> fire1 ETHER Type=0800 (IP), size = 85 bytes
accel -> fire1 IP D=192.168.0.150 S=192.168.0.120 LEN=71,
ID=20202, TOS=0x0, TTL=60
accel -> fire1 TCP D=32891 S=23 Push Ack=1197333173 Seq=2427569954
Len=31 Win=49639
accel -> fire1 TELNET R port=32891 cat basic_commands__
# snoop -v
Displays the detailed information
Output truncated:
IP: .... ..0. = not ECN capable transport

IP: .... ...0 = no ECN congestion experienced
IP: Total length = 124 bytes
IP: Identification = 30333
IP: Flags = 0x4
IP: .1.. .... = do not fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 1 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = 39f3
IP: Source address = 100.0.0.2, 100.0.0.2
IP: Destination address = 100.255.255.255, 100.255.255.255
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 32768
UDP: Destination port = 111 (Sun RPC)
UDP: Length = 104
UDP: Checksum = 9376
UDP:
RPC: ----- SUN RPC Header -----
# snoop -o /Desktop/snoop_test -d nge0

This command will redirect the output of the command the specified file
OUTPUT:
# snoop -o /Desktop/snoop_test -d nge0

78
# snoop -i /Desktop/snoot_test
Used to read the entries of the file
Note:
Format of the file is different, hence we used # snoop -i to read the entries of the file.
OUTPUT:
# file /Desktop/snoop_test
/Desktop/snoop_test: Snoop capture file - version 2

Swap configuration
Swap is a virtual space added from hard disk drive to the physical memory to increse
the system performance.
In Solaris, swap space can be added either permantly or temp.

At the same time, the swap space can be a file or a dedicated slice.
By default the swap slice will be slice1.
# swap -s
Will display the summary of the swap space totally allocated, used and free.
OUTPUT:
# swap -s
total: 263440k bytes allocated + 42452k reserved = 305892k used, 23162412k
available
# swap -l
will display the information about the swap files, slices along the size in blocks.
OUTPUT:
# swap -l
swapfile dev swaplo blocks free
/dev/dsk/c1d0s1 102,1 8 42700760 42700760
/swap_file - 8 1023992 1023992
# mkfile <size> <name_of_the_file>

will create a file with the specified size.
Note:
Whenever a file is created with defined size using #mkfile command, the file will be with
Sticky bit permission by default.
Eg:
# mkfile 200m /swap_file1
Will create a new file named 'swap_file' with size 200mb.
OUTPUT:
# mkfile 200m /swap_file

# ls -lh / | grep swap_file
-rw------T 1 root root 200M Aug 14 12:32 swap_file1
To add the file to swap memory:

# swap -a <file_name>
Eg: # swap -a /swap_file1
To check:Output:
# swap -l
/dev/dsk/c1d0s1 102,1 8 42700760 42700760
/swap_file - 8 1023992 1023992
/swap_file1 - 8 409592 409592
To delete:
# swap -d <file_name>
Will remove the file from the swap memory
Eg:
# swap -d /swap_file1
To check: Output:
# swap -d /swap_file1
# swap -l
swapfile dev swaplo blocks free
/dev/dsk/c1d0s1 102,1 8 42700760 42700760
/swap_file - 8 1023992 1023992
To add a slice to the swap memory:
1. Create slice using format utility

2. Create the file system for the slice
3. Add the slice to the swap memory by # swap -a
For eg:
# swap -a /dev/dsk/c1d0s5
To make the swap file & slice permanently available

edit the file /etc/vfstab
Eg:
# cat /etc/vfstab
#device device mount FS fsck mount mount

#to mount to fsck point type pass at boot options
#
fd - /dev/fd fd - no -
/proc - /proc proc - no -
/dev/dsk/c1d0s0 /dev/rdsk/c1d0s0 / ufs 1 no -
/dev/dsk/c1d0s1 - - swap - no -
/swap_file - - swap - no -
/swap_file1 - - swap - no -
/devices - /devices devfs - no -
ctfs - /system/contract ctfs - no -
objfs - /system/object objfs - no -
swap - /tmp tmpfs - yes -
# pagesize
will display the pagesize
NOTE:
By default X86 = 4096
Sparc = 8192

OUTPUT:
# pagesize
4096
Solaris Management Console: smc
# smc &
will open a Graphical tool to do adiministration task
The following tasks can be performed through smc.
Storage
Disks, Mounts and Shares, and Enhanced Storage Tools
Devices and Hardware

Serial Ports
Terminal
Launches a terminal window
System Status
Processes, Log viewer, System Information, and Performance
System configuration
Users, Projects, Computer and Networks, and Patches
Services
Scheduled Jobs
To start/stop the smc :
To determine if the SMC server is running:

# etc/init.d/init.wbem status
To start the SMC server:

# /etc/init.d/init.wbem start
To stop the SMC server:

# /etc/init.d/init.wbem stop

Crash/Core & Dump Administration
CRASH DUMP:
OS generates a crash dump by writing some of the contents of the Physcial memory to a pre-
determined dump device, which must be a local disk slice.
/var/crash/ùname -n`/vmcore.x
where
x = integer indentifying the dump
/var/crash/ùname -n`/unix.x
NOTE:
Within the crash dump directory a file named bounds is created. The bounds file holds a number
that is used as a suffix for the next dump to be saved.
The configuration file for crash dump is

/etc/dumpadm.conf
1. This file is not recommened to edit

2. This file provides the following information
a. which slice is dedicated for dump
By default swap slice (slice-1) is dedicated for this purpose.
b. Provides the information about dumpadm or crash
is enabled or disbaled.
c. What contents has to be dumpded. By default Kernel
contents will be dumpded.
d. displays the save core directory.
# dumpadm
This command reads the file /etc/dumpadm.conf and the output will be displayed accordingly.
Eg output is given for kind ref:
OUTPUT:
Dump content: kernel pages

Dump device: /dev/dsk/c0d1s1
Savecore directory: /var/crash/server
Savecore enabled: yes
# dumpadm -d /dev/dsk/c0d1s5
Will change the default (/dev/dsk/c0d1s1) dumpdevice to /dev/dsk/c0d1s5
OUTPUT:

Dump device: /dev/dsk/c0d1s5 (dedicated)


Here the dumpdevice is changed.
OUTPUT:
# dumpadm -n
will disable the save core.
Savecore enabled: no
Here save core is disabled.
OUTPUT:
# dumpadm -y
will enable the save core.
Here save core is enabled.
NOTE:
1. save core is by default enabled.
Only if the save core is enabled dumpadm will dump the contents to the device specified.
2. # dumpadm
command updates the file /etc/dumpadm.conf
and hence the configuration remains permanent.
# dumpadm -s /var/crash/Unix
This command change the save core directory.
OUTPUT:

Savecore directory: /var/crash/Unix/
Here savecore directory is changed.
# dumpadm -c all
This will ask the system to dump all the pages from the physical memory.
The default dump contents is kernel pages.
OUTPUT:
Dump content: all pages


Savecore directory: /var/crash/Unix/

Here the default dump content is changed to "all pages"
Coreadm:
When a process terminates abnormally it typically produces a core file.
1. A core file is a point-in-time copy of RAM allocated to a process.

2. The copy is written to a more permanent medium - hard disk drive.
3. A core file is also a disk copy of the address space of a process at a certain point-in-time.
4. A core file will have the following information:
a. task name
b. task owner
c. priority
at the time of execution.
5. OS generated 2 possible copies of core file based on the configuration.
a. GLOBAL CORE FILE:
i. created mode is 600
ii. owned by super-user
iii. non-priviledged users are not permitted to examine
b. ORDINARY PER_PROCESS CORE FILE:

i. created mode is 600
11. Owned by the owner of the process
NOTE:
If the directory defined in the global core file does not exist, it has to be created manually.
The configuation file is /etc/coreadm.conf
This file is not recommended to edit.

But the updations to the file can be performed by using the command
# coreadm
# coreadm
reads the entries of the file /etc/coreadm.conf and the configuration is displayed.
coreadm pattterns:
%m = machine name
%n = system known name
%p = process-id
%t = decimal value
%u = effective user
%z = which process executes
%g = effictive group id
%f = execuitable file name
-d = disable
-e = enable
# coreadm option argument

MISC:
1. Troubleshooting informations will be available at
# cat /lib/svc/share/README
2. To mount the read only slice as read/write:

# mount -o rw,remount /
3. To view the realse of the operating system:

# cat /etc/release
Solaris 10 11/06 s10x_u3wos_10 X86
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is subject to license terms.
Assembled 14 November 2006
# cat /var/sadm/softinfo/INST_RELEASE
OS=Solaris
VERSION=10
REV=0
To assign the gateway:

# route add default <ip>
eg:
# route add default 192.168.0.150
To view the assigned gateway:
# netstat -r
OUTPUT:
Routing Table: IPv4

-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 accel U 1 20 nge0
192.168.0.0 virtual1 U 1 0 nge0:1
192.168.0.0 virtual2 U 1 0 nge0:2
192.168.0.0 bge1 U 1 0 bge1
224.0.0.0 accel U 1 0 nge0
default 192.168.0.150 UG 1 0
localhost localhost UH 4 1110 lo0
OUTPUT:
# netstat -rn
Routing Table: IPv4


-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 192.168.0.120 U 1 20 nge0
192.168.0.0 192.168.0.121 U 1 0 nge0:1
192.168.0.0 192.168.0.122 U 1 0 nge0:2
192.168.0.0 192.168.0.170 U 1 0 bge1
224.0.0.0 192.168.0.120 U 1 0 nge0
default 192.168.0.150 UG 1 0
127.0.0.1 127.0.0.1 UH 4 1110 lo0
U - Indicates route is up.
G - Route is to a gateway.
To configure DHCP in Solaris-10: Client side configuration:

# touch /etc/dhcp.nge0
where
nge0 = name of the physical interface
# touch /etc/hostname.nge0
# touch /etc/notrouter
# cp /dev/null /etc/defaultrounter
# cp /etc/nsswitch.dns /etc/nsswitch.conf
# cp /dev/null /etc/resolv.conf
# ifconfig -a
# vi /etc/resolv.conf
nameserver 192.163.0.1
# svcadm restart physical
# svcadm restart network
or
# touch /etc/dhcp.nge0
# touch /etc/hostname.nge0
# ifconfig nge0 dhcp drop
# ifconfig nge0 dhcp start
# ifconfig nge0 dhcp status
# ifconfig nge0 dhcp release
To gather the processor staus:

# psrinfo
OUTPUT:
bash-3.00# psrinfo
0 on-line since 08/18/2009 12:43:45
1 on-line since 08/18/2009 12:43:54
To bring the processor off-line:

# psradm -f <processor-id>
eg:
# psradm -f 1
OUTPUT:
bash-3.00# psradm -f 1
bash-3.00# psrinfo
0 on-line since 08/18/2009 12:43:45
1 off-line since 08/18/2009 16:19:39
To bring back the processor on-line:

# psradm -n <processor-id>
Eg:
# psradm -n 1
OUTPUT:
bash-3.00# psradm -n 1
bash-3.00# psrinfo
0 on-line since 08/18/2009 12:43:45
1 on-line since 08/18/2009 16:21:50

ACL = Access Control List
# setfacl = to assign, modify the acl permissions to the file/directory

# getfacl = to view the acl entries assinged to a file/directory
Note:
A file "new" is created and ACL is assigned to the file
# getfacl new
# getfacl -a new
Will display the ACL & other permissions to specified file
Note:
Output of above commands remains same.
OUTPUT:
bash-3.00# getfacl new
# file: new
# owner: root
# group: root
user::rwx
user:che:rwx #effective:rwx
group::rw- #effective:rw-
group:sun:rw- #effective:rw-
mask:rwx
other:r--
bash-3.00# getfacl -a new
# file: new
# owner: root
# group: root
user::rwx
mask:rwx
other:r--
# getfacl -d new
will display only the owner/group of the file specified
OUTPUT:
bash-3.00# getfacl -d new

# file: new
# owner: root
# group: root
Syntax:
# setfacl -s u::<perm>,g::<perm>,o:<perm>,m:<perm>,u:<name>:<perm>,g:name:<perm>
<name_of_file_dir>
where
u = user
g = group
o = other
m = ACL mask
Note:
u,g,o can be replaced with user, group,others respectively
m can be replaced with mask
Here
first
u,g refers the owner of the file and the group the file/dir belongs to.
for eg:
# setfacl -s u::rwx,g::rw-,o:r--,m:rwx,u:che:rwx,g:sun:rw- new
-s = to substitue
OUTPUT:
bash-3.00# setfacl -s u::rwx,g::rw-,o:r--,m:rwx,u:che:rwx,g:sun:rw- new

# file: new
# owner: root
# group: root
user::rwx
mask:rwx
other:r--
# setfacl -m u::rwx,g::rw-,o:r--,m:rwx,u:castro:rwx,g:admin:rw- new

-m = to modify
OUTPUT:
bash-3.00# setfacl -m u::rwx,g::rw-,o:r--,m:rwx,u:castro:rwx,g:admin:rw- new

# file: new
# owner: root
# group: root
user::rwx
user:castro:rwx #effective:rwx

group:admin:rw- #effective:rw-
mask:rwx
other:r--
To get the ACL entries of one file/dir to another file/dir
# getfacl new | setfacl -f - old

# getfacl old
OUTPUT:
bash-3.00# getfacl new | setfacl -f - old

bash-3.00# getfacl old
# file: old
# owner: root
# group: root
user::rwx
user:castro:rwx #effective:rwx
group:admin:rw- #effective:rw-
mask:rwx
other:r--

NFS - Network File System
- Comes under the distributed file system

- Used or enables computers of different arch running different Operating system
- Work with heterogeneous environment.(For eg: Can integrate with Linux)
Advantages of NFS:
- allows multiple computers to use the same files, because all users on the network can access
the same data (based on the permission).
- reduces storage costs by sharing applications on computers instead of allocating local disk
space for each user
- provides data reliability & consistency
- reduces system administration
Note:
1. In Solaris-10 NFS version 4 is used by default.
2. Version related checks are applied whenever a clinet host attempts to access a server's file
share.
3. NFSv4 provides firewall support since it uses a well known port -2049
NFS server files:
1. /etc/dfs/dfstab
- list the locally pemanently shared resources at boot time
- editable file by the root user
Output: ( Along with manually added shares)
bash-3.00# cat /etc/dfs/dfstab
# Place share(1M) commands here for automatic execution

# on entering init state 3.
#
# Issue the command 'svcadm enable network/nfs/server' to
# run the NFS daemon processes and the share commands, after adding
# the very first entry to this file.
#
# share [-F fstype] [ -o options] [-d "<text>"] <pathname> [resource]
# .e.g,
# share -F nfs -o rw=engineering -d "home dirs" /export/home2
share -F nfs -o rw /export/home
share -F nfs /share
share -F nfs -o ro /nfs/share_test
share -F nfs -o rw=natra,ro=solaris -d "test" /source/open
share -F nfs -o rw=natra,ro=192.168.0.0/32 /unix_share

2. /etc/dfs/sharetab
- Not recommended to edit
- File will be updated through "share" , "shareall" , "unshare", "unshareall"
commands
- lists the locally and currently shared resources in the system
Output: (With manuallu edited entries)
bash-3.00# cat /etc/dfs/sharetab

/Desktop/ppt - nfs rw
/export/home - nfs rw
/share - nfs rw
/nfs/share_test - nfs ro
/source/open - nfs rw=natra,ro=solaris test
/unix_share - nfs rw=natra,ro=192.168.0.0/32
3. /etc/dfs/fstypes
- lists the default file system types for remote file systems.
Output:
bash-3.00# cat /etc/dfs/fstypes

nfs NFS Utilities
autofs AUTOFS Utilities
cachefs CACHEFS Utilities
Here,
nfs - used to share the resources across the network
autofs - used to mount the shared resource at client side on demand
cachefs - used to sync the updations performed to the shared resouce.
(This is responsible for maintaining the reliability & consistencty)
4. /etc/rmtab
- lists file systems remotely mounted by NFS clients.
- do not edit this file
Output:
bash-3.00# cat /etc/rmtab

solaris:/nfs/share_test
5. /etc/nfs/nfslog.conf
- lists information defining the location of configuration logs used for NFS server
logging
Output:
bash-3.00# cat /etc/nfs/nfslog.conf

#ident "@(#)nfslog.conf 1.5 99/02/21 SMI"
#
# Copyright (c) 1999 by Sun Microsystems, Inc.
#
# NFS server log configuration file.
#
# <tag> [ defaultdir=<dir_path> ] \
# [ log=<logfile_path> ] [ fhtable=<table_path> ] \
# [ buffer=<bufferfile_path> ] [ logformat=basic|extended ]
#
global defaultdir=/var/nfs \
log=nfslog fhtable=fhtable buffer=nfslog_workbuffer
6. /etc/default/nfslogd
- list configuration information describing the behaviour of the nfslogd daemon
for NFS v2 and v3.
Output:
bash-3.00# cat /etc/default/nfslogd

#
#ident "@(#)nfslogd.dfl 1.8 99/02/27 SMI"
#
# Copyright (c) 1999 by Sun Microsystems, Inc.
#
# Specify the maximum number of logs to preserve.

#
# MAX_LOGS_PRESERVE=10
# Minimum size buffer should reach before processing.

#
# MIN_PROCESSING_SIZE=524288
# Number of seconds the daemon should sleep waiting for more work.
#
# IDLE_TIME=300
# CYCLE_FREQUENCY specifies the frequency (in hours) with which the

# log buffers should be cycled.
#
# CYCLE_FREQUENCY=24
# Use UMASK for the creation of logs and file handle mapping tables.
#
# UMASK=0137
7. /etc/default/nfs
- contains parameter values for NFS protocols & NFS daemons.

Output: (Only selected parameters is displayed)
#NFSD_MAX_CONNECTIONS=
NFSD_LISTEN_BACKLOG=32
#NFS_CLIENT_VERSMIN=2
8. /etc/nfssec.conf
- to enable the necessary security mode.
- can be performed through # nfssec
Output:
bash-3.00# cat /etc/nfssec.conf

#
#ident "@(#)nfssec.conf 1.11 01/09/30 SMI"
#
# The NFS Security Service Configuration File.
#
# Each entry is of the form:
#
# <NFS_security_mode_name> <NFS_security_mode_number> \
# <GSS_mechanism_name> <GSS_quality_of_protection> <GSS_services>
#
#
# The "-" in <GSS_mechanism_name> signifies that this is not a GSS mechanism.
# A string entry in <GSS_mechanism_name> is required for using RPCSEC_GSS
# services. <GSS_quality_of_protection> and <GSS_services> are optional.
# White space is not an acceptable value.
#
# default security mode is defined at the end. It should be one of
# the flavor numbers defined above it.
#
none 0 - - - # AUTH_NONE
sys 1 - - - # AUTH_SYS
dh 3 - - - # AUTH_DH
#
# Uncomment the following lines to use Kerberos V5 with NFS
#
#krb5 390003 kerberos_v5 default - # RPCSEC_GSS
#krb5i 390004 kerberos_v5 default integrity # RPCSEC_GSS
#krb5p 390005 kerberos_v5 default privacy # RPCSEC_GSS
default 1 - - - # default is
AUTH_SYS
Note:
1. If the svc:/network/nfs/server service does not find any 'share' commands in the
/etc/dfs/dfstab tile, it does not start the NFS server daemons.
2. The features provided by mountd daemon and lockd daemons are integrated into NFS v4
protocol.

3. In NFSv2 and NFSv3, the mount protocol is implemented by the seperated mountd daemon
which did not use an assigned, well-knwon port number, which is very hard to use NFS through
firewall.
4. nfsd and mountd daemons are started if there is an entry (uncommented) share statement in
the system's /etc/dfs/dfstab file.
5. Manually create /var/nfs/public directory before starting nfs server logging. (Pls do ref the file
/etc/nfs/nfslog.conf)
4.b. /etc/rmtab
- contains a table of file systems remotely mounted by NFS clients
- after a client successfully completes a NFS mount request, the mountd
daemon on the server makes an
entry in the /etc/rmtab file
- file also contains a line entry fo each remotely mounted directory that has been
successfully unmounted, except that the mounted daemon replacces the first
character in the entry with (#) character.
Output:
bash-3.00# cat /etc/rmtab

solaris:/nfs/share_test
To start/stop the nfs-server:
Solaris-10:
To start/enable:
bash-3.00# svcadm enable nfs/server

bash-3.00# svcadm -v enable nfs/server
svc:/network/nfs/server:default enabled.
To stop/disable
bash-3.00# svcadm disable nfs/server

bash-3.00# svcadm -v disable nfs/server
svc:/network/nfs/server:default disabled.
Earlier vesrsions of Solaris:
/etc/init.d/nfs.server start - to start the service

/etc/init.d/nfs.server stop - to stop the service
NFS server side daemons:

1. statd
2. lockd
3. mountd
4. nfsmapid
5. nfslogd
NFS client side daemons:
1. statd - works with the lockd daemon to provide crash recovery functions for the lock
Manager
2. lockd - supports record-locking operation ofn NFS files
3. nfs4cbd- NFSv4 call back daemon
Note: mountd and lockd daemon runs on both server and client.
Daemons & it's purposes:
1. mountd:
- NOT available in NFSv4
- available in NFSv2 and NFSv3
- mountd daemon is integrated with NFSv4 protocol by default
- handles file system mount requests from remote systeds and provides access
control
- started by: svc:/network/nfs/server service.
Steps involved:
1. mountd daemon checks the /etc/dfs/sharetab file to determine whether a particular file or
directory is shared and whether the requesting client has perission to access the shared
resources.
2. when NFS client issues an NFS mount request, the mount command of the client contact the
mountd daemon on the server. The mountd daemon provides service.
2. nfsd daemon:
- handles client file system requests
- started by: svc:/network/nfs/server
- only root user can start the nfsd daemon
- when a client process attempts to access a remote file resource, the nfsd
daemon on NFS server receives the request and then performs the requested
operation.
3. statd daemon:
- works with the lockd daemon to provide crash recovery functions for the lock
manager
- server's statd daemon tracks the cients that are holding locks on an NFS
server. When the NFS server reboots after a crash, the statd daemon on the server
contacts the statd daemon on client, which informs lockd daemon to reclaim any locks
on the server.
- not used in NFSv4
- started by: svc:/network/nfs/status service

4. lockd daemon:
- intergrated with NFSv4
- supports record locking operations on NFS files
- started bu: svc:/network/nfs/lockmgr
5. nfslogd daemon:
- provides operational logging for NFSv2 and NFSv3
- NFS logging is enabled, when the share is made available
- for all file systems for which logging is enable, the NFS kernel module records
all operations in a buffer file
- operations are performed based on the config file /etc/default/nfslogd
- started by: svc:/network/nfs/server service
6. nfsmapid:
- implemented in NFSv4
- maps owner and group indentification that both the NFSv4 client & server user
- started by: svc:/network/nfs/mapid
- no interface to the daemon, but the parameters can be assinged to the file
/etc/default/nfs
Commands:
# share
- makes a local directory on an NFS server available for mounting
- also displays the contents of the file /etc/dfs/sharetab
syn:
# share
displays the shared contents in the local system
Output:
bash-3.00# share
- /export/home rw ""
- /share rw ""
- /nfs/share_test ro ""
- /source/open rw=natra,ro=solaris "test"
- /unix_share rw=natra,ro=192.168.0.0/32 ""
To share the resouces using # share command:

Note: Sharing done through # share command will be available for current session and will not
exist after reboots.
# share -F <file_sys> <directory>

- will share the specified directory without any Access list to all the clients in the network.
- will update the file /etc/dfs/sharetab
For eg:
# share -F nfs /data_share
Output:
bash-3.00# mkdir /data_share

bash-3.00# share -F nfs /data_share

bash-3.00# cat /etc/dfs/sharetab
/export/home - nfs rw
/share - nfs rw
/nfs/share_test - nfs ro
/source/open - nfs rw=natra,ro=solaris test
/unix_share - nfs rw=natra,ro=192.168.0.0/32
/data_share - nfs rw
Options-1:
# share -F nfs -d "Comment-description" /data_share
here
-F = specifies the file system
-d = description or comment about the shared directory
Output:
bash-3.00# share -F nfs -d "Comment-description" /data_share/

bash-3.00# share
- /share rw ""
- /data_share rw "Comment-description"
Options-2:
# share -F nfs -d "comment" -o rw=solaris,ro=fire2 /data_share
here
-o = specifies the option
ro = read only to the listed clients
rw = read write to the listed clients
# share -F nfs -d "comment" -o rw=solaris,ro=fire2:192.168.0.14 /data_share
Note:
Clients name or ip can be given, seperated by , (commas) or by : (semi-colon)
Output:
bash-3.00# share -F nfs -d "comment" -o rw=solaris,ro=fire1 /data_share/

bash-3.00# share
- /share rw ""
- /data_share rw=solaris,ro=fire1 "comment"

bash-3.00# share -F nfs -d "comment" -o rw=solaris,ro=fire1:192.168.0.14

/data_share/
bash-3.00# share
- /share rw ""
- /data_share rw=solaris,ro=fire1:192.168.0.14 "comment"
Option-3:
# share -F nfs -d "comment" -o root=solaris,rw=fire2,ro=192.168.0.14 /data_share
Output:
# share -F nfs -d "comment" -o root=solaris,rw=fire2,ro=192.168.0.14 /data_share
bash-3.00# share
- /share rw ""
- /data_share root=solaris,rw=fire2,ro=192.168.0.14 "comment"
here
root=<client_name_or_ip>
root=solaris
- informs the client that the root user on the specified client system or systems can
perform super-user
priviledge requests on the shared resource
Option-4:
# share -F nfs -d "comment" -o ro=@192.168.0.* /data_share
Output:
bash-3.00# share -F nfs -d "comment" -o rw=@192.168.0.* /data_share/

bash-3.00# share
- /share rw ""
- /data_share rw=@192.168.0.* "comment"
To share to resouce to the specified network
Option-5:
# share -F nfs -d "comment" -o ro=aita.com /data_share
Output:
bash-3.00# share -F nfs -d "comment" -o ro=aita.com /data_share/

bash-3.00# share
- /share rw ""
- /data_share ro=aita.com "comment"
To share the resource only for that domain.
2. # unshare
- makes a previously available directory unavilable for client side mount
operations
# unshare /data_share
Output:
bash-3.00# share
- /share rw ""
bash-3.00# unshare /data_share/
bash-3.00# share
- /share rw ""
3. # shareall
- reads & executes shared statements from the file /etc/dfs/dfstab
NOTE: All the above discussed share options can be edited to the file /etc/dfs/dfstab and the
syntax remains same.
Output:
bash-3.00# shareall
bash-3.00# share
- /share rw ""

NOTE: Few entries from the /etc/dfs/dfstab
share -F nfs -o rw /export/home

share -F nfs /share
share -F nfs -o ro /nfs/share_test
share -F nfs -o rw=natra,ro=solaris -d "test" /source/open
share -F nfs -o rw=natra,ro=192.168.0.0/32 /unix_share
4. # unshareall
- makes previously shared resoures unavailable
Output:
bash-3.00# share
- /share rw ""
bash-3.00# unshareall
bash-3.00# share
bash-3.00#
5. # dfshares
- lists available shared resources from the remote/local NFS server
# dfshares 192.168.0.252
Output:
bash-3.00# dfshares 192.168.0.252

RESOURCE SERVER ACCESS TRANSPORT
192.168.0.252:/export/home 192.168.0.252 - -
# dfmounts
- displays a list of NFS server directories that are currently mounted at the
clients
- reads the entry from the file /etc/rmtab
At client side:
To make the resource permanently available edit the file /etc/vfstab.

eg entry from the client:
fire2:/nfs/share_test - /mnt/point3 nfs - yes

ro,nosuid
fire2:/share - /mnt/point1 nfs - yes -

Autofs
Autofs
- It's a clinet side sevice to make the shared resource available at the client side
- On demand.
- Autofs file is initialized by
/lib/svc/automount script
/lib/svc/method/svc_autofs script starts the autofs daemon.
NOTE:
automountd deamon is completely independent from the automount command. Because of this
seperation, we can add/modify/delete map information without having to stop and start the
automountd daemon process.
Autofs types:
1. Master map
2. Direct map
3. Indirect map
4. Special map
Master map:
1. Lists the other maps used for establishing the autofs file system.
2. The automount command reads this map at boot time.
/etc/auto_master is the configuration file which have the list of direct & indirectly automounted
resources.
Output: (With default entry to the file /etc/auto_master)

#
# ident "@(#)auto_master 1.8 03/04/28 SMI"
#
# Master map for automounter
#
+auto_master
/net -hosts -nosuid,browse
/home auto_home -nobrowse
Direct map:
Lists the mount points as ABSOLUTE PATH names. This map explicitly indicates the mount point
on the client.
Usually /usr/share/man directory is a good example for direct mapping.
/- mount point is a pointer that informs the automount facility that full path names are defined
in the file specified by MAP_NAME (for eg: here its /etc/direct_map).

NOTE:
1. /- is NOT an entry in the default master map file (/etc/auto_master)
2. The automount facility by default automatically searched for all map related file in /etc
directory.
Output: ( After adding a manual entry to the file)

#
# ident "@(#)auto_master 1.8 03/04/28 SMI"
#
# Master map for automounter
#
+auto_master
/net -hosts -nosuid,browse
/home auto_home -nobrowse
/- direct
/- /direct
Note-1:
Here
1. "direct" is the file name that has to be resided under /etc/ dir.
It's mandatory.
This file will have the absolute path of the shared resource & mount point at the
client.
2. This file has to be manually created.
3. The name of the file can be anything.
Output:
The entry to the file /etc/direct

bash-3.00# cat /etc/direct
/usr/share/man 192.168.0.150:/usr/share/man
Note-2:
Here
1. "/direct" is the file name that is residing under / directory.
If the direct maping file is NOT residing under /etc dir, the full path of the file
has tobe specified.
2. This file will have the absolute path of the shared resources & mount point at the
client.
3. Again the name of the file can be anything
Output:
They entry of the file /direct

bash-3.00# cat /direct
Indirect map:
Are simplest and most useful autofs.
Lists the mount points are relative path names. This map uses a relative path to establish the
mount point on the client.
/export/home - is a good example for indirect map while implementing NIS.
An indrect map uses a key substitute value to establish the association between a mount point
on the client and a directory on the server. Indirect map are useful for accessing specific
filesystems, such as home directories, from anywhere in the network.
Special map:
Provides access to NFS service by using their host names.
By default special maps are enabled.
/net directory is a good example for special map.
This directory has the list of the hosts connected in the network.
Once if we open the dir with the name of the host, this displays the shared resources of that
specified host.
It's similar to the network neighbourhood in windows.
Output:
bash-3.00# cd /net
bash-3.00# ls
fire1 localhost loghost natra solaris sunfire2
bash-3.00# cd fire1
bash-3.00# ls
usr
NOTE:
+ symbol at the beginning of the
+auto_master line in the /etc/auto_master file directs the automountd daemon to look at the
NIS, NIS+ or LDAP databases before it reads the rest of the map.
If this line is commented out, only the local files are searched
unless the /etc/nsswitch.conf files specifies that NIS, NIS+ or LDAP should be searched.
auto_home
This maps provide the mechanism to allow users to access their centrally localted $HOME
directories
-hosts map
Provides access to all resources shared by NFS servers. The server are mounted below the
/net/hostname directory, or if only the server's ip-address is known, bleow the /net/ipaddress
directory. The server does not have to be listed in the hosts database for this mechanism to work.
To view the status of the autofs:
Output:
bash-3.00# svcs -a | grep autofs

online 11:51:59 svc:/system/filesystem/autofs:default
To start/stop the autofs:
# svcadm enable svc:/system/filesystem/autofs:default - to start
# svcadm disable svc:/system/filesystem/autofs:default - to stop
EG: for Direct Maps:
SERVER SIDE configuration:

For sharing the man pages from the server 192.168.1.51 to clients.
1. Edit the file /etc/dfs/dfstab

share -F nfs -o ro /usr/share/man
2. Save the file
CLIENT SIDE configuration:
1. Edit the file /etc/auto_master

/- direct_map
2. Save the file
3. Create a file /etc/direct_map file with the following contents

edit:
# vi /etc/direct_map
4. Save the file
5. Make sure autofs service is running

# svcs -a | grep autofs
Start the service if its offline.
# svcadm enable autofs
6. Then automount the shared resources.

# automount -v
here
-v = provides the detailed information about the automounted resources.
Output:
bash-3.00# automount -v
automount: /usr/share/man mounted
automount: no unmounts

Scsa Part 1

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Scsa Part 1

Hochgeladen von

Copyright:

Verfügbare Formate

SUN SOLARIS 10 OS

Sun Solaris 10 Operating System Page 2 of 145

Aravindh - induced me to script this valuable document.

Fingered by: Manickam Kamalakkannan

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

Solaris Certified System Administrator - SCSA

SCSA - Part 1 - 310-200

SCSA PART -2: 310-202

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

Basic Unix commands

d r-x r-x r-x 6 root root 512 Jun 7 21:45 vol

A = specifies the name is a file or a directory

B = Permissionship for the owner of a file or dir

C = Permissionship for the group of a file or dir

D = Permissionship for the other

E = Specifies the link count

F = Owner of the file or directory

G = Specifies the group to which the file or directory belongs

H = Size of the file or directory

J = Date and time of creation

K = Name of the file or directory

syn: # mkdir <dir_name>

syn: # mkdir -p <path_of_the_dir>

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

eg: # mkdir -p /ims/solaris/delhi

syn: # cat <file_name>

syn: # cat <path_of_the_file>

syn: # cat >> <file_name>

syn: # cat <file_name>

# cat -n > <file_name>

# cd - to chage the directory

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

SYN: # hostname <host_name>

syn: # which <command>

ctrl+d = to save the message

syn: # write "user_login_name"

# wc = to count the number of words, lines, characters in a file

syn # wc -lwc <file_name>

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

# cp - to copy a file or a directory

syn: # cp <source_file> <destination_file>

# mv - to rename or move or to cut and paste the file or directory

No option is required to move a directory

Only with bash shell:

ctrl+l = to clear the screen

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

# alias - to assign the shortname to a command

To change the shell:

To come out of the shell:

Default shell for Sun Solaris = Bourne (sh)

# bg = to view the process running at the back ground

# grep - to search a key word

# grep <keyword> <file-name>

# grep -i one rose

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

# grep -v one rose

# grep -h good rose jai

# rm - to remove the file

# rmdir - to remove or delete the directory

Sun Solaris 10 OS/Storage-SVM,VxVM/Cluster Manickam Kamalakkannan

# tar - Tape ARchieve

# tar -cvf <file-name>.tar <source-file>