หลักสูตร UNIX Solaris System & Network Administrator

UNIX Solaris System & Network Administrator
Training Professional Center
Introduction

Unix System and Network Administration (Solaris, Linux, FreeBSD) Microsoft Windows 2003 System Environment, Active Directory, Network Infrastructure Cisco Network Fundamental Information Security Consultant

Unix System Administrator (Solaris)

Perform basic Unix tasks Understand basic Unix commands Use vi text editor Interact with a windowing system
Unix
Day 1

Introduction Solaris System Administration Basic OS Commands Understanding Shells User Accounts and Groups Rights and Roles File Systems, Backup and Recovery Administering Devices
Day 2

( )
Administering Systems Printing Service Network Service & Remote access Software Packages & Patches Tuning & Recognizing File Access Problems New Feature Enhancements in Solaris 10
Day1 Day1
1. 2. 3. 4. 5. 6. Introduction Solaris System Admin Basic OS Commands Understanding Shells User Accounts and Groups Rights and Roles File Systems
8
1. Introduction Solaris System Admin
Path Structure
bin sbin
dev mnt
etc
Home
tmp
usr
export
var
John
Ken
doc
data
data
10
Demonstration Login with root

root Password
# pwd cd / ls l ls l h*
11
LAB1-1: Server Preparation 1

1.

Enable 3 Solaris systems (By VMWare)

Duplicate 3 VMs Introduce VMWare with Solaris 10 Introduce Solaris 10 (CDE, Java Desktop System-Gnome)
2.
Set server information

vi command
Command Mode

ESC Key i Insert Key a Append ESC :q! , ZZ EST :wq!
Edit Mode Exit vi Save text
Define host name

/etc/hosts
suwit001, suwit002, suwit003
/etc/hostname.<Interface> /etc/nodename
12
LAB1-1: Server Preparation 1

1.

Set network properties

Define IP addresses
/etc/hosts
/etc/hosts (Map IP Hostname) Type 192.168.1.73 suwit001 /etc/hostname.pcn0 ( IP NIC) Type suwit001 ( /etc/hosts) /etc/nodename (hostname) Type suwit001 ( $> init 6 (reboot)
Training Professional Center 13
/etc/hosts)
1.1 SPARC and IA System Admin Difference

Category
System operation before kernel load
SPARC
OpenBoot PROM
IA
BIOS Solaris Device Config Assistant MDB (Multiple Device Boot) Command Option at MDB
Booting system
Command Option at PROM
14

Category
Boot Program
SPARC
bootblk (Pri. boot program) ufsboot (Sec. boot program) load kernel
IA
mboot (MBR) pboot (Solaris Partition boot program) bootblk (Pri. boot program) ufsboot (Sec. boot program) load kernel
15

Category
System Shutdown
SPARC
shutdown,init w/o intervention SCSI, IDE
IA
shutdown,init w/ intervention SCSI and IDE
Disk Controller
Disk slice and partition
Max. 8 slices (0-7)
Disk Max. 4 fdisk partition Sol fdisk 10 slices (0-9) but 0-7 store data 3.5, 5.25-inch
Diskette drive
3.5-inch diskette drive
16
1.2 Solaris System Software Evolution

Release
Solaris 1.0 (SunOS 4.x) Solaris 2.0 (SunOS 5.0) Solaris 2.1 (SunOS 5.1) Solaris 2.2 (SunOS 5.2) Solaris 2.3 (SunOS 5.3) Solaris 2.4 (SunOS 5.4) Solaris 2.5 (SunOS 5.5) Solaris 2.5.1 (SunOS 5.5.1) Solaris 2.6 (SunOS 5.6) Berkeley (BSD) Unix SVR4 (AT&T) and BSD Admin Tools GUI, Print/Accout Manager, Vol Manager CDROM VFS,Online Backup, PAM, PPP, CacheFS (NFS), NIS+ Motif GUI (Installation) PAX,Soltice Admin Suite, Process Tool (/proc), Telnet client (4.4 BSD version), Improve rlogind, telnetd UserID,GroupID extend to max. sign integer Printing Software (NIS,NIS+), Large file support (UFS,NFS, CacheFS), NFS Kerberos use DES, RPC (GSS-API), Y2K compliance, WebNFS, JVM 1.1
Feature
17

Release
Solaris 7 (SunOS 5.7) Solaris 8 (SunOS 5.8)
Feature
64bits (SPARC only), LDAP, Dynamic reconfiguration, AnswerBook2, Unicode, RPC security, CDE (new tools) IPv6, Naming LDAP, Java2, Wizard (Installation), UDF (Universal Disk Format), DVD, Smart card, PDA, Multilanguage (90 locals,37 langs), XServer (X11R6.4), RBAC (Role-Based Access Control) Mobile IP, Removable Media (DVD,Zip,Jaz,CDROM,diskette) IP Multipathing with NICs, WBEM (Web-Based Enterprise Management, Print USB LDAP+iPlanet WebServer, SMC 2.0 (RBAC), WBEB (init.wbem, update security, SMC Log viewer), USB (Sun Blade 100, 1000 and Sun Ray system) New BIND, sendmail 8.10, IP multipathing with dynamic reconfiguration (DR), Mobile IP (reverse tunnel) PPP 4.0 (async,sync comm., PAP, CHAP), NCA (Solaris Network Cache Accelerator), IP Multipathing (IPMP reboot safe) DR 3.0 (Automated DR), USB (KB,Mouse,Printer,Audio) RPC (Sun ONC+ async protocol)
Solaris 8 (SunOS 5.8) (6/00) Solaris 8 (SunOS 5.8) (10/00) Solaris 8 (SunOS 5.8) (1/01) Solaris 8 (SunOS 5.8) (4/01) Solaris 8 (SunOS 5.8) (7/01) Solaris 8 (SunOS 5.8) (10/01) Solaris 8 (SunOS 5.8) (2/02)
18

Release
Solaris 9 (SunOS 5.9)
Feature
Resource Manager (allocate resource), Fixed-priority (FX), Web Start Flash Install (master,clone), Live Upgrade, New option (df, du, ls, 1K unit), pargs and preap (process debugging), NIS+ LDAP, Sun Internet FTP Server, sendmail 8.12, Improve NCA, IPMP (link-up-down), Mobile IP (advertise dynamic if), BIND 8.2.4, Solaris volume manager, SMC 2.1 (6 new tools), smpatch, Solaris Secure Shell, cdrw (Write CD) X86/X64, SPARC Solaris Container Grid Container (Isolate App, Service, Allocate resource, Increase resource utilization) Solaris Secure Execution (File Integrity and Secure Execution, User&Process Right Management, IP Filter Firewall, Cyptographic Service/Secure, Enterprise Authentication LDAP,PW,MD5,Kerberos,Smartcard) Solaris Dynamic Tracing (easy to analyze, debug, optimize system, App in Realtime, Patch Management) Solaris Predictive Self Healing (Auto diagnostic, isolate recovery from H/W, App fault)
Solaris 10 (SunOS 5.10)
19
1.3 Understanding Superuser Status nding Special UID = 0 (/etc/passwd) Root Perform system admin tasks

mount/unmount file system change ownership or permission backup/restore create device file shutdown system
20
LAB1 LAB1-2: Become Superuser (su) 1. Switch user at shell prompt

Shell prompt ($>, %>), type su Enter password (root) Environment enable, type su
su root su user1
Exit Superuser status, type exit
21
LAB1 LAB1-2: Become Superuser (su)

2. Logging in as Root

Login prompt,
type root (Enter) type password (Enter)

Add user
$> useradd d /export/home/username username
Check logon user

$> who am i $> id $> w $> finger
22
Screenshot
23
1.4 Communicating with Users

Message Of The Day (motd)

/etc/motd write username write username < filename wall rwall n group
walld /etc/inetd.conf
Send Message to Individual User

Send Message to All Users on System or Network

Send Message by E-mail

1.5 Starting Up Systems Choosing and Init State

0 Go to Firmware S or s Single mode (single logon) 1 Single admin mode mount all file system 2 Multi-user without NFS (Network File System) 3 Multi-user with NFS 4 No use 5 Power off (shutdown running services) 6 Reboot (shutdown running services and restart)
25
1.5 Starting Up Systems The /etc/inittab file

Default run level for system Process start, monitor, and restart if terminate Action to take when system enter new run level
id:rstate:action:process
26
1.5 Starting Up Systems Run Control Scripts

/sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 and /sbin/rc6 /sbin/rcS who -r

27
Finding Run Level for System

1.5 Starting Up Systems Run Control Script

Form
S,K[0-9][a-z][A-Z] S10webserver S20dbserver
/etc/rc3.d
S10webserver S20dbserver
28
1.5 Starting Up Systems Using Run Level

Run Level 0 Run Level s and S Run Level 1 Run Level 2 Run Level 3 Run Level 4 Run Level 5 Run Level 6
29
1.5 Starting Up Systems Change Run Level

Become superuser $> telinit [run level] (Recommend) $> init [run level] shutdown y g [period] i [run level] [message] Example shutdown y g 30 i 6 System will shutdown

30
1.5 Starting Up Systems

Booting Protocols

SPARC Platform (OpenBoot PROM)

bootblk ufsboot kernel init
IA Platform (PC BIOS)

mboot (Master Boot Record) pboot (Partition boot program) bootblk ufsboot kernel init
31
1.5 Starting Up Systems Booting System

Turn off system power because of power outage Change kernel parameters in /etc/system Perform system maintenance, backup or restore system data Repair system configuration file /etc/system Changing pseudo device parameters in /etc/system Add or remove hardware from system Boot kernel debugger to track down system problem
32
1.5 Starting Up Systems view Boot Message

/var/adm/messages halt d (save in swap file system) dumpadm (configure crash dump) savecore (/var/crash/hostname) SPARC IA
33
Crash Dump & Reboot system

Boot System for Recovery Purpose

1.5 Starting Up Systems Boot System for Recovery Purpose

SPARC IA
Boot from Solaris 10 Installation CD Screen selection mode

b s $> mount /dev/dsk/c0d0s0 /a $> cd /a/etc $> vi passwd $> vi shadow (in case of password recovery)
34
1.5 Starting Up Systems Search text in file

grep search string filename $> grep Aug 22 13:56 /var/adm/message $> grep i Aug 22 13:56 /var/adm/message egrep $> cat > filename $> touch filename $> vi filename (save and exit)
35
Create file with zero byte

1.5 Starting Up Systems Shutdown System

Turn off system power Install a new release Prepare power outage Add hardware to system Perform maintenance file system
36
1.5 Starting Up Systems Shutdown System

Recommendation
/usr/sbin/shutdown /etc/telinit and /sbin/init
Not Recommendation
/usr/sbin/halt /usr/sbin/reboot
/usr/sbin/uadmin 2 0
37
1.5 Monitoring Processes $> ps $> ps ef | grep userid $> prstat
38
Check boot configuration

$> cd /usr/platform/i86pc $> eeprom
39
Desktop Resolution Setting

1. Command Login prompt 2. Login as root 3. $> kdmconfig 4. Follow step - Xsun server - XF86 VMWare - MutipleFrequency 56kHz - 800x600 @16777777
40
Review all exercises System startup Vi Su Adduser
41
2. Basic OS Commands
42
List file in directory

$> pwd (Check current pathname) $> ls $> ls l

Show detail of file

Permission Ownership/Group File size Last update date Link (symbolic link)
$> ls la

Show hidden file (prefix (.) )

43
Monitoring Disk usage df df /dev/dsk/c1d0d2
44
Monitoring Disk usage (cont.) du
45
File permission
rwxrwxrwx r = Read w = Write x = Execute Ownership u = User g = Group o = Other Example: rw-rw-rw110110110 rwxrwxrwx r-xr-xr-x 555 filename
root superuser /etc/hosts 666 777
46
Changing File permission

chmod 1. $> chmod 777 filename rwxrwxrwx filename $> chmod 744 filename rwxr--r-2. $> chmod u-w filename r-xrwxrwx 3. $> chmod u+w filename rwxr--r-Sign + = add permission Sign - = del permission
User mask (umask)

Setting default permission with umask

Its subtract 666-umask value (666-222=444, 222 is umask value)
Example

Umask 022 touch data.txt ls -l

48
Sticky bit permissions Protected files from being deleted by other users Should be set on the top-level directory Example

chmod +t somedir
49
Access Control List getfacl
setfacl
Example

setfacl m user:username:r secret.doc

50
Change ownership of file

Chown

$> chown userid:groupid filename
Finding file in system

find <path> -name filename print $> find / -name passwd print
view content of file

$> more filename Key / search-text Key n next search-text

51
view at the end of file (tail) $> tail filename (show last 10 lines) $> tail f filename (view last update information) view at the beginning of file (head) $> head filename (show first 10 lines)
52
Solaris Management Console (SMC)

$> smc & (background running) $> smc (forground running)

Key Ctrl-Z Key bg Key fg
Find Disk space

$> df k (1K block) $> df h (1K unit KB, MB,GB) $> du k [pathname] (1k block) $> du h [pathname] (1K unit KB, MB,GB)
53
Find Disk Usage
2.1 Finding User Information $> who -r
54
2.2 Creating & Editing Files $> vi filename

Command mode (Key ESC) Edit mode (Key i, a)
$> cat > filename $> touch filename
55
2.3 Using Manual Page $> man [keyword]

$> man useradd $> man mkdir $> man man
56
2.4 Finding Disk Information $> df k $> df h $> man df
57
Set Environment set command
58
Set Parameter
59
3. Understanding Shells
60
3.1 Tasks Common to All Shells Aliases History list .profile .cshrc
61
Aliases
Example

Alias dir = ls al
62
History list
Example

History ![number] for calling
63
.profile .profile can contain any commands and environment settings Example

TERM=vt220; export TERM Define in /etc/skel/profile.local
64
.cshrc
65
Environment Variables Environment Variable
Example:
Shell command Source (.) Basename Cat Cd Chgrp Date Find Grep
Shell command (cont.) Head Less Ls Mkdir More Pwd Rmdir tail
Source (.) Common Path

/etc/myscript.sh .myscript.sh sh myscript.sh ./myscript.sh
Source Path

69
Demonstration
Shell Command

Source (.) Basename Cat Cd Chgrp Date Find Grep
Grep Head Less Ls Mkdir More Pwd Rmdir Tail wc
70
Changing Shells from command line $> csh $> ksh $> sh $> bash $> tcsh Exit from Shells $> exit
Shell Scripts .Profile script Shell argument
72
Demonstration: Shell script #1 #1 touch count_line.sh Chmod +x count_lines.sh vi count_lines.sh

#!/bin/sh Echo Number of lines infile $1 wc l $1 ./count_lines.sh /etc/group

73
Execute

Demonstration: Shell script #2 #2

vi count_lines.sh

#!/bin/sh If test a $1 then echo Number of lines infile $1 wc l $1 Else

Echo the file $1 does not exist
fi ./count_lines.sh /etc/group
74
Execute

Demonstration: Shell script #3 #3 vi count_lines.sh

#!/bin/sh If test r $1 then echo I can read the file $1 else

Echo I cant read the file $1
fi ./count_lines.sh /etc/group
75
Execute

Test facility
-a All -b file is a special block file. -c file is a special character file. -d file is a directory. -f File is a normal file -h File is a symbolic link. -p File is a named pipe. -s File has nonzero size. -w File is writable by the current user. -x File is executable by the current user.
Demonstration: Shell script Looping #1 #1

touch loop1.sh vi loop1.sh

#!/bin/sh For i in apple orange lemon kiwi guava Do DATAFILE=$i.dat echo Checking $DATAFILE if test s $DATAFILE then echo $DATAFILE is OK else echo $DATAFILE has zero-length fi done
77
4. User Accounts and Groups
78
Database User&Group Infrastructure
Root /etc/shadow
/etc/group
/etc/passwd
79
4.1 Tools for Adding and Admin User Accounts $> smc & $> useradd $> userdel Creating password for user $> passwd username
80
4.2 Adding an user Account (smc)
81
Adding an user account (useradd)
Example
82
How to use useradd
83
Create Multiple Users (smc)
84
Create Multiple Users (cont.)
85
Delete user (userdel)
Example

Userdel r user1
86
4.3 Setting Up & Admin Groups (smc)
87
Groupadd
Example

Groupadd office Groupadd g 120 engineer
/etc/group
88
Groupmod
89
Change Password
root Password
owner
90
5. Rights and Roles
91
5.1 Using SMC to Grant Access Rights to Users
92
5.2 Using SMC to Admin Role Accounts
93
Using SMC to Admin Role Accounts (cont.)
94
5.3 RBAC Databases
Rights
Roles
Root
/etc/security/auth_attr
/etc/user_attr
95
5.4 Command to Manage RBAC
96
6. File Systems
97
File System Overview

CwTxDySz Disk
New Disk Controller
Slice0 Slice1 SCSI/IDE
target
No target
98
Disk arrangement Cwtxdysz Example

C0t0d0s0 C : Controller T : Target D : Disk S : Slice (partition)
99
Formatting
Example

Format , Press Enter key.

100
Type of File Systems

Disk based Network based virtual (formerly pseudo) Disk based file system

UFS (Unix File System) HSFS (ISO 9660) CDROM Readonly PCFS (PC File System) DOS-format, Floppy disk UDFS (Universal Disk Format file system) (CDRW, DVD-ROM)
101
Type of File Systems Network based

NFS (Network File System)

NFS Server NFS Client
virtual File System

CacheFS
Boot CDROM, mount file system store in Memory
TMPFS (Temporary File System)

/tmp, /var/run
102
Type of File Systems virtual File System

CacheFS
Boot CDROM, mount file system store in Memory
TMPFS (Temporary File System)

/tmp, /var/run
PROCFS (Process file system)

/proc
103
Example: Formatting
IDE Disk
Fdisk
Partition
NewFS > mnt

Adding new Harddisk $> touch /reconfigure $> telinit 5 Install new HDD+ Power on $> format

0: c0d0 1: c0d1 2: c0d2

105
Adding new Harddisk $> format format> partition partition> help partition> 0 (0-7) partition> tag id partition> permission flag (wm) partition> size (Cylinder) partition> label (Save partition) partition> quit
Adding new Harddisk $> newfs /dev/rdsk/c0d[1]s[0] $> man newfs Mounting file system Create mount point $> mkdir /export/software

/export/software /dev/dsk/c0d1s0
$> mount /dev/dsk/c0d1s0 /export/software

Adding new Harddisk

Mount on booting

Edit in file /etc/vfstab
108
Setting up Disk Slices

Slice 0 1 2 3 4 5 6 7 8 9 File system Root Swap Backup /opt /usr /export/home Description Hold files and directories that make OS Provide virtual memory or swap space Refer to the entire disk, by format command Up to design Up to design Hold App software added to the system Hold OS command, run by users, document, system program Hold home folder from remote system Contain the boot slice info at the beginning of Solaris partition enable boot from HDD Provide area reserved for alternative disk block. Alternative sector slice. Both Both Both Both Both Both Both Both Both Both Client/Server
109
Day 2
7. Administering Systems 8. Printing Service 9. Network Service & Remote access 10. Software Packages & Patches 11. Tuning & Recognizing File Access Problems 12. New Feature Enhancements in Solaris 10
110
7. Administering Systems
111
Determine Hostid $> hostid $> sysdef h $> sysdef > /tmp/sysdef.txt Host information $> uname a Display System Information $> prtconf
How long a system has been up $> uptime Find system was booted $> who b System date / time $> date Setting date / time $> date mmddHHMMyy
Changing Timezone Edit in file /etc/TIMEZONE TZ=Asia/Bangkok The complete list of time zone variables /usr/share/lib/zoneinfo
114
Checking the data consistency of File system $> fsck /dev/rdsk/c0d1s0 Finding whether need to checking

/dev/rdsk/c0d1s0 /export/data $> umount /export/data $> fsck m /dev/rdsk/c0d1s0 If need, init S or s $> fsck /dev/rdsk/c0d1s0 $> man fsck
115
Backup & Restore File System

Tape Device

/dev/rmt/0 Tape 1 /dev/rmt/1 Tape 2 $> ufsdump 0cuf /dev/rmt/0 /dev/dsk/c0d0s0 $> man ufsdump
Backup file system

Restore file system

$> ufsrestore $> man ufsrestore

116
Ufsdump Command
117
Ufsdump parameter
/usr/sbin/ufsdump [options] [arguments] files to dump Options
-f : dump to file -u: update the dump record -v: verify -c: Cartridge Example

Entire Slice> Tape : ufsdump 5fuv /dev/rmt/1 /dev/rdsk/c0t3d0s6

118
Ufsrestore Command
119
Ufsrestore parameter
/usr/sbin/ufsrestore -i : Interfactive -f : Restore selected file -t : Testing -a: archive_file
Example

Restore Entire Media: ufsrestore if /tmp/backup.dat

120
Ufsrestore (Interactive)
121
Backup & Restore File System Backup Strategy

Full Backup Differential Backup Incremental Backup

MON TUE Full D I I WED Full D I THU Full D I FRI Full D Full Full Full
NORM DIFF INC
122
Backup & Restore File System /dev/dsk/c0d0s0

/dbasefile /backup
/dev/dsk/c0d1s0

$> ufsdump 0a /backup/full.dat /dev/dsk/c0d0s0

/backup/full.dat
$> ufsdump 0c /dev/rmt/0 /dev/dsk/c0d0s0

Backup & Restore File System List Table of content $> ufsrestore ta /backup/full.dat Extract data from backup device $> ufsrestore ia /backup/full.dat ufsrestore> help ufsrestore> ls ufsrestore> add [filename] ufsrestore> extract
Backup & Restore File System

Disk Duplicate Backup full disk space $> dd if=/dev/dsk/c0d0s2 of=/dev/dsk/c0d1s2 Tar file $> cd / $> tar cvf /export/data/full.tar ./etc Untar file $> cd /export/extract $> tar xvf /export/data/full.tar [.] $> compress f full.tar

full.tar.Z $> uncompress full.tar.Z tar xvf full.tar
$> tar cvf - ./etc | gzip - > /export/data/full.tgz $> gunzip full.tgz tar xvf full.tar
Creating data CDs $> cdrw
126
8. Printing Service
127
Printer Overview
Server Printer
Print Device
Print Device Client Desktop
128
Solaris Print Manager
129
Printer Manager $> /usr/sadm/admin/bin/printmgr & Name service = File Click Menu Printer

Add Attached Printer Add Network Printer
$> lpadmin $> lpq

New Attach Printer
131
Setting Print Server (P421-422) (P421-422) Printer Name Server Name Network printer access name IP address for the printer Protocol (TCP)
132
How to Set Printer with command line Install printer

Install Printer Device Lpadmin Accept (Print Queue) Enable (Activate Printer for Lp) Lpstat Lp, Lpr
133
Monitoring

Using Printer

Lpadmin command
134
Example: Lpadmin
135
Accept Command
136
Enable Command
137
Lpstat Command
138
Lp command
139
Setting Print Server Step by Step

Login as root $> lpadmin p HPLJ4050 v /dev/null $> accept HPLJ4050 $> enable HPLJ4050 $> lpstat p HPLJ4050 $> lpstat p HPLJ4050 l For more Information Printing $> lp d HPLJ4050 n 1 filename Cancelling Printing $> lpstat p HPLJ4050 Find request-id $> cancel [request-id]
9. Network Services & Remote Access
141
Configure Host and IP address w/ Multi-NICs Multi$> touch /reconfigure $> init 5 Install Network Cards Power On $> cd /etc $> vi hosts

IP address0 hostname0 IP address1 hostname1 IP address2 hostname2 hostname.pcn0 hostname0 hostname.pcn1 hostname1 hostname.pcn2 hostname2
/etc/hostname.[interface]
142
Configure Host and IP address w/ Multi-IP Multi$> cd /etc $> vi hosts

IP address1 hostname1 IP address2 hostname2 IP address3 hostname3 hostname.pcn0:1 hostname1 hostname.pcn0:2 hostname2 hostname.pcn0:3 hostname3
143
/etc/hostname.[interface]:[1-99]

NFS (Network File System)

Server Login as root $> ps ef | grep nfsd $> mkdir /export/share $> share F nfs o rw /export/share

/etc/init.d/nfs.server start
$> share Check sharing $> dfshares Check sharing Client $> mkdir /export/share $> mount F nfs hostname:/export/share /export/share $> mount Check mounting $> df Check mounting
Example
145
Start / Stop process $> processname [&]

[&] is for running as background process CTRL-Z $> bg $> fg (For running as forground process
$> processname

$> ps ef | grep processname $> kill [process id] $> pkill [processname]
Network Setting Up Define IP address [Static IP]

Edit /etc/hosts
192.168.1.200 suwit001 suwit001
Edit /etc/hostname.pcn0 Edit /etc/nodename

suwit001
DHCP Client

$> /sbin/dhcpagent
Request Network Information from DHCP Server
147
Checking Network Setup

$> ifconfig a

Check ip address Check routing table (Look for line default) Check nameserver (DNS)
$> netstat rn netstat r n

$> more /etc/resolv.conf

$> more /etc/defaultrouter [Static ip] Manually add routing table route add default [gateway ip]

$> route add default 192.168.1.1

148
Network Setting with Multiple NICs

File /etc/rc3.d/S69staticroute /etc/rc3.d/S69staticroute Route add [networkid] [gateway ip] 192.168. 192.168.9.0 / 24
Server
192.168. 192.168.1.1 203.151.100. 203.151.100.1 pcn0 .10 pcn1 .10
203.151.100. 203.151.100.0 / 24 Route add [NetworkID] [Gateway IP] $> route add 0.0.0.0 203.151.100.1 203.151.100. $> route add default 203.151.100.1 203.151.100.
192.168. 192.168.1.0 / 24 Route add [NetworkID] [Gateway IP] $> route add 192.168.9.0 192.168.1.1 192.168. 192.168. $> route add 192.168.9.9 192.168.1.1 192.168. 192.168.
149
Remote Login Desktop Manager

Click Remote Login Click Choose from list $> rlogin hostname [ip address of remote system] $> telnet hostname [ip address] Edit file /etc/default/login Comment line #CONSOLE=.
150
Terminal Remote Login

Root for remote login

Check remote system how long be up $> rup hostname [ip address] Check remote system alive $> ping hostname [ip address] $> ping s hostname (infinity loop)
151
FTP File Transfer Protocol

/etc/ftpd/*.* $> ftp hostname [ip address]

Login / password
ftp> help ftp> get [filename] download ftp> mget [filename *.*] multiple get ftp> put [filename] upload ftp> mput [filename *.*] multiple put ftp> binary Binary file (exe, jpg, gif) ftp> ascii Text file (txt) ftp> prompt Toggle interactive mode ftp> hash Show Progress print # ftp> quit / bye
Checking Packet from Network $> snoop $> snoop o /tmp/packet.txt Capture to file $> snoop d pcn1 $> snoop | grep hostname1[192.168.1.190] $> ethereal & $> nmap Read from captured file $> snoop i /tmp/packet.txt
Check which Port binding by Process

http://www.sunfreeware.com

$> /usr/local/bin.lsof l | grep TCP | more

Process name Binding Port
Installation

Get file lsof.4.74*local.gz $> gunzip lsof4.74.gz $> lsof4.74*local $> pkgadd d lsof*local
/usr/local/bin /usr/local/man
$> man M /usr/local/man lsof

154
Package Installation Source

CDROM Software Companion CD NFS Sharing
Installation

$> cd Package $> installer

Select package
155
Setting Environment Edit .profile

> PATH=$PATH:/opt/sfw/bin:. > export $PATH

Enable in current terminal

$> . /.profile
156
10. 10. Software Packages & Patches
157
Package Installation
Web Start Insert CDROM package $> ./installer Select desire to install Command Line $> pkginfo [Package Name] check if exist. $> pkgrm [Package Name] remove package $> pkgadd d [Path] [Package Name] install package
Installer
159
Installer (Cont.)
160
Pkginfo command
161
Pkgrm command
162
Pkgadd command
163
Scheduler with Crontab

$> man cron

/usr/sbin/cron
$> man crontab $> cd /var/spool/cron/crontabs

root username File cron.allow File cron.deny

164
$> cd /etc/cron.d

LAB: Cron vs At command

Edit file crontab

$> vi /var/spool/cron/crontab/root
30 11 * * * /tmp/echo.sh $> chmod +x /tmp/echo.sh

$> ps ef | grep cron $> kill [cron pid] restart cron to read new crontab $> date check time/date Execute /tmp/echo.sh
/var/spool/cron/atjobs/[jobid] $> at m 1141 at> /tmp/echo.sh CTRL-D

11. 11. Tuning & Recognizing File Access Problems
166
Recognize Problem with Search Paths

Problem: Command not found $> echo $PATH
Borne/Korn Shell PATH=$PATH:/sbin:/opt/sfw/bin:. export PATH $> . [.profile] Full Path of profile C Shell setenv PATH ( $PATH /sbin /opt/sfw/bin . ) $> source [.cshrc] Full Path of profile

$> which [command]

Show fullpath of command

167
Recognize Problem with Permission, Ownership Change permission of file for execution

Create Shell script $> chmod [nnn] [shell script]

nnn = 755 rwxr-xr-x
$> chmod +x [shell script] $> chown [userid]:[groupid] [file, directory] $> chown R [userid]:[groupid] [file, directory]
Change ownership of file/directory

168
12. 12. New Features Enhancement in Solaris 10
169
Solaris Zone Partitioning Technology Create virtual OE (Operating Environment) Zone

sOwn file system, device, network, resource, security
170
Zone configuration
171
Zone configuration
172
NIS Setting up NIS Server $> svcadm enable network/nis/server $> svcs network/nis/server $> domainname suwit.com $> ypinit m $> ypstart
173
NIS Setting up NIS Client $> domainname suwit.com $> ypinit c $> ypstart Edit file /etc/nsswitch.conf

passwd: nis file hosts: dns file
174
Solaris Web Server (Apache)

Start script file

/etc/rc3.d/S50apache [start|stop] $> cp /etc/apache/httpd.conf-example httpd.conf $> /etc/rc3.d/S50apache start $> ps ef | grep httpd IE, Webbrowser http://[hostname, ip address]
175
Configuration file

Check http running

Web Browser

Configuration file - /etc/apache/httpd.conf Web page location
176
Solaris IP Filter Firewall http://www.muine.org/~hoang/solnat.html Lock down the box Setup network interfaces in the Solaris box Enable packet forwarding, dhcp, firewall and network address translation Configure machines behind NAT Familiarize with IPFilter IPsec Reference
SAMBA Script file location

$> /etc/rc3.d/S90samba [start|stop]
Create configuration file

$> cp /etc/sfw/smb.conf-example smb.conf $> /etc/rc3.d/S90samba start
178
Wrapping up Session Further information

www.sun.com www.bigadmin.com Discussion/Forum www.sunfreeware.com Free Software sunsolve.sun.com Patche docs.sun.com Document
Keeping in touch with Instructor

khajorn@hotmail.com
179

หลักสูตร UNIX Solaris System &amp; Network Administrator

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

หลักสูตร UNIX Solaris System &amp; Network Administrator

Hochgeladen von

Copyright:

Verfügbare Formate

UNIX Solaris System & Network Administrator

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

1. Introduction Solaris System Admin

Training Professional Center

Training Professional Center

Demonstration Login with root

Training Professional Center

LAB1-1: Server Preparation 1

Enable 3 Solaris systems (By VMWare)

Set server information

ESC Key i Insert Key a Append ESC :q! , ZZ EST :wq!

Edit Mode Exit vi Save text

Define host name

Training Professional Center

LAB1-1: Server Preparation 1

Set network properties

1.1 SPARC and IA System Admin Difference

Command Option at PROM

Training Professional Center

1.1 SPARC and IA System Admin Difference

Training Professional Center

1.1 SPARC and IA System Admin Difference

Disk slice and partition

Max. 8 slices (0-7)

3.5-inch diskette drive

Training Professional Center

1.2 Solaris System Software Evolution

Training Professional Center

1.2 Solaris System Software Evolution

Training Professional Center

1.2 Solaris System Software Evolution

Solaris 10 (SunOS 5.10)

Training Professional Center

Training Professional Center

LAB1 LAB1-2: Become Superuser (su) 1. Switch user at shell prompt

Exit Superuser status, type exit

Training Professional Center

LAB1 LAB1-2: Become Superuser (su)

Check logon user

Training Professional Center

Training Professional Center

1.4 Communicating with Users

Send Message to Individual User

Send Message to All Users on System or Network

Send Message by E-mail

1.5 Starting Up Systems Choosing and Init State

Training Professional Center

1.5 Starting Up Systems The /etc/inittab file

Training Professional Center

1.5 Starting Up Systems Run Control Scripts

/sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 and /sbin/rc6 /sbin/rcS who -r

Finding Run Level for System

1.5 Starting Up Systems Run Control Script

Training Professional Center

1.5 Starting Up Systems Using Run Level

Training Professional Center

1.5 Starting Up Systems Change Run Level

หลักสูตร UNIX Solaris System & Network Administrator

หลักสูตร UNIX Solaris System & Network Administrator