SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

solarispostinstall

Solaris Post Install

This post install page is based on Solaris 10 update 9, and shows what steps need to be taken to have a fully functional Solaris server up and running.

Network Configuration

Network Adapter VMXNET3

As it turns out, VMware also has a really nice article on configuring the network on a VMXNET3 network adapter. I'll walk you through the steps.
Find the name of the network card in the messages logfile:

# grep -i vmxnet /var/adm/messages

You'll see messages containing the name of the network card which should be similar to “vmxnet3s0”. Now activate the network card:

# ifconfig vmxnet3s0 plumb

Now set the actual network configuration:

# echo "solarisbox" > /etc/nodename
# echo "solarisbox" > /etc/hostname.vmxnet3s0
# echo "10.10.10.100" > /etc/defaultrouter
# echo "10.10.0.0 255.255.0.0" >> /etc/inet/netmasks

Also, you need to set the IP address in the hosts file. This file is not setup correctly by default, so make sure you configure it correctly:

vi /etc/hosts

#
# Internet host table
#
::1    localhost       
127.0.0.1       localhost       
10.10.10.14 solarisbox

Then restart the network service:

# svcadm restart network/physical
Note: You can also configure the network for one time use (not persistent over reboots) by using ifconfig:
# ifconfig vmxnet3s0 10.10.10.14 netmask 255.255.0.0 up

Setup DNS Client

Enter the correct DNS information into the dns configuration files file:

# echo "search getshifting.local" > /etc/resolv.conf
# echo "nameserver 10.10.10.1" >> /etc/resolv.conf
# echo "nameserver 10.10.10.11" >> /etc/resolv.conf
# echo "getshifting.local" > /etc/defaultdomain

And change the /etc/nsswitch.conf file to also look at dns for hostname resolving since it only looks at the hosts file by default:

hosts:      files dns

SSH Access

Right now you only have one user root which is not allowed to login using ssh by default. Edit the file /etc/ssh/sshd_config to allow root access using ssh:

PermitRootLogin yes

and restart ssh:

# svcadm restart svc:/network/ssh:default

Troubleshooting

If you have any network connectivity problem you could try to disable the firewall:

# svcadm disable svc:/network/ipfilter:default

Time and Date

Setup NTP Client

Although there is a /etc/inet/ntp.client file which can be copied to ntp.conf you can also simply create a new ntp.conf file and enter the required information:

bash-3.00# vi /etc/inet/ntp.conf

# NTP client configuration file
server 10.0.0.123
driftfile /var/ntp/ntp.drift

Now restart the NTP client:

# svcadm enable ntp
# svcs ntp
STATE          STIME    FMRI
online         13:44:14 svc:/network/ntp:default
bash-3.00#
Note: if ntp is already running you should do a “svcadm restart ntp”

Resources

Runlevel and X-Environment

Solaris has the following default runlevels: S : Single user state (useful for recovery) 0 : Access Sun Firmware ( ok> prompt) 1 : System administrator mode 2 : Multi-user without NFS 3 : Multi-user with NFS 4 : Unused 5 : Completely shutdown the host 6 : Reboot

As you can see, Solaris does not have different runlevels to start the server without the X-Environment. The default runlevel is 3, to check this use who -r. You can switch from runlevel using the /sbin/init N command (replace N with the runlevel you want to switch to).

I can't find a way to permanently change the default runlevel. To make sure the X-environment does not start up every time the server reboots you can disable this:

svcadm disable cde-login

Resources

View the Oracle documentation for more information regarding run levels and the who -r command.

ZFS Swap and Other Filesystems

For more information regarding zfs, see Solaris ZFS. This page just shows a quick overview of the commands. Remember you can use format to get an overview of the available disks, and df -h to get an overview of the available filesystems.

ZFS Swap

Issue these commands to determine the size and create the swap partition:

# zpool create swappool c1t1d0
# zpool list swappool
# zfs create -V 83G swappool/swap
# swap -a /dev/zvol/dsk/swappool/swap
# swap -l

ZFS Filesystem

There is one more disk available which should host the data:

# zpool create data c1t2d0

This will not only create the zfs pool but also the first filesystem in the pool. Additional filesystems, as well as setting a maximum size or reserving disk space can be done using the following commands:

  • zfs create data/archive
  • zfs set quota=30G data/archive
  • zfs set reservation=30G data/archive

Change Shell to Bash

We want to change the default shell for users to bash, as well as for current users. The current user is only root so far, to change the default shell for root first check where bash is located on your filesystem and then issue the correct passwd command:

# which bash
/usr/bin/bash

# passwd -e
Old shell: /sbin/sh
New shell: /usr/bin/bash
passwd: password information changed for root
Note that if you've already added more users you can change their default shell with the same command, only add their username to the command, for example passwd -e sjoerd

Change Default Shell

For new users, you can also create the default shell. First use the following command to check for the default settings for new users:

# useradd -D
group=other,1  project=default,3  basedir=/home
skel=/etc/skel  shell=/bin/sh  inactive=0
expire=  auths=  profiles=  roles=  limitpriv=
defaultpriv=  lock_after_retries=

As you can see, the default shell is set to /bin/sh. There is no way to change this default to a different value using a command, as you can see here:

# useradd
UX: useradd: ERROR: invalid syntax.
usage:  useradd [-u uid [-o] | -g group | -G group[[,group]...] |-d dir |
                -s shell | -c comment | -m [-k skel_dir] | -f inactive |
                -e expire | -A authorization [, authorization ...] |
                -P profile [, profile ...] | -R role [, role ...] |
                -K key=value | -p project [, project ...]] login
        useradd -D [-g group | -b base_dir | -f inactive | -e expire
                -A authorization [, authorization ...] |
                -P profile [, profile ...] | -R role [, role ...] |
                -K key=value ... -p project]

However, after you've run the useradd command a new file is created which can be modified:

# vi /usr/sadm/defadduser

"/usr/sadm/defadduser" 17 lines, 286 characters
#       Default values for useradd.  Changed Fri Sep 20 15:05:51 2013

defgroup=1
defgname=other
defparent=/home
defskel=/etc/skel
defshell=/usr/bin/bash
definact=0
defexpire=
defauthorization=
defrole=
defprofile=
defproj=3
defprojname=default
deflimitpriv=
defdefaultpriv=
deflock_after_retries=

Change the defshell value to show your bash shell and new users will have this shell as their default.

Change Home Directories and Profile

Under Solaris, home directories are kept on one of two places, /home or /export/home. The /home directory is under control of the automounter and only the automounter can create directories there. The /export/home directory is where users home directories can be created by the system administrator. By default the home directory of root is /. This is not how I want it to be, so to change this follow these steps:

  • Create a home directory for root at /export/home/root
    • mkdir /export/home/root
    • chmod 750 /export/home/root/
  • Copy root's personal files to the new home directory
  • Modify /etc/passwd to reflect the change to the new homedirectory
    • vi /etc/passwd
      • Modify root:x:0:0:Super-User:/:/usr/bin/bash
      • to root:x:0:0:Super-User:/export/home/root:/usr/bin/bash
  • Log out and log back in again
  • If everything is ok remove the old files in /

Profiles

Add or change the following files in the /etc/skel directory to make sure everyone has a user friendly working environment. Copy the files to existing users as well.

.aliases

# cat .aliases

alias ll='ls -lh'

.bash_profile

# cat .bash_profile

# Begin /etc/profile
# Written for Beyond Linux From Scratch
# by James Robertson <jameswrobertson@earthlink.net>
# modifications by Dagmar d'Surreal <rivyqntzne@pbzpnfg.arg>
# Path modifications for Solaris by Sjoerd Hooft <sjoerd@getshifting_com>

# System wide environment variables and startup programs.

# System wide aliases and functions should go in /etc/bashrc.  Personal
# environment variables and startup programs should go into
# ~/.bash_profile.  Personal aliases and functions should go into
# ~/.bashrc.

# Functions to help us manage paths.  Second argument is the name of the
# path variable to be modified (default: PATH)
pathremove () {
        local IFS=':'
        local NEWPATH
        local DIR
        local PATHVARIABLE=${2:-PATH}
        for DIR in ${!PATHVARIABLE} ; do
                if [ "$DIR" != "$1" ] ; then
                  NEWPATH=${NEWPATH:+$NEWPATH:}$DIR
                fi
        done
        export $PATHVARIABLE="$NEWPATH"
}

pathprepend () {
        pathremove $1 $2
        local PATHVARIABLE=${2:-PATH}
        export $PATHVARIABLE="$1${!PATHVARIABLE:+:${!PATHVARIABLE}}"
}

pathappend () {
        pathremove $1 $2
        local PATHVARIABLE=${2:-PATH}
        export $PATHVARIABLE="${!PATHVARIABLE:+${!PATHVARIABLE}:}$1"
}


# Set the initial path
export PATH=/usr/local/bin:/bin:/usr/bin:/usr/openwin/bin:/usr/ucb:/etc:.

if [ $EUID -eq 0 ] ; then
        pathappend /sbin:/usr/sbin:/usr/local/sbin:/root/bin
        unset HISTFILE
fi

# Setup some environment variables.
export HISTSIZE=1000
export HISTIGNORE="&:[bf]g:exit"

# Setup a red prompt for root and a green one for users.
NORMAL="\[\e[0m\]"
RED="\[\e[1;31m\]"
GREEN="\[\e[1;32m\]"
if [[ $EUID == 0 ]] ; then
  PS1="$RED\u$NORMAL@\h:\w$RED# $NORMAL"
else
  PS1="$GREEN\u$NORMAL@\h:\w$GREEN\$ $NORMAL"
fi

for script in /etc/profile.d/*.sh ; do
        if [ -r $script ] ; then
                . $script
        fi
done

# Now to clean up
unset pathremove pathprepend pathappend
if [ -f ~/.bashrc ]; then
source ~/.bashrc
fi

.bashrc

# cat .bashrc

if [ -f ~/.aliases ]; then
source ~/.aliases
fi

local.cshrc

# cat local.cshrc

#ident  "@(#)local.cshrc        1.2     00/05/01 SMI"
umask 022
set path=(/bin /usr/bin /usr/ucb /etc .)
if ( $?prompt ) then
        set history=32
endif

local.login

# cat local.login

#
# Copyright (c) 2001 by Sun Microsystems, Inc.
# All rights reserved.
#
# ident "@(#)local.login        1.7     01/06/23 SMI"
stty -istrip
# setenv TERM `tset -Q -`
umask 022

local.profile

# cat local.profile

#
# Copyright (c) 2001 by Sun Microsystems, Inc.
# All rights reserved.
#
# ident "@(#)local.profile      1.10    01/06/23 SMI"
stty istrip
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/usr/openwin/bin:/usr/ucb:/etc:.
export PATH
umask 022

Syslog

For more information regarding syslog see SYSLOG. Just edit the /etc/syslog.conf to look like this:

#ident  "@(#)syslog.conf        1.5     98/12/14 SMI"   /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words.  Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice                   /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages

# *.alert;kern.err;daemon.err                     operator
# *.alert                                         root

*.emerg                                         *

# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice                    ifdef(`LOGHOST', /var/log/authlog, @loghost)
#
#mail.debug                      ifdef(`LOGHOST', /var/log/syslog, @loghost)
#
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
#ifdef(`LOGHOST', ,
#user.err                                        /dev/sysmsg
#user.err                                        /var/adm/messages
#user.alert                                      `root, operator'
#user.emerg                                      *
#)

# Configure syslog server for all alerts
*.debug                                         @syslogserver.getshifting.local
Note: Do not use spaces (not even one!) between the selector and action colums. always use tabs or syslog will not read the configuration file correctly, resulting in errors like this: syslogd: line xx: unknown priority name "debug @loghost"

After configuring syslog make sure to restart the syslog daemon:

svcadm restart system-log

Additional Software

List of Software

We need some additional packages to run on our Solaris servers:

  • openssl-1.0.1c-sol10-x86-local
  • python-2.6.2-sol10-x86-local
  • perl-5.12.3-sol10-x86-local
  • mercurial-2.3-sol10-x86-local
  • sudo_ldap-1.8.1p2-sol10-x86-local
  • top-3.6.1-sol10-x86-local

Download

Luckily, all these packages can be downloaded from here or download all packages available as I did.

From the downloadlink above only mercurial 2.2.1 can be downloaded while we need 2.3, I have the correct package, leave me a message if you need it.

Installing

After downloading you can follow these steps:

# gunzip solaris10-x86-freeware.tgz
# tar -xf solaris10-x86-freeware2.tar
# cd solaris10-x86-freeware/

From here, for each software package follow these steps:

# gunzip openssl-1.0.1c-sol10-x86-local.gz
# pkgadd -d openssl-1.0.1c-sol10-x86-local

The following packages are available:
  1  SMCossl     openssl
                 (x86) 1.0.1c

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:

Processing package instance <SMCossl> from </tmp/solaris10-x86-freeware/openssl-1.0.1c-sol10-x86-local>

openssl(x86) 1.0.1c
The OpenSSL Group

The selected base directory </usr/local> must exist before
installation is attempted.

Do you want this directory created now [y,n,?,q] y
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.

Installing openssl as <SMCossl>

## Installing part 1 of 1.
/usr/local/doc/openssl/CHANGES
...<cut>...
You could leave a comment if you were logged in.
solarispostinstall.txt · Last modified: 2021/09/24 00:25 (external edit)