SOLARIS

Chapter 1 Managing file system

Device driver

Physical device name: Reperesent the full device path name in the device information hierarchy

Example

Full device name for SCSI  on SPARC  - /pci@if,0/pci@1,1/ide@d/sd@0,0

Full device name for IDE  on X86- /pci@i0,0/pci-ide@1f,1/ide@0/cmdk@0,0:a

Physical file are found in /devices directory with devfs file system

Device Autoconfiguration

Simply connect new device to the system and performs a reconfiguration startup.

1. Create /reconfigure file (# touch /reconfigure) – It causes the solaris s/w to check for the presence of any newly installed devices the nest time you turn on or start up your system.

# boot –r or reboot -- -r – an optional methojd of permforming a reconfigure command at OpenBoot. In X86 perform reconfiguration reboot by editing the boot command in the GRUB menu

# svcadm restart volfs – It is best to restart vold after attaching USB devices like CDROM,Floppy,USB

# volrmmount –e zip0 – To unmount the USB device

Instance name:reperesent the kernel abbreviation name for every possible device on the system

Sd0 – is instance name for SCSI disk

Cmdk0 – is common disk driver used to reperesent SATA

Dad0 – direct access device IDE

Ata0 – Advanced technology access device driver to reperesent IDE disks

Hme0 – The instance name for a type of network interface

Instance names are mapped to a physical device name in /etc/path_to_inst file

Major and minor device number

Major - maps to a device driver such as sd,st or hme.

Minor – indicate the specific member within that class of devices

#more /etc/name_to_major – During the process of building /devices directory major number are assigned based on the kernel module attached to the device \. Each device is assigned a major device number by using the name-to-number mapping held in /etc/name_to_major file

Logical device name:Used by system administrator with most file system commands to refer to devices

# ls –l /dev/dsk – to see list of logical device name

On SPARC system logical device name will be (c#t#d#s#) eight string

On IDE and SATA disk drive do not use target controllers.

Example of logical device name

Clt0d0s0 – A SCSI disk device name that specify controller 1,target 0,disk 0, and slice 0

C1d0p0 – An IDE or SATA disk name on an X86/864.controller 1,disk 0,fdisk 0

C1doso- AN IDE or SATA.controller 1, disk 0, slice 0

C2t11dopo – A SCSI disk device name on an x86/864 system.controller 2, target 11, disk 0, and fdisk partition 0

C2t11doso – A SCSI disk device name. system.controller 2, target 11, disk 0, slice 0

C3t266000C0FFF7C140d31s2 – A fiber channel attached LUN name that specifies controller 3,WWWN 266000C0FFF7C140,LUN 31, and slice 2

Block and Raw Devices

/dev/dsk – directory refers to block or buffered device

/dev/rdsk – directory refers to character or raw device

Prtconf – Display system configuration information, including total amount of memory and the device configuration as described by the system hierarchy. This useful tool verifies whether a device has been seen by the system. Use the –V option to display detailed information about devices such as information about the attached SCSI disks

Sysdef - Display device configuration information including system hardware,pueudo devices,loadable modules,and selected kernel parameters

Dmesg – Displays system diagnostic messages as well as a list of devices attached to the system since the most recent restart.Is the only command to show mapping of the instance name to physical device name.

Foamat – Displays both physical and logical device names for all available disks

Devfsadm –

Device directory

/dev/dsk – Block or buffered interface to the disk device

/dev/rdsk – Raw or character interface to disk device

/dev/rmt – tape device

/dev/term – Serial line device

/dev/cua – Dial-out modems

/dev/pts – pseudo terminals

/dev/fbs – Frame buffers

/dev/sad – STREAMS administrative driver

/dev/md – Metadevice managed by solaris Volume manager (SVM)

/dev/vx – Device managed by Veritas Volume Manager

 Disk terminaology

Track – A concentric ring on each disk that passes under a single stationary disk head as disk rotates

Cylinder – The set of tracks with the same nominal distance from the axis about which disk rotates

Sector – Section of each disk platter. A sector holds 512 bytes

Block – A data storage area on a disk. A disk block is 512 bytes

Disk controller – A chip and its associated circuitry that control the disk drive

Disk label – The first sector of a disk (block 0) the contains geometry and partition information also referred to as the Volume Table Of Contents (VTOC). To label a disk means to write slice information onto the disk. You usually label a disk after you change its slice using the format command

Solaris support two types of disk label VTOC and EFI (Extensible Firmware Interface) this new label format required for all device over 1 TB where VTOC is for less that I TB

# format –e  - command to label a disk less than 1 TB with an EFI label

Solaris ZFS (zettabyte file system) uses EFI labels by default (see page 50 – 51 more on EFI)

Device driver – A kernel module that controls hardware or virtual device

 

File System

Can be calssified into three types  disk-based, network based, and virtual based

Disk based File Systems

Can classified into 5 types

UFS(Unix File System), HSFS (High sierra file systems) for CD-Rom, PCFS (PC file systems) for DOS formatted disks, UDF (Universal Disk format) for DVD, and ZFS (zettabyte file system) This file system features simplified administration, pool storage, self healing data, snapshot, cloning, scalability.

Network Based File Systems

NFS(Network file systems)

Virtual File Systems

Can be classified into 10 types

1.      SWAPFS (SWAP file system) for Virtual memory

2.      PROCFS (Process file system) it contain list of active process reside in memory in /proc directory

3.      LOFS (Loopback file systems) which lets you to create new virtual file system which can provide access to existing file system in an alternative path names. Once created other file system can be mounted within it without affecting the original file system

4.      CacheFS(Cache File system) – The Cache file system lets you use disk drive on local system to store frequently used used data from remote file system or CDROM

5.      TMPFS(Temporary File Systems) – for file read and write /tmp directory

6.      MNTFS(Mounted File System) – Mainatain information about surrently mounted

7.      CTFS (Contract File System) – is associated with /system/contract directory and is the interface for creating, controlling, and observing contracts

8.      DEVFS (Device File System) – to manage name space of all device in system in /devices directory

9.      FDFD (File Descriptor File system) – provides explicit names for opening files by using file descriptor

10.  OBJFS (Object File System) – describe the state of all module loaded by the kernel

Disk Slice

 Disks divded in to region called disk slice or partitions. The  boundaries of disk can be defined using format utility, SMC Disk tool,  and slice information can be viewed using prtvtoc command

Logical Volume

With standard file system it cannot increatse or decrease size without destroying data on it and it is not possible to span file system to multiple disks. Sun has addressed these limitation with 3 software package

1. SVM (Solaris Volume Manager)
2. ZFS
3. VxVM (Veritas Volume manager)

All the above allow to span file system multiple disks and provide improved reliability

Component of the UFS

The slice are divided  blocks to control and organize the sturctureof the files within the cylinder group

Boot block – store information used when booting the system. It appears only in the first cylinder group (Cylinder group 0) and is the first 8 kb in a slice

Super block – It reside in 16 sectors (secotr 16-31) following the boot block and store much of the information about the file system.

·         Size and status of the file system

·         Label (file system name and volume name)

·         Size of the file system’s logical block

·         Date and time of the last update

·         Cylinder group size

·         Number of data blocks in cylinder group

·         Summary data block

·         File system state (Clean,Stable,Active)

·         Pathname of the last mount point

Sync – command save s the every superblock

Cylinder group

Each file system is divided into cylinder groups with minimum default size of 16 cylinder per group. Cylinder group improves disk access. The file system constantly optimize the disk performance by attempting to place a files data into single cylinder group, which reduce the distance head has to travel to access file’s data

The Inode

Inode contain all information except file name. It provide access to data block.It contains

·         The type of  the file(regula,directory,so on)

·         The mode of file (Read,write, excecute permission)

·         The number of hard links to the file

·         The user ID,group ID

·         Number of bytes

·         An array of 15 disk block address

·         Date & time file was saved, modified

You can change the default allocation of inode by using newfs command(default for 1 gb 2048)

Storage block

It is also called data blocks, occupy the rest of the space allocated to the file system. The size of these storage blocks is determined at the time of file system created.. It is allocated by default in two size an 8kb logical block size and 1 kb fragmentation size

Free block

Block s not currently used as inode, indirect address block, or storage blocks are marked as free in the cylinder group

File system parameters

Logical block size -  is the size of blocks that the kernel use to read and write files.Default size is 8192 you can change it. Use quot –c command to see report on the distribution of files by block size

Fragment Size – As files are created or expanded, they are allocated disk space in either full logical blocks or portion of logical blocks are called fragments.. Default fragment size is 1 kb. A small fragment saves space but require more time to allocate.As ageneral rule larger fragment increase efficiency for fil systems in which most of the files are large.

Minimum Free Space – Is the percentage of the total disk space held in reserve when you create the file system.Onlyn root user access reserved space when file systems are full. You can change the value of free minimum free space using tunefs command

Optimization type – The optimization either space or time. When you select space optimization, Disk blocks are allocated to minimize fragmentation and optimize the use

When you select time optimization disk blocks are allocated as quickly as possible with less emphasis on their placement.You can change value of optimization using tunefs command

Number of inode and byte per inode – The number of inode determine the number of files you can have in the file system because each file has one inode. The number of bytes per inode determines the total number of inode created when the file system made:the total size of the file system divided by the number of bytes per inode.

Growfs command can be used to increase number of inode in file system

Repairing files system

# fsck –m /dev/rdsk/cntndnsn – To determine the current state of file system (FSCLEAN,FSSTABLE,FSBAD,FSLOG)

#newfs –Nv <raw device name> - Occationaly the files system superblock can become corrupted and fsck will ask you for location of an alternate superblock

# labelit –F ufs /dev/rdsk/c0t0d0s6 disk1 vol1

Volcopy – To make a copy of labeled file system. It works with UFS file system

Tuning File Sytem – A situation may arise in which you want to change some of the parameter that were wet when you originally created the file system.The following parameters  you can modify

(maxconfig,rotdelay,maxbpg,minfree,optimization)

#tunefs [-a <maxcontig>] [-d <rotdelay>] [ -e <maxbpg>] [-m <minfree>] -o [<value>] <special>/<file system>

#tunefs –m5 /dev/rdsk/c0t0d0s6 – minimum free space change from 10 % to 5 %

# mkfs –m /dev/rdsk/c2t1d0s1 – to see parameters where used when creating file system

Mounting file system

# mount –F <fstype> <options> [-o <specific option>] <-O> <device to mount> <mount point>

#mount –o ro,nosuid,largefiles /dev/dsk/c0t0d0s0 /home2

Fuser

If something is causing file system to be busy you can use fuser command to list all the process that are accessing file system and do stop if necessary

/usr/sbin/fuser [option] <file> /<file system>

# fuser –cu /home2 (or) #umount –f /home2 – for force

Volume management

Vold daemon performs following

1. Automatci mounting of removable device (CDROM,USB)
2. Enable users also use removable media
3. Lets root to access remote machine removable device

#volcheck – However the file system is not automatically mounted until you issue this command

rmformat – command is used to format,label,partition and perform various function on removable media such as USB,ZIP

# rmformat –F quick /vol/dev/aliases/zip0- after formatting use newfs command to assign file system

#rmformat –l – Command to display removable media device on the system

Diaplaying file system disk usuage

Df – Displays information about the currently mounted file system and mount point, disk space allocation, usage and availability

SMC Usage tool – A GUI tool to display information about currently mounted file system and mount point, disk space allocation, usage and availability

Du – Displays the disk usage of directory and all its subdirectory [du –k /adm | sort –r –n ] show the o/p in reverse order.

Quot – Displays disk space used by each user

Controlling user disk space usuage

Quota – Displays the disk quota and disk usage within a file system for indivisual users on which quota have been activated

Repquota – Displays quota and disk usage for all users on one or more file system

Chapter 2 Installing solaris operating system

Minimum of 5 GB space required

Solaris 10 entire distribution requires 6.8 GB

Cluster – software  package are grouped into software groups which are logical collection of software.

Software groups

1.Minimal core meta cluster (SUNWCmreq)-

2.Reduced Networking support (SUNWCrnet)

3.Core system support (SUNWcreq)

4.End-user system support (SUNWcuser)

5.Developer system support (SUNWcprog)

6.Entire distribution (SUNWCall)

7.Entire distribution plu OEM system support (SUNWCXall)

# cat /var/sadm/system/admin/CLUSTER – to see configuration installed in machine

Jumpstart

You can install the jumpstart software (a pre installed boot image) on existing system by using the re-preinstall command

# boot net – install – To start jumpstart on sparc based system

On X86 machine change BOIS to boot using PXE (Pre boot execution environment)

No boot medium is required in both X86 and SPARC machines

Solaris Flash Archive

The solaris Flash Archive installation enables you to use single reference installation (Flash Archive)of  the solaris OE on a system which is called the master system. After installing the operating system you can add or delete software and modify system configuration information as necessary. You can create flash archive from this master system and can use this archive replicate that installation in number of machine which are called clone machines

WAN BOOT

The WAN boot installation method enables you to transmit encrypted solaris flash archive over a wan to a remote SPARC based client.The WAN boot server then install the client system by performing a custom jump start installation

Sysidcfg file – You can use this file to preconfigure this information for a system

SBD – Secure By Default is new in solaris 10, which gives the administrator the flexibility to disable numerous network service during the installation

# netservices limited –to enable sbd after installing

Tools for managing software

Pkgadd – To add software

Pkgrm – To remove software

Pkgchk – Check the accuracy of software package installation

Pkginfo – Display the software package information

Pkgask – Stores answers in a responsive file so that they can be supplied automatically during the installation

Pkgparam – Display package parameter values

Pkgtrans – Translate installable package from one format to another

#pkgparam –d /cdrom/cdrom0/s0/Solaris_10/Product SUNWman SUNW_PKGTYPE – To check whether the file system has enough space to install the package

Using Spool Directory

For convenience, you can copy frequently installed package to spool directory. If you copy package to the default spool directory, /var/spool/pkg, you do not need to specify the source location.

#pkgadd –d /cdrom/sol_10_807_sparc_4/solaris_10/product –s /var/spool/pkg/ SUNNWman

#pkginfo –d /var/spool/pkg – list the package in /var/spool/pkg

Solaris product registry

• It enables you to do following
• View a list of installed and registered software and spme software attributes
• Find and launch an installer
• Install additional software products
• Uninstall software

# /usr/bin/prodreg – To start up solaris product registry

/var/sadm/install/contents – Contains complete records of all the software package installed on the local system.

Software patches

Standard patches

Recommended patches

Firmware and PROM patches

Patch clusters

Helpful command in patch administration

Showrev –p – Shows all the patch applied to system

Pkgparam <pkgid> PATCHLIST – Show all patches applied to the package identified by <pkgid>

Pkgparam <pkgid> PATCH INFO <Patch-number> - Shows the installation date and name of the host from which the patch was applied.

Patchadd – R – Shows all patches applied to a client, from the server console <client_root_path> -p

Patchrm <patch name>- removes a specified patch

Smpatch – A new tool in solaris 10

Patch tool – A solaris management tool for managing patches

Sun connection service – An automated patch management tool.

#patchadd –R /export/root/client1 –p – Will  display the patches installed on a client machine named cilent1

When patch is installed files that are replaced are moved into the /var/sadm/pkg/<pkg name>/save directory. Files in this directory is needed if you ever need to back out of the patch

Patch manager

#smapatch subcommand <sub command option>

Subcommands are : add, analyze, download, get, order, get, remove, set, unset, update

# /usr/sadm/bin/smpatch  download

# / usr/sadm/bin/smpatch add –I 120469-01

#/ usr/sadm/bin/smpatch add –x idlist=/var/sadm/spool/patchlist

Chapter 3

The boot process go through following process

1.Boot PROM phase – Run self test diagnostic and load the primary boot program called bootblk

2.Boot program phase – The bootblk finds and execute the secondary boot program (Called ufsboot) from UNIX file system (UFS) and loads it into memory.After ufsboot program is loaded the ufsboot program loads the teo-part kernel.

3.Kernal initialization phase – The kernel initializes itself and begins loading modules using ufsboot to read the files. When kernel loads enough modules to mount the root file system, it unmaps the ufsboot program and continues, using its own resources.

4.init phase -  The kernel creates a user process and starts the /sbin/init process. The /sbin/init reads the /etc/inittab file for instruction on starting other process, one of which is svc.startd daemon(/lib/svc/bin/svc.startd)

5.Svc.startd phase – The svc,startd daemon starts the system service and boots the system to the appropriate milestone.

Boot Prom program process

The boot program is stored in a predictable area (sector 1 to 15)on the system hard drive CD-ROM or other bootable device and is referred to as bootblk. Boot block is responsible for loading the secondary boot program called uffsboot into memory the ufsboot locate and load the two part kernel which are called geunix and unix. Geunix is platfor independent. Unix is platform dependent

The OpenBoot Environment

The OBP firmware is stored in the system PROM chip and on the system memory card. The card contains the values for the systems IDPROM (host ID, MAC address,date, and Cyclic Redundancy Check value).

NVRAM chip stores user-defined system parameters, also referred to as NVRAM variable or EEPROM parameters

#/usr/sbin/printdiag –v (or) prtconf -v– To determine the version of the OpenBoot PROM

Watchdog – When a system hardware detects an error from which it cannot recover is known as watchdog

OpenBoot architecture

Plug in device driver -  A device driver can be loaded from a plug-in device such as a PCI card

FCode interpreter – Plug in driver are written in a machine independent interpreted language called FCode. Each OpenBoot system PROM contains an FCodeinterpreter. This enable same device driver to be used on machine with different CPU instruction sets.

The device tree – Device called nodes are attached to a host computer through a hierarchy of interconnected buses on the device tree

The programmable user interface

The OpenBoot user interface is based on the programmable language Forth.It can quickly expan and adapt to special needs and different hardware sytem

PROM Device Tree (Full device pathnames)

OpenBoot deals directly with the hardware devices in the system. Each device has a unique name that represent both type of device and location of that device in the device tree. The OpenBoot device firmware built device tree for all device from information gathered at the POST.

Following example shows a full device pathname for internal IDE

/pci@1f/pci@1,1/ide@d/cdrom

Following example shows disk device on a Sun Fire server with PCI-SCSI bus and a SCSI target address of 0

/pci1,0/pci@1/scsi@8/disk0,0

A device tree is a series of node names separated by slash (/). The top of the device tree is the root device node. Following the root device node, and separated by leading slash,is a list of bus device and colntrollers. Each device path name has this form

Driver-name@unit-address:device-arguments

Ok show-devs – command shows information about the device tree and to display device pathnames.

# Prtconf –p – You can examine the device path from a UNIX shell prompt

OpenBoot Device Aliases

Device pathnames can be long and complex. Device aliases like UNIX file system aliases, allow you to substitute a short name for a long name. A n aliases represent an entire device path name not a component for it. For example the  aliases disks0  might represent the following device pathname:

/pci@9,600000/SUNW,q1c@2/fp@0,0/disk@w2100000c50ebb5f7,0:a

devalias  -  Displays all current device aliases

devaliases_<aliases> - Diplay device path of given alias

devliases_<alias> <device-path> - defines/create  an alias that represent device path

ok bootdisk /pci@1f,0/pci@1/scsi@8/disk@0,0 -  Create a device alias named bootdisk, which reperesent target ID of 0 on a Sun Fire server

OpenBoot NVRAM

Viewing and Changing NVRAM parameters

System configuration variables are stored in system NVRAM. These OpenBoot variables determine the startup machine configuration and related communication characteristics. Any change in these variable will remain after the reboot.

Commands for viewing and modifying configuration variable

Password -  Sets the security password

Printenv – Displays the current value and their default value for each variable (printenv <parameter-name>

Setenv <variable> <value> - sets <variable> to the given decimal or the text <value> changes the permanent, but they often take effect only after reset

Set-default <variable> - Reset the value of a specified <variable> to the factory

Set-default -  Reset all OpenBoot variable to their default

Example

Ok printenv

Ok setenv auto-bbot false

Ok auto-boot = false

Ok printenv auto-boot

Ok set-default auto=boot

Ok printenv auto-boot

Setting  device alias and OpenBoot variable from UNIX prompt

# eeprom ‘auto-boot?=true’

Command displays OpenBoot parameters

#prtconf –vp -  From UNIX prompt

Ok Printenv – From OK Prompt

#eeprom -  From UNIX prompt

NVRAM Commands

Nvalias <alias> <device-path> - Store the command devalias <alias> <device-path> in NVRAM until it reset

Nunalias <alias> - Deletes the corresponding alias from NVRAMRC

Example (see page 295 – 296)

# nvalias boot-disk /pci@1f,0/pci@1/scsi@8/disk@0,0

Ok show-disks -  to assist you to create device alias

The nvedit Line editor

Optionally you can use ok nvedit to create your device alias. It is OpenBoot line editor that edit NVRAMRC directly, has set of editing commands

OpenBoot security

Any who has access to computer can enter into OK prompt to prevent that you should use security variables

Security-mode <value> -  Restrict the set of operation that users are allowed to perform at the OK prompt

Secrity-password – Records the firmware security password(it is never displayed). You should not set this value directly instead use password at ok prompt

Security-#badlogins – Specifies the number of incorrect security password attempt

OpenBoot Diagnostics

You can run various hardwarediagnostic in OpenBoot to troubleshoot hardware and network they are

.env,probe-scsi,probe-scsi-all,probe-ide,probe-fcal-all,reset-all,test (device-specifier),watch-clock,watch-net,watch-net-all

To identify peripheral devices currently connected to the system such as disks, tapedrives, or CD-ROM, you use OpenBoot probe command. To identify the various probe command and their syntax you use OpenBoot sifting command

Ok sifting probe

System information commands

Banner – Displays the power-on banner

Show-sbus – Displays list of installed and probed SBus devices

.enet-addr – Displays current Ethernet address

.idprom – Displays ID PROM contents, formatted

.traps – Displays a list of SPARC trap types

.version – Displays the version and date of the startup PROM

.speed – Displays CPU and bus speeds

Show-devs – Displays all installed and probed devices

You can check the OpenBoot version from shell prompt using /usr/sbin/prtdiag –v

Console configuration variables

Input-device – Specifies the console input device (usually keyboard,ttya, or ttyb)

Output-device – Specifies the console output device (usually screen,ttya, or ttyb)

Screen-#columns – Specifies the number onscreen columns. The default is 80 char per line

Screen.#rows – Specifies the number of onscreen rows. The default 34 line

The boot command

Ok boot <device specifier> []arguments] [options]

Bootblk – The PROM assumes that the program for assumes that the program for primary startup (bootblk) is in the orimary boot block which reside in sectors 1 to 15 of the startup device. The bootblk is created by using installboot command

Install /usr/platform/’uname –I’/lib/fs/ufs/bootblk /dev/rdsk/c0t0d0s0

Ok boot disk5 kernel/sparcv9/unix –s – Shows how to specify the standalone startup program from the OpenBoot ok prompt.In this command PROM looks for primary boot program on disk5 (/pci@1f/pci@1,1/ide@3/disk@5,0). The primary bootup program then loads two part kernel (genunix and unix)         

Booting X86 and X64

1.The system firmware in BOIS ROM execute POST, Runs BOIS and invoke software interrupt INT 19h Bootstarp

2. The INT 19h trying to read first physical sector from the first disk drive, or if that fails, from first hard disk. The processor then jumps to the first byte of the sector image in directory

3. The first sector on a harddisk which in an x86 system conatains master boot block which contains the master boot (mboot) program and the FDISK table, named for the PC program that maintains it.

4.If GRUB stage1 is installed on the masterboot block in the first sector of solaris FDISK then stage2 is loaded directly from the solaris FDISK partiotionregardless of active partiotion.

5.The GRUB stage2 program locates the GRUB menu configuration file /boot/grub/menu.lst and displays the GRUB main menu

In the GRUB menu you can

Select a boot entry

Modify a boot entry using the GRUB edit option

Manually load an OS kernel from the command line

GRUB Prompt troubleshoot

If the boot blocks become corrupt they should be reinstalled using the install grub command

Installgrub –m /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c0t2d0s3

In the SPARC machine installboot and fmthard command is used for above purpose

Modifying boot behaviour

Type “e”  to display the GRUB edit menu. Press “e” again to edit the entry

The kernel command supports several options and arguments that let you to modify the boot behaviour. The following are a few of the more command options

Grub edit > kernel /platform/i86pc/multiboot –a – for interactive boot

Grub edit > kernel /platform/i86pc/multiboot –s – To boot in single user mode

Grub edit > kernel /platform/i86pc/multiboot –B console=tty – To set the console property to ttya so that the system uses the serial port for the console

Grub edit > kernel /platform/i86pc/multiboot –r – For reconfiguration boot. The system probes all attached hardware devices and then assigns nodes in the file system to reperesent only those devices that are actually found.

Grub edit > kernel /platform/i86pc/multiboot –v – For verbose mode

Another method for modifying the boot behaviour is to use the eeprom command at the unix shell prompt. On the SPARC machine eeprom command change the OpenBoot NVRAM in the x86 machine eeprom command change the boot variable stored in /boot/solaris/bootenv.rc

#eeprom console=ttya – To change console parameters

#eeprom bootpath – will show boot device

#eeprom boot-file=” “-To remove setting for parameter. When boot-file parameter set to null the x86 system uses its default autodetect boot behaviour

Boot Archive

It contains core kernel module, including drivers and configuration files, that are needed to initialize the OS kernel. The boot archive is updated or rebuilt by using the bootadm command

# bootadm update-archive

Two boot archive are maintained in solaris

1. Failsfae boot archive
2. Primary boot archive

#bootadm list-archive – To list the content of the primary boot archive

Booting  the Failsafe archive for recovery purpose

Sometimes the boot archive can become corrupt especially after a system crash or power fail. You can rebuild that boot archive by selecting filesafe archive from GRUB main menu.When booting to the failsafe archive you are booting to the file /boot/x86.miniroot-safe which is bootable standalone solaris image. It is sort of like booting to the DVD. You can even copy this file in USB for recovery purpose

# bootadm update-archive –R /a – manually update the boot archive.After update reboot system using #shutdown –i 6

Configuring Video display on X86/X64 platform

For video support on X86/X64-based platform, two Xservers are shipped with solaris they are Xsun and Xorg(is the default env in solaris)

To configure Xorg server

Create an /etc/x11/xorg.conf file with one of these commands

#xorg /usr/x11/bin/Xorg –configure (or) #xorg /usr/x11/bin/xorg config – Which creates file called xorg.conf.new In the root directory. Edit file as needed then move the file xorg.conf.new to /etc/x11/xorg.conf

Note : If  you experience video problem orerror when starting the Xserver, review the log file named /var/log/Xorg.0.log. information

Change the Hardware management from Xorg  to Xsun

1. Run the program to configure the keyboard, display, and mouse #kdmconfig
2. Select the Xsun server and press F2
3. Select your video device. Use change Video Device/monitor option to change the device if necessary
4. Continue to select other kdmconfig option that may be necessary
5. Press F2 to save and exit

The Kernal

The secondary startup program ufsboot which was described in this section “The boot command” loads the operating system kernel. The core of the kernel is two pieces of static code called genunix and unix. The platform specific (i.e. unix) is used by ufsboot for system runningin 64-bit mode is named /platform/’uname –m’/kernel/sparcv9/unix. When ufsboot loads genunix into memory, they are combined to form the running kernel. The kernel initialize itself and begins loading modules using ufsboot to read the files. After the kernel has loaded enough modules to mount the root file system, it unmaps the ufsboot program and continue using its own resource.

The kernel creates a user process and starts the /sbin/init daemon, which start other process by reading the /etc/initab file

Modinfo – command provides information about the modules that are currently loaded on a system. The module that makes up the kernel typically reside in computer /kernel and /usr/kernel. Platform- dependent modules reside in the /platform/’uname –m’/kernel and /platform/’uname –I’/kernel directory

When the kernel is loading it reads the /etc/system file where system configuration information stored

Init phase

In the stage init daemon (/sbin/init) reads the /etc/default/init file to set any environment variable for the shell that init invokes. By default CMASK and TZ variable are set. These value get passed to any process that init starts. Then init reads the /etc/inittab file and executes any process that have sysinit  in the action field so that any special initialization can take place before user log in

After reading the /etc/inittab file, init starts the svc.startd starts the svc.configd daemon and also executes legacy run control (RC) script.

Service Management Facility (SMF)

The legacy service can be started after the SMF service so that service dependency do not become problem

Milestone – Services started by svc.startd are referred to as milestone

Milestone/single-user – is equivalent to run level single user

Milestone/multi-user – is equivalent to run level 2

Milestone/multi-user-server – is equivalent to run level 3

Other milestone available in solaris 10 E

Milestone/name-services

Milestone/devices

Milestone/network

Milestone/sysconfig

A corrupt repository database keep the system from booting. You can repair the corrupt database by booting system in single user milestone and running /lib/svc/bin/restore_repository

FMRI- Each service instance is named with a Fault Management Resource Identifier(FMRI) includes service name ans instance name. For example the FMRI for the ftp service is svc:/network/ftp:default, where the svc prefix indicates that the service is managed by SMF. The category of the service is network. ftp identifies the service name  and default identifies the service instance

You may see various forms of the FMRI that all refer to the same service instance

Svc://localhost/network/inetd:default

Svc:/network/inetd:default

Network/inetd:default

An FMRI for legacy service has following format

Lrc:/etc/rc3_d/s90samba

SMF command line utilities

Inetadm – Used to configure and view services controlled by the inetd daemon

Svcadm – used to perform common service management tasks such as enabling, disabling or restarting services

Svccfg – Used to display and manipulate the content of the service configuration repository

Svcprop – used to retrieve property value from the service configuration repository with output that is appropriate for use in shell scripts

Svcs – Used to obtain a detailed view of service state of all service instance in configuration repository

Svcs examples

# scvs –a

# svcs –l network – System display the detailed info with –l for network services

# svcs –d milestone/network:default – To see service started at network default milestone

# svcs –d milestone/multi-user – To see in multi user milestone

# svcs –D milestone/multi-user – show the other dependent service details

# svcs –p svc:/network/inetd:default – display the process associated with give service (or ) # ps –ef

# svcs –x – to list disabled services

Modifying service configuration repository

Use svccfg command to manipulate data in service configuration repository. The svccfg command interact with svc.configd daemon which is started by svc,startd daemon. The repository can be manipulated from the command line or in interactive mode using svccfg command

Example svccfg for enabling ftp logging

# scvfg – prompt changes to svc:>

svc:> list

svc:> select network/ftp

svc:/network/ftp>listprop

svc:/network/ftp> setprop inetd_start/exec=astring: “/usr/sbin/in.ftpd –a –d

The –d option in above command for enable logging. I will modify the start method for the ftp services so that it starts up with –a and –d options

svc:/network/ftp>end – exit

#svccfg –s ftp editprop – to verify the change

#svcadm refresh ftp

Starting and stopping service using SMF

# svcadm enable network/ftp:default

# svcadm disable network/ftp:default

# svcs network/ftp

# svcs | grep milestone – To chack which milestone the system is currently is running

# svcadm milestone single-user – To start transition to the single user milestone

You can also boot the system using one of the milestone

Ok boot –m milestone=single-user

To go back to multi user mode again

# svcadm milestone milestone/multi-user-server:default

Secure by default

Allows administrators to restrict network services during the software installation process. The netservices open command allows administrator to open all the disabled. You can give netservices limited to restrict network services.

SMF Logging

In addition to the system logging method described earlier In this chapter, each service has log file in /var/svc/log directory

Enabling nfs server service

# svcs –a | grep nfs

# share –F nfs –o rw /data

# svcadm enable svc:/network/nfs/server

# svcs –a | grep –I nfs

Chap 4

Useradd defaults can be changed using useradd –D home=/exports/home_new command

To change the default group to staff group #useradd –D –g staff

/usr/sadm/bin/ Smuseradd – Is the command line equivalent to SMC tool for adding a new user. The advantage with smuseradd is it interact with naming services, can use autohome functionality, and well suited for remote management

-x autohome=y|n – Sets the home directory to automount if set to ‘y’

Grouadd – option ‘o’ allows duplicate GID

Setting up shell initialization variable

The primary job of the shell initialization file is to define the users shell environment such as the search path, environment variable, and windowing environment.

C shell initialization file

C shell files run in following sequence.

1. Commands in /etc/.login are executed

2. Commands from the $HOME/.cshrc file (located in users home directory) are executed. In addition each time the users starts a new shell or opens a new window in CDE, commands from $HOME/.cshrc are run

3. The shell executes commands from the $HOME/.login file (located in user’s home directory)Typically the $HOME/.login file contains command to specify the terminal type and environment

4.When C shell terminates it performs command from $HOME/.logout file(If that exist in the users home directory)

Bourne Shell initialization files

1. Command in the /etc/profile are executed
2. Command from $HOME/.profile are executed. Typically this file contains command to specify the terminal type and environment

Korn shell initialization files

3. Command in the /etc/profile are executed
4. Command from $HOME/.profile are executed. Typically this file contains command to specify the terminal type and environment
5. If $HOME/.kshrc file is present commands located in this file are executed. In addition this initialization files gets read (and the command get executed) every time a new Korn shell is started after login.The .kshrc file name is defined by the Env variable. This file name is user definable, but is typically named .kshrc or .kshenv
6. When startup processing is complete, the korn shell begins reading command from the default input device, the terminal

Additional shells included with Solaris 10

Solaris 10 also includes as part of the operating environment, the bash, zsh, na dtcsh shells

The effect of CDE on shell initialization files – initialization files are executed in the order specified for each of the shells, except when your logging into the CDE, Where the $HOME/.dtprofile file is also run. It the DTSOURCEPROFILE variable isnot set to TRUE in the .dtprofile file will not be run,

Default initialization file

Local.cshrc – The default .cshrc file for the C shell

Local.login – The default .login file for the C shell

Local.profile – The default .profile file for the Bourne and Korne shells

Cutomizing User initialization files

When your setting up user initialization files, it might be important to allow the users to customize their own initialization files. Ypu can do this by having centrally located and globally distributed user intializtion files called site initialization files. With  this file you can continuously introduce new functionality to all the user work environment by editing one initialization file.

The local initialization file,  located in users home directory, allows user-specific configuration. A local initialization file lets users further customize their own work environment.

Site initialization file located in /etc directory(example /etc/profile and /etc/.login)

See page 428 for available shell environment variable

PS1=”$(whoami)@$(hostname) [\$pwd] # - Modifying the shell prompt

$ PATH=$PATH:/usr/bin:/$HOME/bin:net/glrr/files1/bin:.;export PATH

For C shell

$ set path=($path /usr/bin $HOMW/bin /net/glrr/files1/bin.)

For the Bourne or Korne shell, the syntax is as follows

VARIABLE=<value>;export VARIABLE

The following examples sets the users default mail directory

MAIL=/var/mail/bcalkins;export MAIL

For C shell the syntax is

Setenv VARIABLE <value>

The following example sets the history to record the last 100 commands in C shell

$ set history = 100

You might also want to lock the user’s account after a specified number of failed login. You can do this by un commenting the following line in the /etc/security/policy.conf file LOCK_AFTER_RETRIES

Pwconv -  After modifying the /etc/passwd file you run this command. This command updates the /etc/shadow file with information from /etc/passwd file

# group – A user can list of group they are belonging using this command

# newgrp other – A user can change their primary group

# id – command  used to display the id

Restricted shell

System administrator cand use restricted version of the Korn shell (rksh) and Bourne shell (rsh) to limit the operation allowed for a particular user account. When an account is setup with a restricted shell users can not do the following

·         Change directories to directory above their home directory

·         Set $PATH variable

·         Specify path or command names that begins with ‘/’

·         Redirect output

#chmod rwx rwx rwx – To change file permission

#chown – To change the ownership of the file

          #chown <user name> < filename>

          # chown <group> <filename>

          # chown <username>:<group id> <file name> - To change both user name  and group name

# su <user name> - To switch user

# su - <user name> - To swith with home directory

The Default User Mask

The UMASK command should set the user mask in the /etc/default or a user initialization file such as /etc/profile or .cshrc. Default umask value is 022. By default system set permission on file is 666(rw) and for directory 777 (rwx)

The sticky bit  is a permission bit that protects the file within directory. If the dirtectory has sticky bit set, a file can be deleted only by the owner of the file the owner of the directory or the root

You use chmod command to set the sticky bit

# chmod +t /export/home/bcalkins/public – Where the ‘t’ option toggle the sticky bit on. Or the sticky bit can be set by specifying the octal values as follows

#chmod 1755 export/home/bcalkins/public

If the sticky bit set on a file or directory without the execution bit set for the others category (non-user-owner  and non-group-owner), it is indicated with a capital T

ACl

An ACl provides better file security by allowing you to define file permission for the owner,owner’s group, others, and specific user and group

$ setfacl –s user::perm,group::perm,other:perm,mask:[erm,acl_entry_list <filename>

-s to create new and replace existing

-m to modify

-m[ask]:<perm> - the mask is quick way to change permission on all the users and groups. For example mask:r—indicate only read permission allowed for all.It override any specific user/group permission

Example

$ setfact –s user::rw-,group::r--,other:---,mask:rw-,user:bill:rw-file.doc – Sets the user permission to read/write,sets group permission to read only and none for others for the file file.doc except user bill is given rw permission

$setfacl –s user::rwx,g::r--,o:---,d:user::rwx,d:group::r--,d:o:------, d:m:r-w,d:user:user1:r-x /export/home/dir1 -  To set default access privilege

#getfacl –d /export/home/dir1 – To display the default ACL entries for the /export/home/dir1 directory

$getfacl file1.txt -  to display ACl entries

Copying a File ACL to another

#getfacl file1 | setfacl –f – file2

# getfacl file* -  You can verify that the changes has been made

# setfacl –m <acl_entry_list> <file name1> [file name2…] – To modify

Deleting ACL

#sefacl –d u:user1 file1 file2

The setuid and setgid program

For example the setuid permission on the passwd command makes it possible for user to modify the /etc/passwd file to change passwords. When user executes the password command, the user assumes the privileges of the root ID, which permission field of the following example indicate the use of setuid and second  ‘s’ indicate the use of setgid

# ls –l /usr/bin/passwd

   -r-sr—sr-x 1                   root    sys     10332  may    3        08:23  /usr/bin/passwd

Locating setuid program

To find files that have setuid permission, you should bcome superuser Then you can use find command to find that have setuid permission set, as in this example.

# find / -user root –perm -4000 –ls

#chmod 4711 myprog1 – To set UID on executable file

#chmod 2751 myprog1 -  To set GID on an executable file

Audtiting users

# logins – To monitor particular user activities  (# logins –x –l user1)

# logins –p -  checking users with no password

# touch /var/adm/loginlo – To monitor all failed login attempt after five fail attempt. This file does not exis by default we have to create is. After creating file set (#chmod 600 /var/adm/loginlog)

# who – Command shows all logged users details. It has options (a,b,m,n <x.>,q,r,s)

# svcs rusers – Similar to who but for remote users

#whoami

#whodo  - Produces formatted and dated output from information in /var/adm/utmpx, /tmp/ps_data, and /prc/pid files.It displays each user logged in and the active process owned by the users (whodo –l – for long lising output)

#last – Solaris last command looks in the /var/adm/wtmpx file for information about users who have logged in to the system. It displays the session of specified user and terminal in reverse chronological order, displaying morst recent login first.For each user last displays when session began, the duration of the session and terminals where sessions took place. It also indicate whether the session is still active or terminated

# last root console | more

# inetadm – List all the network services and their state

# inetadm –d ftp – To deactivate ftp service

# inetadm | grep ftp – To view the service state

/etc/default/login -  One way to protect your system from unauthorized access- regardless of wether its on the internet or not-is via the /etcdefault/login file. You need to make sure the following is not commented

Console=/dev/console – With this entry root is allowed to log in from the secure system console and not via the network by using telnet or rlogin

Trusted hosts

Along with protecting password you need to protect your system from a root user coming in from across the network. For example say systemA is a trusted host from which a user can log in without being required to enter password. A user who has root access on  systemA could access the root login on systemB. When systemB attempt to authenticate root from system it relies on information in its local file- Specifically /etc/hosts.eqiv and /.rhosts. Because of the many risks posed by rlogin and other r commands, you should not use them. Instead you should use Secure Shell (SSH) commands

The /etc/hosts.equiv – File contains list of trusted hosts for a remote system, one per line. Like

System1

System2 user2

A single line of ‘+’ in the /etc/hosts.equiv file indicates that any hosts is trusted

The .rhosts File

The rhosts file is the user equivalent of the /etc/hosts.equiv file. It contains a list of hosts and users. If host/user combination is listed in this file, the specified user is granted permission to log in remotely from specified hosts without having supply password. Users can create .rhosts fies in their home directory; this is another way to allow trusted access between their own account on different systems without using the /etc/hosts.equiv file

The .rhosts file presents a major secrity problem. Although the /etc/hosts.equiv file is managed by admin the .rhosts file can be created by user that grant access whomever user choose- without the system admin knowledge

Disabling .rhosts and hosts.equiv files

To diable and still allow rlogin protocol, you comment the lines that reference pam_rhosts_auth.so.1 from /etc/pam.conf file. This forces rlogin to use a password during authenticate and effectively disable in.rshd and in.rexecd.

Restricting FTP

/ect/ftpd/ftpusers – which is used to restrict access via FTP.

/etc/ftpd/ftphosts – Is used to allow or deny access to accounts from specified hosts

Restricting Root Access

You can protect super user account on a system by restricting access to specific device through the /etc/default/loging file. For example if super user access is restricted to the console the super user can log in only at the console which should be in locked room. Step to achieve this

Edit the /etc/default/login file and uncomment following

CONSOLE=/dev/console

If CONSOLE=<Empty> - Root cannot login even in console

Monitoring Superuser Access

Solaris can be set up to log all attempts to become superuser. The logs that contain this information are useful when your trying to track down unauthorized activity. When ever someone issues the su command to switch from being a user to become root, this activity is logged in the file /var/adm/sulog. It show date and time information

Edit /etc/default/su file and uncomment the following line

Sulog=/var/adm/sulog

Secure Shell SSH

You use ssh to do following

Log in to remote system (by using ssh)

Copy files over the network between hosts (by using scp or sftp)

The SSH daemons sshd, starts up on each hosts at system boot when the snc:/network/ssh:default service has been enabled by SMF. The sshd daemon listens for connection and it handles the encrypted authentication exchange between the hosts. When authenticate is complete the user can execute commands and copy files remotely

The sshd on the server and client controlled by /etc/ssh/sshd_config file.

Normally each user wanting to use SSH with authentication runs ssh.keygen command once to create authentication key in $HOME/.ssh.identity, $HOME/.ssh/id_dsa or $HONE/.ssh/id_rsa.

The client maintain a private key and the server is provided with publ;ic key that is needed to complete authentication

Setting Up Public Key authentication for SSH

1. Create same user account in bother server and client
2. Make sure each account has .ssh directory in the /export/home/user1 if not you can create the .ssh directory by running ssh.keygen command
3. As a root enable host-based authentication on the client by adding the following line to the /etc/ssh/ssh_config file

HostbasedAuthentication yes

4. on the remote hosts enable host based authentication by adding the follwing line to the /etc/ssh/sshd_config file

HostBasedAuthentication yes

5. Start up sshd on the remote hosts if it is not currently running

# svcadm svc:/network/ssh:default

6. On the remote hosts ensure that the sshd daemon can access the list of trusted hosts by setting IgnoreRhosts to no in the /etc/ssh/sshd_config files as follwows

ignoreRhosts no

7. On the client log in as user and create the client public key. To generate the public key on the client issue the follwing command

# ssh-keygen –t rsa (‘t’ to specify fy type of alogorithm like rsa,dsa,rsa1)

8. The key finger print is displayed as a colon separated series. Copy this key and append the key to $HOME/.ssh/authorized_keys file in your home directory on the remote hosts
9. When public key has been created on the client and copied to remote hosts you can start using ssh to login to remote system

#ssh <hostname>

To copy files using SSH, you start secure copy program

#scp <source file> <username>@<hostname>:</destionation path>

# scp file1 user1@192.168.1.1:~

ASET(Automated security enhancement tool)

Helps you to monitor and control system by automatically performing tasks that you would otherwise do manually. It perform following seven tasks

1. Verifies the appropriate system file permission
2. Verifies System file content
3. Checks the consistency and integrity of /etc/passwd and /etc/grouop file entries
4. Checks the content of the system configuration files
5. Checks environment files(.profile,.login, and .cshrc)
6. Verifies appropriate electrically erasable programmable read-only memory (EEPROM)
7. Ensure that the system can be safely used as a network relay

Sytax for asset is

# /usr/asset/asset –l <level> -d <pathname>

# /usr/asset/asset –l low

Chap 5

From page 517

Using signals

Obtain a list of signals by typing man signals.h

You can write sugnal handler

Examle how to trap signal

# trap ‘/bin/rm tmp$$;exit 1’ 1 2 3 15

To change the priority

#/usr/bin/nice -4 <process name>  - Increase the nice number by 4 (lowering priority)

# reince priority –n <value> -p <pid> (reince –n 4 –p 8200)

#priocntl –s –p <new priority> -I pid <process-id>(priocntl –s –p -5 –I pid 8200) – to set the priority level -5 for given process id

#priocntl –s –p -5 –I ppid 8200 – As a result all process forked from process 8200 have a priority of -5

Solaris batch-processing facility

Two types 1.at 2.crontab

Creating crontab

#crontab –e – crontab files are stored in /var/spool/cron/crontabs

#crontab –l – To verify crontab file by typing following

Controlling Access to crontab

You can control access to crontab by modifying two files in the /etc/cron.d directory cron.deny and cron.allow

Secheduling a single system event (at)

#at 07:45am today.

#at [-m –l –r] <time> <date>

#atq / at –l – To check jobs in queue

#at –r – to remove jobs from queue

Examples

#preap – command force killing of defunct process known as zombie

# nice / priocntl – command to change the priority of any process

Chap 6 Managing the LP Print service (from page 554)

# lpadmin –d <printername> - Command is used to define the system default printer from the command line. When this command is run an entry for default printer is made in the /etc/printers.conf

Setting ip printer by using print manager

#/usr/sadm/admin/bin/printmgr &

Setting ip printer by using lpadmin command

1. # lpadmin –p printer1 –v /dev/ecpp0 – To define printer name and port
2. # lpadmin –p print1 –T PS – Set printer type of the printer
3. # lpadmin –p print1 –I postscript – Specify content type to which the printer can print directly
4. # accept print1 – Accept print request for printer
5. # enable print1 – To enable the printer
6. # lpadmin –p print1 –D “Commemt” – To add description to printer
7. # lpstat –p print – Verify the status of printer
8. # lpadmin –x print1 – To delete the printer from machine
9. # lpsystem –r <print-server> - Print  server is deleted from print client /etc/lp/system file
10.  # reject <printer name> - To stop accepting print request on a particular printer. This command prevent any request
11.  # disable <printer name> - It allow taking request but stop printing

Note: when you using bash sell for enable command use it full path /usr/bin/enable because bash has its own enable command

12.  lpmove <printer1> <printer2> - To move print job. After accept command is needed

Creating printer Class

 You can put several locally attached printer into a group called “printer class”. This might be helpful if you have several printers sitting next to each other and it doesn’t matter which your jobs goes to.

# lpadmin –p <printer name> -c <class name>

# lpstat –c <printer class> - To verify what printer are in printer class

Managing printer queue

# lpstat –u <user name> - To view the particular users print request in queue

# cancel <request ID> | <Printer name>

# lp –d eps1 –q 0 file1 – To send print job to the printer “eps1”, with highest priority

# /usr/bin/lp –d sysA:printer1 –q 0 file1 – Send send print request to printer printer1 in server sysA

# lp –I <request id> -H <Change priority> -q <priority level> (change priority are “hold,resume,immediate”

# reject [-r “reason”] <printer name>

# cancel –u user1 printer1

Limiting User Access to printer

# lpadmin –p <printer name> -u <lpadmin-argument>

# lpadmin –p print1 –u allow:user1,user2

# lpadmin –p print1 –u deny:” user1 user2”

User list are added to the file

/etc/lp/printers/<printer name>/users.allow

/etc/lp/printers/<printer name>/users.deny

Restarting Print scheduler

The solaris print scheduler, lpsched,schedules all print request on print server. If printouts are not coming out, you might need to restart print schedule

# svcadm disable –t scv:/application/print/server:default

Troubleshooting print scheduler

The lpsched daemon keeps a log file of each print request and notes if any error. This log file is kept in /var/lp/logs/lpsched file

Chap 7 Performing system backup and restore

Tape device name

The device files are located under the directory /dev/rmt and are composed of numbers and letters /dev/rmt/#cn

# symbol – refers to drive logical number

C – Is the tape density. This can be l(low), m(medium),h(high),c (compressed),or u (ultra compressed)

N:- If n is present after the tape density letter, it means “no rewind”. If no ‘n’ option is given then result would be that only the last file system has beed stored tape will be available

Backup utilities

Tar – Creates tape or file based archive. This format is commonly used for transferring collection of files between system

Dd – Converts and copies a file or raw device

Cpio – Copies data from one location to another

Pax- copies files and directory subtree to a single tape or file. This utility provide better portability that tar and cpio, so it can be used to transport files to other types of UNIX system

Ufsdump – Backs up all files in a file system

Ufsrestore – Restore some or all of the files archived with ufsdump command

Zip – Packages and compress archive files. This utility creates compressed archive that are portable across various platform, including Unix, VMS, WINDOWS

Flash Archive – Combines use of jumpstart and backup utilities to provides an easy mechanism for restoring a system to its intial state or cloning system

Jar – Leverage the portability and flexibility of java to provide capability similar to those of tar, cpio, and zip

Tar utility

# tar <option> <file name> <file-list>

# tar cvf /dev/rmt0 /home/bcalkins – To create tape archive

# tar tvf /dev/rmt/0 (or) # tar cvf files.tar /home/user1

# tar xvf /dev/rmt/0 /home/baclkins/.profile (or) # tar xvf file.tar

The dd utility

Main advantage is quickly converts and copies files with different data formats such as difference in block size, record length, and byte order. Most common use of dd is to transfer a complete file system or partition image from a hard disk to a tape. You can also use it to copy files from one hard disk to another.

# dd if=<input file> of=<output file> <option=value>

# dd if=dev/rmt/0 of=/dev/rmt/1

# dd if=/dev/rdsk/c0t1d0s2 of=/dev/rdsk/cot4dos2 bs=128k – To copy one hard disk to another ( Option bs=128 spcifies block size)

# tar cvf - <files> | rsh xena dd of=dev/rmt/0 obs=128

# dd if=/devrmt/0 conv=swab | dd of=/dev/rmt/0 conv=swab

The cpio utility

• Cpio can backup and restore individual files not just whole file system
• Files size is smaller compared to other utility
• Cpio can span multiple tapes but tar is limited to single tapes

Cpio –o – for copy out mode when creating backup

Cpio –I – for copy in mode for restoring

# find . | cpio –ocB >/dev/rmt/0

# cpio –icvdb < /dev/rmt/0

# cpio –ovB <list> > /dev/rmt/1 – To backup

The pax Utility

Pax can read, write, and list the members of an archive file and copy directory hierarchy. The pax utility supports tar,cpio.etc

# pax –w –f /dev/rmt/0 – To copy current directory to tape

# pax –v –f /dev/rmt/0 – To list a vebose mode table of content

# pax –rw –I . <dest dir> - To select interactively files from current directory to destination directory

The ufsdump utility

Copies  files, directories, or entire file system from a hard disk to tape or from  disk to disk. The only draw back is the file system should be in offline

Syntax of ufsdump

/usr/sbin/ufsdump <option> <argument> <file-to-dump>

# ufsdump 0ucf /dev/rmt/0 users – Is a full backup of users file system

# ufsdump S <file system> - To check how much space file system required

# ufsdump 0ucf sparc1:/dev/rmt/0 /export/home – Local machine /export/home directory backed up to the remote machines (sparc) tape drive(/dev/rmt/0).

Note: When incremental backup is done ufsdump command consults /etc/dumpdates file to find date of recent backup

# ufsdump 0f /export/home | (cd /data; ufsrestore –rf - ) – move the data directly to the file system without going to tape. In this example all the date from /export/home directly copied to the /data file system

Ufsrestore

Sytax # ufsrestore <options> <arguments> <file names>

# ufsrestore tf /dev/rmt/0 – To list content s of tape

# usfrestore f /dev/rmt/0 <filename> - To restore file from backup that was created using ufsdump

 Interactively Restore a file from ufsdump

1. Change to /var/tmp directory for temporary store
2. Load the tape and position tape to second ufsdump file

# mt –f /dev/rmt/0n fsf1

3. Access ufsdump file on the tape using I option. This puts ufsrestore in interactive mode and allows you to search for the file on the tape

# ufsrestore ivf /dev/rmt/0

4. While in interactive mode of ufsrestore, change to the /etc/inet directory

Ufsdump> cd /etc/inet

5. Mark the host file for extraction

Ufsdump>add hosts

6. Extract file fro tape

Ufsdump>extract and press 1

7. quit ufsdump>quit

#ufsrestore rf sparc1:/dev/rmt/0 filename – To restore entire file system

Recovering and restoring damaged file system on SPARC System

# unmount /<file system> - Corrupted file system

# newfs /dev/rdsk/<disk-partition> - To create new file system

# Although it is optional use fsck  which is recommended

# mount /dev/dsk/<?t?d?s?> <directory>, # cd /<directory> - Mount the file system to be restored and change to that directory

#ufsrestore /dev/dsk/<disk partition> - load tape and issue given command

Recovering Root(/) or /usr file system

1. Boot from disk and recreate failed file system by issuing newfs command

# newfs /dev/rdsk/<disk-partition>

2. Check filesystem using fsck

# fsck /dev/rdsk/<disk-partition>

3. #mount /dev/rdsk/<disk-partition> /mnt
4. # cd /mnt
5. # ufsrestore rf /dev/rmt/0
6. # rm restoresymtable
7. # cd /
8. # umount /mnt
9. # fsck /dev/rdsk/<disk-partition>
10.  # install /usr/platform/’uname –I’/lib/fs/ufs/bootblk – If your recovering root (/) file system create boot blocks on the root partition by using the install boot

Recovering Root(/) filesystem on X86

1. Boot with disk and select choice 6
2. # newfs /dev/rdsk/<disk-partition> – to create new file system
3. # fsck /dev/rdsk/<disk-partition> - check filesystem
4. # mount /dev/dsk/<disk-partition> /mnt
5. # cd /mnt
6. # ufsrestore rf /dev/rmt/0
7. # ls
8. # rm restoresymtable
9. # /sbin/installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/<disk-partition>
10.  # cd /
11.  # umount /mnt
12.  # fsck /dev/rdsk/<disk-partition>
13.  # ufsdump ouf /dev/rmt/0 /dev/rdsk/<disk=partition>
14.  init 6

Tape drive control

The mt command used to communicate with the tape drive from the command line. Use the mt command to send instruction to the tape drive.

Syntax

Mt –f tape-device=name command count

Mt status – Print the status information about the tape unit

Mt rewind – Rewind the tape

Mt offline – Rewind tabe and if required take the drive unit offline by unloading tape

Mt fsf count – Forward space the tape over requested number of sequential file marks

Mt eom – Space to end of recorded media on the tape. This is useful for appending files onto previously written tape

Mt erase – Erase the entire tape

Mt rewoffl – Rewind the tape and if required take drive unit to offline by unloading tape (Same as rewind)

UFS Snapshot utility

You can use fssnap command to create a read only snapshot of a file system while the file system is mounted. A snapshot is a point in time image of a file system that provide stable unchanging device interface for backup. This snapshot use backing-store file

Pointes to be remember

·         The backing store file location must be different from the file system the is being capured snapshot

·         The backing store file can reside on any type of file system, including another UFS file system or an NFS file system

·         Mutiple backing-store files are created when you create a snapshot of a UFS file system that is larger that 512 GB

Unlike ufsdump, fssnap enables you to keep the file system mounted and the system in multi user mode during backup. The snapshot is stored to disk, and then you can use Solaris backup command such as ufsdump, tar, and cpio to backup snapshot. The result is more reliable backup that you get with ufsdump alone.

Creating snapshots

1. Determine which file system you want to create snapshot. Assume /export/home
2. Determine where you store. Assume /var/tmp
3. Create snapshot

# fssnap –F ufs –o backing-store=/var/tmp /export/home (or) bs=/var/tmp

4. Now backup file system to tape (/dev/rmt/0) by specifying the virtual device (/dev/fssnap/0)

# ufsdump 0ucf /dev/rmt/0 /dev/fssnap/0

5. #/usr/sbin/fssnap –I – Display summary of all snapshot
6. # /usr/lib/fs/ufs/fssnap –I /export/home – For detailed information about snapshot
7. # fssnap – ufs –o maxsize=600m,backing-store=/var/tmp /export/home – To limit the size of backing-store file. In addition after executing fssnap command two virtual files are created

Creating an incremental Backup of UFS snapshot

1. We will assume snapshot was created earlier, backed up using level 0 dump and then removed. assume name of virtual device /dev/rfssnap/0
2. Create incremental backup of snapshot

# ufsdump 1ufN /dev/rmt/0 /dev/rdsk/c1t0d0s0 /dev/rfssnap/0 – The backup conatains all the files that were added or changed since the last level 0  dump. Use a UFS snapshot of an existing file system to create, or clone, a new file system. For example suppose that you have created snapshot of the /data file system and then corresponding virtual device is named /dev/rfssnap/0. To create new file system named /data_new, which will be exact copy of the snapshot issue the following command

# mkdir /data_new

# ufsdump 0ucf - /dev/rfssnap/0 | (cd /data_new; ufsrestore rf -)

3. To remove snapshot

# fssnap –d /export/home

4. When you create UFS snapshot, you can specify that the backing-store file be unlinked, which means the backing-store file is removed after snapshot is deleted. Below see the command

# fssnap –F ufs –o unlink,backing-store-/var/tmp /export/home

When you use unlink option you cannot see backing-store file

Note : The backing-store file occupies disk space until snapshot is deleted, whether you use the –o unlink option to remove the remove the backing-store file or remove manually

ZIP and UNZIP

Is a compression and file packing utility that is now available on solaris. Zip is used on UNIX, Microsoft,etc to compress files and then put those files into an archive file.

Solaris flash Archive

You can backup your solaris environment not the data by creating fleash archive.  It can be used as a backup or replicate an installation on a number of system called clone system.

While your in single user mode flarcreate command to create the solaris flash archive.

Syntax

Flarcreate –n <name> <option> <path> /<filename>

Name – is the name you give to archive

Path – destination path

Filename – specify name of archive

# flarcreate –n osarchive –t /dev/rmt/0 – To create an archive of the entire operating environment on the local tape drive

# flar –I /data/vararchive

The jar Utility

Is similar to tar. With more option like (security, decreased download time, Compression, Packaging for extention, Package sealing, Package versioning, Portability)Security - You can digitally sign the content of the JAR file.

Syntax

Jar <options> <jar-file> <input-file(s)>

# jar cf <jar-file> <input-file> - To create jar files

# jar tf <jar-file> -To view content

# jar –xf <jar-file> - To extract file

# jar –xf <jar-file> <archived-file(s)>

# jar cvf ~/files.jar files.class audio images

# jar cvf0 files.jar files.class audio images – Turn off compression feature

SOL-REF

  Chapter 1   Commands

1. prtvtoc- Displays the partition information

2. Format – partition

3. fmthard – To recover VTOC

4. ln –s source file link file

5. growfs – command to increase number of inode later in file system

6. newfs –v /dev/rdsk/c2t4d0s1 – Outputs all the parameter passed to mkfs utility

7. fstype – A good command to use to view file system parameters is the fstype command

    #fstype –v /dev/rdsk/c0t0d0s7

8. fsck - to repair the file system. It uses the state flag which is stored in superblock to record condition of file system/

9. lableit – After you create the file system with newfs you can use the labelit utility to write or display label on unomunted disk filesystem

# labelit <-F <fstype>> <-V> <special> <fsname volume>

10.#volcopy <option> <fsname> <srcdevice> <volume1> <destdevice> <volumename2> - Command can be used to copy file system from one disk to another disk

#volcopy –F ufs home1 /dev/rdsk/c0t0d0s6 home2 /dev/rdsk/c0t1d0s6

11.        #mount/umount

12.        fuser

13.        volcheck

14.        rmformat

15.        rmmount- remove the media mounter. Used by vold to automatically mount a /cdrpm /floppy,are installed

16.        volcancel – Cancels users request to access a particular CDROM.This is useful if the removable medium containing the file system is not currently in the drive

17.        volcheck – Checks the drive for installed media. By default it checks drive pointed to by /dev/diskette

18.        volmissing – Specified in vold.conf, and notify the user if an attempt is made to access a removable media that is no longer in drive

19.        vold – The volume manager daemon controlled by /etc/vold.conf

20.        volrmmount – Simulaes aninsertion so that rmmount will mount the media or simulate an ejection so that rmmount will unmount the media.

21.        fdformat

22.        Df – Displays information about the currently mounted file system and mount point, disk space allocation, usage and availability

23.        SMC Usage tool – A GUI tool to display information about currently mounted file system and mount point, disk space allocation, usage and availability

24.        Du – Displays the disk usage of directory and all its subdirectory [du –k /adm | sort –r –n ] show the o/p in reverse order.

25.        Quot – Displays disk space used by each user

26.        Quota – Displays the disk quota and disk usage within a file system for indivisual users on which quota have been activated

27.        Repquota – Displays quota and disk usage for all users on one or more file system

Chapter 2 METHOD OF INSTALLING SOLARIS 10 SOFTWARE

28. re-preinstall

/var/sadm/system/admin/cluster – To know Exactly which software cluster is running/installed

/usr/openwin/bin/kdmconfig – To configure Graphic (XSun/XOrg)

SUNWCmin

SUNWCrnet

SUNWCnetr

SUNWCminr

SUNWCXall – Core

SUNWCall – End user

SUNWCprog – Reduced Network

SUNWCuser – Entire distribution

SUNWCrnet – Entire Distribution with OEM

SUNWCreq – Develpoer

Host.equiv

.rhosts

Loginlog file structure

Sulog file structure

Commands to be through

Fsck

Newfs

Mkfs

Vold

/var/adm/Loginlog – File contain failed attempt

Logins

Fmthard

Prtvtoc

Commands

# du –sh /export/home – Shows the users home file system filling up

# newfs –sb /dev/dsk/c0t0d0s7 – Shows alternative backup of super block

# volcheck – For OS to recognize floppy

#cd /usr/platform/uname –m/lib/fs/ufs & # installboot /usr/platform/uname –I /lib/fs/ufs/pboot /usr/platform/uname –I /lib/fs/ufs/bootblk/dev/rdsk/c0d0s2 -  Command to restore pboot and boot block on the slice

# df –F ufs –k

#ufsdump 0uf /dev/rmt/0 fssnap –o bs=/opt.raw /. – To backup / (root) to /dev/rmt/0 tape without bringing system to single user mode

$ su – root –c “mozila”

# logins –x –l root.dev,rest1 root 0 root 0 Super-User

Ok sifting net – command in ok prompt displays commands which has string of net

Ok nvalias s10disk /pci@if,0/pci@1/pci@1/SUNW,is[two@4/sd@2,0 – Will create permanent device alias name for the second disk

# svccfg import /var/svc/manifest/site/banner-smf.xml – Command to incorporate banner service into SMF

# install –pboot /dev/rdsk/c0d0s2 –b bootblock /dev/rdsk/c0d0s2 & #cd /usr/platform/uname –m/lib/fs/ufs & # installboot /usr/platform/uname –I /lib/fs/ufs/pboot /usr/platform/uname –I /lib/fs/ufs/bootblk/dev/rdsk/c0d0s2 -  Command to restore pboot and boot block on x86 based server

# mount –Fufs –oro /dev/fssnap/o/check – Command to mount snapshot after snapshot taken before start backup (checking virtual file system)

# prtvtoc /dev/rdsk/c3t0d0s2 > /tmp/c3t0d0.vtoc & # fmthard –s /tmp/c3t0d0.vtoc /dev/rdsk/<new disk> s2 – Command for scripting like copying one hard disk structure to new one

# fuser –c

# svcs –D – To check the dependencies

# ufsdump syntax

# prtdiag –V & # prtdiag –v – command can be used  to check current patch release

# fmthard –s /dev/null /dev/rdsk/<device>s2 – Command to delete partition information but not clear the VTOC.

Boot –m debug – Command cause SMF to start all service serially and display messages on the console for all services

Check the option “–c and –p” in user add command

/var/adm/utmpx – Is the file where who commands reads to get logged in user details

Use the /lib/svc/bin/restore_repository utility (or) Go into /etc/svc directory and move the backup

database back into place. – Two methods can be used to restore a corrupt repository?

ls -l /dev/dsk (or) In the format utility, from the main menu, select disk – To note hardware  configuration information and to note both the physical device name and the logical device name for each

installed disk

Replace host file from ufsdump

1. # cd /var/tmp
2. # mv –f /dev/tnt/tntfsf
3. # ufsrestore ivf /dev/rmt/0
4. # cd /etc/tmp
5. #  add hosts
6. # extract
7. # quit
8. # mv /var/tmp/etc/inet/hosts /etc/inet/hosts

Identifying Hardware problem

1. Bring the workstation to Run level 0
2. At the Ok prompt, set the diagnostics level to maximum
3. at the Ok prompt, set the diagnostic switch to true
4. At the OK prompt, set auto-boot switch to false
5. Power off the workstation
6. Remove the workstation keyboard
7. Connect a serial console to serial port A
8. Power on the workstation

Steps to restore entire / (root)

1. boot cdrom –s
2. newfs /dev/rdsk/c0t0d0s0
3. mount /dev/dsk/c0t0d0s0 /a
4. cd /a
5. ufsrestore rvf /dev/rmt/0
6. rm restoresymtable
7. cd /
8. umount /a
9. cd /usr/platform/’uname –m’/lib/fs/ufs
10. installboot bootblk /dev/rdsk/c0t0d0s0
11. init 6

If Machine restart frequently

As system administrator, you are asked to troubleshoot a SPARC-based workstation in your

department. This workstation reboots intermittently, and the system logs indicate some sort of

hardware error. To investigate further, you want to run extended POST tests and view the output

from these tests without the workstation reloading the OS.

To do this, you need to perform these tasks:

1. bring the workstation to Run Level 0
2. power off the workstation
3. power on the workstation
4. at the ok prompt, set the diagnostic level to maximum
5. at the Ok prompt, set the diagnostic switch to true
6. at the ok prompt, set the auto-boot switch to false
7. connect a serial console to Serial Port A

Complete ref book

File locations to be remembered

/etc/default/fs – file contain the default local file system type

/etc/default/fstype – File contain default remote system file system type

Spaw

Commands Red

Ok watch-net – To check NIC

Ok diag – To test hardware

Ok probe-scsi – To check all attached disk device detected correctly

OK banner – To check system information including memory

OK setenv boot-device <disk,net,cdrom>- To change boot device

OK printenv boot-device – To display the boot device

OK test <net,cdrom,disk> - Command to test specific hardware

OK watch-clock – To test clock device

OK probe-scsi – Command to detect all attached scsi device

OK probe-pci & probe-pci-slot– To detect all PCI

OK nvalias net /pci@1f,4000/network@1,1:rarp – To store env variable in NVRAM this would indicate boot using network and specific device

OK nyunalias – To delete previously created Env variable

# wall – Which send message to all terminal to all loged user

# write user1 – You can send message to user1

# talk user1 – To request for talk session

Package info

# pkginfo – To see the installed package information

Creating Package (page 108)

To create package two files has to be created

1. prototype file – which contains list of files to be stored in archive and their permission
2. pkginfo file – which contains all descriptive information including creator, architecture, and base directory

Creating pkginfo file using find

# cd /usr/local/apache

# find . –print | pkgproto > prototype – this command produce prototype file in current directory

See further book (complete ref page – 108)

Package commands

Pkgproto – Create prototype file that specify files contained in package

Pkgmk – Create a package directory

Pkgadd – To install a pakage

Pkgtrans – Converts a package directory into file

Pkgrm – uninstall package

Pkgchk – Verify that a package is valid

Pkginfo – Print the content of package

Install Command

Install command is not part of standard package tools but is offen used in script to copy files from source to destination directory. It not requires ROOT permission but work with limited permission

Options

-          c – Copies source to target directory

-          f – Overwrite the target file with source file

-          n -  Copies file to directoy only if does not exist

-          d – Create a directory

# install –c /opt/scripts –m 0755 –u bin –g sysadmin /tmp/setup_scripts

Patch

CVE patches – Sun security patches start with cve (Common Vulnerability Exposure)

Recommended patches – It file names 10_recommended.zip

# showrev –p -  Will show the currently installed patch

Compress

# tar <destination> <source>

# tar cvf /tmp/apache.tar *

# tar rvf /tmp/ apache.tar * - To replace the tar file content

# tar tvf /tmp/apache.tar * - To list file content

# tar xvf /tmp/apache.tar  - To extract file

# compress backup.tar – Command compress the file and produce output backup.tar.z

# uncompress backup.tar.z – Will uncompress and produce backup.tar file

# gzip backup.tar – To compress file and produce backup.tar.gz. this delete the original file

# gzip -9 backup.tar – To achive maximum compression

# gzip –d backup.tar.gz – To uncompress file

VI Editor (See page 124 in complete ref.)

Vi Editor can be customized on per-user basis by creating .exrc file in each user home directory

# sort <file name > - Will sort the file

# diff <file 1> <file 2> - Will show difference character of file1 by comparing file2

# basename <file.ext> ext – Command will file name without extension

Sed and awk

Sed is command line editing program that can e used to perform search-and-replace operation on very large files,

Awk is complete tesxt processing programming language

# sed G < test.dat – Command presentation with double space

# sed G < test.dat | sed ‘n;d’ – To remove unwanted space

# sed ‘/./=’ test.dat | sed ‘/./N; s/ \n/ /’ – To present with line number

# cat test.dat | sed –n ‘$=’ – To count no. of lines

# cat test.dat | sed ‘s/MA/CT/g’ – To replace Ct with MA

PERL Programming

1. Create a text file by using vi or pico editor
2. Give the file executable permission, by using chmod command
3. Instruct the shell to execute PERL interpreter by including directive in the first line of the script
4. Write PERL code
5. Run the application

Example 1

# touch hello.pl

# chmod +x hello.pl

# vi hello.pl

          #! /usr/bin/perl

          Print “Hellow world \n”

Save & exit

#./hello

Example 2

#! /usr/bin/perl

$passwdfile=”/etc/passwd”

$shadowfile=“/etc/shadow“

If (-e $passwdfile)

{

          Print “Found password file”

}

Else

{

          Print “ File not found”

}

If (-e $shadowfile)

{

          Print “Found password file”

}

Else

{

          Print “ File not found”

}

Example 3

#! /usr/bin/perl

@shells=(“/bin/sh”,”/bin/csh”,”/bin/tcsh”,”/bin/zsh”)

Foreach $i(shells)

{

          If (-e $i && -x $i && -r $i && -s $i)

{

                   Print “valid shell”.$i. “\n”

          }

          Else

{

                   Print “Invalid shell”.$i. “\n”

          }

}

Writing shell script

Example 1

# vi count_lines.sh

          #! /bin/bash

          Echo “Number of line in file “ $1

          Wc –l  $1

:wq

Example 2

# vi eg2.sh

          #! /bin/bash

          For I in apple orange lemon kiwi guava

          Do

          DATAFILE=$i”.dat”

          Echo “checking” $DATAFILE

                   If test –s $FILENAME

                   Then

                             Echo “$DATAFILE  “has zero length”

                   Else

                             Echo “$FILENAME  “is OK”

                   Fi

          Done

Chap 8 Process management

# priocntl –l – To obtain list of all supported class of a specific pocess

Using top program

Top – displays the details of the leading process that consumes the greates amount of CPU time during each sampling period. Top reads /proc file system to generate its process statistics

Top listing show the lot of information about each process running on the system including the PID, the user who owns the process, the nice value(priority),the size of the application, the amount resident in memory,its current state(active or sleeping), CPU time consumed, and the command name

# nice – -20 dtterm – To increase the priority of dterm process

# nice – 20 top – To decrease the top process priority

Using truss program

IF a program is hanging for example because it cant find its initialization file the failed system call revealed using truss program. Truss prints out each system call line by line as it is executed by the system

Example

# truss cat /etc/resolve.conf  - see the output about what are functions are called to open a file

#/usr/proc/bin/pflags 29081 – Command prints the flag and model detail for PID question

#/usr/proc/bin/pcred 29081 – prints the credential information for this process including effective and real UID and GID

# /usr/proc/bin/pmap 29081-To examin the addressmap space of the target process

#/usr/proc/bin/pldd 29081 – To obtain list of dynamic libraries linked to each process by using pldd command

#/usr/proc/bin/psig 29081 – To list signal action associated with each process

#/usr/proc/bin/pstack 29081 – To print a hexadecimal format stack trace for the lightweight process(LWP) in each process by using pstack command

#/usr/proc/bin/pfiles 29081 – Displays all open file for each process

#/usr/proc/bin/pwdx 29081 – To botain current working directory of target process

#/usr/proc/bin/ptree 29081 – To examin all child process containing target id

Using lsof (list open file) command

List information about files that active process running on solaris currently have open

To examin the process that are using files in /tmp file system use following

#lsof  /tmp

CHAP 9 SYSTEM SECURITY

Four roles are defined by default under trusted solaris for the system management process

1. Security officer – Manage all aspect of security on the sysem such as auditing, logging and password management
2. System manager – performs all system management tasks that are not related to security except for installing new software
3. Root account – used for installing new software
4. Oper account – Used for performing backups

Decryption

A large integer known as akey is central to encryption and decryption process and depending on algorithm a different key may be used for encryption and decryption

Symmetric key cryptography

Algorithm that use only a single key for encryption and decryption are called symmetric

Asymmetric key cryptography

Algorithm that uses two seperate key for encryption and decryption are called asymmetric

Security Audit

SAINT (Security Administrator integrated Network Tool) – Have the ability to scan all of your system services and identify potential and/or known vulnerability. You can download SAINT  from www.santcorporation.com/product/saint_engine.html . to run a SAINT you need GNU C compileror SUN C compiler after using make to build SAINT binary you can start SAINT by tyoing

# ./saint

Aset (Automated security enhancement tool)- Is supplied by multilevel system for investigating system weakness. In addistion to reporting on potential vulnerability asset can actually fix problem that are identified. There are three distinct operational levels for aset

CHAPTER 10 File system access control

umask

You can enforce system-wide permission by using a default (umask), which sets the read, write and execute permission on all new files created by a specific user

setUID and setGID

Administrator can use a different set of file permission that allows files to be executed as a particular user for example volume daemon (vold) allows unprivi;eged users logged into console to mount and unmount CD-ROM and floppy disks

# find / -local –type f  \ (-perm -4000 –o –perm 200 \) –print – command can be used to print file with setUID or setGID privileges

# chmod u+s file.txt – To set setUID

# chmod g+s file.txt – To set setGID

Sticky Bit Permission

In the public area restricting other user to delete your file and only owner can be delete the file permission is called Sticky Bit

#chmod +t <dir> - To set sticky bit

Access Control Lists

It is possible give permission to particular user to access file using ACL

# setfacl –m user:user1:r— file.txt – To assign read only permission for user to file file.txt

# setfacl –m user:user1:rw— file.txt – To assign read & write  permission for user to file file.txt

# getfacl  /etc/passwd – To see the file permission

CHAPTER 11 Role-Based Access Control

Sudo – In order to access privileged item a qualified user simply needs to re-enter their password not root password. It is configured in file /etc/sudoers

 # sudo format

RBAC – A number of specific roles require super user privilege which you may need to grant to users who should not have complete root privilege. Common operation performed in context of RBAC including setting up profile and defining roles. The following commands are commonly used

# smexec – Create,read,update,and delete rows in exec_attr database

# smmultiuser – Perform batch function

# smuser – Perform operations on user account

# smprofile – Create, read, update, and delete profiles in prof_attr database

# smrole – Create, read, update, and delete role account

# rolemod, roledel, roleadd – To modify, delete, and add roles respectively

Example (See more example on page 255-258)

#smexec add –hostname localhost –password xyz123 –username root - -  -n “print manager “ –t cmd –c /usr/sbin/lpsched –u 0 –g 0 – This entry add capability to start printing service to the Print Manager profile with effective UID and GID of 0

#smexec delete –hostname localhost –password xyz123 –username root - -  -n “print manager “ –t cmd –c /usr/sbin/lpsched –u 0 –g 0

#smmultiuser add –hostname localhost –p xyz123 –username root - -  -I /home/paul/newaccounts.txt

Roles -  The first stage of implementing RBAC is to define roles which are then assigned to users

Profile – A Profile is specific command or set of command for which an authorization can be granted. These authorization can be formed to gather to form a role which is in turn associated with single user or a number of different users

Authorization -  is a privilege defined in file /etc/security/auth_attr that is granted to a role to allow that role to perform operations

CHAPTER 12 UERS,GROUPS, AND SMC

# newgrp sys – Command to change the current user primary group

# pwck – Is used to verify the accuracy of the password file. It also check whether home directory exist or not

# grpck – Command check the accuracy of group file

# pwconv – To convert system that do not have shadow password file to use password shadowing

CHAPTER 13 Kerberos and pluggable Authentication

Not studied well

CHAPTER 14 Device and Resource Management

# arch –k – If your working in remote system and unsure about system architecture, your find out same from using this command

CHAPTER 15 Installing Disks and File System

# newfile 1g /tmp/newfile – To create file with 1 GB size which is padded with 0(Zero) inside

Lofiadm -  Command is used to initialize file on existing partition that is labeled as a raw device, by using loop back file device driver. You can then create a new file system on the device by using newfs or mkfs as if it were a separate partition

For example you have created file /tmp/datafile with mkfile command with specific size to create association

#  lofiadm –a /tmp/datafile /dev/lofi/2

# newfs /dev/rlofi/2

# mount /dev/lofi/2  /testdata

To delete the same

# umount /testdata

# lofiadm –d /tmp/datafile

Swap

To add virtual Ram to system. To ass virtual memory you should use mkfile command to create an empty file of required size. Next use swap command to add file into pool of available disk space

# swap –a /u1/swap

# swap –a /u2/swap

# swap –l – To verify that swap has been correctly added

To remove swap

#swap –d /u1/swap

Tunefs

Allows you to tune file system performance to specific requirement.

CHAPTER 16 File System and Volume Management

Fsck examines each disk volume in five distinct stage

1. Check block and size
2. verify path names
3. Examines the connectivity
4. Investigate reference count
5. Checks the cylinder groups

RAID – To solve capacity and redundancy problem, solaris provide support for Redundant Array on Inexpensive Disk (RAID). RAID defines a number of different level that  provide various types of striping disks and mirroring

Setting up RAID

# metdb –c 3 –a –f /dev/dsk/c1t0d0s7    /dev/dsk/c0t0d0s7

D5 4 1 c1t1d0s5  1   c1t2d0s5  1 c2t1d0s5  1  c2t2d0s5

# metainit d5 – To initialize d5 meta device

# newfs /dev/md/rdsk/d5

# mkdir /staff

# mount /dev/md/dsk/d5   /staff

Mirroring –

D50 –m /dev/md/dsk/d52 /dev/md/dsk/d53

D52 1 1 /dev/dsk/c1t1d0s5

D53 1 1 /dev/dsk/c0t1d0s5

To initialize d5 metadevice

# metainit d50

# metainit d52

# metainit d53

Newfs /dev/md/rdsk/d50

Newfs /dev/md/rdsk/d52

Newfs /dev/md/rdsk/d53

# mkdir /work

# mount /dev/md/dsk/d50 /work

Fuser – Command to determine which user accessing particular file

# fuser –c /export/home

# fuser –c  -u /export/home – To give list of UID associated with each process

# wall – To warn users

CHAPTER 17 Backup & Restore

Selecting Backup Tools

If you want to use anything other than  Standard UNIX  backup tools, many freeware and commercial packages are available. For example AMANDA is a freeware and VERITAS , Legato both are commercial version

AMANDA  (Advanced Maryland Automatic Network Disk Archiver) – Follows scheme of using centralized backup server for multiple client. It provide management of native solaris backup and restore commands, It means AMANDA backup are tar files that can be manually extracted and viewed without using AMANDA

Solaris native backup utils

1. tar
2. compres
3. gzip
4. cpio
5. dd
6. ufsdump

CHAPTER 18 PRINTER MANAGEMENT

Determining whether a printer is supported

# ls /usr/share/lib/terminfo

Adding printer to calss

# lpadmin –p hp2 –c design_class

Setting Printer Environment Variable

# PRINTER=hp1 export PRINTER1

# LPDEST=hp1 export LPDEST

Accessing remote printer

# lpadmin –p hp1 –s host2

CHAPTER 19 Pseudo File System and Virtual Memory

Pseudo File System

One of Pseudo file system used in solaris in PROCFS (process F/S) which is mounted in /proc.

# /usr/proc/bin/pflags 29081 – Print the flags and data model details for the PID in question

# /usr/proc/bin/pcred 29081 – Prints the credential information for this process

# /usr/proc/bin/pmap 29081 – To examin the address map of the target process

# /usr/proc/bin/pldd 29081 – To obtain dynamic library linked to given process

# /usr/proc/bin/psig 29081 – List the signal associated with process

# /usr/proc/bin/pstack 29081 – Prints the hexadecimal format stack

# /usr/proc/bin/pfiles 29081 – To see list of opened files for each process

# /usr/proc/bin/pwdx 29081 – Obtain current working directory

# /usr/proc/bin/ptree 29081 – Shows list of  child process

Virtual memory

To add virtual memory you should use mkfile command to create an empty file of required size.

# mkfile 4097072k /u1/swap

# mkfile 4097072k /u2/swap

To add file into pool

# swap –a /u1/swap

# swap –a /u2/swap

To Delete Virtual Memory

# swap –d /u1/swap

# swap –d /dev/dsk/c1t1d2s1

CHAPTE 20 System logging, Accounting, and Tuning

Implementing quotas

# vi /etc/vfstab and add “rq”

# cd /staff

# touch quots

# chmod u+rw quotas

# eduquota user1

# quota –v user1

# quotaon /staff

To check quotas of all users

# erpquota /staff

Collecting performance data

Iostat – is useful for gaining an accurate picture of how system resource are allocated

# iostat –c 1 20 – To display CPU state at one second interval 20 times

Vmstat – which displays a large collection of statistics concerning virtual memory performance # vmstat –s

Mpstat – to examine system load, over number of regular intervals

Sar – It produces number of snapshot of current system activity over a specified number of time intervals

Runact – Which actually performs the accounting, is the one of least used program

Monacct – Is monthly accounting program

Performance tuning (see chap 420 for more variables)

Set makuprc=100 – Is to set maximum number of process permitted per user in /etc/system file

SUN Material Notes

Kernal Functions

1. File system management
2. Device management such as storing DATA to hard disk
3. Process Management of CPU function
4. Memory management

Inode – Is list of information relating to particular object (directory,file)

# ls –ld – To view detailed information about a directory

# ls –R – Display Content of directory and its sub directory

# ls –F – To display file types

# file <file name> - To determine file type

Printing files

# lp <option> <file name>

Options – d,o(for without banner ), n, m

# lpstat – Display the status of printer

Options

-p – Display all printer

-o – Display status of all o/p request

-d – Display system default printer

-t – Display complete status info of all printer

-s – Display status summary of all printer

-a – Display which printer accepting printer request

# cancel <request ID> or # cancel  -u <user name> - To cancel print

# lpstat <printer name> - To identify print request ID

# cp <options> <source> <destination>

Options - -I – Avoid overwriting , -r – Include content of sub directory

# ln –s <source> <destination> - To create soft link

Vi Editor

Vi Editor has three mode

1. Command mode – Edit, Delete, Copy, Change, Move
2. Edit mode – Insert, Open new blank line, Append
3. Last line mode – quit , and save (using ‘:’)

# vi –r <file name> - To recover file

Vi editor customization

1. Create a file in users home directory called .exrc
2. Enter set of variable into .exrc file
3. Enter set of variable without preceding colon ‘:’
4. Perform one command per line

Shell meta character

1. ~ - Symbol represent home directory
2. –(hypen) – Symbol represent previous working directory
3. *, ?, [] – Represent all char, single char, and rage of char respectively

Korn shell command for variable

VAR= VALUE; export VAR – To set variable

Unset VAR – To unset variable

Set, env, export – To display all variable

Echo $VAR, print $VAR – To print value of VAR

Example

# PRIVATE= /export/home/viswa

# Set | grep PRIVATE

# cd $PRIVATE

Default Environment variable

EDITOR – To set default Editor

FCEDIT – Define editor with fc command used with history mechanism for editing previously executed command

HOME – Set home directory

LOGNAME – Set login name

PATH - semicolon separated path

PS1 – To change prompt

PS2 – For second prompt (i.e ‘>’ symbol)

SHELL – For default shell

# history – command will show previous 16 commands

# history –n – Without line number

# history -4 – Will execute 4^th command

# history cd ls – Command display most recent cd command

# r 160 – Will execute 160 command in history

# r c – will execute command starts with ‘c’

File name completion

Type ls command followed one or two character of file after that press escape and then back slash

Shell initialization files

Shell	System wide initialization files	Primary user initialization file red at login	User initialization file red when new shell started	Shell path
Bourne	/etc/profile	$Home/.profile		/bin/sh
Korn	/etc/profile	$Home/.profile $Home/.kshrc	$Home/.kshrc	/bin/ksh
C	/etc/login	$Home/.cshrc $Home/.login	$Home/.cshrc	/bin/csh

Access Control List

It is possible to set ACL either command line or using File Manager (/usr/dt/bin/dtfile)

# sefacl –m acl_entry <File name> - Create or modify ACL entry

# sefacl –s acl_entry <File name> - Substitute new ACL entry for existing one

# sefacl –d acl_entry <File name> - Delete ACL

# sefacl –r acl_entry <File name> - Recalculate ACL mask based on ACL entries when used with –m or –s options

# sefacl –m –u:user1:7 <File name> - To set user1 all permission

# sefacl –m –u::rwx,g::rw,o:r--,m:rw-,u:user1:rwx <File name> - To set owner all rights, Group with read and write, Others with read, user1 with all rights, and the ACL has read and write permission

#getfacl <File name> - To see the ACL permission list

FIND COMMAND

# find ~ -name file1 –ok rm {} – Find and remove home directory after confirmation

# find / -min/maxdepth 3 –name “*.log” – Search only 3 depth subdirectory

# find . –mtime+2 – Look to file which is not modified for last two days

# find ~ -size+10 – Find file that is larger that 10 block

Working with shell

# jobs – list all running jobs

# fg %n – Bring n th process to foreground

# bg %n – Bring n th process to background

Ctrl + z – Will stop the foreground job and place it in background

Stop %n – Stop job which is running in background

Korn shell alias utility

# alias dir = ‘ls –lf’

# alias – Will print the list of alias

# $dir – Will run alias job

# unalias <alias name> - Will remove the alias

Using korn shell functions

1. Define the function
2. Invoke the function

Define function

# function name { command,;…..;}

# function test {who |wc –l;}

# test

Setting korn shekk options

# set –o <option name> - To switch on option

# set +o <option name> - To switch off option

# set –O <option name> - To show current option settings

.

Test command

Test command used to test condition. It will not show any output if condition is true

Syntax – test <expn>

# test “$LOGNAME”=”user1”

# echo $ ?

# [“$LOGNAME”=”user1”]

# echo $ ?

# test –f <file name> - To see if read permission available for current user

# echo $ ?

# test –d <directory name> - To check whether given is directory

# [-d <directory name>] - To check whether given is directory

Conditional command

&& - For and

|| - For operatoe

If command

The if command calculate the exit status of a command and initiate additional action based on the returned value

Syntax

If  test “$LOGNAME”=root

Ø       Then echo “Hello root”

Ø       else

Ø       echo “Your not a root”

fi

# if [-r /etc/group]

Then echo “It is directory”

Else

Echos “ It is not a directory”

Fi

While statement

# set this is while loop

# echo $*

# while [$ # -gt 0]

Do

Echo

Shift

Done

Note : gt – Greater than

Using case statement

# case  value 1

Ø       Put1 ) command

Ø       <commands>

Ø       …..

Ø       ;;

Ø       Put2 ) command

Ø       <commands>

Ø       ……..

Ø       ;;

Esac (Reverse of case)

Note : volcheck command check for all removable media which is added newly

Archiving file & remote transfer

1. tar
2. compress
3. gzip 

 # gzip –v <file name> – To archive file

 # gunzip <file name> - To restore file

 # gzcat <file name> - To view file content

4. zip command

# zip file.zip file1.txt file2.txt file3.txt

# unzip –l <file.zip> - To unzip in verbose mode

Remote connection & file transfer

Two file needed for remote login

1. /etc/passwd
2. ~/.rhosts

rlogin – To establish remote login session on another system

# rlogin < host name>

# rlogin –l <user name> <host name> - You can use the following information to identify & log into the account

Rsh -  You can use rsh to run program in remote system without having to log into the remote system. Rsh works only if .rhosts file exist for the user it doesn’t ask password

# rsh host2 ls

Rcp – To copy file/folde from one host to another

# rcp <source file name> <destination host:file name>

FTP

# ftp <host name>

ftp > lcd ~ user1 – To change current directory to user1 home directory

ftp > get <file1> | mget <file1 file2 file3>

ftp > quit

Note 2

Introduction File configuration

All files in solaris OS make use of filename & a record called an inode. Most files also make use of data blocks. In general a file name is associated with an inode, an indoe provide access to data block

Inode –Are objects of solaris OS uses to record information about a file. In general inode contains two parts. First part contains information about the file including its owner, permission, and its size, Second part contains pointer to data blocks associated with the file content. An indoe is 1028 bytes

Data blocks -  Are unit of disk space that are used to store data, regular file, directories, and symbolic link. Device file do not use data block to store data instead provide access to device

It is possible to verify the device driver is unavailable

# modinfo –w | grep DAD

# modinfo –c | grep –w 21

# ls –li – List indoe number at left most column

# find –inum <1282> - Will print all file & directory associated with given inode number

Package administration

The /var/sadm/install/contents – directory contains all installed package list. Pkgadd command update the same

Pkgtrans – Translate package from one format to another

Pkginfo – Display the software package information

Pkgchk – Checks the package installation file

Example

# pkgtrans /var/tmp /tmp/SUNWrse.pkg SUNWrse.pkg

# pkginfo –l | more (or) pkginfo –l SUNWrsc

# pkginfo | wc –l

# pkginfo –d /cdrom/cdrom/s0/solaris_10/product | more

Adding software package

# pkgadd –d SUNWvts

# pkgadd –d /tmp/SUNWrsc

# pkgadd –d http://website

Package check

# pkgchk SUNWladm

# pkgchk –v SUNWadm – List files in package

# pkgchk –p /etc/shadow – To check

# /pkgchk –l –p /usr/bin/showrev –l – Options shows information about selected files that make up a package ‘-p’ option for partial path

Remove package

# pkgrm – Remove package and its files

Adding package to SPOOL directory

#pkgadd –d /cdrom/cdrom/s0/solaris_10/product –s spool SUNWaudu – Command copy package to /var/spool/pkg directory

#pkgrm –s spool SUNWaudu – To remove package from spool

Stream one or more package

Package can be individually or collectively packaged into a data stream file format. The data stream file format can be made available in network or from web page

Adding packages to stream

# cd /cdrom/cdrom0/s0/solaris*

# pkgtrans –s product /var/tmp/stram.pkg SUNWzlib SUNWftpr SUNWftpu

# file /var/tmp/stream.pkg

# head -5 /var/tmp/stream.pkg

#pkgadd –d /var/tmp/stream.pkg

Preparing for patch administration

1, Standard patches

2, Recommended patches

3, Firmware & PROM patches

4, Data cluster

Checking patch level

# showrev  -p

# patchadd –p

Patchadd – To install patches

Patchrm – To remove patches

Install_cluster -  To install cluster patches

Installing cluster

1, Unzip the cluster once received

2, Use either save or nosave

3, ./<cluster name>

Smpatch -  Allows to download and install/remove on single/multiple system with all appropriate patches

# smpatch get –L patchpro.patch.source.patchpro <download directory>

Introducing BOOT PROM Fundamentals

Following commands can be used to identify BootProm version

# /usr/platform/’uname –m’/sbin/prtdiag –

# prtconf –v

# modinfo ;# psrinfo; # sysinfo

# syslogd; # attribute; # openprom

Basic BOOT PROM Command

Banner – Display the power on banner

Boot – To boot system (We can change the boot device like boot cdrom)

Help – List the mail help category

Printenv – Displays an parameters current and default values

Setenv – Sets the specified NVRAM parameter to some value

Reset-all – Reset the entire system. Similar to power cycle

Set-defaults – reset all parameters value to factory default

Shifting text – Displays the fourth cmd containing text

.register – Displays content of register

Probe-scsi – Identify the device on the internal Small Computer Interface (SCSI) bus

Probe-scsi-all – Identify the device on all SCSI bus

Probe-ide - Identify the device on the internal Integrated Device Electronic (IDE) bus

Show-devs – Displays the entire device tree

Devalias – Identifies the current boot device alias for the system

Nvalias – Creates a new device alias name

Nvunalias – Removes the device alias name

Show-disks – Display & allows selection of device path for the disk to be used nvalias

Sync – Manually attempt o flush the memory & synchronize file file system

Test – Runs self test on specified device

Show-nets

Show-display

Show-disks

Show-tapes

Displaying the device connected to bus

Probe – To display the device connected to system like disk, cdrom,tape

Sifting – To identify various probe command that are available with your system use the sifting command. It is useful command when you don’t know the exact probe syntax

OK sifting probe

Creating & removing custom device alias

OK nvalias <alias name> <device path>

OK nvalias mydisk /pci@1f,0/pci@,1/ide@3/disk

OK nvunalias <alias name>

To set th boot-device parameter to new value

OK setenv boot-device mydisk

Ok boot

View and change the NVRAM paramemter

Use /usr/bin/eeprom – To view change NVRAM parameters

# eeprom – To list all environment variable with its value

# eeprom boot-device

# eeprom boot-device=disk2 – To change the boot disk

# eeprom auto-boot ? true – To change value of auto boot

Interrupting hung system

1. Attempt a remote login of hung system and locate and kill hung process
2. Attempt to reboot unresponsive system gracefully
3. Hold down the stop-A key sequence
4. Manually synchronize the file system by using open Boot Prom using sunc command

SMF

Service can be an entity which provides a resource or a list of capabilities to application & other services. Service name is called “Service Identifier” it is in the form of fault tolerance management. Resource identifier or FMRI

Service categories

Ø       Application

Ø       Device legal

Ø       Milstone

Ø       Network

Ø       Name service

Ø       Sysconfig

Ø       Device

Milestone

Is special type of service which is made up of defined set of other services

Currently seven milestones are running

1. Single-user
2. Multi-user
3. Multi-user-server
4. Network
5. Name-service
6. Sysconfig
7. Device

# svcs | grep milestone – To determine current milstone

The service config repository

The disk based database is /etc/svc/repository.db – This file can only manipulated using SMFinterface utility svccfg & svcprop. The repository managed by svc.config.d daemon

Note : The corrupt repository prevent system from booting. It can be repaired by booting system into single user mode & running command

#/lib/svc/bin/restore-repository

Identifying phase of Boot Process

The entire boot process is described by five phase

1. Boot prom phase
2. boot program phase
3. Kernal initialization phase
4. init phase
5. svc.startd phase

# svcs –d svc:/system/filesystem/local:default – Shows what the service dependencies are for the same

# svcs –v disable system/drpn:default – To disable cron service

# svcs –v enable system/drpn:default – To able cron service

Non SMF service - can be managed in /etc/init.d

# /etc/init.d/volmgt start/stop

Note : If /etc/system file corrupt makes system to unbootable. So use “boot –a” at in OK prompt and locate the backed up /etc/system file

Creating new service script

1. Determine what milestone & run level the new service should be available  and appropriate command to start and stop the service
2. Establish any dependency relationship between this service & any other service
3. Create script in /lib/svc/method-  to  start the process if required
4. Create .xml file in appropriate sub directory
5. Make a backup copy of service repository database
6. Incorporate the script into SMF using svccfg utility

The service repository Database

Contain details of available service & their setting to see how repository db is used perform the followings

1. Stop svs.startd daemon process

     # pstop svc.startd

2. Terminate service config daemon process

# pkil svc.startd

3. make copy of repository db

# cp /etc/svc/repository.db /etc/svc/safe.repository.db

4. Create new repository using following command

# cp /lib/svc/seed/globe.db /etc/svc/repository.db

5. shutdown sys to OK prompt

# init 0

6. At the OK prompt issue following

OK boot –m verbose

Performing User & Security Admin

# newgrp – To change the users primary group

/etc/default/passwd – File has following important parameters

Ø       MAXWEEKS – Maximum days password valid

Ø       MINWEEKS – Minimum days password valid

Ø       PASSLENGTH – Minimum password length

Ø       WARNWEEKS – Warning period before expiary

Troubleshooting Login issues

1. /usr/bin/xsession – Is a configuration script for login manager. This file should not be edited. The first user specific file that the xsession  script call is the $HOME/.dtprofile
2. DTSOURCEPROFILE-true – If this file corrupt user can use failsafe login session
3. $HOME/.dtprofile – If any user problem unable to login. Just logout  and delete the above file and login again to .dtprofile file created automatically

Managing initialization

Introduction to System wide initialization file

The /etc/profile file & /etc/.login are two main system initialization file for Environment variable. The default /etc/profile /etc/.login checks the disk usage, quotas, and print message of the day from /etc/motd file and check for mail. None of the message are printed to the screen is .hushlogin

Creating initialization file for each user’s home directory

The primary purpose of user initialization file is to define the characteristic of user work environment such as command line priority, the environment variable, and windowing

Shell	Systemwide initialization file	Primary user initialization file red at login	When shell started	Shell path name
Bourne	/etc/profile	$HOME/.profile		/bin/sh
Korn	/etc/profile	$HOME/.profile, $HOME/.kshrc	$HOME/.kshrc	/bin/ksh
	/etc/profile	$HOME/.cshrc, $HOME/.login	$HOME/.cshrc	/bin/csh

Note : Useradd, smuser – Command copy file from /etc/skel directory to the $HOME directory

Example of shell variable setting

Shell	Syntax
Bourne shell & Korn shell	Variable = value; export Variable PS1=”$HOSTNAME”; export ps1
C shell	Setenv variable value Setenv LPDEST=Printer1

Monitoring System access

# who –Command will display the information which is stored in /var/adm/utmpx file

Displaying users on remote machines

# rusers – Command produce the output similar to that of who command but it displays list of users who logged in on a local and remote hosts. It displays user name and host name in the order in which the response are received form hosts

Syntax :

# ruser <option> <hostname>

# ruser –l     

Note : Remote host only respond to ruser command if rpc.ruserd daemon is enabled. The rpc.ruserad daemon is network server daemon.  To check ruser online use following command

# svcs –a | grep rusers

Displaying user information

# finger – To display detailed information about user activity that is either local or remote. It displays following information

1) User login name 2)Home directory 3)Login time 4)Login device name 5)Data contained in comment field of /etc/passwd 6)Login shell 7)Name of hostif user logged in remotely and idle time

Syntax

# finger [bfhilmpqsw] [user name]

# finger [-l] [user@hostname[@hosname]]

# finger –m user1 (-m – option to check the exact matche with user name not with first name & last name)

Note : If users create standard ascii file .plan (or) .project it their home directory. Contents of those file also will be displayed with finger command. This file traditionally used to outline user’s current plan or project. Access permission for this file should be 644

Displaying record of login activity

# last – command to display record of all login & logout with most recent activity at the top of output. It reads from /var/adm/wtmpx  file

# last user5 – To display log about user5

# last -5 reboot – To display last five reboot information

Recording failed login attempt

You can log failed login attempt in /var/adm/loginlog file. To enable log option do the following

# touch /var/adm/loginlog

# chown …/…/sys /var/adm/loginlog

# chmod 600 /var/adm/loginlog

Note : If fewer than file consecutive failed attempt no activity is logged in loginlog file. Minimum attempt value can be changed /etc/default/login file and syslog_filed_login parameter

Switching user

# su – username – hypen(-) used to switch user with their home directory

Note :

# who am I – Command show effective user ID

# whoami – Command shows current user ID

Monitoring su login attempt

You can initiate the monitoring by setting two variables in /etc/defaults/su file

1. Remove the commecnt to COLSOE variable
2. Create variable SULOG=/var/adm/sulog if the variable doesn’t exist

Controlling System Access

The /etc/default/login – file establishes default parameter for users when they log into system. The /etc/default/login file gives you the ability to protect the root account on a system. You can restrict root access to specific device or a console  or disallow access altogether using CONSOLE variable in /etc/default/login – file

1. CONSOLE=/dev/console – Means root can only log in using console
2. CONSOLE=/dev/console -  If this line is commented then root can log in from any where
3. CONSOLE= - Means root cannot login directly from anywhere
4. CONSOLE=/dev/term/a – Means root can login only from terminal that is connected to serial port A

PASSREQ Variable in /etc/default/login file

When this variable set to default value (i.e. YES) then all users who had not been assigned password when their account were created are required to enter password when they login first time. If the same variable set to NO then NULL password is accepted

Note: This variable not applicable for root user

File transfer protocol access

/etc/ftpd/ftpuser – File list names of users who prohibited to access from connecting the system through FTP protocol

The /etc/host.equiv & $HOME/.rhosts files

These files bypass the standard password based authentication to determine if the remote user is allowed to access the local host with the identity of local user. This procedure first checks /etc/hosts.equiv and then $HOME/.rhosts files of the local user who is requesting access.

Entries in /etc/hosts.equiv and $HOME/.rhosts files

Hostname

Hostname username

+

If only host name is user all user in that host are allowed to login. Hostname with username is used only that particular user in that host is allowed to login. If (+) symbol user all user from all the hosts are allowed to login

Note: Both /etc/hosts.equiv and $HOME/.rhosts files does not exist by default. It should be created if remote user access is required in the local host

The $HOME/.rhosts

The /etc/hosts.equiv file applies system wide access from non root users the .rhosts file applies to a special user. All users including root can create and maintain .rhosts file in their home directory. For example if you run rlogin process from remote machine to access local host the .rhost file is checked in root home directory. If the remote host name is exist in  .rhost file root access is granted.

Note: The CONSOLE variable in /etc/default/login file must be commented and $HOME/.rhosts file does not exist by default it has to be created.

Restricting Access to the Data file

# groups – Displays users group information

# group <user>

Identifying user information

# id  - display UDI, User name , GID, Group name

# id –a – To display secondary group of user

Changing file & Directory ownership

To give access to regular user to use chown command edit /etc/system file and add the parameter

Set rstchown=0 then restart the PC

Syntax

Chown option <User name> <File name>

Chown option <UID> <File name>

# chown user1 file1

# chown –R user1 <Directory> - To change the ownership including sub directory

# chown user1:class file1

Changing file & Directory group

To give access to regular user to use chown command edit /etc/system file and add the parameter

Set rstchown=0 then restart the PC

Syntax

# chgrp <Group name> <File name> (or) # chgrp <GID> <File name>

# chgrp class file4

Using file permission

Three types of permissions are available

1. The setuid permission
2. The setgid permission
3. The sticky bit permission

setUID and setGID

Administrator can use a different set of file permission that allows files to be executed as a particular user for example volume daemon (vold) allows unprivi;eged users logged into console to mount and unmount CD-ROM and floppy disks

# find / -local –type f  \ (-perm -4000 –o –perm 200 \) –print – command can be used to print file with setUID or setGID privileges

# chmod u+s file.txt – To set setUID

# chmod g+s file.txt – To set setGID

Sticky Bit Permission

In the public area restricting other user to delete your file and only owner can be delete the file permission is called Sticky Bit

# chmod +t <dir> - To set sticky bit

# chmod 1777 <Public directory>

# find / -type d –perm 1000

# ls –ld /tmp

Managing Network printer

# lpadmin –d <Printer name> - To set the default printer

# lpadmin –x <Printer name> - To cancel the request

# reject < printer name> - To stop queuing print request

# disable <Printer name> - To stop printer

# lpsched – To start LP Print service

# lpshut -  To stop LP Print service

# svcadm enable application/print/server – To start printer service

# /usr/sbin/lpmove <source printer> <Destination printer> -To move the print request

Viewing system process

# /usr/dt/bin/sdtprocess &- To Start Process manager window

# prstat – Examines and displays  information about active process on the system

# priocntl – Command to assign process to priority

Kill command

# kill –signal PID

# kill –l – To show all aviable signal to use with kill

# pgrep –l mail

Killing frozen process

# rlogin sys2

# pkill –a xsun (or) # ps –e | grep Xsun

# kill -9 442

Scheduling an automatic one time execution of a command

Use at command to automatically execute a job once at a specified time

Syntax

# at –m –q queue name time date

# at –r job

# at –l

-m – To send mail to user once job finished

-r – Removes scheduled job from queue

-q – Specifies a specific queue

Time – specifies time for the command to execute

-l – Reports all the jobs scheduled for invoking user

-date – Specifies optional date for command to execute

For example ro create a JOB to run at 9.00 PM to locate and verify the file types of core file from /export/home directory perform the command

# at 9:00 pm

At>find /export/home –name core –exec file { }\; >> /var/tmp/core.log

At> <EOT>

# at –l <109864800009> -To display information about the execution time of the job

# atq – To display the job queued to run at specified time by chronological order of execution

# ls –l /var/spool/cron/atjobs – To view currently scheduled in queue

To remove jobs from queue

# at –r <109864800009>

# atq

Controlling access to at command

Using at.deny and at.allow file access can be controlled

Scheduling an automatic recurring execution of a command

All the crontab file are maintained in /var/spool/cron.d/cron directory. In same location   user name who created cron job. The cron daemon is responsible for scheduling & running job

The cron tab file uses six field first file to represent date and time sixth field to represent command to be executed. If the sixth field contains percentage (%) symbol it means all the subsequent character are passed to the command as standard input

The first five fields follow the format rules as shown below

Value	Rules	Example
N	Matches if field value is n	As shown for hour or minute 3 or 10
N, p, q	Matches if field value is n, p, q	Ever 10 minute represented as 0; 10; 20; 30; …. ;
n-p	Matches if field has range of value	The hours between 1 to 4 wil be shown as 1-4
*	Matches all legal value	All

# crontab –l – To view crontab

# crontab –l <User name> - To view users crontab

Edit crontab file

# crontab –e

:wq

Removing crontab file

# crontab –r <user name>

Controlling access to crontab command

/etc/cron.d/cron.deny

/etc/cron.d/cron.allow

Backup & Restore

Tape drive control

Mt – command can be used to send instruction to the tape drive

Syntax

# mt –f tape_device_name cmd count – ‘f’ used to specify device name

# mt status – Display status

# mt rewind – Rewind tape

# mt oofiline – Rewind & offline

# mt fsf count – Moves the tape forward count records

# mt –f /dev/rmt/0n fsf 2 – To rewind tape to BOF location

Determining file system names to backup

1. Display the contents of /etc/vfstab
2. ufsdump 0s <File system> - To determine size of file system used

(or)

ufsdump 3s <File system name>

3. determining backup frequency & level

0 – Once in a month (full backup)

1 – Perform every Saturday

2 – Perform every Friday

3 – Perform every Monday

4 – Perform every Tuesday

5 – Perform every Wednesday

6 – Perform every Thursday

4. /etc/dumpdates – records backup if “fsdump –u” option is used

Backup unmounted file system

1. Become root user in single user mode

# shutdown –y –g300 “Comment Message”

2. Check integrity of file system data with fsck command

# fsck /export/home

3. Perform backup

# ufsdump ouf /dev/rmt/0 /export/home

Remote Backup

          # ufsdump ouf host2:/dev/rmt/o /export/home

          Options

          O – (Offline) when backup complete system take dive to offline

          U – To create entry in /etc/dumpdates

          F – Specifies the device name of the file system backup.

Restoring ufs file system

Syntax

# ufsrestore <option> arguments <file system>

Options

T – List the table of contents

R – Restore the entire file system from backup

X file1 file2 – To restore specific file

I – Interactive restore

V – Specifies verbose mode

F – Specifies tape device name. When not specify /etc/rmt/0 device file used

Example of restore

1. Create new file system

# newfs /dev/rdsk/c0t0d0s5

2. Mount the file system to /opt

# mount /dev/rdsk/c0t0d0s5 /opt

# cd /opt

# ufsrestore rf /dev/rmt/0

3. Removing restorable file

# rm restoresymtable

4. unmount new file system

# umount /opt

5. use fsck to check the restored file system

# fsck /dev/rdsk/c0t0d0s5

6. Perform backup of the system

# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s5

7. init 6

Restoring /usr file system

1. Boot from CROM

OK boot:CDROM –s

2. Create the new file system structure

# newfs /dev/rdsk/c0t0d0s6

3. # mount /dev/dsk/c0t0d0s6 /a

# cd /a

4. ufsrestore rf /dev/rmt/0
5. Remove restoresymtable

# rm restoresymtable

6. unmount new file system

# cd /a

# umount /a

7. fsck /dev/rdsk/c0t0d0s6 – To check file system
8. Perform full backup of file system

# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s6

9. init 6

Root (/) recovery

1. Boot from CROM

OK boot:CDROM –s

2. Create the new file system structure

# newfs /dev/rdsk/c0t0d0s6

3. # mount /dev/dsk/c0t0d0s6 /a

# cd /a

4. ufsrestore rf /dev/rmt/0
5. Remove restoresymtable

# rm restoresymtable

6. install bootblk in sector1 through /s of boot disk. To do this change the directory that contains bootblk and enter the install boot command

# cd /usr/platform/”uname –m”/lib/fs/ufs

# installboot bootblk /dev/rdsk/c0t0d0s0

7. unmount new file system

# cd /

# umount /a

8. fsck /dev/rdsk/c0t0d0s6 – To check file system
9. Perform full backup of file system

# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s6

10. init 6

Invoking interactive restore

1. # cd /export/home/tmp
2. ufsrestore ivf /dev/rmt/0

o/p – will be ufsrestore> ls

3. Change the target directory

ufsrestore> cd directory1

ufsrestore> ls

4. Add file you want to restore

ufsrestore> add file1 file2

5. To delete unwanted file

ufsrestore>delete file1

6. To view the file & directory which is marked for restore

ufsrestore> marked

7. Restore the selected file

ufsrestore>extract

8. quit – To exit
9. Move the restored file to its original location

Perform incremental restore

When performing incremental restore start with the last volume & work towards the first. The system uses information in restoresymtable files to restore incremental backup on top of the latest backup

1. To view the content of the /etc/dumpdates file for information about /export/home file system

# more /etc/dumpdates | grep c0t0d0s7

2. Create new file system for /export/home file system

# newfs /dev/rdsk/c0t0d0s7

3. Mount the system & change to that directory

# mount /dev/dsk/c0t0d0s7 /export/home

          # cd /export/home

4. Insert level 0 backup type
5. Restore /export/home file system from backup tape

# ufsrestore ruf /dev/rmt0

6. Load next lower level tape into tape drive

# ufsrestore ruf /dev/rmt/o

Creating ufssnapshot

Possible to create backup on mounted file system using fsnap utility

Fssnap

It is possible to fssnap command to create,query, or delete temporary read only snapshot of ufs file system

Syntax

# /usr/sbin/fssnap –F <fstype > -o (Special option) mountpoint|special

# /fssnap –F ufs –o bs=/var/tmp /export/home – To create snapshot of /export/home

# fssnap –F ufs –o bs=/var/tmp;MAXSIZE=500m /export/home – Limits backing store size to 500 MB

# fssnap –I – list current ufs snapshot

Backup of snapshot

1. mkdir –p /backup/home.backup
2. mount –f ufs –o ro /dev/fssnap/0 /backup/home.backup
3. cd /backup/home.backup
4. tar cvf /dev/rmt/o

Managing local disk

Prtconf -  Displays the system configuration information including the total amount of memory and the device configuration information as described by system hierarchy this is usefull tool verify whether a device has been seen by system

Sysdef – Displays device configuration information including system hardware pseudo device loadable module and selected kernel modules

Dmesg – Displays system diagnostic messages as well as list of device attached to the system since the most recent restart

Format – The format command displays both physical and logical device names for all available

There are several way to list system device

Ø       Using /etc/path_to_inst

Ø       Using prtconf – Prints only attached device

Ø       Using format command

The following steps reconfigure system recognize new disk

1. Create /reconfigure file which check for newly added device at next reboot

# touch /reconfigure

2. # init 5
3. Install new device in system. Make sure new device does not conflict with existing device
4. Tunr on the power & boot the system
5. Verify new device has added using either prtconf (or) format commands

Using devfsadm Command

The devfsadm command perform the device reconfiguration process & update the /etc/path_to_inst file also updates /dev and /devices directory during reconfiguration event

# devfsadm

# devfsadm –c device_class – To restrict access to specific device

# devfsadm –c disk –c tape

# devfsadm –I <driver name> - To restrict use of devfsadm command to configure any device for a named driver

# devfsadm –I ide (or) # devfsadm –I sd

Major and minor number

These number identify the proper device location and device driver to the kernel. The major number maps to a device such as sd,st,hme. The minor number indicate specific member within that class of device

Logical device name

On SPARC system you ll see eight strin logical device name (c#t#d#s#) for each disk slice that contain the following

Ø       Controller number – Identifies the host bus adapter (HBA), which controls communication between system and disk unit

Ø       Target number – Target number such as t0, t1, t2 correspond to a unique hardware address that is assigned to each disk, tape

Ø       Disk number – The disk number is also known as logical unit number (LUN) this reflects the number of disk at the target location. The disk number is always 0 on embedded SCSI controllers

Ø       Slice number – A slice number ranging from 0 to 7

IDE and SATA disk drive do not use target controllers. Device names these types of disk represent the controller (c3), disk (d#), and slice (s#). Because IDE disk do not use target controller these disk use a  t# value to represent the identity of the disk on its primary, secondary details

In X86 Machine ‘t’ is not used at all ‘c0’ is used for IDE controller and ‘c1’ is used for SCSI controller

Disk Label

A special area of every disk is set aside for storing information about the disk controller geometry and slice this information is called disk label or volume table of contents

Solaris supports two types of disk label the VTOC disk label and EFI disk label. Extensible Firmware Interface (EFI) this label format is required for all devices over 1 TB in size. Solaris ZFS (Zettabye file system) uses EFI as a default label

Disadvantage of EFI

Ø       You cannot use FDISK on EFI label

Ø       IT is not suppoted in IDE

Ø       Cannot boot from EFI labeled disk

Ø       Cannot use Solaris Management console Disk Manager Tool

The free Hog slice

When using format utility to change the size of disk slice, a temporary slice id automatically designated that expands and shrink to accommodate the slice resizing operation. This temporary slice is referred to as free hog. If disk slice decrease free hog expands. The free hog is then used to allocate space that have been increased

Recovering Disk Partition Information

It is good to save disks VTOC to a file using prtvtoc command. This information can be then used later to restore the disk label if you current VTOC become corrupt or accidentally changed it or you need to replace the disk drive.

By saving output from prtvtoc command into file on another disk, you can reference it when running the fmthard command. The fmthard command updates VTOC on hard disk. To recover a VTOC using fmthard  

# fmthard –s /vtoc/c0t3d0 /dev/rdsk/c0t3d0s2

# prtvtoc /dev/rdsk/c0t0d0s2 | fmthard –s - /dev/rdsk/c1t0d0s2\

Volume management

Removal media such as CD-ROM can be inserted and automatically mounted. When attaching hot pluggable device it is best to restart vold after attaching the USB device as follows

# svcadm restart volfs

# volrmmount –e zip0 – To unmount  USB device

# eject cdrom/zip0

# svcadm disable svc:/system/filesystem/volfs:default – To disabling auto mount

# svcadm enable svc:/system/filesystem/volfs:default – To disabling auto mount

#

Fundamental of disk management

1. Identify the current disk
2. Plan the layout of disk
3. Use format utility to fdisk partition to drive
4. Use format utility to divide disk into slice
5. Label the disk with new slice information

Example

1. # format & select appropriate device
2. # fdisk and type 1 for creation again type 1 for SOLARIS file system
3. Type the percentage of disk you want to use
4. Type ‘No’ for make active partition question
5. Select 5 to save fdisk partition00

Recognizing overlapping Disk slice

Overlapping disk slice occur when one or more cylinder are allocated to more than one disk slice

Partition > modify

Solaris file system

1. Disk based file system
2. Distributed file system
3. Pseudo file system

Disk based file system

1. ufs – allow to grow multiple terabyte
2. hsfs – High Sierra file system developed to use CDROM
3. pcfs – PC file system It allows solaris to access PC-DOS formatted file system (fat 32)
4. UDFS – Universal Disk Format File system. Used for optical storage targeted at DVD & CDROM

Distributed file system

1. NFS – Network file system

Pseudo file system

Pseudo file system are memory based file system. These file system provide better system performance in addition to providing access to kernel information & facilities. Pseudo file system include

1. tmpfs – It stores files in memory which avoid overhead of writing to disk based file system. The tmpfs created & destroyed every time system rebooted
2. swapfs – Is used by kernel to manage swap space on disks
3. fdfs – File Descriptor File System –Provides explicit names for opening files by using file descriptor (Example - /dev/fd/0,/dev/fd/1,/dev/fd/2)
4. procfs – Contains list of process in /proc directory. The process are listed by process number. Information in this directory used by commands like ‘ps’
5. mntfs – Mount file system provide read only information from the kernel about locally mounted file system
6. objfs – The kernel object file system this file system used by kernel to store details of relating to the modules currently loaded by kernal
7. devfs – Device file system is used to manage the name space of all device of the system
8. ctfs – The Construct File System – This is used by the solaris zone features and is associated with /system/contract

newfs command

To create disk slice. Example to create ufs file system perform following steps

# newfs /dev/rdsk/c1t3d0s7

Note : The newfs command reserve between 1% to 10% of file system space for maintenance. This space referred to as minfree, specifies amount of space on the slice that is reserved or held back from regular user. You can use the ‘newfs –m %’ free command to preset the percentage of free space when you create new file system

# fstype –v /dev/dsk/c0t0d0s1 | head To see free space

# newfs –m 2 /dev/dsk/c0t0d0s1 – To allot 2% of free space

# tunefs –m 1 /dev/dsk/c0t0s0s1 – To change minimum percentage value of free space on existing file system.

# fsck /dev/rdsk/c0t0d0s1 – Shows how fsck command display message. That asks if you want to correct the block count

#  fsck /export/home – To check file system using mount point directory name as listed in /etc/vfstab file

Using backup super block

Superblock corruption can cause file system to be unmounted. Every file system has alternate backup super block number 32 which can be used with fsdk command to repair the primary super block

# fsck –o –b=32 /dev/rdsk/c0t0d0s1

Caution – This command works only if the file system created with default parameter using newfs command. To check this use following command

# newfs –‘N’ /dev/rdsk/c0t0d0s1

# newfs –N –T /dev/rdsk/c0t0d0s1

# Fsck –o b=535952 /dev/rdsk/c0t0d0s1 – (b option to specify super block number)

Monitor File sytem

# df –Display number of free disk

# du – Display summaries of disk usage (Display number of block used)

# quote – Command summaries file system ownership

# du –h /opt | more– Displays output in human readable format

# du –ak /opt – Displays usage including files

# du –sk /opt- Displays only summary of disk usage

Using quote command

Displays how much disk space in KB used by users

# quote –options <file system>

# quote –af

# quote –f /dev/dsk/c0t0d0s7

Repairing important files if boot fails

1. Boot from cdrom
2. type b –s at OK prompt – To boot in single user mode
3. Use fsck command on the fault / (root) to run repair

# fsck /dev/rdsk/c0t0d0s1

4. If fsck is successful mount / to /a

# mount /dev/dsk/c0t0d0s1

5. set & export TERM variable which enable vi edit to ok

# TERM=run

# export TERM

6. Edit /etc/vfstab file

# vi /a/etc/vfstab

#:wq

7. # cd /
8. # umount /a
9. Reboot the system

# init 6

Package administration

The /var/sadm/install/content – File is complete record of all the software package installed on local PC

# pkgchk –l –p showrev – To check particular file was installed or not

Streaming one or more package

Package cand be individually or collectively packaged into a data stream file format. The data stream file can me made available as a shared network file or from web page

Creating data stream package

# cd /cdrom/cdrom0/s2/solaris*

# pkgtrans product /var/tmp/stream.pkg SUNW2LIB SUNWPKG2

# file /var/tmp/stream.pkg

# head –s /var/tmp/stream.pkg

# pkgadd –d /var/tmp/stream.pkg

Check Patch level

# showrev –p

# patchadd –p

System boot process

Xwindow system

If you want to modify the default in Xwindow shutdown the Xserver & from the command line execute the following command

# /usr/dt/bin/dtconfig –d

# /usr/dt/bin/dtconfig –kill

Now need to login to the system command line mode because Xwindow server has been shutdown. Run the following command

# svcadm disable gdm2-login

# pkill gdm

# pkill x

# /usr/bin/x11/xorg – configure

# Xorg-configure – Command creates the /xorg-conf.new file & copies the existing xorg configuration into the file. The xorg.conf file contains various xorg settings refer xorg man page (i.e. # more xorg.conf.new)

Copy the /xorg.conf.new file to /etc/x11 xorg.conf.edit to make appropriate change to resolution mode lines sync /.refreshrate  and so on. Restart system to graphical login

# svcadm enable gdm2-login

# /usr/dt/bin/dtconfig –e

Xwindow system

The XSUNx11 window server is the default window software for solaris 9. XORG is now default window software for solaris 10. You can use the XSUNserver by creating a configuration file using following command

# /usr/openwin/bin/kdmconfig

Note : Xorg window software is recommended

Displaying current X Window software

# xdyinfo

PCI  Identification

PCI device can be identified by their vendor name and PCI device number

Example

/pci@0,0/pci1022,7450@a/PCI1000,1010@4/sd@0,0;a

The device pci1022,7450 have a pci vendor name and number of 1022 and of pci number 7450

Displaying device

You can display device recognized by the system using prtconf command

# prtconf | grep –v not – To display un recognized device

Sun hardware uses the concept of a device tree to organize device that are attached to the system. You can identify device path for system boot device using following method while the OS is running

# eeprom boot-device

# prtconf –vp | grep boot-device

# mount | grep / - To know what logic device ‘/’ is mounted then determine the physical device path linked to logical device

# ls –l /dev/dsk/c0t0d0s0

Sun SPARC PROM

The eeprom variable are used to control the boot PROM behavior. The X86 based system not support PORM instead eeprom storage is simulated using file residing the platform specific boot area. The /platform/’platform name’/boot/solaris/bootenv.rc file simulate eeprom storage

# eeprom – display current setting

# eeprom auto-boot? False – To change auto boot variable

Hardware compatibility

www.sun.com/bigadmin/hcl - website you can find all sun supported hardware details

Note : For information on certifying our machine download the hardware certificate test suit 2.4 software at the following url

www.sun.com/servers/entry/v20z/downloads.html

Booting from solaris device configuration assistance boot disk (Boot disk floppy/cdrom)

Solaris_10/tools/d1_image – File which is used to create bootable device. This file require formatted floppy using dd command

# dd if=d1-image of=/dev/rdiskette bs=1440k

Performing user administration

/etc/default/passwd -  file following parameter can be set to control properties of user password

MAXWEEKS – sets maximum period (in weeks) password valid

MINWEEKS – sets minimum  period (in weeks) password valid

PASSLENGTH – sets number of character for password

NAMECHECK=NO – sets password control to verify both UID & pwd not same

HISTORY – Forces password program to log upto 26 change to the users password. This prevent repeated password of within that 26 password log. Setting its value to zero (0) password is not logged

DICTIONLIST – cause password program to perform dictionary word lookup from comma separated dictionary files

DICTIONDBDIR =/var/passwd – causes  password program to perform dictionary word lookup

Complexity of password

# MINDIFF=3 – Is minimum difference

# MINALPHA=2 – Is minimum alphanumeric character

# MINNONALPHA=1 - Is minimum nonalphanumeric character

# MINUPPER=0 – Minimum upper character

# MINLOWER=0 – Minimum lower character

# MAXREPEATS=0 – Maximum repeat character

# MINSPECIAL=0 – Minimum special character

# MINIDIGIT =0 - Minimum digit

# WHIGHTSPACE=YES – Wight space allowing

Smuseradd

# /usr/sadm/bin/smuser add -- -n user2 –u 500 –g other –d /export/home/user2 –c “Regular user” –s /bin/ksh –x autohome=N

# /usr/sadm/bin/smuser modify -- -n user2 –N user3 –d /export/home/user3 –c “Regular user” – To change the user name

# /usr/sadm/bin/smuser delete -- -n user3 – To delete (There is no ’r’ option)

# /usr/sadm/bin/smgroup add -- -n design  –g 501 –m user3 – To add group called design and adding user ‘user3’ within that group

Login troubleshoot

Can be classified into types

1. When user logs in at the command prompt
2. When user logs in at Desktop environment

Login problem at Command line

The following is the list of file and directories which provide troubleshoot information about CDE

Ø       /usr/dt/bin/xsession

Ø       $HOME/.dtprofile

Ø       DTSOURCE PROFILE = true

Ø       $HOME/.dt/session

Ø       $HOME/.dt

Performing system security

# ruser – Command provide output similar to ‘who’ command but it displays a list of user logged in on local and remote machine. Output contains user name and host name

# svcs –a | grep ruser – To check service status

# ruser –l

Displaying user information

To display detailed activity of user from both local and remote “finger” command can be used. Finger command gives following output details

Ø       User login name

Ø       Home directory path

Ø       Log in time

Ø       The login device name

Ø       The data contained in the command field of the /etc/passwd file (Usually user full name)

Ø       Login shell

Ø       The name of the host if the user who logged remotely and their idle time details

Ø       Login shell

Ø       The name of the host from which user logged and any identification

Syntax

# finger [-bfhilmpqsw] <User name>

# finger –l <user@hostname [hostname]>

# finger –m user5

Note : network/finger service should be enabled

# inetadm | grep finger

Displaying record of login activity

To see the recent login and logout details of user use ‘last’ command. It will get the details from /var/adm/wtmpx file

# last

# last user5

# last -5 reboot

Recording failed login attempt

Stored in /var/adm/loginlog file. This file has to be created with sys ownership

# touch /var/adm/loginlog

# chown ../../../sys /var/adm/loginlog

# chmod 600 / var/adm/loginlog

Note: The number of attempt to log parameter set in /etc/default/login file & in syslog.failed.login parameter

Monitoring su login attempt

You can initiate the monitoring by setting two variable in the /etc/default/su file

1. SULOG = /var/adm/sulog
2. CONSOLE = /dev/console – Determine whether attempt to su to root should be logged to the named device

Note : By default CONSOLE variable shared because of comment so both successful and unsuccessful attempt are logged

Note: In log gile /etc/default/su file successful attempt are represented by plus (+) symbol unsuccessful attempt are shown by minus (-) symbol

COLSOLE Variable in /etc/default/login file

1. If variable CONSOLE=/dev/console – Means root can only logged from console
2. If cairblr CONSOLE=/dev/console – Is commented root can login from anywhere
3. It is possible to confine root login to particular port by setting CONSOLE=/dev/term/a
4. If variable CONSOLE= - Empty then root not able to log in directly from anywhere

PASSREQ- variable to force user to chane password when they log in

FTP

User names stored in /etc/ftpd/ftpuser – is unable to access ftp service

/etc/hosts.equiv and $HOME/.rhosts

Both the above file bypass the standard password based authentication to determine if a remote user is allowed to access the local host with identity of local user

Note : Both etc/hosts.equiv and $HOME/.rhosts files does not exist by default

# groups – To see the current user group file

# id – To see effective user account

Chown

Regular user can be given permission to use this command by editing /etc/system file & adding parameters

Set rstchown=0

# chown usera <File name>

# chown –R user2 <File name> - To give access including subdirectory

# chown <user>:<group> <File name> - To change both user ownership and group ownership simultaneously

Chgrp

To regular user access add parameter set rstchown=0 in file /etc/system

Setuid

The root user and owner can set the setuid permission on the executable file using

# chmod g+s <Shared directory>

# chmod 4555 <Executable file>

# find / -perm -4000

Setgid

# chmod 2555 <executable file>

# chmod g+s  <Shared directory>

# find / -perm -2000

Sticky bit

# chown 1777 <public directory>

# find / -type d –perm -1000

# /usr/dt/bin/sdtprocess – To oen GUI process manager

# prstat – examine and display about active process

# priocntl – To assign priority to the process

# nice – Command is previous version of priocnt command

Option with prstat command

-a , -c, -n <nproc>, -p <pid list>, S <key> , -S <key>, -t , -u <EUID>, U <UID List>

To create crontab files

# crontab –e

# 30 17 * * 5 /usr/bin/banner “Time to save and quit” >> /dev/console

To Remove Crontab

# crontab –r <user name>

Dump Reviewes

# ufsdump iufn /dev/rmt/0 /dev/dsk/c0t0d0/dev/rfssnap/0  - For incremental backup

#fssnap –I – TO view the snapshot files

Copying disk label to new disk

# prtvtoc /dev/rdsk/c3t0d0s0 > /tmp/c3t0d0s1.vtoc

# fmthard –s /tmp/c0t0d0.vtoc /dev/rdsk/<new device>

# fmthard –s /dev/null /dev/rdsk/<device name> - To remove partition without removing VTOC information

# du –sh /export/home – To see usage by user

# /var/tmp/backup-snaps/snapshot0 – To remove backing store file

Stop VOLD service to stop automatic CDROM/Floppy

# rn /etc/rc3.d/S81volmgt / etc/rc3.d/N_S81volmgt

/etc/lp/interface/printer1 – File used to send data from spooler to specific printer

# pwdx pgrep cron – Shows the PID

# pfiles pgrep cron | grep –l log – Show all log files used by process

# pcred pgrep cron – Shows the user information

OK > sifting net – Command show all