|
|
|
|||
|
|
||||
Official
Solaris support information
Sunsolve
1) How do I
install Solaris?
2) How do I get my programs to start automatically
at boot?
3) What do I do if I bone myself really bad and can
no longer boot?
4) How do I secure Solaris?
5) Is there a compiler on this thing?
6) I can't resolve DNS.
7) How do I mirror disks with DiskSuite 4.x?
8) How do I backup a box?
9) How do I make an interface promisuous?
10) How do I boot Solaris with a 32-bit kernel?
11) How do I get NIC card settings?
12) How do I jumpstart a Netra with Solaris 9 and a linux
jumpstart server?
Below is a description for 2.6. For solaris 2.8, click here.
Place the Solaris 2.6 Software CD in the reader and power on the machine. When the screen comes up, hit either 'Stop-A' or '~#' to interrupt the boot sequence. You should get an 'ok' prompt.
Type 'boot cdrom' and the machine will boot and start the install scripts from the CDROM.
Take most of the default options. I would recommend the following modifications, though:
For the filesystem, do an autolayout, but then change the partition sizes as follows if you are installing FW-1:
|
Filesystem |
Recommended Size (MB) |
|
/ |
500 |
|
swap |
2x physical memory |
|
/home/export |
40 |
|
/opt |
100 optional, this can be part of the / filesystem |
|
/usr |
500 |
|
/var |
3000 (this actually only needs to be large if you plan to log a bunch of stuff like FW-1 logs) |
Add 'end-user' software package, but modify it so that you add the online man pages!!
After reboot, you will be asked if you want to use power management. SAY NO! You don't want your server shutting itself down.
Load latest patches from Sun.
I like to customize my environment so that it is more user friendly (see HPUX notes on this), as well as add some utilities like traceroute, bash, gzip, tcsh which you can get precompiled (or source) from http://sunfreeware.com/.
Adding interfaces past the first: edit the /etc/hosts file and add the IP of the interface and the interface name (eg: 1.1.1.1 myinterfacename). Then, create a file called /etc/hostname.<NIC device> (NIC device names can be found with 'dmesg') and put 'myinterfacename' in the file. When you reboot, <NIC device> will come up.
Routes and arps: the default route is added in the /etc/defaultrouter file. All other routes must be added with custom scripts (unless you are running RIP and can use /etc/gateways). I recommend a file in /etc/rc3.d called S90routes (don't forget to make executable) that looks something like this:
|
# add arps # add routes: note: masks are
assigned in |
Put in the Solaris software CD and power on the machine. Interrupt the boot as listed in the 'installing Solaris' question. At the 'ok' prompt, type 'boot cdrom -s'. This will boot the machine into single user mode off the cdrom. At this point, you can mount damaged disks into the /mnt (or any free directory) and make modifications, copy files or fsck. The 'partition' command will allow you to repartition. Disks can usually be mounted with 'mount /dev/dsk/c0t0d0s0 /mnt' where cX is the controller ID, tX is the SCSI target ID, dX is the disk number at the target (almost always 0), and sX is the slice number (partition #, generally in the range of 0-7).
I will give you a quick and dirty, although you can find other faqs on this at http://www.iss.net or http://www.phoneboy.com/fw1/faqfaq.html. Anyway:
Install the latest patches from Sun.
Lock down the inet daemon. Comment all lines in /etc/inetd.conf except what you NEED (usually just telnet).
Stop all non-essential services from starting. In /etc/rc2.d and /etc/rc3.d, most of your non-essential network services start. Move the S* file to s* to disable it. Disable at least: sendmail, lp, nfs server and client, autofs, snmpdx.
Deny everything in your .rhosts file and /etc/hosts.equiv.
If you want to disallow root telnet, make sure there is a 'CONSOLE=/dev/console' line in /etc/default/login.
No, of course not! Don't be silly! That will cost you more. Your best bet is to grab a precompiled gcc from http://sunfreeware.com You will probably want to grab gcc, make, groff, and m4 for sendmail. Next, make sure you have added the archive libraries, header files, and compiler tools of the Solaris software CD (eg, SUNWarc) or you may get errors when running the compiler. Run the pkgadd -d command to add the freeware packages. You should be good to go!
Load the software from the Intranet Server Extensions disk. Reboot.
Run stomgr (/opt/SUNWadm/bin?). On the menubar, find and run disk tool. Choose 'disk sets' and hit apply. If you get an error, you must start the sadmind daemon.
You will get a filemanager like menu. Go down in it until you find both your mirror and to-be-mirrored disks. Edit the mirror disk such that each that you want to mirror has the same size or larger partition on the second disk. Also add a ~50-150MB partition to both disks. This will be your replica slice (partition).
Run metatool (/usr/opt/SUN*/sbin).
Grab the metadb and pull it onto the main canvas. It is
red, meaning there is a problem (there are no replicas).
You must add replicas to the database. A replica is a
copy of the mirroring information that DiskSuite keeps to
manage your disks. It must see a minimum of 3, and at
least more than half must be operational at all times.
We will add 3 replicas on the prime disk and 2 on the second
disk. If the second disk dies, the prime will still
boot. If the prime dies, you must boot off cdrom and
delete replicas associated with the prime disk out of the
database. Then, the two replicas on the secondary will
be 'more than half.' You can add the replicas on the
command line by typing:
metadb -a -c 3 c0t0d0s4 (adds 3
counts of replicas to slice 4 on the first disk. The
slice must be unused. This is the extra slice we defined
in the previous step.)
metadb -a -c 2 c0t1d0s4 (after these
adds, the metadb will stop being red.)
Next, we must create stripes with the slices we wish to be mirrored. Add the stripes to the canvas, and hit 'slices'. Then, drag each to-be-mirrored slice onto its own stripe and hit commit for each stripe.
Next, add as many mirrors to the canvas as you have stripes. Put each stripe in its own mirror by dragging, and commit. The objects will merge. Now, reboot. When metatool comes back up, you should get messages saying 'one way mirror...'
Now, create stripes for each mirroring partition and add the mirroring slices, commiting each time. Now drag each stripe to its corresponding mirror. When you commit, the mirrors will start syncing. This process (depending on disk size and speed) will take anywhere from a few minutes to an hour.
you must backup each partition with ufsdump, eg:
ufsdump 0cfu /dev/rmt/0n
/dev/dsk/c0t0d0s0
ufsdump 0cfu /dev/rmt/0n /dev/dsk/c0t0d0s1 ...
Make sure you use the 0n
tape device so that the tape will not rewind, otherwise you will
overwrite the previous partition.
You can restore a filesystem by booting off
cdrom -s and mounting the partition you want to restore. 'cd'
to the mounted partition, and do a ufsrestore:
ufsrestore is 2
will do an interactive restore of the 2nd ufsdump put on the tape to the current directory. If SCSI ID has changed, you may have to modify /etc/vfstab. Also, if you are restoring the root partition, you have to reinstall the bootblock with:
installboot <boot block> <raw device>
Heh heh heh... oh wait, I am a professional! 'ifconfig <NIC device> -flush -arp'
From an ok> prompt, type:
"setenv boot-file /kernel/unix"
and then reboot. Within the OS, you can set the eeprom directly with:
eeprom boot-file=kernel/unix
To go back to 64 bit, just set the boot-file variable to null, since the default is to boot 64-bit. Eg:
eeprom boot-file=
ndd -get /dev/hme instance 0 (0 = hme0, 1 = hme1, n
= hmen)
ndd -get /dev/hme link_speed -> 1 = 100M, 0 = 10M
ndd -get /dev/hme link_mode -> 1 = full duplex, 0 = half
ndd -get /dev/hme link_stat -> 1 = carrier, 0 = no carrier
Background: Jumpstart is a process for remotely booting and installing a Solaris OS across the network. This is used for central management, ease of reinstall, and in case your SPARC platform does not have a CDROM (as is the case with a headless Netra station). Generally, you use a SPARC hardware platform to Jumpstart another SPARC station, but in this case, we don't have a second SPARC station, so we will load from an x86-based linux distribution (in this case RedHat Fedora Core 6).
Setting up the Linux Jumpstart Server:
First of all, load up a linux distribution. I used RedHat FC6, but other distributions should work. Make sure networking is functional, and the linux box has a fixed IP address.
Next, make sure the following packages are loaded under linux (these are fairly standard packages and should be available on the OS CD as rpms):
rarpd
nfs-utils
bootparamd
tftp-server (may require xinetd)
These packages are required to allow remote file distribution. rarpd is used to get an IP address. TFTP will dump an initial boot image. This image will query bootparamd for instructions, and then finally use NFS to do major file copy operations. You can verify if the packages are installed by typing "rpm -q rarpd", for example (if you are using a version of RedHat). Use "rpm -i <package>" to install.
Alright, now we Solaris software. You will have 2 CDs - disk 1 and disk 2. If you do not have the CDs, download them and burn to CDROM. You will need to have a registered account to download, but if you don't have one, you can create one for free. You will need to burn AT LEAST disk 1 to CDROM, as it has some funky Solaris UFS filesystem on it that you probably can't mount as a virtual ISO CDROM. So let's assume you have burned both disks to CDROM. Also, do NOT use CD-RW disks, as they caused me no end of problems and tons of read errors. Use standard CD-R disks.
Next, we must copy OS information to the Jumpstart server. Under linux, create a master Jumpstart directory. For our purposes, let's say we have created a directory called /jumpstart/sol9/. I use "sol9" since we might also want to create a "sol8" or "sol7" or some such.
Copy the Install Files: Mount the Solaris Disk 1, say under /mnt/cdrom. If you read other instructions on the Internet about copying data, they will say use the "setup_install_server" tool on the CD. You might get this to work, but we want to avoid these tools, since they are designed to run under Solaris, not linux. The script basically just copies stuff to the hard disk with a modified version of tar called "bar". We will do this manually:
cd /mnt/cdrom tar cf - . | (cd /jumpstart/sol9 && tar xfp - ) cp .volume.inf /jumpstart/sol9The last line copies the volume catalog. You will need that file, or else the install will die when you try to NFS mount the install files.
Root File System: This will crunch a while. Next, we need to copy the initial boot filesystem. This is a little weird. The root filesystem is on Disk 1, but on a hidden partition you can't see under linux. Type "fdisk -l /dev/cdrom" and you will see:
Disk /dev/cdrom (Sun disk label): 1 heads, 640 sectors, 2048 cylinders Units = cylinders of 640 * 512 bytes Device Flag Start End Blocks Id System /dev/cdrom1 r 0 976 312320 4 SunOS usr /dev/cdrom2 r 976 1917 301120 2 SunOS root /dev/cdrom3 1917 1921 1280 0 Empty /dev/cdrom4 1921 1925 1280 0 Empty /dev/cdrom5 1925 1929 1280 0 Empty /dev/cdrom6 1929 1933 1280 0 Empty
Weird, huh? /dev/cdrom1 was the partition we copied before. The root system is on /dev/cdrom2. Unfortunately, we can't just mount /dev/cdrom2, because it is a boned UFS filesystem. We mount it using the following syntax:
mount -t ufs -o ufstype=sun,offset=319815680 /dev/cdrom /mnt2
We mount the UFS filesystem under a separate mount point "mnt2" (arbitrary - you can mount wherever). Notice the oddball offset. this is the start of the root filesystem (976) times the number of units (640*512). So 976 * 640 * 512 = 319815680. If you do the calculation incorrectly, you will get an error mounting the disk.
Next, copy the root filesystem to its proper position within the Install filesystem:
cd /mnt2 tar cf - . | (cd /jumpstart/sol9/Solaris_9/Tools/Boot && tar xfp - )
It is an odd location, and you can possibly move it elsewhere, but I wouldn't, since the original install disk has the "Boot" directory as a sym link to the root filesystem.
Disk 2: Eject Disk 1 and insert disk 2. Mount normally (mount /dev/cdrom /mnt/cdrom).
cd /mnt/cdrom/Solaris_9 tar cf - Product | (cd /jumpstart/sol9/Solaris_9 && tar xfp - ) cp .volume.inf /jumpstart/sol9/.volume.inf.2
We are just going to copy the "Product" directory, and copy the .volume.inf catalog.
Now, set up the services on the linux server. Let's
start with NFS. In /etc/exports, add these lines:
/jumpstart/sol9/Solaris_9/Tools/Boot *(ro,no_root_squash)
/jumpstart/sol9 *(ro,no_root_squash)
Instead of "*", you can also specify an IP or hostname to limit
who can access the NFS server, but this is pretty easy. To get the
service to reread the config file, type "exportfs -a". You
can also test the mount by typing "mount -t nfs <linux IP
address>:/jumpstart/sol9". Notice there are two lines, one for
the root filesystem, and one for the install filesystem with software
packages. You can restart the service with "service nfs
restart".
RARPD: edit /etc/ethers:
8:0:f:55:66:77 jsclient
Where 8:0:f:55:66:77 is the MAC of the SPARC station, and "jsclient"
is the hostname. Restart rarpd: "service rarpd restart"
/etc/hosts:
192.168.1.1 jsserver jsserver.domain.com
192.168.1.2 jsclient jsclient.domain.com
We use the hosts file to tie everything together. /etc/ethers,
/etc/hosts and /etc/bootparams must all agree on hostnames. Also,
include the domain names. I ran into incomplete resolution issues
without it, and the SPARC wouldn't boot properly.
/etc/bootparams:
jsclient \
root=jsserver:/jumpstart/sol9/Solaris_9/Tools/Boot \
install=jsserver:/jumpstart/sol9 \
boottype=:in \
rootopts=:rsize=8192,wsize=8192
These are instructions for the boot kernel so that it knows where to find
the root and install filesystems via NFS. Notice the hostnames - so
resolution via /etc/hosts is important! Restart the bootparamd
service: "service bootparamd restart".
Finally, the TFTP server should be running from the /tftpboot
directory. Copy the appropriate NFS kernel into the directory:
cp /jumpstart/sol9/Solaris_9/Tools/Boot/usr/platform/sun4u/lib/fs/nfs/inetboot
/tftpboot/inetboot.sol9.sun4u
There are a number of different kernels for different platforms, but most
platforms, including the Netra t1 105, use sun4u. When the SPARC grabs
the kernel out of the TFTP directory, it is looking for a file named after
its own IP address. For example, the jsclient in this case is numbered
192.168.1.2. In hex, this becomes C0.A8.01.02, so the filename it is
looking for is C0A80102. Let's link the expected name to the actual
file:
ln -s inetboot.sol9.sun4u C0A80102
ln -s inetboot.sol9.sun4u C0A80102.SUN4U
You will probably need the 2nd link as well.
Boot the SPARC client. Make sure it is cabled to the
network and open a console to watch the boot. You will see the machine
boot up and check RAM, and then give you an "ok" prompt. At
the prompt, type: "boot net - install".
It should go an get the TFTP kernel, in which case you will see a
counter go up to 2aa00. Then it should begin to boot. If you get
an error about "ERROR:
DISCLAIMER: This support site is provided as a FREE service to our customers. Every effort is made to ensure it is complete and accurate. However, due to changing versions, typos, different environments, etc. information may be inaccurate for your site. Note that we do not assume responsibility for any problems you might encounter using information provided in these pages. Please inform us of any problems you encounter we will make every effort to correct this information. Thank you.
Home | Services | Training | Support | Contact Us | Search
Copyright 2006, Security Evolution, Inc.