Please refer to this page to see the further updates: http://docs.google.com/Doc?id=dgt8x7s3_29gd3h2z
如何更換 shell
在 solaris 上下 chsh 系統不會理你.
主因是 solaris 已不讓 user 自己換 shell,
省掉一些 security 的麻煩.
若真要換 shell 請用 root 下
# passwd -e username
To Stop the Boot Process
Occasionally, you may need to stop the boot process. The specific key sequence depends on your keyboard type. See Step 1 below.
Type the key sequence for your system.
Use one of the following combination of key sequences:
Stop-A (type-5 keyboards)
L1-A (type-4 keyboards)
Break key (TTY terminals only)
The monitor mode command prompt is then displayed on the screen:
--------------------------------------------------------------------------------
ok
--------------------------------------------------------------------------------
To synchronize the disks, type:
--------------------------------------------------------------------------------
ok sync
--------------------------------------------------------------------------------
When you see the syncing file systems. . .done message, press the abort key sequence for your system again (Step 1).
Type the appropriate boot command to restart the boot process.
ok boot prompt fail to boot
Boot device: /pci@1f,0/pci@1,1/ide@3/disk@0,0 File and args: 0
boot: cannot open 0
File not executable.
boot failed
Enter filename [/etc/system]: kernel/unix // enter this
Enter default directory for modules [/platform/SUNW,Ultra-5_10/kernel /platform/sun4u/kernel /kernel /usr/kernel]:
Name of system file [/etc/system]: // enter this
若要在「Solaris 作業環境」上裝載 mount CD-ROM,請:
以具有 root 權限的使用者身分來登入。
將 CD-ROM 插入光碟機中。
如果系統正在執行「容體管理
程式」(vold),則 CD-ROM 將自動裝載成 /cdrom/cd_label (如果光碟有標籤) 或 /cdrom/unnamed_cdrom (如果光碟沒有標籤)
用以下
指令來確認 vold 有 running:
# ps -ef | grep vold
暫停使用CDROM
# /etc/init.d/volmgt stop
開始使用CDROM ( 請先放入CD )
# /etc/init.d/volmgt start
Mount CDROM 需要等 10 - 15 秒
如果沒有 run 的話,kill vold 的 pid ,然後 restart:
Restart the vold process by entering the following command:
# /usr/sbin/vold &
再看看 vold 有沒有自動 mount cd-rom。
如果您的系統並未執行「容體管理程式」,請完成下列步驟來裝載 CD-ROM:
輸入下列命令以判斷裝置的名稱:
# ls -al /dev/sr* |awk '{print "/" $11}'
此命令會傳回 CD-ROM 裝置的名稱。
在此範例中,命令會傳回字串 /dev/dsk/c0t6d0s2。
輸入下列命令以裝載 CD-ROM:
# mkdir -p /cdrom/unnamed_cdrom
# mount -F hsfs -o ro /dev/dsk/c0t6d0s2 /cdrom/unnamed_cdrom
其中 /dev/dsk/c0t6d0s2 代表上一個步驟所傳回的裝置名稱,而 /cdrom/unnamed_cdrom 代表 CD-ROM 裝載目錄。
註:
如果您是從使用 NFS 的遠端系統裝載光碟機,則必須使用 root 存取權來匯出遠端機器上的 CD-ROM 檔案系統。
您亦須使用 root 存取權將該檔案系統安裝到本端機器上。
登出。
您的 CD-ROM 檔案系統現在已完成裝載。若要檢視 CD-ROM 的內容,請將光碟片置於光碟機,然後輸入 cd /cdrom 命令,其中 cdrom 是 CD-ROM 裝載點目錄。
Solaris Patching with smpatch
Written by Konic
Wednesday, 05 April 2006
You probably want to get your Solaris systems up to date. I rather like the tool smpatch.
In order to use smpatch you first need to register the system.
You can register a system with the following procedure (
http://sunsolve.sun.com/search/document.do?assetkey=1-9-82688-1 ):
Create a file /tmp/registration.properties:
userName=testuser
password=testpass
hostName=solaris1
subscriptionKey=abcd1234
portalEnabled=false
proxyHostName=
proxyPort=
proxyUserName=
proxyPassword=
This will register the system which hostname is solaris1 using the Sun Online Account testuser which password is testpass. This user has a Sun Service Plan so the subscriptionKey parameter is abcd1234. If you are going to register your system using a proxy, you will need to fill the 4 last parameters in the above example.
Now you can register the system:
# /usr/sbin/sconadm register -a -r /tmp/registration.properties
After a successfull registration you can just do "smpatch update" and it will apply most of the patches you need. Or you can do it step by step:
* smpatch analyze : see what should be applied
* smpatch download : download them
* smpatch update : applies them
Again, I note that you don't need analyze and download. Update will do that.
By default, update will only
install patches that are fairly safe. I.e. they can be
installed with the system running normally, and won't cause trouble. Patches that require an immediate reboot will be skipped, and put into a file /var/sadm/spool/disallowed_patch_list. When you're ready to do them, kick everybody off the system, shut down as much as you can, and do
# smpatch add -x idlist=/var/sadm/spool/disallowed_patch_list
then reboot.
Reference:
http://www.syslog.gr/content/view/12/2/
Keep Sending message to your tty (console, terminal)
You can get your current tty by issuing the tty command.
#!/bin/bash
for(( i=1;i>0;i++ ));do
echo "hihihi $i" > /dev/pts/$1;
sleep 30;
done
usage: ./keepsending tty_number
get the tty's by running `who`
get yours by running `tty`
Actually, you can set up your putty.exe (the ssh client) to keep alive every few seconds.
Intel (x86) machine boots or installs OS (Opearting System) from network
PXE
Solaris USB Drive
/tmp/SUNWut/mnt/danny/disk1
Time Synchronization, update time
# ntpdate -b pool.ntp.org north-america.pool.ntp.org
Unknown hostname for Solaris 10 DHCP client
When I installed Solaris 10 x86, my computer thought its hostname was unknown. Aside from being annoying, this seemed to be causing a few issues, so I set about trying to set it to a name of my choice.
Using the uname -S
hostname command set the hostname for me but this information didn’t persist on reboot. A bit of googling turned up various references to editing /etc/init.d/network so that it read /etc/nodename and set the hostname accordingly (as well as
a script to set the hostname
), but my system didn’t have an /etc/nodename file.
I understood that /etc/nodename should contain my computer’s name, but didn’t know if any other settings were required (I later found
Jeff Hunter’s TCP/IP quick configuration guide
, which confirmed that the file just contains the computer’s name - in my case laptop3).
It turns out that these hacks are for Solaris 8/9 -
Solaris 10 is quite happy to set the hostname based on the contents of /etc/nodename
. Once I had created /etc/nodename and rebooted, /etc/hosts read:
#
# Internet host table
#
127.0.0.1 localhost
192.168.7.106 laptop3 # Added by DHCP
and the computer was no longer anonymous!
Note: just create /etc/nodename , and add your hostname to this file
http://www.markwilson.co.uk/blog/2006/01/unknown-hostname-for-solaris-10-dhcp.htm
http://www.idevelopment.info/data/Networking/Networking_Basics/SOLARIS_CONFIGTCPIP_TCPIP_Configuration_Files_Quick_Config_Guide.shtml
How to Disable a Solaris DHCP Client
1.
Become superuser on the client system.
2.
If you used a sysidcfg file to preconfigure the system, remove the dhcp subkey from the network_interface keyword.
3.
Unconfigure and shut down the system.
# sys-unconfig
See the sys-unconfig(1M) man page for more information about the configuration information that is removed by this command.
4.
Reboot the system after shutdown is complete.
If the system uses preconfiguration, you are not prompted for configuration information, and the DHCP client is not configured.
If the system does not use preconfiguration, you are prompted for system configuration information by sysidtool programs when the system reboots. See the sysidtool(1M) man page for more information.
5.
When prompted to use DHCP to configure network interfaces, specify No.
http://docs.sun.com/app/docs/doc/816-4554/6maoq020m?a=view
Bash color prompt .bashrc shows current working directory
export PS1="\e[0;32m\u@\h \w \$\e[m "
export PS1="\u@\h \w \$ "
export TERM=dtterm
Hi, When I start up my solaris box and always get a msg,
syslogd: line 24: warning loghost could not be resolved.
my unqualified host name unknown sleepying for retry.
I don't know what that means, and how to fix it? My /etc/hosts is
127.0.0.1 localhost
192.168.1.10 aw90s aw90s.
192.168.1.11 hpjet
Did I miss something there? Thanks.
Edit /etc/hosts/ , add to the line containing "localhost" a space and loghost.
127.0.0.1 localhost loghost
常見的 RC stands for
Run Command
or
Run Control // 好像這個比較正確
Keyboard issue for Stop-A command
HI guys,
I've got a SUN Workstation Ultra40 with Sun keyboard with solaris 5.10 release 6/6 installed.
their is no responds when I try a Stop-A command. Does anyone experienced the problem? Can some one help.
Tks
Sun's Ultra-40 workstation uses x86 architecture, including a traditional PeeCee BIOS.
http://sunsolve.sun.com/handbook_pub/Systems/Ultra40/spec.html
There is no OpenBoot in that system design.
If no OBP (Open Boot Prom), then you "can't get there from here" with a STOP-A.
How to pass OK prompt boot parameters from command line on Solaris x86/x84?
While working with Solaris 10 x86/x64, there isn’t an easy way to enter OK prompt to pass in OK prompt boot parameters. So, I run the following command:
reboot -- -m verbose“–” dash-dash enabled me to pass in OK prompt boot parameters. In this case, the OK prompt boot parameters above is “-m verbose” This will show additional verbose messages during boot if I choose the transient option in the Grub menu.
booting a sunfire v480 to OK prompt.
I am an AIX admin, trying to learn Solaris now. I have got an old
Sunfire v480 box which was lying powered down, I connected power
and booted it. I do not know root or any login ID/password for
this server, so am trying to reset its root password. I connect
to its serial port through Cyclade, effectively its a regular
putty connection with Windows keyboard. How can I get this
server to boot to OK prompt to make it boot from CD and reset
the root password? I have tried holding the power button for 5
seconds but all I get on console is 'changing to init level 5
please wait' and it just stays there.
try either ctrl-shift b or init 0
OK, I figured it out; control+] and then b. Now the Solaris CD I had is bad, so the next thing is to find a good working Solaris CD :-)
Thanks Featherj.
How to get to the Open Boot Prom (OBP) OK Prompt
You can shutdown the system using init 0
Reboot the system and press the STOP and A keys together as the boot time messages appear on the screen
Press the STOP and A keys together (use as a last resort)
when you are not on the console (video + keyboard) and use some terminal emulator to via serial port or other similar solution you can use special command to send BREAK signal. For example on TeraTerm Pro use Control->Send Break or press Alt-B
IP Filter FAQ
http://www.phildev.net/ipf/
how to configure solaris as a router?
Hi,
In order to route you need the router software on top of having the machine configured with 2 nics and which are plugged into different switches.
You would need something like zebra, bgpd, routed, or gated, etc.
With routed you can do rip1 and 2. It is not that difficult to setup, check the sun site for some good
how-tos.
Also you need to know about the other end of the connection;i.e., a router which needs to know what protocol you want to comunicate with.
If you feel really comfortable with routing, perhaps you have cisco background, then check the following link for routing stuff.
http://www.zebra.org/
regards,
Patrick Soltani.
> As I say before when your computer have more then two interface and you delete the default router ( And also there no file with the > name norouter in your computer )
> The computer become a router .
This is not correct.
If you have setup "ip-forwarding = yes" using "ndd" command or default install, then all will happen is that the packets from one interface will be forwarded to the other, however this does not make the machine a "router".
Router is a piece of software that manages a device with 2 interfaces in a different cable segment, at the minimum.
Of course you can do static routing, but "learning the routes" or "building routing table" is a chore for the router software and NOT the OS.
you can do:
route add 10.10.10.0/24 204.74.128.3
which will insert a table entry and passes all the packets from 10.10.10.0:255.255.255.0 to 204.74.128.3.
You do not need to reboot the machine. This is a command line and will be effective upon insertion.
You do not need to remove the defaultrouter file either. As long as the "route add" gets executed at startup, you'd be fine.
Now what happens to the packet is another story, as the packets coming off of the first interface are not routable, hence you need another process, NAT, to play here. Or you have another machine that has 10.10.10.0/24 address on it.
You can verify the table entry with:
netstat -rn
Regards,
Patrick Soltani.
深入應用:將SOLARIS設置成軟路由器 Router
作者:網路頓永太 更新時間:2005-09-11 收藏此頁
【IT168 伺服器學院】我們在單位裏調試用戶系統時,單位的網路地址一般和用戶的網路地址不在一個網段上,如果沒有路由器則兩網不能互通,那對工作會很有影響。硬路由器價格昂貴也沒有必要去配,因為SOLARIS可以很容易地設成
軟體路由器,而不需另外花費。
1、編輯文件/etc/hosts,為該工作站加另一個網段地址:
#vi/etc/hosts
127.0.0.1localhost
192.9.200.1serverloghost;本例的主機名及地址
192.9.201.1 anoserver;另一個對應的名稱及地址
2、編輯文件/etc/nerworks,將兩個網路的地址加入:
#vi /etc/networks
loc 192.9.200;本網網址
ano 192.9.201;另一個網的網址
3、新建文件/etc/gateways,該文件只要存在沒有內容也可,以使SOLARIS在啟動時運行路由器服務進程。
#cat/dev/null>/etc/gateways
4、查詢主網卡的名稱:
#ifconfig-a;列出系統中的所有網路介面
loO:flags=849<UP,LOOPBACK,RUN-NONG,MULTICAST>mtu 8232
inet 127.0.0.1 netmask
ff000000
hneO:flags=863<UP,BROADCAST,NO-TRAILRS,RUNNNHG,MULTICAST>mtu1500
inet 192.2.200.1 netmask ffffff00 broadcast
192.2.200.255
ether 8:0:20:1:2:3
hme即為工作站上所配的100M網卡名,如果你所用的是10M網卡則名為le。
5、新建文件/etc/hostname.hme0:1,將/etc/josts中的另一個主機名填入,以使SOLARIS啟動時在物理介面hme0上建立一個邏輯介面。
6、設置完以上各步後,重啟工作站
7、效果:
在工作站啟動中,可以看到“machine is a router.”的噗顯示。表明本機已成為一個路由器,會向網路上發RIP包,用介面查詢命令可見:
#ifcofig -a ;列出系統中的所有網路介面
lo0:flags=849<UP,LOOPBACK,RUNNNG,MULTICAST> mtu8232
inet 127.0.0 .1etmask ff00000
hne0:flags=863<UP,BROADCAST,NOTRAILERS,RUN-NING,MULTICAST>mtu 1500
inet 192.9.200.1 netmask ffff00 broadcast
192.9.200.255
hne0:1:flags=8d0<UP,BROADCAST,NOTRAULERS,RUMNNNG,MULTICAST>mtu 1500
inet 192.9.201.1 netmask ffff00 broadcast
192.9.201.255
以上表明已啟動了hme0上的一個邏輯介面,地址為192.9.201.1。
在別的UNIX機器上,會根據RIP包自動將該工作站加入到路由表中,在PC機上(例如WIN95),只要在控制面板中將TCP/IPM網路的網關設置為該工作站的地址(使用與本機同一個網路的地址),就可以與另一網路的機器通迅了。
Solaris Run level (init)
不同於Linux會將每個Level 訊息寫於inittab中,run level 的定義也不一樣
Run Level Description Purpose
0 Stops all services, terminates all process, and unmounts all file systems. To shutdown Solaris and return the system to the "ok prompt".
s or S Single-user mode. All users who are logged in will be logged off and only root (superuser) is allowed to log in. Used for system maintenance such as installing patches.
1 Single-user mode. Logged on users are allowed to remain logged in. New users can't log in. To keeps current users logged in but prevent new users from logging in.
2 Multi-user state. NFS is not running. All file systems are mounted minus NFS. Normal run level but no shared network files systems are mounted.
3 Multi-user state. Normal operations to include NFS.
4 Alternate state. Not used except for development.
5 Power down the system. On current systems this will power of the computer. If not, you will be place at the "ok prompt".
6 Reboot. Reboots the system to the default run level set in the /etc/inittab. There are flags for the command to allow you to reboot into other run level. (i.e. `reboot -- -s` = reboot to single-user mode.
NOTE: The shutdown and halt commands shouldn't be used to reboot or stop the system. Neither performs a clean init change. Use the shutdown and init commands for changing init states. Best to use shutdown to allow users time to log off. I typically notify all users 2 times via email starting about 5 to 10 working days before a shutdown or reboot.
參考網站:
http://www.unixadm.net/solaris/run_levels_sol9.html
LinuxAdm.Com
暫時不要用 alias
# alias rm='rm -i'
# rm file1
# ls
# \rm file1 // put a backslash in front of the alias command.
ls command list directory's automatically with cd in Korn Shell (ksh)
I'm using unix with ksh do you know how to make cd run ls when change into a directory? so if I cd into / it will automatically display what files/dir are in that dir? I find myself typing ls each time I move to a directory. I have tried an alias but with no luck...
Use shell functions
if you type this in to your shell:
cdls(){
cd $1
ls
}
then call cdls argument
Then, add the function to your .profile so you don't have to type it everytime.
To make the Korn Shell (ksh) to display the current directory into my prompt
vi ~/.profile
PS1="$LOGNAME@$(uname -n) \$PWD $ " // Need a backslash precedes the $PWD variable when in double quotation.
PS1='$PWD $ ' // No need a black slash preceds the $PWD variable when in single quotation.
Simple Solaris IP Multipathing
IP multipathing consists of grouping two identical network cards together and having a live IP address be able to automatically fail over from one card to the other with no loss or degredation of service.
The steps to accomplish this are as follows:
1. Ensure that both cards are seen by the system and have different MAC addresses
2. Group the cards together
3. Add a test ip address to the first card
4. Add a test ip address to the second card
5. Change the hostname.* files to keep these settings after a reboot
Before going into each of these steps in detail, a few details should be kept in mind, in regards to assigning IP addresses. When activating IP multipathing on a server, a total of three IP addresses will be used. The private address space that you have typically uses a Class C address space, with only 254 usable addresses, so it is advised that only production servers get multipathed. Also, to keep the IP address space 'clean', the standard that has been adopted for IP assignments is that the main failover IP for production servers should be in the range of 192.168.2.1 to 54, the first test address should be 100 higher than the main address, and the second test address should be 200 higher than the main address. This will put the final octet of the first test address in the range 101 to 154, and the final octed of the second test address in the range of 20 1 to 254. DNS entries for the test addresses should also be created, even though the addresses are not used. The dns name for the first test address should be hostname of the server with '-test1' concatenated to the end, and the dns name for the done likewise with '-test2' appended.
For this exercise, we will use a hostname of server1, a main IP address of 192.168.2.9, and gigaswift ethernet cards ce0 and ce1
Ensure that both cards are seen by the system and have different MAC addresses
By default, Sun servers have the PROM setting 'local-mac-address?' set to false, which causes all ethernet cards to assume the MAC address of the primary (built in) ethernet card. This can be checked by using the following command:
eeprom local-mac-address?
If the result is false, then issue this command.
eeprom local-mac-address?=true
Next, run 'ifconfig -a' to ensure that both cards are seen by the system. Most likely, only ce0 will be seen and be in use. If this is the case, then run 'ifconfig ce1 plumb' to plumb the second card. If the local-mac-address? eeprom variable had to be set to true, then the results of 'ifconfig -a' will reveal that both cards have identical MAC addresses. If this is the case, then manually set the MAC address of the second card to some unique address with the following command:
ifconfig ce1 ether de:ad:be:ef:f0:0d
The next time the server reboots, both ethernet cards will take on new mac addresses.
Group the cards together
Both ethernet cards need to be assigned to the same group, to allow multipathing to know which cards an IP address can fail over to. This is accomplished with the following commands:
ifconfig ce1 server-int
ifconfig ce0 server-int
In this case, 'server-int' is the groupname. The groupname can be any artitrary string.
Add a test ip address to the first card
Each ethernet card will have a 'test' IP address assigned to it that will only be used by the system to verify that the card is functioning correctly. To set this address for the first card, issue the following command (this is all one command to be typed on one line, regardless of how word-wrapping handles it in this document):
ifconfig ce0 addif 192.168.2.109 netmask + broadcast + deprecated -failover up
Add a test ip address to the second card
To add the second ethernet card's test IP, issue the following (this is all one command to be typed on one line, regardless of how word-wrapping handles it in this document):
ifconfig ce1 192.168.2.209 netmask + broadcast + deprecated -failover standby up
Change the hostname.* files to keep these settings after a reboot
The current /etc/hostname.ce0 contains just the hostname of the server. This will need to be replaced with the following:
group server-int
set 192.168.2.9/24 broadcast + up
addif 192.168.2.109/24 broadcast + deprecated -failover up
Create the /etc/hostname.ce1 file with the following text in it:
group server-int
set 192.168.2.209/24 broadcast + -failover deprecated standby up
To change a user's password
To change a user's password, you must either know the existing password or have superuser (root) access to the system. If you know the user's password and are logged in as that account, simply follow these steps:
# passwd
# passwd: Changing password for qmchenry
Enter login password: {OLD_PASSWORD}
New password: {NEW_PASSWORD}
Re-enter new password: {NEW_PASSWORD}
passwd (SYSTEM): passwd successfully changed for qmchenry
After starting the passwd program, you will be prompted to enter the current password {OLD_PASSWORD}, then to enter the new desired password twice {NEW_PASSWORD}. If there is a problem such as new passwords not matching, new password too similar to the old password, or other issues, passwd will let you know with an error message and will usually ask you to try again.
If you have superuser access to the system, you can change any password without knowledge of the existing password (which is very handy when users forget their passwords since it is nontrivial to reclaim a hashed password). As root, run the same program (passwd) and follow the instructions. The only differences are that you need not enter the existing password and many errors will become warnings because the program will let root do what root wants (even if it is a bad idea).
How to use useradd in Solaris to add a new user (add user, adduser)
You must be root (superuser) to add a user. An easy way to remember the syntax of the useradd command in Solaris is to run it with no options. Follow the resulting usage information including the parts that you require. Important options are:
-d home-directory-path
This is the new user's home directory, typically /export/home/username
-m
make home directory and copy the default skeleton files (these files are located in /etc/skel directory).
-u uid
The uid (userid) is a number from 0 to 65535 which identifies the user on the system. uid 0 is reserved for root. If you don't specify one, the next available uid will be used automatically.
-c "User Name"
Comment field which usually contains the name of the user. Make sure you enclose the name in quotes if it contains a space.
-s /path/to/shell
The shell to use. If you don't specify this, it will default to /bin/sh. Make sure you specify the fully qualified path.
So, putting it together, a typical addition of a user named fred would be:
# useradd -d /export/home/fred -m -s /bin/ksh -c "Fred Smith" fred
It's a smart idea to run pwck (passwd check) whenever you make a change to the /etc/passwd file (as when adding or chaning a user). This program will identify any problems with the passwd file. If it doesn't tell you anything, then you are in good shape.
http://www.tech-recipes.com/solaris_system_administration_tips16.html
