Solaris 10 Tips

Misc.
df
df -h : Gives "Human readable" output for "df".
df -Z : Also shows what a zone has mounted.
df -hZ : Both.
df -hZ | sed 1d | sed -e 's/%//' | awk '{if ($5 > 90) print $6}' : Get filesystems that are over 90%
used.
ls
ls -lh : Gives "Human readable" for filesizes - much easier to read.
ls -lb : Shows any "hidden/control" characters in a file name.
cat
cat -vet FILE : Print out a file, interpreting tabs, control chars, end-of-lines. (like a "set list" in vi)
BAD filename
ls -lib #get the first field (inum - indode) of the bad filenam.e
find . -mount -inum XXXX -ok mv {} myfile \; #moves the inode XXX in the particular
mount/filesystem to myfile (prompts).
New Zone commands (not exhaustive)
zlogin i.e. zlogin ZONENAME, zlogin -C ZONENAME
zoneadm i.e. zoneadm list, zoneadm list -civ, zoneadm -z ZONENAME boot
zonecfg Setup a zone
zonename (gives "global" if global, otherwise gives zone "hostname")
Zone aware commands (not exhaustive)
ps -Z
df -Z
ifconfig -aZ (lists only "global" used interfaces, ignores zone specific)
Services (replaces /etc/rc?.d/* files)
svcs
svcs -a #default
svcs -H -o state ssaprod #only print state
svcs -l network/smtp:sendmail #list details about it
svcs -D milestone/multi-user #what is dependent on it
svcs -d milestone/multi-user:default #what it is dependent on
svcs -p ssaprod #list running process for service
svcs -xv
svcs -xv nfs/server #state (uptime), man and log file location
svcs | grep online #list services with online states
svcs | grep -v online #list services that are not online

svcadm enable SERVICE
svcadm -t enable SERVICE #temporarily start - not persistent with reboot
svcadm disable SERVICE
svcadm restart SERVICE

svccfg
svccfg -s ssaprod #interactive modification
svccfg -s $APP listprop #list properties
svccfg import /var/tmp/dump.xml
svccfg export dumpadm >/tmp/dump.xml
svccfg delete network/inetd-upgrade:default

svcprop network/inetd:default
svcprop -p general/enabled network/inetd:default
svcprop -p stop/exec network/inetd:default
svcprop -p ttymon system/console-login
IPfilter Firewall software
ipf: /etc/ipf/ipf.conf
ipfstat -t
ipfstat -hio
ipfstat -hi
ipfstat -ho
ipfstat -s
ipmon -a
ipf -f /etc/ipf/ipf.conf
ipf -T list
To setup logging: (setup "log" in the ipf.conf)
/etc/syslog.conf
local0.debug [TAB} /var/log/ipflog
svcadm restart system-log
To start ipfilter for the first time
svcadm enable pfil
svcadm enable ipfilter
init 6
IPFILTER Docs
http://docs.sun.com/app/docs/doc/816-4554/6maoq025a?a=view
http://www.obfuscation.org/ipf/ipf-howto.html
http://daemons.net/~matty/articles/solaris.ipfilter.html
BART - Basic Audit Reporting Tool
bart create -n > bart-`hostname`-`date '+%m-%d-%y'`
touch /etc/passwd
bart create -n > bart-`hostname`-`date '+%m-%d-%y'`b
bart compare bart-monolyth-07-04-05 bart-monolyth-07-04-05b
To assert some control over BART we can leverage BART rules. A rules file is just what
it sounds like, a listing of rules by which BART should conform. A simple example of a
rules file would be:
# Global Attributes
CHECK all
IGNORE dirmtime
# Check /etc and /usr
/etc
/usr
CHECK
# Check /var but ignore filesizes and mod time (logs)
/var
IGNORE size mtime

During solaris build
System files you normally have to deal with.

/etc/hosts
/etc/nodename
/etc/hostname.INFC

/etc/netmasks
/etc/defaultrouter
/etc/resolv.conf
/etc/nsswitch.conf * normally add "dns" to hosts *

/etc/passwd (extra users)
/etc/shadow (extra users)

/etc/default/login

/etc/inet/ntp.conf

/etc/profile

/etc/mail/aliases
/etc/mail/sendmail.cf
/etc/mail/ * other config files you may have used *

/etc/dfs/dfstab

/etc/apche/conf/httpd.conf
/etc/apche2/conf/httpd.conf

/var/opt/apache/cgi-bin
/var/opt/apache2/cgi-bin

/var/spool/cron/crontabs/ * changes you made and additional users *
"rundig -a" into zone crontab for root


mkdir /var/opt/apache2/run
newaliases

setup nfs mount into vfstab


export /web

cd /; ln -s /web/www

add pkg; run sneep
load htdig
ftp
gpg
libstdc++.so.5
gcc
setup syslog