UNIX Solaris System & Network Administrator

Course UNIX Solaris System & Network Administrator
Instructor: Suwit Saiphan :
Training Professional Center
Introduction Course Introduction Instructor & Trainer Assistance Attendees / Trainees

Expectations
Course Goals and Contents
Instructor & Trainer Assistance Suwit Saiphan

Unix System and Network Administration (Solaris, Linux, FreeBSD) Microsoft Windows 2003 System Environment, Active Directory, Network Infrastructure Cisco Network Fundamental Information Security Consultant
Trainer Assistance -
Attendees / Trainees First-Last Name Responsibilities Expectations
Expectations Upgrade Linux Solaris Unix System Security Solaris Administration Gain Knowledge in Unix Customer Services

Unix System Administrator (Solaris)

Course: Fundamentals of Unix Solaris Course: Intermediate System Administration for Solaris OE Perform basic Unix tasks Understand basic Unix commands Use vi text editor Interact with a windowing system
6

Day 1 Installation
Introduction to Solaris 10 System Concepts and Choosing Hardware Solaris 10 Installation Initialization, OpenBoot PROM, and Run Levels


( )
Day 2 System Essentials

Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling Process Management
8

( )
Day 3 Security
System Security File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Kerberos and Pluggable Authentication

( )
Day 3,4 Managing Devices

Device and Resource Management Installing Disks and File Systems File System and Volume Management Backup and Recovery Printer Management Pseudo File Systems and Virtual Memory System Logging, Accounting, and Tuning
10


( )
Day 4 Networking
Basic Networking DHCP and NTP Routing and Firewalls Remote Access Internet Layer (IPv6)
11

( )
Day 5 Services, Directories, and Applications

Network File System and Caching File System Sendmail Domain Name Service Network Information Service (NIS/NIS+) Lightweight Directory Access Protocol (LDAP) Samba Application Development and Debugging Web Applications and Services
12
13
Day1 Day1 - Installation Introduction to Solaris 10 System Concepts and Choosing Hardware Solaris 10 Installation Initialization, OpenBoot PROM, and Run Levels
14
History AT&T Develop from Game Application AT&T Microsoft, Sun, IBM, HP The same core OS Sun Free source code Manual page $> man Editor vi (Visual Editor)
15
Introduction to Solaris UNIX Operating System Multiuser Operating Environment Multitasking Multithreading Developed by Sun Microsystem System V (AT&T) Berkeley (BSD)
Training Professional Center 16
Introduction to Solaris Solaris (Operating Environment) SunOS (Operating System) Solaris 10 = SunOS 5.10 Solaris 9 = SunOS 5.9 Solaris 8 = SunOS 5.8
17
Introduction to Solaris Solaris 10 is to support: Database servers Message Queues XML Web Services J2EE application servers Suns hardware solution based on UltraSPARC Support for SMP more than 100 processors in single server
Introduction to Solaris Suns innovations move from server to desktop Develop Java Cross Platform support JVM

Write Once Run Anywhere SPARC and Intel
Promote free version of Solaris

19
Solaris Innovations
Server Tools

scalability, availability, security, integrity and manageability
Clustering Grids, Zones, and Resource Management Volume Management

RAID 0,1,5 and Mirror, Strip
Live Upgrade System Management

SMC System Management Console Tool Kerberos Version 5 IPv6 and IPSec
20
Security Innovations
SPARC and IA System Admin Difference

Category
System operation before kernel load
SPARC
OpenBoot PROM
IA
BIOS Solaris Device Config Assistant MDB (Multiple Device Boot) Command Option at MDB
Booting system
Command Option at PROM
21

Category
Boot Program
SPARC
bootblk (Pri. boot program) ufsboot (Sec. boot program) load kernel
IA
mboot (MBR) pboot (Solaris Partition boot program) Bootblk (Pri. boot program) ufsboot (Sec. boot program) load kernel
22

Category
System Shutdown
SPARC
shutdown,init w/o intervention SCSI, IDE
IA
shutdown,init w/ intervention
Disk Controller
SCSI and IDE
Disk slice and partition
Max. 8 slices (0-7)
Disk Max. 4 fdisk partition Sol fdisk 10 slices (0-9) but 0-7 store data 3.5, 5.25-inch
Diskette drive
3.5-inch diskette drive
23
Solaris System Software Evolution

Release
Solaris 1.0 (SunOS 4.x) Solaris 2.0 (SunOS 5.0) Solaris 2.1 (SunOS 5.1) Solaris 2.2 (SunOS 5.2) Solaris 2.3 (SunOS 5.3) Solaris 2.4 (SunOS 5.4) Solaris 2.5 (SunOS 5.5) Solaris 2.5.1 (SunOS 5.5.1) Solaris 2.6 (SunOS 5.6) Berkeley (BSD) Unix SVR4 (AT&T) and BSD Admin Tools GUI, Print/Accout Manager, Vol Manager CDROM VFS,Online Backup, PAM, PPP, CacheFS (NFS), NIS+ Motif GUI (Installation) PAX,Soltice Admin Suite, Process Tool (/proc), Telnet client (4.4 BSD version), Improve rlogind, telnetd UserID,GroupID extend to max. sign integer Printing Software (NIS,NIS+), Large file support (UFS,NFS, CacheFS), NFS Kerberos use DES, RPC (GSS-API), Y2K compliance, WebNFS, JVM 1.1
Feature
24

Release
Solaris 7 (SunOS 5.7) Solaris 8 (SunOS 5.8)
Feature
64bits (SPARC only), LDAP, Dynamic reconfiguration, AnswerBook2, Unicode, RPC security, CDE (new tools) IPv6, Naming LDAP, Java2, Wizard (Installation), UDF (Universal Disk Format), DVD, Smart card, PDA, Multilanguage (90 locals,37 langs), XServer (X11R6.4), RBAC (Role-Based Access Control) Mobile IP, Removable Media (DVD,Zip,Jaz,CDROM,diskette) IP Multipathing with NICs, WBEM (Web-Based Enterprise Management, Print USB LDAP+iPlanet WebServer, SMC 2.0 (RBAC), WBEB (init.wbem, update security, SMC Log viewer), USB (Sun Blade 100, 1000 and Sun Ray system) New BIND, sendmail 8.10, IP multipathing with dynamic reconfiguration (DR), Mobile IP (reverse tunnel) PPP 4.0 (async,sync comm., PAP, CHAP), NCA (Solaris Network Cache Accelerator), IP Multipathing (IPMP reboot safe) DR 3.0 (Automated DR), USB (KB,Mouse,Printer,Audio) RPC (Sun ONC+ async protocol)
Solaris 8 (SunOS 5.8) (6/00) Solaris 8 (SunOS 5.8) (10/00) Solaris 8 (SunOS 5.8) (1/01) Solaris 8 (SunOS 5.8) (4/01) Solaris 8 (SunOS 5.8) (7/01) Solaris 8 (SunOS 5.8) (10/01) Solaris 8 (SunOS 5.8) (2/02)
25

Release
Solaris 9 (SunOS 5.9)
Feature
Resource Manager (allocate resource), Fixed-priority (FX), Web Start Flash Install (master,clone), Live Upgrade, New option (df, du, ls, 1K unit), pargs and preap (process debugging), NIS+ LDAP, Sun Internet FTP Server, sendmail 8.12, Improve NCA, IPMP (link-up-down), Mobile IP (advertise dynamic if), BIND 8.2.4, Solaris volume manager, SMC 2.1 (6 new tools), smpatch, Solaris Secure Shell, cdrw (Write CD) X86/X64, SPARC Solaris Container Grid Container (Isolate App, Service, Allocate resource, Increase resource utilization) Solaris Secure Execution (File Integrity and Secure Execution, User&Process Right Management, IP Filter Firewall, Cyptographic Service/Secure, Enterprise Authentication LDAP,PW,MD5,Kerberos,Smartcard) Solaris Dynamic Tracing (easy to analyze, debug, optimize system, App in Realtime, Patch Management) Solaris Predictive Self Healing (Auto diagnostic, isolate recovery from H/W, App fault)
Solaris 10 (SunOS 5.10)
26
27
Server Preparation Enable 2 Solaris systems (By VMWare)

Copy 2 VMs Introduce VMWare with Solaris Introduce to Windows System on Solaris
CDE Common Desktop Environment JDS Java Desktop System
28
Desktop Resolution Setting

1. Command Login prompt 2. Login as root 3. # kdmconfig 4. Follow step - Xsun/Xorg server - XF86 VMWare - MutipleFrequency 56kHz - 800x600 @16777777
29
Server Preparation Define IP address and Hostname

Open Text Editor # gedit vi command # vi

Command Mode

ESC Key ESC+i Key ESC+a ESC :q! , ZZ ESC :wq!

30
Edit Mode
Insert after cursor Append after cursor
Exit vi Save text
Server Preparation
File /etc/hosts (Map IP Hostname) Type 192.168.1.73 suwit001 File /etc/hostname.pcn0 ( IP Type suwit001 ( NIC) /etc/hosts)
File /etc/nodename (hostname login screen) /etc/hosts) Type suwit001 ( Restart Machine # init 6 (reboot) Or # shutdown y i6 g0
Solve warning loghost File /etc/inet/ipnodes File /etc/inet/hosts /etc/hosts

127.0.0.1 xxx.yyy.zzz.aaa
localhost hostname
loghost
32
Solve warning sendmail sendmail try to determine FQHN (Fully-Qualified Host Name) # /usr/sbin/check-hostname File /etc/inet/hosts /etc/hosts

127.0.0.1 xxx.yyy.zzz.aaa
localhost hostname
host.domain
File /etc/nsswitch.conf hosts: file dns ipnodes: file dns

Solve warning sendmail File /etc/defaultdomain

mydomain.domain.domain
34
System Concepts and Choosing Hardware

Key Concepts
UNIX and the Kernel

Kernel Hierarchical file system, begins with root (/) System hardware devices logically on file system The special file (/dev/pty, for pseudoterminals) Process based (Process ID = PID) Set of command-line utilities for text and numeric processing (cat, head, tail, troff, col, tbl etc.) User processes are created (spawned) from shell (Bourne Shell - sh) Multiple processes can be executed with & in background Multiple users can execute commands from pseudoterminals
35
36
System Concepts and Choosing Hardware Key Concepts

The Shell

Bourne shell (sh) The original UNIX shell used to write all system scripts Korn shell (ksh) Provides enhanced input/output features, including the print and read commands C shell (csh) Offers a command syntax similar to the C programming language Bourne Again shell (bash) An open source, much improved version of the Bourne shell Z shell (zsh) A freely available Bourne-like shell with a focus on sophisticated scripting features
37

The File System Multiuser, Multitasking, and Zoning Client/Server Networks Processes Naming Services Java 2 Enterprise Edition (J2EE) SPARC Hardware Supported Platforms Intel Hardware Devices Supported Under Solaris Intel

The File System

cachefs The CacheFS cached file system hsfs The High Sierra file system nfs The Network File System (NFS) pcfs The MS-DOS file system tmpfs A file system that uses memory ufs The standard UNIX File System (UFS)
The default local file system type /etc/default/fs The default remote file system type /etc/default/fstypes

Multiuser, Multitasking, and Zoning

Multiple users execute multiple application concurrently Multiple threads in single process SMP Symmetric Multiprocessing Zone Virtual instance work in resource management framework
Client/Server Networks

Remote Procedure Call (RPC) technology, NFS Remote Method Invocation (RMI) technology, Java Networking and Distributed computing
40

Processes

(PID with UID and GID) Signal
Naming Services (DNS, NIS, NIS+, LDAP) Java 2 Enterprise Edition (J2EE)

JVM Java Web Application

41
Key Concepts
SPARC Hardware

Scalable Processor ARChitecture (SPARC)

High-speed buses, Fast I/O performance
UltraSPARC (workstation, server)

PCI local bus, USB, SVGA
42
Key Concepts
Supported Platforms
43
Key Concepts
Intel Hardware Devices Supported Under Solaris Intel
44

Examples System Components

Base unit (aka pizza box), which contains the motherboard, SCSI controller, and SBUS cards Frame buffer or graphics card SCSI or IDE units connected by SCSI or IDE cables to the SCSI or IDE controller in the pizza box CD-ROM drive, internal or external (SCSI or IDE) DVD-ROM drive, internal on newer systems Speaker box and microphone, external Two serial ports (A and B) A parallel port A tape drive, internal or external (DDAT/DDS/QIC and so on) Mouse (mmechanical or infrared) and keyboard (type 4 or type 5)
45
System Concepts and Choosing Hardware Examples Example Systems

Workstation Server
46
System Concepts and Choosing Hardware Procedures System Configuration

# prtconf
Basic Networking Terminology /etc/hostname.hmen where n is the interface number and hme is the interface type

Basic Networking Terminology Define multiple network interfaces /etc/hostname.hmeN where N = interface number and hme = interface type Assign different IP addresses to the same network interface. Hosting virtual interfaces. /etc/hostname.hmeX:Y where X = physical device interface Y = virtual interface number Define subnet mask for each of interfaces /etc/netmasks
Solaris 10 Installation Preinstallation Planning Disk Space Planning Device Names SPARC Preinstallation Intel Preinstallation
49
PrePre-Installation
1. Host name (# uname n, # hostname) 2. Protocol (IP) address (# ifconfig) 3. Name service type (LDAP, NIS, NIS+, DNS or non) 4. Subnet mask (/etc/netmasks file) 5. Geographic location and time zone (GMT+7) 6. Root password 7. Language
50
Method: Solaris 10 Installation Web Start Wizard JumpStart suninstall Live Upgrade
51
Solaris 10 Installation Disk Partitions Disk Formatting and Virtual Memory The Boot Manager Web Start Wizard Installation
52
Solaris 10 Installation
Web Start Wizard Installation

Configuration Network Support DHCP Server Hostname IP Address Netmask IPv6 Support Kerberos Server Name Services
DNS Server NIS/NIS+ Server LDAP Server
53
Solaris 10 Installation Web Start Wizard Installation

Router Time Zone and Locale Power Management Proxy Server 64-Bit Support Disk Selection and Layout Root Password Software Selection
54
Server Preparation

Add new 3 HDDs Enable BIOS to boot from CDROM first Insert Solaris 10 x86 Installation CD Power On Option: 1. Solaris Interactive Language: 0 Network DHCP Name Service DNS IPv6: No Kerbeos: No Domain Name: Yourname.com Server IP: 192.168.1.1
Installation
55
Solaris OE Software Groups
56
Create Virtual Machine via VMWare
57
Solaris 10 Installation Web Start Wizard Installation

Network Installation suninstall Installation JumpStart
58
Solaris 10 Installation JumpStart

Boot Servers Installing Servers Boot Clients sysidcfg
59

sysidcfg
60

sysidcfg
61
PostPost-Check after Installation Software Package after installation File /var/sadm/install/contents View file contents # grep showrev /var/sadm/install/contents # more /var/sadm/install/contents # cat /var/sadm/install/contents Patches & Update http://www.sun.com Download Patch & Update http://sunsolve.sun.com
63
Initialization, OpenBoot PROM, and Run Levels

OpenBoot (Stop-A)

Boot the system, by using the boot command

ok> boot [cdrom|net]
Perform diagnostics on hardware devices by using the diag command

ok> diag ok> probe-scsi-all ok> probe-ide

Test network connectivity by using the watch-net command Help

ok> help
64
Executing Boot PROM Commands
65
OpenBoot Architecture Standard Test and initialize system h/w Determine the system h/w configuration Boot the operating environment Provide an interactive interface for configuration testing and debugging Enable the use of 3rd device # /usr/platform/uname m/sbin/prtdiag v check version of OpenBoot
OpenBoot Architecture Standard 1.X 2.X 3.X 4.X 5.X SPARC system The first Openboot PROM UltraSPARC 64-bits UltraSPARC Sun Enterprise 3500-3800 etc.
67
Introducing Boot PROM Fundamentals
68
POST = Power On Self Test

Probes the memory and then the CPU Probes bus device, interprets their devices, and build a device tree Install console * After boot PROM initialize the system, the banner displays on the console Controlling the POST Phase Stop+D = switch to diagnostic mode (diag-switch? Is set to true) Stop+N = Clear to the default values Stop+A =
69
Initialization, OpenBoot PROM, and Run Levels /sbin/init
70
Initialization, OpenBoot PROM, and Run Levels /sbin/init
71
The init phase
72
The /etc/inittab file id:rstate:action:process
73
The init process
74
75
Solaris OE Run Level # who -r
76
Solaris OE Run Level

0 S,s 1 2 3 4 5 6 = System is running the PROM monitor = Single-user mode with critical file system mounted and accessible = Single-user administrative state with access to all available file system = The system is support multi-user,Multiple users can access the system, All system daemon are running except for the NFS server = The default run level in the /etc/inittab file (multi-user operation) and has NFS resource sharing) = Not implemented = The Solaris is shutdown and sytem (h/w) is power-off = The Solaris is shutdown and reboot
77
Identifying the Phases of the Boot Process

Boot PROM phase

PROM runs POST boot Locates boot-device boot Reads bootblk boot Loads bootblk
Boot Program Phase

bootblk Loads Secondary Boot Program (ufsboot) ufsboot Loads kernel 32-bit or 64-bit kernel
kernel = genunix / unix
The kernel Initialization Phase

kernel Reads Configuration File /etc/system kernel Initializes itself and Load Modules
78
The kernel initialization Phase

Module subdirectories in /kernel drv = device drivers exec = Executable file formats fs = File system types, for example, ufs, nfs and proc misc = Miscellaneous modules (virtual swap) sched = scheduling classes (process execution scheduling) strmod = Stream modules (generalized connection between users and device driver) sys = System calls (defined interfaces for application to use) /kernel/drv contains all of the device drivers that are use system boot /usr/kernel/drv used for all other device drivers
79
Kernel and Modules Loaded In Memory
80
The /etc/system file can explicitly control The search path for default kernel modules to be loaded at boot time The root file system type and device The modules that are excluded from loading automatically at boot time The modules to be forcibly loaded a boot time, rather than a first access The new values to override the default
Starting Up Systems Run Control Scripts

/sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 and /sbin/rc6 /sbin/rcS who -r

82
Finding Run Level for System

Starting Up Systems Run Control Script

Form
S,K[0-9][a-z][A-Z]

S = Start script K = Stop script
S10webserver S20dbserver

/etc/rc3.d
S10webserver S20dbserver
83
Writing Run Control Script
84
Run Control Script

/etc/init.d

script1 script2 script3 K10xxxx /etc/init.d/script1 K20yyyy /etc/init.d/script2 S10xxxx /etc/init.d/script1 S20yyyy /etc/init.d/script2
/etc/rc1.d /etc/rc3.d
Run RC script $> /etc/init.d/script1 [start | stop] $> /etc/rc#.d/S10xxxx [start | stop] $> /etc/rc#.d/K10xxxx [start | stop]
85
Check hard links between 2 files
Inode #
Inode #
86
Run Control Script Initialize, Booting # /sbin/rc# /etc/rc#.d/* start # /sbin/rc3 /etc/rc3.d/K##xxxx start # /sbin/rc3 /etc/rc3.d/K##yyyy start # /sbin/rc3 /etc/rc3.d/K##zzzz start # /sbin/rc3 /etc/rc3.d/S##xxxx start # /sbin/rc3 /etc/rc3.d/S##yyyy start # /sbin/rc3 /etc/rc3.d/S##zzzz start
Step of starting up system Boot PROM check hardware (SPARC)

Intel x86 (BIOS)
Bootblk Kernel initialize system Init /sbin/rc# /etc/rc#
init
Start script /etc/init.d Scripts /sbin/rc# Scripts /etc/rc#.d/
88
Starting Up Systems Change Run Level

Become root / superuser # telinit [run level] (Recommend) # init [run level] shutdown y g [period] i [run level] [message] # shutdown y g 30 i 6 System will shutdown
Shutdown

89
Starting Up Systems
Booting Protocols

SPARC Platform (OpenBoot PROM)

bootblk ufsboot kernel init
IA Platform (PC BIOS)

mboot (Master Boot Record) pboot (Partition boot program) bootblk ufsboot kernel init
90
Starting Up Systems Booting System

Turn off system power because of power outage Change kernel parameters in /etc/system Perform system maintenance, backup or restore system data Repair system configuration file /etc/system Changing pseudo device parameters in /etc/system Add or remove hardware from system Boot kernel debugger to track down system problem
91
Starting Up Systems View Boot Message

/var/adm/messages halt d (save in swap file system) /tmp dumpadm (configure crash dump) savecore (/var/crash/hostname) SPARC IA
92
Crash Dump & Reboot system

Boot System for Recovery Purpose

Starting Up Systems Boot System for Recovery Purpose

Boot from Solaris 10 Installation CD SPARC

Press Stop-A ok> boot cdrom
IA
Screen selection mode

b s # mount /dev/dsk/c0d0s0 /a # cd /a/etc # vi passwd (in case of user recorvery) # vi shadow (in case of password recovery)
93
Starting Up Systems
Search text in file

grep search string filename # grep Aug 22 13:56 /var/adm/message # grep i Aug 22 13:56 /var/adm/message egrep # cat > filename
Type content Ctrl-C
Create file with zero byte

# touch filename # vi filename (save and exit)

94
Check boot configuration

# cd /usr/platform/i86pc # eeprom
95
Shutting down System Recommendation

/usr/sbin/shutdown /etc/telinit and /sbin/init
Not recommendation
/usr/sbin/halt /usr/sbin/reboot /usr/sbin/uadmin 2 0
96
97
Review Day1 Day1 Introduction to Solaris 10 System Concepts and Choosing Hardware Solaris 10 Installation Initialization, OpenBoot PROM, and Run Levels
98
99
Day 2 System Essentials Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling Process Management
Introducing the Solaris OE Directory Hierarchy Introducing / (root) Subdirectories
101
Important System Directories

/bin /dev

Symbolic link to /usr/bin (binary files of standard system command) Primary directory for logical device names - soft link point to device files in /devices
Dialup device - modem Block disk device Frame buffer device File descriptors (fd0=stdin, fd1=stdout, fd2=stderr) Logical volumn management metadisk devices Pseudo disk devices Raw disk devices Tape device Audio device Serial devices
/cua /dsk /fbs /fd /md /pts /rdsk /mnt /sound /term
/devices
Primary directory for physical device name

102

/etc

Host specific configuration file, database file
/acct Configuration info accounting /cron.d Configuration cron utility /default Default info for various program /inet Network services /init.d Script for changing between run levels /lib Dynamic linking libraries /lp Printer subsystem /mail mail subsystem (sendmail free) /nfs NFS server logging /opt Optional packages /rc#.d Script enter/leave specific run level number /skel Default shell initialization files for new user accounts
103

/export /home Default community shared file user account Default directory or mount point for users home directory when AutoFS is running /kernel Platform-independent loadable kernel modules /mnt Temporary mount point for file systems (mount /dev/dsk/cdrom /a) /opt Add-on application packages /platform Platform-dependent loadable kernel modules /sbin Essential executable files /tmp Temporary directory, cleaned when boot /usr Programs, applications, scripts
104

/usr

Contain program, scripts and libraries used by users
usr = UNIX System Resources /bin Standard system commands /ccs Compilation programs and libs /demo Demo program and data /dt Common Desktop Environment (CDE) software /includes Header files C program /java Java program and lib /kernel Platform-independent loadable kernel module that are not generally required /lib Various program lib, bin /opt Configuration file for program /sbin System command /spool Symbolic link to /var/spool directory
/var
Temporary, Logging, Status Files

105
Introducing File Components File Name Inode Number Data Blocks - Name of file - Owner, permission, size - Data
106
Identify File Types Regular files Directories Symbolic links Soft links Device files

Block-special device file Character-special device file
107
Regular Files / Directories
108
Symbolic Links
109
Device files Block/Character-special device files Block/Character-
110
Regular Files File1 Inode 1282 Data Block
111
Regular Files
112
Directories dir1 Inode 4221 Data Block

File1 = Inode 1282
113
Directories
114
Symbolic Links
115
Device Files
116
Device Files Example
117
Introducing Hard Links
118
Creating new Hard Links
119
Create and Remove - Soft and Hard Links Character-special devices = raw devices Block-special devices = block device # ln s file1 link1 soft link # ln file1 file2 hard link # ls l # ls li inum = 1282 # find . inum 1282 # rm file1
Comparison Soft Hard Link Soft Link

Differ inode # ln s file1 link1 rm file1, link2 cant use Files, Directories
Hard Link
Same inode # ln file1 file2 rm file1, file2 exists File only, same FS
** Size link1 = No of char path name number of link
121
122
Managing Local Disk Devices

Physical disk structure Components of a Disk
Data organization on disk platters

Disk Platter Component

Sector = 512 bytes (Disk Block) Track = Sector + Sector Cylinder = Track + Track
123
Data organization on disk platters - Sector
124
Data organization on disk platters - Track
125
Data organization on disk platters - Cylinder
126
Manage Disk Device

Disk Slices

Disk Division Disk Slices

Partitions on a disk Grouping of cylinders Slice0 Root system file (/ [root]) Slice1 Swap Slice2 Entire disk, Dont Touch Slice5 Optional software (/opt) Slice6 - /usr file system Slice7 User data files (/export/home)
127
Disk Division/Slices
128
Disk Slices
129
Disk Slice Naming Conventions
130
Disk Slice Name SCSI Configuration Small Computer System Interface = SCSI
Disk Number = Logical Unit Name (LUN)
131
Disk Slice Name IDE Configuration Integrated Drive Electronics (IDE)
132
Check Solaris Release # cat /etc/release
133
Introducing Solaris OE Device Naming Convent. Logical device names
134
Introducing Solaris OE Device Naming Convent. Physical device names - The /devices Directory structure
135
Introducing Solaris OE Device Naming Convent. Instance names

dadn (direct access device) Where n = 0 or 1,2,3 sdn (scsi disk) where n = 0 or 1,2,3 st (tape device)
136
Listing a System's Devices Listing a System's Devices

The /etc/path_to_inst file The prtconf command The format command
Check instance name prtconf = print configuration

# prtconf | more # prtconf | grep v not | more
Reconfiguring Devices
Reconfiguring Devices

Performing a reconfiguration boot Using the devfsadm command

# devfsadm
Performing a reconfiguration boot Create file /reconfigure (0 byte)

# touch /reconfigure # init 5
Cleanup that remove unreferenced # devfsadm C

Partitioning the Hard Disk
139
Partitioning the Hard Disk Wasted Space
140
Partitioning the Hard Disk Overlapping
141
Introducing disk partition table
142
Using the format command Partitioning a disk
143
144
145
146
147
148
149
150
151
152
Saving a partition table to the /etc/format.dat file
153
Using the customized partition table
154
Using the customized partition table

format > verify
155
Setting up Disk Slices

Slice
0 1 2 3 4 5 6 7 8 9
File system
root swap backup /opt /usr /export/home -
Description
Hold files and directories that make OS Provide virtual memory or swap space Refer to the entire disk, by format command Up to design Up to design Hold App software added to the system Hold OS command, run by users, document, system program Hold home folder from remote system Contain the boot slice info at the beginning of Solaris partition enable boot from HDD Provide area reserved for alternative disk block. Alternative sector slice.
Client/Server
Both Both Both Both Both Both Both Both Both Both
156
Partitioning the Hard Disk

VTOC = Volume table of content Reading a disk VTOC # prtvtoc /dev/rdsk/c1t0d0s2 # prtvtoc /dev/rdsk/c1t0d0s2 > /vtoc/c1t0d0 Populate / Update VTOC to harddisk # fmthard s /vtoc/c1t0d0 /dev/rdsk/c#t#d#s2 Caution: The fmthard command cannot write a disk label on the unlabeled disk. Use the format utility for this purpose
157
Format Partion Table

# newfs /dev/rdsk/c2t0d0s7 Automatic mount at boot # mkdir /export/software # gedit /etc/vfstab # init 6
/dev/dsk/c2t0d0s7 /dev/rdsk/c2t0d0s7 /export/software ufs yes 1 -
Check auto-mounting # df h # cd /export/software
158
Automatic mount at boot
Field fsck pass
= 1 Ensure sequential fsck checking = 2 Do not ensure sequential fsck checking
159
Adding new Harddisk

Mount on booting

Edit in file /etc/vfstab
160
161
Managing the Solaris OE File System Disk-based file systems

ufs hsfs pcfs udfs
= unix file system (Berkeley fast file system) = high sierra file system (CD-ROM) = PC file system (DOS, FAT32) = universal disk format file system (Optical storage DVD, CD-ROM)
162
Managing the Solaris OE File System

Distributed file systems

nfs = network file system, allows users to share file tmpfs = temporary file system (/tmp), created and destroyed every time the system is reboot swapfs = swap file system is used by kernel to manage swap space on disk fdfs = file descriptor file system /dev/fd/0, /dev/fd/1
#/dev/fd/0 = stdin = < 0< #/dev/fd/1 = stdout = > 1> #/dev/fd/2 = stderr 2> #/dev/fd/3 = file name
Pseudo file systems

procfs = process file system contains a list of active processes /proc such as #ps mntfs = mount file system provides read-only info from kernel
in
163
164
165
Create a New UFS file system

Disk label

VTOC The bootstrap program (bootblk) resides in the 15 disk sector (Sector 1-15), Only the / (root) file system has an active boot block. The number of data blocks The number of cylinder groups The size of a data block and fragment A description of the h/w, derived from the label The name of the mount point File system state flag: clean, stable, active, logging or unknown
166
Boot Block
Primary Superblock (Sector 16-31)


Backup Superblock (Sector 32)

The replication protects the critical data in the superblock The number of Inodes The number of data blocks in the cylinder group The number of directories Free blocks, free inodes, and free fragments in the cylinder group The free block map The used inode map
167
Cylinder group blocks


The ufs inode

The type of file and the access mode The UID and GID The size of the file The link count The time the file was last accessed and modified and the inode change The total number of data block used by or allocated to the file Two types of pointer direct pointers and indirect pointers
168
Inodes Twelve-8 bytes = 96 bytes
169
Data Block and fragmentation 1kbyte * 8 = 8196 bytes
170
Using the newfs command

# newfs /dev/rdsk/c1t3d0s0 Newfs: construct a new file system /dev/rdsk/c1t3d0s0 : (y/n)? Y This process also creates a lost+found directory for ufs file system, which is directory that is used by the file system check and repair (fsck command) utility (1-10% of disk space) # newfs m %free /dev/rdsk/c1t3d0s0 # newfs m 20 /dev/rdsk/c1t3d0s0 # fstype v /dev/rdsk/c0t0d0s0 | head -10 check % of lost+found dir. # tunefs m 1 /dev/rdsk/c1t3d0s0 Minimum percentage of free space change from 10% to 1%
Checking the File system by Using fsck command
172
Checking the File system by using fsck command Data Inconsistencies checked by fsck command
173
Checking the File system by Using fsck command Checking the File system # fsck y /dev/rdsk/c0t0d0s0 # fsck y /export/home mount point # fsck o f,p /dev/rdsk/c0t0d0s5 where f = forces a file system check state of regardless mark clean flag p = Check and fix file system
Caution: Never run the fsck command on a mounted file system, / (root), /usr and /var if need run on single mode (# init 0)
Checking the data consistency of File system # fsck /dev/rdsk/c0d1s0 Finding whether need to checking

/dev/rdsk/c0d1s0 /export/data # umount /export/data # fsck m /dev/rdsk/c0d1s0 If need, init S or s # fsck /dev/rdsk/c0d1s0 # man fsck
175
Become single user mode To use fsck command
176
Resolve File System Inconsistencies

Reconnecting an allocated unreferenced file Adjusting a link counter Salvaging the free list Using backup superblocks
Error Message: - Cannot mount file system name - Device name is not the fstype - Cannot mount /dev/dsk/c0t0d0s7 # fsck o b=32 /dev/rdsk/c1t3d0s0 # newfs N /dev/rdsk/c0t0d0s7 where N = To view the file system parameter that you use to create a new file system without
177
178
179
Monitoring File System Use Using the df command Using the du command Using the quot command Using the SMC usage tool
180
Monitoring File System Use - df

df display the number of free disk block
-a = report on all file system -b = print the total number of Kbytes free -e = print only the number of file -k = display disk allocation in Kbytes -h = acts like k (14K, 234M etc) -l = report on local file system only
# df k # df h
Monitoring File System Use - du

du display the number of disk block used by directory and file, each disk block consist of 512 bytes
-k display disk use in Kbytes -s display only the summary in 512 bytes block -a display the number of block used all files
# du k # du ak /opt # du sk /opt
Monitoring File System Use - quot quot display how much disk space in Kbytes, is being use by users
-a = report on all mountd file system -f = includes the number of files
# quot af # quot f /dev/dsk/c1t0d0s5
183
Monitoring File System Use - quot
184
Working with Mounting Fundamentals Virtual file system table: /etc/vfstab The /etc/vfstab file lists all the file system to be automatically mounted at system boot time, with the exception of the /etc/mnttab and /var/run file system # more /etc/vfstab # more /etc/mnttab
185
Clear passwd
# sync # init 0 Insert Solaris Installation CD ok> boot cdrom s # EDITOR=vi # TERM=sun # export EDITOR TERM # mount /dev/dsk/c0t0d0s0 /a # vi /a/etc/passwd # vi /a/etc/shadow # pwcov Stop+A = OK prompt
sync command NVRAM Unix boot from NVRAM
HDD
Export Global Assigned Variable # echo $TERM
Performing Mounts - options

# mount /dev/dsk/c0t0d0s7 /export/home read/write setuid intr/nointr = r/w are allowed on the file system = Permit the execution of setuid program in the file system = Allow and forbid keyboard interupts to kill a process that is waiting for an operation on locked file system nologging = indicate that logging is not enabled for the ufs file system largefile = allow for the creation of file larger than 2GB xattr = supports extended attributes not found in std unix noatime = Suppress the time-last-access modification on inodes onerror = action (panic, lock, mount) - panic = causes a forced system shutdown, this is the default - lock = applies a file system lock to the file system - umount = forcibly unmount the file system
187
Performing Mounts
Automatic read from /etc/vfstab # mount /export/home
# mount o ro /dev/dsk/c0t0d0s6 /usr # mount o ro,nosuid /dev/dsk/c0t0d0s7 /export/home # mount o noatime /dev/dsk/c0t0d0s7 /export/home # mount o nolargefile /dev/dsk/c0t0d0s7 /export/home # mount o logging /dev/dsk/c0t0d0s7 /export/home # mountall mount at /etc/vfstab file # mountall -l
Performing Mounts Mounting a new file system # mkdir /database # mount /dev/dsk/c1t4d0s0 /database # mount check to determine if the file system is mounted # vi /etc/vfstab add line entry for the new file system
/dev/dsk/c1t4d0s0 /dev/rdsk/c1t4d0s0 /database ufs 1 yes logging
189
File System Type

# cat /etc/default/fs (LOCAL=ufs) # cat /etc/dfs/fstypes the first line entry in fstypes determines the default remote file system type Using the fstyp command # fstyp /dev/rdsk/c0t0d0s7 Specifying a hsfs file system type # mount F hsfs o ro /dev/dsk/c0t6d0s0 /cdrom Specifying a pcfs file system type # mkdir /pcfs # mount F pcfs /dev/diskette /pcfs
Performing Unmount
# umount /export/home # umount /dev/dsk/c0t0d0s7 # umountall # umountall l Error Message Umount: file system name busy - A program is accessing a file or dir in file system - A user is accessing a file or dir - A program has a file open - The file is being share /etc/vfstab
191
Fuser Command
List all of the process that are accessing and kill them if necessary
# umount f command Force the umount of a file system # fuser cu mount_point # fuser ck mount_point Send SIGKILL to each process # fuser c mount_point # umount mount_point Using the umount f command # umount f mount_point
Repairing Important file if boot Fails

1. Insert Solaris Installation CD 2. Press Stop-A 3. ok boot cdrom s 4. # fsck /dev/rdsk/c0t0d0s0 5. # mount /dev/dsk/c0t0d0s0 /a 6. # TERM=sun 7. # EDITOR=vi 8. # export TERM EDITOR 9. # vi /a/etc/vfstab :wq! 10. # cd / 11. # umount /a 12. # init 6 (reboot)
Access Devices Accessing file system on a diskette /floppy/floppy0 # volcheck

If the vold daemon detects that the diskette contains a file system the vold daemon mount the device to the /floppy mount point If the vold daemon detects that the diskette does not contains a file system the vold daemon mount the device to the /vol/dev/aliases mount point
194
Directory Location
First diskette drive

/floppy/floppy0 /cdrom/cdrom0 /rmdisk/jaz0 /rmdrive/zip0 /pcmem0
First CD-ROM or DVD

First Jazz Drive

First Zip Drive

First PCMCIA

First USB/FlashDrive == /dev/???/uhci0

Directory Location
List the path for mounted device that do not contain file system

/vol/dev/aliases/floppy0, cdrom0, jaz0, zip0, pcmem0 /etc/vold.conf /etc/rmmount.conf

removable media mounter that is executed by the volume manager daemon
Volume Configuration file
Stopping Volume Management

# /etc/init.d/volmgt stop # /etc/init.d/volmgt start

196
Starting Volume Management
Troubleshooting vold problem If a CDROM fails to eject from the drive, as the root user attempt to stop volume management. If this is unsuccessful kill the vold daemon # /etc/init.d/volmgt stop # pkill -9 vold # /etc/init.d/volmgt start # eject cdrom
197
Review - Day 2 Introducing the Solaris OE Directory Hierarchy Managing Local Disk Devices Managing the Solaris OE File System Performing Mounts and Unmounts
198
199
Day 3
Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling Process Management System Security File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Kerberos and Pluggable Authentication
201
Performing Solaris OE Package Administration Introducing the Fundamentals of Package Administration

Software packages The /var/sadm/install/contents file
Freeware URL

http://sunfreeware.com
202
Performing Solaris OE Package Administration

Administering Packages From the Command Line Displaying information about installed software packages

Displaying information for all packages Displaying information for a specific package Displaying information for software packages
Adding a software package Checking a package installation Removing a software package Adding packages by using a spool directory Reviewing package administration
Package Installation
Web Start Wizard Insert CDROM package # cd /cdrom/cdrom0 # ./installer Select desire to install Command Line # pkginfo [Package Name] check if exist. # pkgrm [Package Name] remove package # pkgadd d [datastream, Path] [Package Name] install package
Package Installation Core Firewall

Hacker APP - FW OS H/W Scanport
Core
205
View the name of the cluster configuration
# grep METACLUSTER /var/sadm/system/admin/.clustertoc
Determine which cluster configuration has been installed on the system # cat /var/sadm/system/admin/CLUSTER
206
Solaris Product Registry # prodreg GUI - View software package installed in system - Add/Remove software package
207
The pkginfo Command

# pkginfo | more # pkginfo l | more # pkginfo l SUNWman # pkginfo | wc l How many packages are installed # pkginfo d /cdrom/cdrom0/Solaris_10/Packages | more # cd /cdrom/cdrom0/Solaris_10/Packages # ls l Check package name # pkgadd d . SUNWns6m add packages
The pkginfo Command
209
Check Package Installation Accuracy

# pkgchk SUNWns6m check packages # pkgchk v SUNWns6m # pkgchk p /etc/shadow To determine if the contents and attributes of a file have change since it was installed with its s/w package # pkgchk l p /usr/bin/showrev -l option list information about selected file that make up a package
211
212
The pkgadd / pkgrm Command

# cd /cdrom/cdrom0/Solaris_10/Packages # ls l Check package name # pkgadd d [path] [packageName] # pkgadd d . SUNWns6m add packages # pkginfo l | more # pkgrm SUNWns6m
remove a s/w package

213
Spooling Packages and Remove Packages

Adding Package by using a Spool Directory /var/spool/pkg
# pkgadd d /cdrom/cdrom0/Solaris_10/Packages s spool SUNWns6m
Transferring <SUNWns6m> package instance # ls -al /var/spool/pkg # pkgrm s spool SUNWns6m remove from spool
# pkgadd d /cdrom/cdrom0/Solaris_10/Packages s /export/pkg SUNWns6m # pkgrm s /export/pkg SUNWns6m

Workshop: Package Installation Enable FTP server Enable root access FTP server

Edit /etc/ftpd/ftpusers #root comment out
Transfer file

Open browser: ftp://192.168.9.57 Login FTP user/password Copy files to local host
215
Workshop: Package Installation Uncompress packages

# gunzip [package] # gunzip top-3.6-xxxx
Install package

# file filename check file type # pkgadd d [datastream, package] # pkgadd d top-3.6-xxxx
Following the steps of package installation
216
Workshop: Package Installation

Top Process Monitor Utility
217
Workshop: Package Installation

Top Process Monitor Utility
218
Enable root to remote login # gedit /etc/default/login

#CONSOLE=/dev/console
Comment out
Enable / Change Language localization locale
# gedit /etc/default/init LANG=C Default English POSIX ** Comment out others #LC_*
219
Transfer file from FTP server
220
Remote login via Xwindow Logout to login-screen Click Option Select Remote Login Select Host Name/IP address Select Choose from List
221
222
Managing Software Patches on the Solaris OE Preparing for Patch Administration Introducing Solaris OE patches

Type of Patches
Signed / Unsigned Digital Signature
Accessing patch documents
Checking patch levels Obtaining patches Preparing patches for installation

Patch contents
223
Managing Software Patches on the Solaris OE Installing and Removing Patches Installing a patch Removing a patch Installing patch clusters
224
Managing Software Patches on Solaris OE
http://sunsolve.sun.com Recommend Cluster Patch Checking Patch Levels # showrev p # patchadd p # ls /var/sadm/patch
Managing Software Patches on Solaris OE

Preparing Patches for installation # cd /var/tmp # /usr/bin/unzip 10500-01.zip Installing patches one by one # cd /var/tmp # patchadd 10500-01 Removing patches # patchrm 10500-01 Installing cluster patches # mkdir /tmp/cluster # cd /tmp/cluster # gunzip 10_x86_Recommended.zip # ./install_cluster
226
227
Live Upgrade Separate boot environment (BE) Install new OE files to alternative location System need to be rebooted only once If new boot environment fails, the old will take action System layout and configuration can be different from existing Allow to fine-tune the existing configuration
Live Upgrade
229
Live Update 1. Update patch of LiveUpgrade ** From Installation CD/DVD 2. Add HDD for new BE 3. Become to runlevel 1 (Single User Mode) # init 1 or # /etc/telinit 1 # lu Live Upgrade Application
231
Visual Display Editor (vi) 3 Modes Command Mode Edit Mode Last line Mode
Last line Mode Command Mode
a,i,o,A,I,O
:
Esc Auto switch Esc Edit Mode
:q = quit from vi :w = save to file :q! = force to quit (save?) :w! = force write (read only?)
232
TextText-Processing Utilities
Operation

> Redirects standard output to file >> Appends standard output to file < Redirects file contents to standard input << Appends file contents to standard input # echo This is Redirection 1 > /tmp/output.txt # echo This is Redirection 2 >> /tmp/output.txt # more < /tmp/output.txt # more << /tmp/output.txt
Man

# man man # cat filename.txt # head filename.txt # tail filename.txt
Cat / More / less Head Tail

233
TextText-Processing Utilities
Grep

# grep keyword filename.txt # echo Text > filename.txt # echo $PATH # sort filename.txt # sort filename.txt > filename-sort.txt # diff file1.txt file2.txt
234
Echo

Sort

Diff

235
Understanding Shells
236
Tasks Common to All Shells

Aliases Command-line editing Enhanceed cd. History list Ignore CTRL-D .profile .cshrc Job control Logout file Protection of file from overwriting (noclobber)
Changing Shells from command line # sh Bourne Shell # csh C Shell # ksh Korn Shell # bash Bourne Again Shell # zsh Z Shell Exit from Shells # exit
Unix Shell

Bourne Shell (/bin/sh - Default shell)

Unix
C Shell (/bin/csh)
Bourne Shell C-Programming
Korn Shell (/bin/ksh)

Bourne
C Shell
Bourne-Again Shell (/usr/bin/bash)

Incorporate both C and Korn Shell
239
Prompt Shell
Bourne Shell ($) C Shell (%) Korn Shell ($) Admin (#) Shell # /bin/sh # /usr/bin/bash # /bin/csh # /bin/ksh Shell # exit Shell
240
Shell Variables
Bourne/Korn HOME LOGNAME PS1 PATH PWD # set # env Shell Variables C Shell home user prompt path pwd Home Direcoty Userid/name Prompt Search Path Current Direcoty
# echo $variablename # echo $HOME # echo $PATH
241
Shell Variable
Bourne/Korn # PS1=MyPrompt> # PS1=MyPrompt> # PATH=$PATH:/usr/bin:/usr/java/bin Public # Variable=Value # export Variable # Variable=Value; export Variable # PS1=MyPrompt>; export PS1 # PATH =$PATH:/usr/bin:/usr/java/bin; export PATH C Shell %> set prompt=MyPrompt> %> set path=($path /usr/bin /usr/java/bin)
Bash Shell
Prompt PS1=\s-\v\$ bash-3.00# __ PS1=\u@\h<\w>$ root@host</tmp>$ __ \s = Shell name \v = Version \u = User id \h = Hostname \w = Working Directory
Bash Shell - Completion

Key Tab # bash bash# cd /e [tab] etc/ export/ bash# cd /ex [tab] bash# cd /export bash# pr [tab] pr prxxx pryyy
przzz
244
Bash Shell Session History Key Up / Down # history [enter] (List history command) # !no [enter] # !4 [enter]
245
Korn Shell - Completion # set o emacs # cd /ex [esc][esc] # cd /export # cd /t [esc][esc] # cd /tmp
246
Korn Shell Session History

Key Ctrl+P = Previous command Key Ctrl+N = Next command # history # r [No of command] # r 38
C Shell Session History

# csh % % set history=10 % history % ![No of command] % !11
Review Day 3 Installing Software, Live Upgrade, and Patching Text Processing and Editing Shells, Scripts, and Scheduling
249
250
Day 4

Process Management File System Access Control Role-Based Access Control Users, Groups, and the Sun Management Console Backup and Recovery Printer Management Basic Networking
251
Start / Stop process

# processname [&]

[&] is for running as background process CTRL-Z # bg # fg (For running as forground process # find / -name init print
CTRL-Z # bg
# processname

# find / -name init print &
# ps ef | grep processname # kill [process id] # pkill [processname]

Start / Stop process Show all SIGNALs # kill l Send SIGNAL to process # kill [-signal_name] pid # kill [-signal_number] pid # kill -1 728 Send SIGHUP to PID=728 # kill -HUP 728 Send SIGHUP to PID=728
Scheduler with Crontab

# man cron

/usr/sbin/cron
# man crontab # cd /var/spool/cron/crontabs

root username File cron.allow File cron.deny
# cd /etc/cron.d

254
Crontab
crontab [-u user] {-l|-r|-e} -u user -l -r -e cron User cron vi cron
Crontab e
255
crontab
Minutes Hours Day of month month Day of week job

Minutes Hours Day of month Month Day of week job 0-59 0-23
1-31 1-12 0-6 0
256
crontab e * * * * * /bin/echo "Do every 1 minute: `date` 0,30 * * * * /bin/echo "Do every half hour: `date` * 19 * * * /bin/echo "Do 1 hour since 19:00-19:59: `date` * * 22 * * /bin/echo "Do everytime in date 22: `date` * * * 3 * /bin/echo "Do everytime in March: `date` * * * * 4 /bin/echo "Do everytime in Friday: `date` 0 19 22 3 4 /bin/echo "Do once on Friday 22 March 19:00: `date` 257 crontab l
LAB: Cron vs At command

Edit file crontab # crontab -e

OR 30 11 * * * /tmp/echo.sh $> chmod +x /tmp/echo.sh
# vi /var/spool/cron/crontab/root # ps ef | grep cron # kill [cron pid] restart cron to read new crontab # date check time/date Execute /tmp/echo.sh /var/spool/cron/atjobs/[jobid] # at m 1141 at> /tmp/echo.sh CTRL-D
LAB: Crontab
10:10 25 Jan 2007 /tmp/echo.sh 10 10 25 01 04 /tmp/echo.sh 10 10 25 1 4 /tmp/echo.sh 10 10 25 1 * /tmp/echo.sh Run command every 3 hours * 0 * * * command * 3 * * * command * 6 * * * command * 9 * * * command * 12 * * * command * 15 * * * command * 18 * * * command * 21 * * * command
Mail client - mailbox # mail ? [enter] Show command for mail client Mailbox of sendmail # more /var/mail/[username]
260
261
Introducing to Solaris Management Console # smc & SMC Service # /etc/init.d/init.wbem status # /etc/init.d/init.wbem stop # /etc/init.d/init.wbem start ** Console / Terminal ** Slow loading
Introducing to Solaris Management Console
263
Introducing to Solaris Management Console
264
Solaris Management Console (SMC)

# smc & (background running) # smc (forground running)

Key Ctrl-Z Key bg Key fg
Find Disk space # df k (1K block) # df h (1K unit KB, MB,GB) Find Disk Usage # du k [pathname] (1k block) # du h [pathname] (1K unit KB, MB,GB)
Finding User Information # who r # finger #w
266
267
User Accounts and Groups
268
Tools for adding and admin user accounts # smc & # useradd # userdel # usermod Creating password for user # passwd username
269
Setting Up & Admin Groups # groupadd mygroup # groupadd mysale # groupadd mygroup2 Group Name <= 8 Chars Groupid automatic generate (gid=100) File /etc/group Group Modify group information # groupmod g [gid] n [newname] oldgroup
Adding User Accounts

# useradd d /export/home/user1 m g mygroup user1 # useradd d /export/home/user2 m g mysale user2 # useradd d /export/home/user3 m g mygroup2 user3
Check Home directory # cd /export/home # ls l Check File File /etc/passwd File /etc/shadow Change Password Login as root # passwd userid
Password 8 ( )
Password Password

p@ssw0rd
Password Password Password
272
Modify user information

# usermod u [uid] s [default shell] g [gid] user1
PATH Bash Shell # which bash # whereis bash

/usr/bin/bash
# usermod s /usr/bin/bash user1

Login user by su command

su Substitution User # su userid/username

Log File of SU /var/adm/sulog Configuration File of SU /etc/default/su
Environment/Profile User
# su - userid/username

Environment/Profile User
Environment/Profile user

Home directory .profile (Bourne) .bashrc (Bash Shell) .cshrc (C Shell) .kshrc (Korn Shell)
List / View Profile $> ls la /export/home/user1 $> more /export/home/user1/.profile

Login by using Login Screen (CDE/JDS) Start machine Popup Login screen Type

username: password:
275
Link Profile
Create Soft / Symbolic Link # ln s [source file] [destination file] # ln s [source dir] [destination dir] Link Files # ln s .profile .bashrc # ln s .profile myprofile Link Directory # ln s /usr/bin /bin Remove Link # rm linkname
Link Profile # ls -l

.bashrc .profile myprofile .profile
277
278
Rights and Roles
279
RBAC Databases Key concepts: sudo allow privileged role to be assigned to various users (has some limitation) RBAC Role-Based Access Control To define role for managing special tasks or set of tasks.
Roles Primary Administrator PA Assigns rights to other users and is responsible for security System Administrator SA Is responsible for day-to-day administration that is not security-related Operator Performs backups and device maintenance
Roles
282
Roles
283
Roles
284
Command to Manage RBAC
285
286
287
288
Administering Systems
289
Determine Hostid
Check HostId = HEX 8 Bytes # hostid # sysdef h 04990A1A # sysdef > /tmp/sysdef.txt Host Information # uname a # more /etc/release Display System Information # prtconf
How long a system has been up

Invoke by command # uptime Find system was booted # who b View system date / time # date Set system date / time # date mmddHHMMyy mm = Month (1-12) dd = Day of Month (1-31) HH = Hour (0-23) MM = Minute (0-59) yy = Year
291
Changing Timezone Edit in file /etc/TIMEZONE TZ=Asia/Bangkok The complete list of time zone variables /usr/share/lib/zoneinfo
292
293
File Systems, Backup and Recovery
294
Backup & Restore File System

Tape Device

/dev/rmt/0 Tape 1 /dev/rmt/1 Tape 2
Backup file system

# ufsdump 0cuf /dev/rmt/0 /dev/dsk/c0d0s0 # man ufsdump
Restore file system

# ufsrestore # man ufsrestore
Backup & Restore File System Backup Strategy

Full Backup Differential Backup Incremental Backup

MON TUE Full D I I WED Full D I THU Full D I FRI Full D Full Full Full
NORM DIFF INC
296
Incremental Backup Strategy
297
Using the ufsdump command
298
Backup & Restore File System /dev/dsk/c0d0s0 /dev/dsk/c0d1s0 /dbasefile /backup
# ufsdump 0a /backup/full.dat /dev/dsk/c0d0s0

/backup/full.dat
# ufsdump 0c /dev/rmt/0 /dev/dsk/c0d0s0
299
Backup & Restore File System List table of content # ufsrestore ta /backup/full.dat Extract data from backup device # ufsrestore ia /backup/full.dat ufsrestore> help ufsrestore> ls ufsrestore> add [filename] ufsrestore> extract
Backup & Restore File System

Disk Duplicate - backup full disk space # dd if=/dev/dsk/c0d0s2 of=/dev/dsk/c0d1s2 Create tar file # cd / # tar cvf /export/data/full.tar ./etc Extract tar file # cd /export/extract # tar xvf /export/data/full.tar [.] # compress f full.tar

full.tar.Z $> uncompress full.tar.Z tar xvf full.tar

301
Backup & Restore File System Creating tar/gzip format # tar cvf - ./etc | gzip - > /export/data/full.tgz Extracting tar/gzip format # gunzip full.tgz tar xvf full.tar OR # gzcat /export/data/full.tgz | tar xvf -
302
Quota Manager
303
Webmin and Quota Manager
304
Syslog
305
Webmin and Syslog
306
307
308
Printing Service
309
Introducing Network Printing Fundamentals
310
Locating the destination printer

lp / lpr
1. 2. 3. 4. 5. Option command line PRINTER, LPDEST $HOME/.printers /etc/printers.conf Name service (NIS,NIS+,LDAP) 6. No printer
311
Introducing the local print process
312
Introducing the remote print process
313
Printer Manager # /usr/sadm/admin/bin/printmgr &

Name service = File Click Menu Printer

Add Attached Printer Add Network Printer
Attached Printer
# lpadmin # lpq
Network Printer
314
Setting Print Server Printer Name Server Name Network printer access name IP address for the printer Protocol (TCP)
315
Setting Print Server

Login as root # lpadmin p HPLJ4050 v /dev/null # accept HPLJ4050 # enable HPLJ4050 # lpstat p HPLJ4050 # lpstat p HPLJ4050 l For more Infomation Printing # lp d HPLJ4050 n 1 filename Cancelling Printing # lpstat p HPLJ4050 Find request-id # cancel [request-id]
317
Network Services & Remote Access
318
Internet
319
Internet
60
320
Internet
321

Internet Activity Board IAB RFC
Engineering Task Force
http://www.iab.org
Research Task Force
IRTF IETF
IRSGIRSG IRSG IRSG

Research Steering Group
IESGIESGIESG IESG
Engineer Steering Group
322
www.iana.org Internet Assign Name Authority Whois > IP address Name space IANA
AfriNIC
APNIC
ARIN 199.xx
RIPE 201.xx
LACNIC
JP
TH
SG
202.xx 203.xx

ICANN
www.icann.org Whois : Name space

www.internic.net
Internic GTLD Registrar
CCTLD .th
www.thnic.net
.jp
.com
.net
.gov
324
Root Server (.)

IANA
AFNIC a. b.
APNIC c. d. e.
ARIN f. g. h.
RIPE i. j. k.
LACNIC l. m.
DNS ICANN Root hint > a.root,b.root,c a.root


325
Root Server ( ) )
. S1 DNS Server .com S3 Delegated DNS abc.com Forwarder xyz.com S2
Root hint S1 S4 Delegated DNS S2

Delegated DNS S5
326
327
Simple Network
328
Class of IP Addresses
329
OSI vs TCP/IP Model
330
The banner command
331
Solaris 10 Network Installation

Multiple IP address in One NIC

Interface name (pcn0,pcn1,) Sub interface (pcn0:0, pcn0:1, pcn0:2) Create file hostname.pcn0:0 hostname.pcn0:1 hostname.pcn0:2 Create file /etc/hostname.pcn0 /etc/hostname.pcn1 /etc/hostname.pcn2 /etc/hosts 192.168.1.1 hostname0 192.168.1.2 hostname1 192.168.1.3 hsotname2
Multi-Home (NICs)
332
Configure Host and IP address w/ Multi-IP Multi# cd /etc # vi hosts

IP address1 hostname1 IP address2 hostname2 IP address3 hostname3 hostname.pcn0:1 hostname1 hostname.pcn0:2 hostname2 hostname.pcn0:3 hostname3
333
/etc/hostname.[interface]:[1-99]

Configure Host and IP address w/ Multi-NICs Multi# touch /reconfigure # init 5 Install Network Cards Power On # cd /etc # vi hosts

IP address0 hostname0 IP address1 hostname1 IP address2 hostname2 hostname.pcn0 hostname0 hostname.pcn1 hostname1 hostname.pcn2 hostname2
/etc/hostname.[interface]
334
Network Setting Up Define IP address [Static IP]

Edit /etc/hosts
192.168.1.200 suwit001 suwit001
Edit /etc/hostname.pcn0 Edit /etc/nodename

suwit001
DHCP Client
# /sbin/dhcpagent
Request Network Information from DHCP Server
Checking Network Setup

# ifconfig a

Check ip address Check routing table (Look for line default) nameserver 202.xx.yy.zz Check nameserver (DNS)
# netstat rn netstat r n # more /etc/resolv.conf # more /etc/defaultrouter [Static ip] Manually add routing table # route add default [gateway ip]
# route add default 192.168.1.1
Network Setting with Multiple NICs

File /etc/rc3.d/S69staticroute route add [networkid] [gateway ip] 192.168. 192.168.9.0 / 24 203.151.100. 203.151.100.1
pcn0 .10
pcn1 .10
192.168. 192.168.1.1
203.151.100. 203.151.100.0 / 24 Route add [NetworkID] [Gateway IP] # route add 0.0.0.0 203.151.100.1 # route add default 203.151.100.1
192.168. 192.168.1.0 / 24 Route add [NetworkID] [Gateway IP] # route add 192.168.9.0 192.168.1.1 # route add 192.168.9.9 192.168.1.1
337
Checking Packet from Network

# snoop # snoop o /tmp/packet.txt Capture to file # snoop d pcn1 # snoop | grep hostname1[192.168.1.190] Other tools # ethereal & # nmap Read from captured file # snoop i /tmp/packet.txt
Check which Port binding by Process

http://www.sunfreeware.com
# /usr/local/bin/lsof l | grep TCP | more
Process name Binding Port
Get file lsof.4.74*local.gz # gunzip lsof4.74.gz # lsof4.74*local # pkgadd d lsof*local
/usr/local/bin /usr/local/man
# man M /usr/local/man lsof

Solaris Router
Internet 192.168.1.1
Static Route
192.168.1.3 Routing table
Route add 0.0.0.0 gw 192.168.1.1 Route add 192.168.2.0 gw 192.168.1.2
192.168.9.1
Route Routing table
192.168.1.2
192.168.2.0
340
341
NFS
Data share
NFS Server
Computer
/mnt/data /mnt/public
/data /public /home
Computer
/mnt/data /mnt/public 342
NFS (Network File System)

Server Login as root $> ps ef | grep nfsd $> mkdir /export/share $> share F nfs o rw /export/share

/etc/init.d/nfs.server start
$> share $> dfshares
Check sharing Check sharing
Client $> mkdir /export/share $> mount F nfs hostname:/export/share /export/share $> mount Check mounting $> df Check mounting
NFS (Network File System) - /etc/dfs/dfstab
344
NFS (Network File System) Client # umount /export/share/xxx Server # unshare /export/share # /etc/init.d/nfs.server stop
345
DNS History
30 Internet 500 192.168.1.55 local.domain IP 192.168.1.56 r1.domain SRI-NIC >> Hosts Change
192.168.1.55 local.domain 192.168.1.56 r1.domain
346
BIND
Root >> Delegate
202.44.33.11 www.abc.com 202.44.33.11 s1.abc.com Change
192.168.1.55 local.domain 192.168.1.56 r1.domain
347
Webmin and DNS
348
SSH
349
Webmin and SSH
350
351
Review Day 4

Process Management File System Access Control Role-Based Access Control Users, Groups, and the Solaris Management Console Backup and Recovery Printer Management Basic Networking Network File System and Caching File System
352
353
Day 5

Basic Networking Webmin Administrator Tools (Solaris, Linux) Network Information Service (NIS/NIS+) Domain Name Service Lightweight Directory Access Protocol (LDAP) Sendmail Samba Application Development and Debugging Web Applications and Services DHCP and NTP Routing and Firewalls Remote Access Internet Layer (IPv6)
354
Webmin Installation
Components Webmin Server

web server: bind port 10000 Web browser IE, Netscape,Firefox,Opera
Webmin Client Installation Get package from http://www.webmin.com File webmin-1.310.tar.gz # cd /usr/local # gzcat /xxx/webmin-1.310.tar.gz | tar xvf # cd /usr/local/webmin-1.310 # ./setup.sh
Webmin Installation
* Default answer Enter * User: admin * Password: xxxx * Start webmin at boot: y/n Start & Stop Webmin Server # /etc/init.d/webmin [start | stop] Client Access - Windows XP: Open IE - Solaris: Open Browser http://192.168.9.130:10000
356
Webmin Installation
Client Access http 10000 http://webminserver1:10000 https Install Perl SSLeay package https://webminserver1:10443
357
Authentication
Authentication Server NAS RADIUS Active Directory LDAP TACACS Single Sign On (SSO) NAS
File Server File Server File Server
NAS
358
Name Services - Solaris NIS / NIS+

Network Information Service (Server) Domain Name Service (Server) Lightweight Directory Access Protocol (X.500) vs MS ActiveDirectory (X.500)
DNS

LDAP

359
NIS Setting up NIS Server # svcadm enable network/nis/server # svcs network/nis/server # domainname training.net File /etc/defaultdomain training.net # ypinit m # ypstart
360
Service Administration
361
Output
362
NIS Slave NIS Master passwd group hosts YP DB ipnode user1 192.168.9.1 192.168.9.2 192.168.9.3 192.168.9.4 192.168.9.5 192.168.9.6 w1 w2 w3 w4 w5 s1
YP DB
user1
NIS Client
363
NIS Setting up NIS Client # domainname training.net # ypinit c # ypstart Edit file /etc/nsswitch.conf

passwd: nis file hosts: nis dns file

364
365
Service Ports (TCP / UDP) Service: 1-65535 Server Service: 1-1023 Client/App Service: 1024 65535 Check current service ports # netstat an | more
366
R* command
Telnet
Rlogin
SSH
Remote Login
Desktop Manager
Click Remote Login Click Choose from list
Terminal Remote Login

# rlogin hostname [ip address of remote system] # telnet hostname [ip address] service port = 23 # exit logout from remote host
Root for remote login

Edit file /etc/default/login Comment line #CONSOLE=.
Remote Login Remote host must be configured # /etc/hosts.equiv # $HOME/.rhosts hostname username 192.168.9.196 root,user1,user2 + All hosts, users
369
Remote command # rlogin l user1 192.168.9.130 # rup 192.168.9.130 # rsh l user1 192.168.9.130 prstat
# rcp user1@192.168.9.130:/etc/passwd /tmp/passwd # rcp /tmp/passwd user1@192.168.9.130:/etc/passwd
Check remote system how long be up # rup hostname [ip address] Check remote system alive # ping hostname [ip address] # ping s hostname (infinity loop - Solaris) # ping t hostname (infinity loop - Windows)
371
FTP Server (ftpd) (ftpd)

FTP Server
20 Data 21 Control
FTP Client
Computer
/var/ftp/pub
372
FTP File Transfer Protocol

# cd /etc/ftpd # ftp hostname [ip address]
Login / password
ftp> help ftp> get [filename] download ftp> mget [filename *.*] multiple get ftp> put [filename] upload ftp> mput [filename *.*] multiple put ftp> binary Binary file (exe, jpg, gif) ftp> ascii Text file (txt) ftp> prompt Toggle interactive mode ftp> hash Show Progress print # ftp> quit / bye
373
Webmin and ftpd
374
375
What is apache?
Apache Web Server Internet Solaris apache
376
What is HTTP?
.php .asp .idc .etc httpServer - Apache Tcp 80
.htm, .html
Computer
httpClient url IE, Netscape, Opera Firefox, Mozilla
377
Solaris Web Server (Apache)

Start script file

/etc/rc3.d/S50apache [start|stop]
Configuration file
# cp /etc/apache/httpd.conf-example httpd.conf # /etc/rc3.d/S50apache start
Check http running

# ps ef | grep httpd
Web Browser

IE, Webbrowser http://[hostname, ip address][:80]

378
Configuration file - /etc/apache/httpd.conf Web page location
379
Webmin and apache configuration
380
Webmin and apache configuration
381
382
Solaris IP Filter Firewall http://www.muine.org/~hoang/solnat.html Lock down the box Setup network interfaces in the Solaris box Enable packet forwarding, dhcp, firewall and network address translation Configure machines behind NAT Familiarize with IPFilter IPsec Reference
384
What is SAMBA?
Microsoft Networking UNIX
385
Samba
137-139
Linux
Windows NT/XP/2000/2003 My Network Places
SAMBA Configuration SMB Server Message Box (Microsoft) Script file location
# /etc/rc3.d/S90samba [start|stop]
Create configuration file

# cp /etc/sfw/smb.conf-example smb.conf # /etc/rc3.d/S90samba start
Creating SAMBA user

Convert Unix user to SAMBA user

Webmin Interface # /usr/sfw/bin/smbpasswd
This form allows you to synchronize the Unix and Samba user list. When Samba is using encrypted passwords, a separate list of users and passwords is used instead of the system user list. The list of users not to convert can contain usernames, UIDs, group names prefixed with an @, or UID ranges like 500-1000 or 500Change UID greater than 1000 # usermod u 1001 user1
388
Webmin and Samba
389
390
DNS Setting
Map DomainName IP address Components DNS Server

Zone Domain name Record (MX Mail Server, NS Name Server, A ServerIP) Configuration file /etc/named.conf
DNS Client

# nslookup www.webmin.com
66.35.250.210
391
DNS Operation
www.google.com www.google.com 66.xxx.xxx.xx 66.xxx.xxx.xx
66.xxx.xxx.xx
http://www.google.com
392
Create Master Zone

Create master zone: training.net /etc/training.net.hosts

NS Record
192.168.9.130
A Record
serverA 192.168.9.149
DNS Client # nslookup

> server 192.168.9.130 > serverA.training.net > 192.168.9.149
DHCP Setting Automatic IP setting DHCP Server DHCP Client

# ifconfig a ethers: 00:00:00:00:00:00 IP: 192.168.9.10 MAC: MAC1 Lease Time DHCP Dynamic Host Configuration Protocol Port: 67 and 68 IP Range 192.168.9.10-200
IP: ? MAC: MAC1
MAC1
MAC2
MAC3
MAC4
394
DHCP Setting Automatic IP setting DHCP Server # /usr/sbin/dhcpd Configuration file /etc/dhcpd.conf Location /etc/dhcp/*.* DHCP Client # dhcpagent DHCP Client # /etc/dhcp.[interfaceName] # /etc/dhcp.pcn0
Tuning & Recognizing File Access Problems
396
E-mail
wichai@lumplang.com 2
DNS: MX 3
SMTP
lumplang.com 5
SMTP POP3/IMAP4 1 MIME wichai khajorn wichai@lumplang.com
khajorn@domain00.com >> wichai@lumplang.com
397
Recognize Problem with Search Paths

Problem: Command not found / No such file or directory # echo $PATH
Borne/Korn Shell

PATH=$PATH:/sbin:/opt/sfw/bin:. export PATH # . [.profile] Full Path of profile
C Shell setenv path ( $path /sbin /opt/sfw/bin . ) %> source [.cshrc] Full Path of profile
# which [command] # whereis [command]

Show fullpath of command

398
Recognize Problem with Permission, Ownership Change permission of file for execution

Create Shell script # chmod [nnn] [shell script]

nnn = 755 rwxr-xr-x
# chmod +x [shell script]
Change ownership of file/directory

# chown [userid]:[groupid] [file, directory] # chown R [userid]:[groupid] [file, directory] -R = Recursive changes
400
New Features Enhancement in Solaris 10
401
Solaris Zone Partitioning Technology Create virtual OE (Operating Environment) Zone

Separate file system, device, network, resource, security
402
Zone configuration
403
Zone configuration
404
405
Wrapping up Session Further information

www.sun.com www.bigadmin.com www.sunfreeware.com sunsolve.sun.com docs.sun.com
Main web site Discussions/Forums Free Software Updates & Patches Documents
406
Thank You
407

UNIX Solaris System &amp; Network Administrator

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

UNIX Solaris System &amp; Network Administrator

Загружено:

Авторское право:

Доступные форматы

Course UNIX Solaris System & Network Administrator

Instructor: Suwit Saiphan :

Training Professional Center

Introduction Course Introduction Instructor & Trainer Assistance Attendees / Trainees

Course Goals and Contents

Training Professional Center

Instructor & Trainer Assistance Suwit Saiphan

Attendees / Trainees First-Last Name Responsibilities Expectations

Training Professional Center

Training Professional Center

Unix System Administrator (Solaris)

Training Professional Center

Training Professional Center

Day 2 System Essentials

Training Professional Center

Training Professional Center

Day 3,4 Managing Devices

Training Professional Center

Training Professional Center

Day 5 Services, Directories, and Applications

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Training Professional Center

Write Once Run Anywhere SPARC and Intel

Promote free version of Solaris

Training Professional Center

scalability, availability, security, integrity and manageability

Clustering Grids, Zones, and Resource Management Volume Management

RAID 0,1,5 and Mirror, Strip

Live Upgrade System Management

Training Professional Center

SPARC and IA System Admin Difference

Command Option at PROM

Training Professional Center

SPARC and IA System Admin Difference

Training Professional Center

SPARC and IA System Admin Difference

SCSI and IDE

Disk slice and partition

Max. 8 slices (0-7)

3.5-inch diskette drive

Training Professional Center

Solaris System Software Evolution

Training Professional Center

Solaris System Software Evolution

Training Professional Center

Solaris System Software Evolution

Solaris 10 (SunOS 5.10)

Training Professional Center

Training Professional Center

Server Preparation Enable 2 Solaris systems (By VMWare)

Training Professional Center

Desktop Resolution Setting

Training Professional Center

Server Preparation Define IP address and Hostname

Open Text Editor # gedit vi command # vi

ESC Key ESC+i Key ESC+a ESC :q! , ZZ ESC :wq!

Exit vi Save text

Training Professional Center

Solve warning loghost File /etc/inet/ipnodes File /etc/inet/hosts /etc/hosts

Training Professional Center

UNIX Solaris System & Network Administrator

UNIX Solaris System & Network Administrator