OpenSolaris: Difference between revisions
(→ZFS) |
(→ZFS) |
||
Line 87: | Line 87: | ||
To export over NFS: |
To export over NFS: |
||
⚫ | |||
TODO: this doesn't work |
|||
⚫ | |||
ACCESS_LIST may be as a colon-separated list of any of the following: |
|||
* hostname (e.g. glucose-fructose.csclub.uwaterloo.ca) |
|||
* netgroup |
|||
* domain name suffix (e.g. .csclub.uwaterloo.ca) |
|||
* network (e.g. @129.97.134.0/24 |
|||
A minus sign (-) may prefix one of the above to indicate that access is to be denied. |
|||
Snapshots are viewable at /users/dtbartle/.zfs/snapshot/ |
Snapshots are viewable at /users/dtbartle/.zfs/snapshot/ |
Revision as of 03:35, 26 January 2008
Solaris is drugs; avoid it at all cost.
pkg-get
pkgadd -d http://www.blastwave.org/pkg_get.pkg
/opt/csw/bin/pkg-get -i gnupg vim
PATH
Near the top of /etc/profile, add:
if [ "`id | cut -d= -f2 | cut -d\( -f1`" -eq 0 ]; then PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin" else PATH="/usr/local/bin:/usr/bin:/bin:/usr/sfw/bin" fi
Build Tools
You need to insert the Solaris 10 DVD; it should get auto-mounted in /cdrom/sol*. Then ls to /cdrom/sol*/Solaris\ 10/Products and install some packages:
pkgadd -d . SUNWgcc SUNWbinutils SUNWgmake
LDAP
Build openldap:
./configure --disable-slapd --prefix=/usr/local --sysconfdir=/etc/ldap make depend; make; make install
Build nss_ldap:
CFLAGS=-I/usr/local/include LDFLAGS=-L/usr/local/lib\ -R/usr/local/lib \ ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/usr/local * In config.h, change '#define HAVE_SASL_SASL_H 1' to '#undef HAVE_SASL_SASL_H'. * In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...'. make; make install
Install nss_ldap.so:
rm /usr/lib/nss_ldap.so.1 ln -s /usr/local/lib/nss_ldap.so /usr/lib/nss_ldap.so.1
Copy the following from caffeine:
/etc/ldap/ldap.conf /etc/ldap/uw-ca.pem /etc/libnss-ldap.conf
Kerberos
scp caffeine:/etc/krb5.conf /etc/krb5/krb5.conf
In /etc/pam.conf, after
other auth required pam_unix_cred.so.1
add
other auth sufficient pam_krb5.so.1
You might want to also do this for 'login'.
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host.
sudo
The sudo in blastwave/csw does not inclue the '--secure-path' configure option. This means that commands such as 'sudo mount' will result in 'command not found' errors, as is not in the callee's path. You can build sudo from source:
CFLAGS=-I/usr/local/include LDFLAGS=-L/usr/local/lib\ -R/usr/local/lib ./configure --prefix=/usr/local \ --with-secure-path=/opt/csw/sbin:/opt/csw/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth --with-env-editor \ --with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \ --with-ldap --with-ldap-conf-file=/etc/ldap/ldap.conf make; make install
ZFS
When you add new disks you need to have Solaris rescan for disks. You can do this by adding '-r' as a kernel option (via grub).
You can view a list of disks by typing
format
To create a mirrored "zpool" (basically lvm/mdadm/fs all rolled into one):
zpool create users mirror c2t0d0 c2t1d0
This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0.
To create datasets (basically mountpoints within a zpool):
zpool create users/dtbartle
Quota can be managed via 'zfs get' and 'zfs set'. To query quota:
zfs get quota
To set quota for a user:
zfs set quota=2G users/dtbartle
To export over NFS:
zfs set sharenfs="sec=sys,rw=$ACCESS_LIST" users
ACCESS_LIST may be as a colon-separated list of any of the following:
- hostname (e.g. glucose-fructose.csclub.uwaterloo.ca)
- netgroup
- domain name suffix (e.g. .csclub.uwaterloo.ca)
- network (e.g. @129.97.134.0/24
A minus sign (-) may prefix one of the above to indicate that access is to be denied.
Snapshots are viewable at /users/dtbartle/.zfs/snapshot/
SNMP
An SNMP daemon can be enabled via:
svcadm enable sma
It can be configured via /etc/snmpd/conf/snmpd.conf
External Links
https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 http://ashtech.net/~syntax/blog/archives/50-Solaris-10-Partitioning,-RAID,-and-ZFS.html