OpenSolaris: Difference between revisions
(→sudo) |
(→sudo) |
||
Line 54: | Line 54: | ||
The sudo in blastwave/csw does not inclue the '--secure-path' configure option. This means that commands such as 'sudo mount' will result in 'command not found' errors, as is not in the callee's path. Here's the suggested configure script for building sudo from source; |
The sudo in blastwave/csw does not inclue the '--secure-path' configure option. This means that commands such as 'sudo mount' will result in 'command not found' errors, as is not in the callee's path. Here's the suggested configure script for building sudo from source; |
||
./configure --prefix=/usr --with-secure-path=/opt/csw/sbin://usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ |
./configure --prefix=/usr --with-secure-path=/opt/csw/sbin:/opt/csw/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ |
||
--with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth --with-env-editor \ |
--with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth --with-env-editor \ |
||
--with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \ |
--with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail --with-ldap \ |
||
--with-ldap-conf-file=/etc/ldap/ldap.conf |
|||
== ZFS == |
== ZFS == |
Revision as of 00:45, 26 January 2008
Solaris is drugs; avoid it at all cost.
pkg-get
pkgadd -d http://www.blastwave.org/pkg_get.pkg
/opt/csw/bin/pkg-get -i gnupg vim
PATH
export PATH=/opt/csw/bin:/usr/sfw/bin:$PATH
Build Tools
You need to insert the Solaris 10 DVD; it should get auto-mounted in /cdrom/sol*. Then ls to /cdrom/sol*/Solaris\ 10/Products and install some packages:
pkgadd -d . SUNWgcc SUNWbinutils SUNWgmake
LDAP
Build openldap:
./configure --disable-slapd --prefix=/opt/csc/openldap --sysconfdir=/etc/ldap make depend; make; make install
Build nss_ldap:
CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib \ ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/csc/nss_ldap
Comment out the '#define HAVE_SASL_SASL_H' line in config.h.
In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...'.
make; make install
Install nss_ldap.so:
rm /usr/lib/nss_ldap.so.1 ln -s /opt/csc/nss_ldap/lib/nss_ldap.so /usr/lib/nss_ldap.so.1
Modify /etc/nsswitch.conf to use ldap and then install libnss-ldap.conf and ldap.conf:
scp caffeine:/etc/ldap/ldap.conf /etc/ldap/ldap.conf scp caffeine:/etc/libnss-ldap.conf /etc/libnss-ldap.conf
Kerberos
scp caffeine:/etc/krb5.conf /etc/krb5/krb5.conf
In /etc/pam.conf, after
other auth required pam_unix_cred.so.1
add
other auth sufficient pam_krb5.so.1
You might want to also do this for 'login'.
You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host.
sudo
The sudo in blastwave/csw does not inclue the '--secure-path' configure option. This means that commands such as 'sudo mount' will result in 'command not found' errors, as is not in the callee's path. Here's the suggested configure script for building sudo from source;
./configure --prefix=/usr --with-secure-path=/opt/csw/sbin:/opt/csw/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth --with-env-editor \ --with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail --with-ldap \ --with-ldap-conf-file=/etc/ldap/ldap.conf
ZFS
When you add new disks you need to have Solaris rescan for disks. You can do this by adding '-r' as a kernel option (via grub).
You can view a list of disks by typing
format
To create a mirrored "zpool" (basically lvm/mdadm/fs all rolled into one):
zpool create users mirror c2t0d0 c2t1d0
This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0.
To create datasets (basically mountpoints within a zpool):
zpool create users/dtbartle
Quota can be managed via 'zfs get' and 'zfs set'. To query quota:
zfs get quota
To set quota for a user:
zfs set quota=2G users/dtbartle
To export over NFS:
zfs set sharenfs="sec=sys,rw=caffeine,suagr,..." users
Snapshots are viewable at /users/dtbartle/.zfs/snapshot/
SNMP
An SNMP daemon can be enabled via:
svcadm enable sma
It can be configured via /etc/snmpd/conf/snmpd.conf
External Links
https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 http://ashtech.net/~syntax/blog/archives/50-Solaris-10-Partitioning,-RAID,-and-ZFS.html