OpenSolaris: Difference between revisions
m (added to Software category) |
|||
(118 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Networking == |
|||
Solaris is drugs; avoid it at all cost. |
|||
Create /etc/defaultroute with contents: |
|||
== Solaris 10 Packages == |
|||
129.97.134.1 |
|||
Modify /etc/netmasks and add to the end: |
|||
129.97.134.1 255.255.255.0 |
|||
Create /etc/hostname.e1000g0 (where e1000g0 is the interface name): |
|||
ginseng |
|||
Modify /etc/hosts so that it contains at least the following: |
|||
127.0.0.1 localhost loghost |
|||
129.97.134.89 ginseng.csclub.uwaterloo.ca ginseng |
|||
Run the following: |
|||
svcadm enable physical:default |
|||
/lib/svc/methods/net-physical:default |
|||
== OpenSolaris Packages == |
|||
If you choose to only install "core" packages, make sure you also select "GNU wget" and "Volume Manager". You can then install additional packages later from the Solaris 10 DVD. To do so, insert the DVD and it should get auto-mounted in /cdrom/sol*. Then ls to /cdrom/sol*/Solaris\ 10/Products and install packages: |
|||
pkgadd -d . PKGNAME |
|||
You should install the patch manager and update manager: |
|||
pkgadd -d . SUNWctpls SUNWmfrun SUNWj3rt SUNWccccrr SUNWccccr SUNWccsign SUNWppror SUNWpprou SUNWj5rt \ |
|||
SUNWcacaort SUNWscn-base-r SUNWscn-base SUNWsamr SUNWsam SUNWscnprmr SUNWscnprm SUNWscnsom SUNWsensor SUNWbrg \ |
|||
SUNWzoner SUNWpoolr SUNWpool SUNWadmfr SUNWadmfw SUNWlucfg SUNWlur SUNWluu SUNWluzone SUNWzoneu \ |
|||
SUNWccfw SUNWcctpx SUNWccfw SUNWccinv SUNWcsmauth SUNWupdatemgru SUNWupdatemgrr |
|||
You should install the following build-related packages: |
You should install the following build-related packages: |
||
pkg install SUNWarc SUNWsfwhea SUNWhea SUNWtoo |
|||
pkgadd -d . SUNWdoc SUNWman SUNWarc SUNsfwhea SUNhea |
|||
If you want ssh: |
|||
If you want gcc and Sun Studio: |
|||
pkgadd -d . SUNWsshc SUNWsshr SUNWsshu SUNWsshdr SUNWsshdu |
|||
pkg install gcc-dev sunstudio |
|||
If you want X applications to work: |
|||
pkadd -d . SUNWxwfnt SUNWxwice SUNWxwrtl SUNWxwplr SUNWxwplt |
|||
If wyou want the SNMP daemon: |
|||
pkgadd -d . SUNWsmagt SUNWsmmgr |
|||
sudo svccfg import /var/svc/manifest/application/management/sma.xml |
|||
== Blastwave/CSW Packages == |
== Blastwave/CSW Packages == |
||
Line 24: | Line 30: | ||
Install pkg-get: |
Install pkg-get: |
||
pkgadd -d http://www.blastwave.org/pkg_get.pkg |
pkgadd -d http://www.blastwave.org/pkg_get.pkg |
||
* In /opt/csw/ |
* In /opt/csw/etc/pkg-get.conf, set the primary url to http://mirror.csclub.uwaterloo.ca/blastwave/unstable. |
||
Install various packages: |
Install various packages: |
||
/opt/csw/bin/pkg-get -i gnupg screen |
/opt/csw/bin/pkg-get -i gnupg screen bash_completion bison gawk gsed puppet top iftop wireshark |
||
sasl_gssapi ntp nrpe gcc3core gcc3g++ gmake puppet wget top iftop wireshark |
|||
We want certain config files to be in /etc, rather than /opt/csw: |
We want certain config files to be in /etc, rather than /opt/csw: |
||
rm -f /opt/csw/etc/openldap/ldap.conf && ln -s /etc/ldap/ldap.conf /opt/csw/etc/openldap/ldap.conf |
rm -f /opt/csw/etc/openldap/ldap.conf && ln -s /etc/ldap/ldap.conf /opt/csw/etc/openldap/ldap.conf |
||
rm -f /etc/krb5.conf && ln -s /etc |
rm -f /etc/krb5/krb5.conf && ln -s /etc/krb5.conf /etc/krb5/krb5.conf |
||
rm -f /etc/krb5.keytab && ln -s /etc |
rm -f /etc/krb5/krb5.keytab && ln -s /etc/krb5.keytab /etc/krb5/krb5.keytab |
||
mv /opt/csw/etc/ssh /etc && ln -s /etc/ssh /opt/csw/etc/ssh |
|||
== Environment variables == |
|||
It's usefull to have some binaries symlinked: |
|||
ln -s gmake /opt/csw/bin/make |
|||
ln -s /opt/csw/bin/bash /bin/bash |
|||
In /etc/default/login, change PATH and SUPATH: |
|||
== Solaris Patching/Updating == |
|||
PATH=/usr/local/bin:/usr/gnu/bin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/bin:/bin:/usr/sfw/bin |
|||
To update blastwave: |
|||
SUPATH=/usr/local/sbin:/usr/local/bin:/usr/gnu/bin:/opt/csw/sbin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin |
|||
pkg-get -U; pkg-get -u |
|||
Note that pkg-get will ask to remove a package and then ask to install the same package; this is normal and this is how pkg-get upgrades packages. |
|||
To configure the Solaris patch manager, you first have to create a Sun Online Account which you can create at https://reg.sun.com/register?program=sdn. |
|||
Create a file /tmp/reg.properties: |
|||
userName=syscom@csclub.uwaterloo.ca |
|||
password=[see ~sysadmin/passwords/sun-online-account] |
|||
hostName= |
|||
subscriptionKey= |
|||
portalEnabled= |
|||
proxyHostName= |
|||
proxyPort= |
|||
proxyUserName= |
|||
proxyPassword= |
|||
Register the system: |
|||
sconadm register -a -r /tmp/reg.properties |
|||
== PATH == |
|||
Near the top of /etc/profile, add: |
Near the top of /etc/profile, add: |
||
export PAGER=less |
|||
if [ "`id | cut -d= -f2 | cut -d\( -f1`" -eq 0 ]; then |
|||
PATH="/opt/csw/sbin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin" |
|||
else |
|||
PATH="/opt/csw/bin:/opt/csw/gcc3/bin:/usr/local/bin:/usr/bin:/bin:/usr/sfw/bin" |
|||
fi |
|||
== nss_ldap == |
== nss_ldap == |
||
The native nss_ldap library doesn't support rfc2307bis, so we need to build padl's nss_ldap from source: |
The native nss_ldap library doesn't support rfc2307bis, so we need to build padl's nss_ldap from source: |
||
./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/usr/local |
LDFLAGS=-L/opt/csw/lib CFLAGS=-I/opt/csw/include ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/usr/local |
||
LDADD=-L/opt/csw/lib\ -R/opt/csw/lib make; make install |
LDADD=-L/opt/csw/lib\ -R/opt/csw/lib make; make install |
||
ln -s /usr/local/lib/nss_ldap.so.1 /lib/nss_ldap.so.1 |
|||
Despite the fact that we link against csw's openldap libraries, we need to configure the native ldap library |
Modify /etc/nsswitch.ldap to your liking. You should also copy /etc/libnss-ldap.conf from caffeine. Despite the fact that we link against csw's openldap libraries, we need to configure the native ldap library. |
||
ldapclient manual -a credentialLevel=anonymous \ |
ldapclient manual -a credentialLevel=anonymous \ |
||
-a authenticationMethod=none \ |
-a authenticationMethod=none \ |
||
Line 87: | Line 65: | ||
-a defaultSearchScope=sub \ |
-a defaultSearchScope=sub \ |
||
-a defaultServerList=ldap1.csclub.uwaterloo.ca,ldap2.csclub.uwaterloo.ca |
-a defaultServerList=ldap1.csclub.uwaterloo.ca,ldap2.csclub.uwaterloo.ca |
||
In /etc/group, add the following to the bottom: |
|||
users::100: |
|||
== PAM == |
== PAM == |
||
Line 103: | Line 84: | ||
The sudo in blastwave/csw does not inclue the '--secure-path' configure option or ldap support, so you should build sudo from source: |
The sudo in blastwave/csw does not inclue the '--secure-path' configure option or ldap support, so you should build sudo from source: |
||
./configure --prefix=/usr/local --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth \ |
./configure --prefix=/usr/local --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth \ |
||
--with-secure-path=/ |
--with-secure-path=/usr/local/sbin:/usr/local/bin:/usr/gnu/bin:/opt/csw/sbin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin \ |
||
--with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \ |
--with-env-editor --with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \ |
||
--with-ldap --with-ldap-conf-file=/etc/ldap/ldap.conf |
--with-ldap --with-ldap-conf-file=/etc/ldap/ldap.conf |
||
* In config.h, change '#define HAVE_DGETTEXT 1' to '#undef HAVE_DGETTEXT' |
* In config.h, change '#define HAVE_DGETTEXT 1' to '#undef HAVE_DGETTEXT' |
||
Line 120: | Line 101: | ||
This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0. |
This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0. |
||
To enable Kerberos security, modify /etc/nfssec.conf and uncomment the krb5 lines. |
|||
To create datasets (basically mountpoints within a zpool): |
|||
zpool create users/dtbartle |
|||
Also see [[User-data#ZFS]]. |
|||
To disable atime, devices, and setuid: |
|||
zpool set atime=off users |
|||
zpool set devices=off users |
|||
zpool set setuid=off users |
|||
== SNMP == |
|||
Quota can be managed via 'zfs get' and 'zfs set'. To query quota: |
|||
zfs get quota |
|||
To set quota for a user: |
|||
zfs set quota=2G users/dtbartle |
|||
To disable quota for a user: |
|||
zfs set quota=none users/dtbartle |
|||
The snmp daemon in Solaris doesn't support 64-bit counters, so you should compile net-snmp: |
|||
To export over NFS: |
|||
./configure --prefix=/usr/local --enable-mfd-rewrites '--with-mib-modules=host ucd-snmp/diskio' \ |
|||
zfs set sharenfs="sec=sys,rw=$ACCESS_LIST,nosuid" users |
|||
--disable-embedded-perl --with-sys-contact="syscom@csclub.uwaterloo.ca" --with-sys-location="MC 3015" \ |
|||
ACCESS_LIST may be as a colon-separated list of any of the following: |
|||
--with-default-snmp-version=3 --with-logfile="/var/log/snmpd.log" --with-persistent-directory="/var/net-snmp" |
|||
* hostname (e.g. glucose-fructose.csclub.uwaterloo.ca) |
|||
* In include/net-snmp/system/solaris.h add '#define NEW_MIB_COMPLIANT 1' to the bottom. |
|||
* netgroup (e.g. in LDAP) |
|||
make; make install |
|||
* domain name suffix (e.g. .csclub.uwaterloo.ca) |
|||
* network (e.g. @129.97.134.0/24) |
|||
A minus sign (-) may prefix one of the above to indicate that access is to be denied. |
|||
Create /tmp/net-snmp.xml: |
|||
Snapshots are viewable at /users/$USER/.zfs/snapshot/ |
|||
<?xml version="1.0"?> |
|||
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> |
|||
<service_bundle type='manifest' name='net-snmp'> |
|||
<service name='system/net-snmp' type='service' version='1'> |
|||
<create_default_instance enabled='false' /> |
|||
<single_instance/> |
|||
<dependency name='milestone' grouping='require_all' restart_on='none' type='service'> |
|||
<service_fmri value='svc:/milestone/sysconfig' /> |
|||
</dependency> |
|||
<dependency name='filesystem' grouping='require_all' restart_on='none' type='service'> |
|||
<service_fmri value='svc:/system/filesystem/local' /> |
|||
</dependency> |
|||
<!-- |
|||
net-snmp needs nameservice resolution to connect to hosts. |
|||
--> |
|||
<dependency name='name-services' grouping='require_all' restart_on='none' type='service'> |
|||
<service_fmri value='svc:/milestone/name-services' /> |
|||
</dependency> |
|||
<dependent name='net-snmp_single-user' grouping='optional_all' restart_on='none'> |
|||
<service_fmri value='svc:/milestone/multi-user' /> |
|||
</dependent> |
|||
<exec_method type='method' name='start' exec='/lib/svc/method/svc-net-snmp' timeout_seconds='60' /> |
|||
<exec_method type='method' name='stop' exec=':kill' timeout_seconds='60' /> |
|||
<exec_method type='method' name='refresh' exec=':kill -HUP' timeout_seconds='60' /> |
|||
<property_group name='general' type='framework'> |
|||
<!-- |
|||
to start stop syslog daemon |
|||
--> |
|||
<propval name='action_authorization' type='astring' value='solaris.smf.manage.net-snmp' /> |
|||
</property_group> |
|||
<stability value='Unstable' /> |
|||
<template> |
|||
<common_name> |
|||
<loctext xml:lang='C'>net-snmp</loctext> |
|||
</common_name> |
|||
<documentation> |
|||
<manpage title='net-snmp' section='1M' manpath='/usr/share/man' /> |
|||
</documentation> |
|||
</template> |
|||
</service> |
|||
</service_bundle> |
|||
Import the manifest: |
|||
== SNMP == |
|||
svccfg import /tmp/net-snmp.xml |
|||
Create /lib/svc/method/svc-net-snmp: |
|||
An SNMP daemon can be enabled via: |
|||
#!/bin/sh |
|||
svcadm enable sma |
|||
. /lib/svc/share/smf_include.sh |
|||
It can be configured via /etc/snmpd/conf/snmpd.conf. |
|||
# Start processes required for snmpd |
|||
if [ -x /usr/local/sbin/snmpd ]; then |
|||
/usr/local/sbin/snmpd |
|||
else |
|||
echo "snmpd is missing or not executable." |
|||
exit $SMF_EXIT_ERR_CONFIG |
|||
fi |
|||
exit $SMF_EXIT_OK |
|||
== |
== rsyncd == |
||
Install SUNWrsync. |
|||
Make sure that your .cshrc file is empty, as running 'which' invoke csh. |
|||
Create /tmp/rsync.xml: |
|||
== svcadm/svccfg == |
|||
<?xml version="1.0"?> |
|||
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> |
|||
<service_bundle type="manifest" name="rsync"> |
|||
<service name="network/rsync" type="service" version="4"> |
|||
<create_default_instance enabled="false"/> |
|||
<single_instance/> |
|||
<!-- |
|||
If there's no network, then there's no point in running |
|||
--> |
|||
<dependency name="loopback" grouping="require_all" restart_on="error" type="service"> |
|||
<service_fmri value="svc:/network/loopback:default"/> |
|||
</dependency> |
|||
<dependency name="physical" grouping="require_all" restart_on="error" type="service"> |
|||
<service_fmri value="svc:/network/physical:default"/> |
|||
</dependency> |
|||
<dependency name="fs-local" grouping="require_all" restart_on="none" type="service"> |
|||
<service_fmri value="svc:/system/filesystem/local"/> |
|||
</dependency> |
|||
<exec_method type="method" name="start" exec="/opt/csw/bin/rsync --daemon" timeout_seconds="60"/> |
|||
<exec_method type="method" name="stop" exec=":kill" timeout_seconds="60"/> |
|||
<exec_method type="method" name="refresh" exec=":kill -HUP" timeout_seconds="60"/> |
|||
<stability value="Unstable"/> |
|||
<template> |
|||
<common_name> |
|||
<loctext xml:lang="C">RSYNC daemon</loctext> |
|||
</common_name> |
|||
<documentation> |
|||
<manpage title="rsync" section="7"/> |
|||
<doc_link name="rsync.org" uri="http://www.rsync.org/docs/"/> |
|||
</documentation> |
|||
</template> |
|||
</service> |
|||
</service_bundle> |
|||
Import the manifest: |
|||
svccfg import /tmp/rsync.xml |
|||
== Service Management == |
|||
To control services, use svcadm: |
|||
svcadm enable ssh |
|||
svcadm disable ssh |
|||
svcadm restart ssh |
|||
To install/delete services, use svccfg. |
|||
To see why services failed to start: |
|||
svcs -xv |
|||
== External Links == |
== External Links == |
||
Line 162: | Line 233: | ||
* http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Guide |
* http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Guide |
||
* https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 |
* https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 |
||
[[Category:Software]] |
Latest revision as of 21:33, 22 November 2009
Networking
Create /etc/defaultroute with contents:
129.97.134.1
Modify /etc/netmasks and add to the end:
129.97.134.1 255.255.255.0
Create /etc/hostname.e1000g0 (where e1000g0 is the interface name):
ginseng
Modify /etc/hosts so that it contains at least the following:
127.0.0.1 localhost loghost 129.97.134.89 ginseng.csclub.uwaterloo.ca ginseng
Run the following:
svcadm enable physical:default /lib/svc/methods/net-physical:default
OpenSolaris Packages
You should install the following build-related packages:
pkg install SUNWarc SUNWsfwhea SUNWhea SUNWtoo
If you want gcc and Sun Studio:
pkg install gcc-dev sunstudio
Blastwave/CSW Packages
Install pkg-get:
pkgadd -d http://www.blastwave.org/pkg_get.pkg * In /opt/csw/etc/pkg-get.conf, set the primary url to http://mirror.csclub.uwaterloo.ca/blastwave/unstable.
Install various packages:
/opt/csw/bin/pkg-get -i gnupg screen bash_completion bison gawk gsed puppet top iftop wireshark
We want certain config files to be in /etc, rather than /opt/csw:
rm -f /opt/csw/etc/openldap/ldap.conf && ln -s /etc/ldap/ldap.conf /opt/csw/etc/openldap/ldap.conf rm -f /etc/krb5/krb5.conf && ln -s /etc/krb5.conf /etc/krb5/krb5.conf rm -f /etc/krb5/krb5.keytab && ln -s /etc/krb5.keytab /etc/krb5/krb5.keytab
Environment variables
In /etc/default/login, change PATH and SUPATH:
PATH=/usr/local/bin:/usr/gnu/bin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/bin:/bin:/usr/sfw/bin SUPATH=/usr/local/sbin:/usr/local/bin:/usr/gnu/bin:/opt/csw/sbin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin
Near the top of /etc/profile, add:
export PAGER=less
nss_ldap
The native nss_ldap library doesn't support rfc2307bis, so we need to build padl's nss_ldap from source:
LDFLAGS=-L/opt/csw/lib CFLAGS=-I/opt/csw/include ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/usr/local LDADD=-L/opt/csw/lib\ -R/opt/csw/lib make; make install ln -s /usr/local/lib/nss_ldap.so.1 /lib/nss_ldap.so.1
Modify /etc/nsswitch.ldap to your liking. You should also copy /etc/libnss-ldap.conf from caffeine. Despite the fact that we link against csw's openldap libraries, we need to configure the native ldap library.
ldapclient manual -a credentialLevel=anonymous \ -a authenticationMethod=none \ -a domainName=csclub.uwaterloo.ca \ -a defaultSearchBase=dc=csclub,dc=uwaterloo,dc=ca \ -a defaultSearchScope=sub \ -a defaultServerList=ldap1.csclub.uwaterloo.ca,ldap2.csclub.uwaterloo.ca
In /etc/group, add the following to the bottom:
users::100:
PAM
In /etc/pam.conf, after
other auth required pam_unix_cred.so.1
add
other auth sufficient pam_krb5.so.1
You should also do this for 'login'.
You need to create /etc/krb5/krb5.keytab containing host/fqdn@CSCLUB.UWATERLOO.CA where fqdn is the fully qualified domain name of the host.
sudo
The sudo in blastwave/csw does not inclue the '--secure-path' configure option or ldap support, so you should build sudo from source:
./configure --prefix=/usr/local --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth \ --with-secure-path=/usr/local/sbin:/usr/local/bin:/usr/gnu/bin:/opt/csw/sbin:/opt/csw/bin:/opt/csw/gcc3/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/sfw/bin \ --with-env-editor --with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \ --with-ldap --with-ldap-conf-file=/etc/ldap/ldap.conf * In config.h, change '#define HAVE_DGETTEXT 1' to '#undef HAVE_DGETTEXT' make; make install
ZFS
When you add new disks you need to have Solaris rescan for disks. You can do this by adding '-r' as a kernel option (via grub).
To view a list of disks:
format
To create a mirrored "zpool" (basically lvm/mdadm/fs all rolled into one):
zpool create users mirror c2t0d0 c2t1d0
This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0.
To enable Kerberos security, modify /etc/nfssec.conf and uncomment the krb5 lines.
Also see User-data#ZFS.
SNMP
The snmp daemon in Solaris doesn't support 64-bit counters, so you should compile net-snmp:
./configure --prefix=/usr/local --enable-mfd-rewrites '--with-mib-modules=host ucd-snmp/diskio' \ --disable-embedded-perl --with-sys-contact="syscom@csclub.uwaterloo.ca" --with-sys-location="MC 3015" \ --with-default-snmp-version=3 --with-logfile="/var/log/snmpd.log" --with-persistent-directory="/var/net-snmp" * In include/net-snmp/system/solaris.h add '#define NEW_MIB_COMPLIANT 1' to the bottom. make; make install
Create /tmp/net-snmp.xml:
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type='manifest' name='net-snmp'> <service name='system/net-snmp' type='service' version='1'> <create_default_instance enabled='false' /> <single_instance/> <dependency name='milestone' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/milestone/sysconfig' /> </dependency> <dependency name='filesystem' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/system/filesystem/local' /> </dependency> <dependency name='name-services' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/milestone/name-services' /> </dependency> <dependent name='net-snmp_single-user' grouping='optional_all' restart_on='none'> <service_fmri value='svc:/milestone/multi-user' /> </dependent> <exec_method type='method' name='start' exec='/lib/svc/method/svc-net-snmp' timeout_seconds='60' /> <exec_method type='method' name='stop' exec=':kill' timeout_seconds='60' /> <exec_method type='method' name='refresh' exec=':kill -HUP' timeout_seconds='60' /> <property_group name='general' type='framework'> <propval name='action_authorization' type='astring' value='solaris.smf.manage.net-snmp' /> </property_group> <stability value='Unstable' /> <template> <common_name> <loctext xml:lang='C'>net-snmp</loctext> </common_name> <documentation> <manpage title='net-snmp' section='1M' manpath='/usr/share/man' /> </documentation> </template> </service> </service_bundle>
Import the manifest:
svccfg import /tmp/net-snmp.xml
Create /lib/svc/method/svc-net-snmp:
#!/bin/sh . /lib/svc/share/smf_include.sh # Start processes required for snmpd if [ -x /usr/local/sbin/snmpd ]; then /usr/local/sbin/snmpd else echo "snmpd is missing or not executable." exit $SMF_EXIT_ERR_CONFIG fi exit $SMF_EXIT_OK
rsyncd
Install SUNWrsync.
Create /tmp/rsync.xml:
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="manifest" name="rsync"> <service name="network/rsync" type="service" version="4"> <create_default_instance enabled="false"/> <single_instance/> <dependency name="loopback" grouping="require_all" restart_on="error" type="service"> <service_fmri value="svc:/network/loopback:default"/> </dependency> <dependency name="physical" grouping="require_all" restart_on="error" type="service"> <service_fmri value="svc:/network/physical:default"/> </dependency> <dependency name="fs-local" grouping="require_all" restart_on="none" type="service"> <service_fmri value="svc:/system/filesystem/local"/> </dependency> <exec_method type="method" name="start" exec="/opt/csw/bin/rsync --daemon" timeout_seconds="60"/> <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60"/> <exec_method type="method" name="refresh" exec=":kill -HUP" timeout_seconds="60"/> <stability value="Unstable"/> <template> <common_name> <loctext xml:lang="C">RSYNC daemon</loctext> </common_name> <documentation> <manpage title="rsync" section="7"/> <doc_link name="rsync.org" uri="http://www.rsync.org/docs/"/> </documentation> </template> </service> </service_bundle>
Import the manifest:
svccfg import /tmp/rsync.xml
Service Management
To control services, use svcadm:
svcadm enable ssh svcadm disable ssh svcadm restart ssh
To install/delete services, use svccfg.
To see why services failed to start:
svcs -xv