OpenSolaris

From CSCWiki
Revision as of 00:56, 26 January 2008 by Dtbartle (talk | contribs) (→‎LDAP)
Jump to navigation Jump to search

Solaris is drugs; avoid it at all cost.

pkg-get

pkgadd -d http://www.blastwave.org/pkg_get.pkg

/opt/csw/bin/pkg-get -i gnupg vim

PATH

export PATH=/opt/csw/bin:/usr/sfw/bin:$PATH

Build Tools

You need to insert the Solaris 10 DVD; it should get auto-mounted in /cdrom/sol*. Then ls to /cdrom/sol*/Solaris\ 10/Products and install some packages: 

pkgadd -d . SUNWgcc SUNWbinutils SUNWgmake

LDAP

Build openldap: 

./configure --disable-slapd --prefix=/opt/csc/openldap --sysconfdir=/etc/ldap
make depend; make; make install

Copy the following from caffeine: 

/etc/ldap/ldap.conf
/etc/ldap/uw-ca.pem

Build nss_ldap: 

CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib \
    ./configure --with-ldap-conf-file=/etc/libnss-ldap.conf --prefix=/opt/csc/nss_ldap

Comment out the '#define HAVE_SASL_SASL_H' line in config.h.
In Makefile, change 'LIBS = -lldap...' to 'LIBS = $(LDFLAGS) -lldap...'. 

make; make install

Install nss_ldap.so: 

rm /usr/lib/nss_ldap.so.1
ln -s /opt/csc/nss_ldap/lib/nss_ldap.so /usr/lib/nss_ldap.so.1

Modify /etc/nsswitch.conf to use ldap and then install libnss-ldap.conf and ldap.conf: 

scp caffeine:/etc/ldap/ldap.conf /etc/ldap/ldap.conf
scp caffeine:/etc/libnss-ldap.conf /etc/libnss-ldap.conf

Kerberos

scp caffeine:/etc/krb5.conf /etc/krb5/krb5.conf

In /etc/pam.conf, after 

other auth required   pam_unix_cred.so.1

add 

other auth sufficient   pam_krb5.so.1

You might want to also do this for 'login'.

You need to create /etc/krb5/krb5.keytab containing host/FQDN@CSCLUB.UWATERLOO.CA where FQDN = the fully qualified domain name of the host.

sudo

The sudo in blastwave/csw does not inclue the '--secure-path' configure option. This means that commands such as 'sudo mount' will result in 'command not found' errors, as is not in the callee's path. You can build sudo from source: 

CFLAGS=-I/opt/csc/openldap/include LDFLAGS=-L/opt/csc/openldap/lib\ -R/opt/csc/openldap/lib ./configure \
  --prefix=/usr --with-secure-path=/opt/csw/sbin:/opt/csw/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
  --with-all-insults --with-exempt=sudo --with-pam --with-fqdn --with-logging=syslog --with-logfac=auth --with-env-editor \
  --with-timeout=15 --with-password-timeout=0 --disable-root-mailer --disable-setresuid --with-sendmail=/usr/sbin/sendmail \
  --with-ldap --with-ldap-conf-file=/etc/ldap/ldap.conf
make; make install

ZFS

When you add new disks you need to have Solaris rescan for disks. You can do this by adding '-r' as a kernel option (via grub).

You can view a list of disks by typing 

format

To create a mirrored "zpool" (basically lvm/mdadm/fs all rolled into one): 

zpool create users mirror c2t0d0 c2t1d0

This creates a RAID 1 zpool with component disks c2t0d0 and c2t1d0.

To create datasets (basically mountpoints within a zpool): 

zpool create users/dtbartle

Quota can be managed via 'zfs get' and 'zfs set'. To query quota: 

zfs get quota

To set quota for a user: 

zfs set quota=2G users/dtbartle

To export over NFS: 

zfs set sharenfs="sec=sys,rw=caffeine,suagr,..." users

Snapshots are viewable at /users/dtbartle/.zfs/snapshot/

SNMP

An SNMP daemon can be enabled via: 

svcadm enable sma

It can be configured via /etc/snmpd/conf/snmpd.conf

External Links

https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddSolaris10 http://ashtech.net/~syntax/blog/archives/50-Solaris-10-Partitioning,-RAID,-and-ZFS.html

Retrieved from "https://wiki.csclub.uwaterloo.ca/index.php?title=OpenSolaris&oldid=1062"