Softpanorama

May the source be with you, but remember the KISS principle ;-)
Contents Bulletin Scripting in shell and Perl Network troubleshooting History Humor

Solaris Installation Page

News See also Recommended books Recommended Links Disk Partitioning Swap file requirements
Components Packages Hardening Jumpstart Webstart Flash archives
 Reinstallation Checklist Notes on installing Solaris 9 Installing Solaris 10 from CD Forcing Solaria into OK prompt    
Live Upgrade Mounting CDROM in Solaris Serial Console Sun Advanced Lights Out Manager (ALOM) Humor Etc

Installation of the Solaris operating system is detailed in the documentation provided by Sun Microsystems.  Here we will present just some highlights

There are several ways to install Solaris. 

Before installation from CD/DVD you can need to collect information about your PC (you may be even send yourself in a email and print it  to document it) including:

As I mentioned above a typical install is from CD or DVD. Some general steps are listed below.

  1. Place the Solaris installation CD in the CD-ROM drive and turn on the computer. If a previous installation of Solaris or SunOS exists on the machine, interrupt the boot process (with STOP+A), specify N for new command mode, and type boot cdrom.
  2. From this point on, you are in the Solaris installation procedure. The three major parts of the installation procedure are:

The first think to decide during the installation is disk partitioning. Do not try to create you own partitions scheme, unless you really understand Solaris. It is important to understand that the second partition in Solaris is a special one and is not created automatically if, for example you specify one partition manually, for example:

overlap c0d0s2

Installation program usually will recommend more or less reasonable number of slices and you can change them and provide explicit size for arch slice. Nothing prevents you cutting just two slices (1 and 2). In this case the space will be utilized much better. For example for an old Ultra 5 box at home you might use the simplest partitioning:

1. / -- 9G

For 20G drive typical on Ultra10 that is used as a home server it might make sense to have separate partitions for major parts of the OS. In this case during reinstallation you can preserve /export/home directory.

  1. / -- 8G  -- it does not make sense to use / less then 1G as root directory sometimes is used for packages installation.
  2. /swap =  size of your RAM
  3. /var --   4G  (var separation is important as it is used in installation of recommended patches. )
  4. /export/home -- everything else

or if you want to control more partitions (and hopefully know the sized of each more precisely)

  1. / -- 1G  -- it does not make sense to use / less then 1G as root directory sometimes is used for packages installation.
  2. /usr -- 6 G
  3. /opt -- 4 G -- you might benefit from linking /usr/local to /opt/sfw
  4. /swap =  size of your RAM
  5. /var --   4G  (var separation is important as it is used in installation of recommended patches. )
  6. /export/home -- everything else

Solaris 9 is not great in finding the default router during the installation and you will be better off specifying it yourself.


Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

News

10 steps to install server

January 25th, 2006

This is the steps to setup a CD-less install server if you are using > Solaris 3/05 x86 (or a Solaris x86 with GRUB).

They cleaned up a lot of things with GRUB booting off PXE and it is a lot easier and painless as this example shows. This does not include profiles so you will have to sit in through the install process and answer questions.

It is just a quick and easy way to get Solaris x86 installed on a remote machine without burning CDs.

1. Download ISO images

2. Unzip them, run
lofiadm -a iso_file.iso
for each one

3. mkdir /mnt/disk1 /mnt/disk2 /mnt/disk3 /mnt/disk4

4. mount -F hsfs /dev/lofi/# /mnt/disk#
for each one

5.
/mnt/disk1/Solaris_11/Tools/setup_install_server /path/to/setup/installserver

6. For each CD:
/mnt/disk#/Solaris_11/Tools/add_to_install_server /path/to/setup/installserver

7.
/path/to/setup/installserver/Solaris_11/Tools/add_install_client -d -e client_mac -s install_server_ip:/path/to/setup/installserver i86pc

After this command it will give you information to use for the DHCP server you setup on step #10. If you are familiar with the old x86 network boot, you will notice they dont use SUNW.i86pc anymore and there is a lot less options to add for the DHCP server.

8. share -F nfs -o ro,anon=0 -d “Install Server” /path/to/setup/installserver

9. Run:
/usr/sadm/admin/bin/dhcpmgr
and follow the correct IP setup, defaults work great here if using 192.168 network.

10. Add Macro by clicking on Macros then Edit -> Create (Use the information from the add_install_client command to put in the DHCP Macro. It’s only 2 options: “BootSrvA” which is the IP address of the install server, and “BootFile” which is the name of the bootfile on the install server.

Tell your client to boot off using PXE!

BigAdmin Feature Article Using Solaris Live Upgrade for the x86 (and SPARC) Platform

It is my hope that this document will encourage more people to use Sun's Solaris Live Upgrade software. Even though I'm writing here about the Solaris Operating System, x86 Platform Edition, the information is applicable to the SPARC Platform Edition as well.

The Solaris Express program is now offered as an option for Sun's customers to gain early access to the next Solaris release. This program is updated every month. We highly encourage people to download and install these early releases so they will have access to new features coming in the Solaris OS.

When we access early releases, we may start running into situations where we have two or three different environments that we might want to either test or develop on. Live Upgrade is a means to boot between these multiple environments. It upgrades the environment so that it will be as close as possible to what existed in the environment you copied from.

The Solaris Interactive Installation -- chapter from the book that looks like a re-write of corresponding chapter of SA-299 manual. In this chapter:

Sys Admin Magazine

Step 3: Installing Solaris 8

Put in the Solaris installation media and boot. The Solaris installation sequence should come right up. Run fdisk to establish partition 2 for Solaris. A catch in this step is the boundary cylinders on the hard drive. Give yourself a couple of cylinders buffer between the end of the your Windows partition and where you start the Solaris partition. Also allow some buffer between the end of your Solaris partition and the start of your Linux partition. I use a rule of thumb of two cylinders on each side. If you don't add this buffer, your installation will fail. Install what you want on partition 2. Note that Solaris will divide partition 2 into partitions 2 and 3 during the install. Late in the install process, you will have a chance to look at the filesystem layout. Partition 2 will be sliced up into / in s0, swap in s1, overlap will be in s2, and /export/home in s7. These four slices are the reason that in Step 2a we added four to several lines. After the Solaris install, Linux will see hda5 as hda9. If you use more than four slices in Solaris, you will have to modify Step 2a as appropriate. Reboot. Study Listing 3 to see what the partition table looks like after the Solaris installation, especially the cylinder buffers around the Solaris partitions.

Guide to armoring Solaris 8

Partitioning and Patching
During the installation process, you will be asked to partition your system. Partitioning helps security in two ways. First, you can protect critical patitions, such as '/' partition, from filling up by creating seperate patitions for logging and mail. Second, partitioning allows you to restrict which partitions have which capabilities, such as making the '/usr' partition, for all the system binaries, read only.

Therefore, I recommend a separate partition for both "/var" and "/usr". "/var" is where all the system and firewall logging and email spoolling goes. By isolating the /var partition, you protect your root partition from overfilling. By isoloating the /usr partition, we can create this read-only, helping to protect system binaries from modification or potential remote exploit. You may want to consider an seperate partition for "/opt' also, as this is where the FW-1 NG binaries will be located.

Firewall-1 NG logs and configuration files are located in "/var/opt/CPfw1-50". Most Solaris systems have two or more drives, such as the Ultra 10 or 2 IDE drives for an x86. If you are not mirroring the second drive, dedicate the drive for all the firewall logs and configs. Once again, this protects all the other partitions from filling up. With such a setup, a 20GB hard drive and 128MB of RAM could look as follows:

/                 - everything else
swap              - 256MB (or traditionally 2x amount of RAM)
/var              - 400MB
/var/opt/CPfw1-50 - 15GB or 2nd drive
/usr              - 500MB (if you want separate ReadOnly partition).

Once the system has rebooted after the installation, be sure to install the Recommended and Security patch cluster from Sun. Also, FW-1 NG requires two additional patches that are not part of the cluster, specifically 108434-02 and 108435-02. You will have to download and install these patches in addition to the patch cluster. Be sure to use your go between box to get the patches, the firewall box should always remain on an isolated network. Patches are CRITICAL to maintaining a secure firewall and should be updated at least once a week. http://www.securityfocus.com maintains an excellent vulnerability database.


Recommended Links

Softpanorama hot topic of the month

Softpanorama Recommended

docs.sun.com Solaris 8 Advanced Installation Guide

Jumpstart

SecurityFocusJumpStart for Solaris Systems, -- The JumpStart Architecture and Security Scripts (JASS) toolkit provides a Solaris system administrator with an easy to use and easy to implement method of hardening Solaris systems. This toolkit provides the ability to install identical hardened Solaris operating system images to multiple systems.

JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 2:
Updated for Toolkit version 0.2
",
Alex Noordergraaf and Glenn Brunette, Sun Blueprints, November 2000

[JumpStart Architecture and Security Scripts for the Solaris Operating - Part 3:
Updated for Toolkit version 0.2
",
Alex Noordergraaf and Glenn Brunette, Sun Blueprints, November 2000

jumpstart.txt -- practical instructions with Troubleshooting Tips

 #! Most errors occur in the sysidcfg file or the add_install_client. #! syntax.

To avoid troubleshooting headaches, do the following:

  1.  # cat /dev/null > /etc/bootparams

  2. Run the add_install_client again

  3. Reboot the client and try again.

#! Common sysidfcg errors occur when network_interface entries #! are not space delimited.

Closely scrutinize the file. One #! typo will abort the entire jumpstart.


Disk partitioning

Solaris x86 - Documents

As you can see in the Customized column below, with my 4-gig drive I transferred 1.4 GB to /opt and about 650 MB to each / and /var which left 250 MB for the /export/home slice.

The Before column below was displayed with the sizes given in Mbytes:

Before (Default)   Customized
/ c0d0s0 43 / c0d0s0 700
/usr/openwin c0d0s1 341 /usr/openwin c0d0s1 341
overlap c0d0s2 4102 overlap c0d0s2 4102
/var c0d0s3 30 /var c0d0s3 648
swap c0d0s4 147 swap c0d0s4 147
/opt c0d0s5 25 /opt c0d0s5 1400
/usr c0d0s6 535 /usr c0d0s6 535
/export/home c0d0s7 2977 /export/home c0d0s7 250

Software Components

The Solaris OE software is organized into three components:

To view the names of the cluster configurations, perform the command:

# grep METACLUSTER /var/sadm/system/admin/.clustertoc

METACLUSTER=SUNWCXall

METACLUSTER=SUNWCall

METACLUSTER=SUNWCprog

METACLUSTER=SUNWCuser

METACLUSTER=SUNWCreq

METACLUSTER=SUNWCmreq

The metacluster SUNWCmreq is a hidden metacluster. It allows you to create a minimal core metacluster by de-selecting packages from the core metacluster.

To determine which cluster configuration has been installed on the system, you can use the command:

# cat /var/sadm/system/admin/CLUSTER

CLUSTER=SUNWCXall



Etc

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit exclusivly for research and educational purposes.   If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner. 

ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no less then 90 days. Multiple types of probes increase this period.  

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least


Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: June 04, 2016