|Home||Switchboard||Unix Administration||Red Hat||TCP/IP Networks||Neoliberalism||Toxic Managers|
May the source be with you, but remember the KISS principle ;-)
Skepticism and critical thinking is not panacea, but can help to understand the world better
|News||See also||Recommended books||Recommended Links||Disk Partitioning||Swap file requirements|
|Reinstallation Checklist||Notes on installing Solaris 9||Installing Solaris 10 from CD||Forcing Solaria into OK prompt|
|Live Upgrade||Mounting CDROM in Solaris||Serial Console||Sun Advanced Lights Out Manager (ALOM)||Humor||Etc|
Installation of the Solaris operating system is detailed in the documentation provided by Sun Microsystems. Here we will present just some highlights
There are several ways to install Solaris.
Before installation from CD/DVD you can need to collect information about your PC (you may be even send yourself in a email and print it to document it) including:
As I mentioned above a typical install is from CD or DVD. Some general steps are listed below.
The first think to decide during the installation is disk partitioning. Do not try to create you own partitions scheme, unless you really understand Solaris. It is important to understand that the second partition in Solaris is a special one and is not created automatically if, for example you specify one partition manually, for example:
Installation program usually will recommend more or less reasonable number of slices and you can change them and provide explicit size for arch slice. Nothing prevents you cutting just two slices (1 and 2). In this case the space will be utilized much better. For example for an old Ultra 5 box at home you might use the simplest partitioning:
1. / -- 9G
For 20G drive typical on Ultra10 that is used as a home server it might make sense to have separate partitions for major parts of the OS. In this case during reinstallation you can preserve /export/home directory.
or if you want to control more partitions (and hopefully know the sized of each more precisely)
Solaris 9 is not great in finding the default router during the installation and you will be better off specifying it yourself.
January 25th, 2006
This is the steps to setup a CD-less install server if you are using > Solaris 3/05 x86 (or a Solaris x86 with GRUB).
They cleaned up a lot of things with GRUB booting off PXE and it is a lot easier and painless as this example shows. This does not include profiles so you will have to sit in through the install process and answer questions.
It is just a quick and easy way to get Solaris x86 installed on a remote machine without burning CDs.
1. Download ISO images
2. Unzip them, run
lofiadm -a iso_file.iso
for each one
mkdir /mnt/disk1 /mnt/disk2 /mnt/disk3 /mnt/disk4
mount -F hsfs /dev/lofi/# /mnt/disk#
for each one
6. For each CD:
/path/to/setup/installserver/Solaris_11/Tools/add_install_client -d -e client_mac -s install_server_ip:/path/to/setup/installserver i86pc
After this command it will give you information to use for the DHCP server you setup on step #10. If you are familiar with the old x86 network boot, you will notice they dont use SUNW.i86pc anymore and there is a lot less options to add for the DHCP server.
share -F nfs -o ro,anon=0 -d "Install Server" /path/to/setup/installserver
and follow the correct IP setup, defaults work great here if using 192.168 network.
10. Add Macro by clicking on Macros then Edit -> Create (Use the information from the add_install_client command to put in the DHCP Macro. It's only 2 options: "BootSrvA" which is the IP address of the install server, and "BootFile" which is the name of the bootfile on the install server.
Tell your client to boot off using PXE!
It is my hope that this document will encourage more people to use Sun's Solaris Live Upgrade software. Even though I'm writing here about the Solaris Operating System, x86 Platform Edition, the information is applicable to the SPARC Platform Edition as well.
The Solaris Express program is now offered as an option for Sun's customers to gain early access to the next Solaris release. This program is updated every month. We highly encourage people to download and install these early releases so they will have access to new features coming in the Solaris OS.
When we access early releases, we may start running into situations where we have two or three different environments that we might want to either test or develop on. Live Upgrade is a means to boot between these multiple environments. It upgrades the environment so that it will be as close as possible to what existed in the environment you copied from.
Step 3: Installing Solaris 8
Put in the Solaris installation media and boot. The Solaris installation sequence should come right up. Run fdisk to establish partition 2 for Solaris. A catch in this step is the boundary cylinders on the hard drive. Give yourself a couple of cylinders buffer between the end of the your Windows partition and where you start the Solaris partition. Also allow some buffer between the end of your Solaris partition and the start of your Linux partition. I use a rule of thumb of two cylinders on each side. If you don't add this buffer, your installation will fail. Install what you want on partition 2. Note that Solaris will divide partition 2 into partitions 2 and 3 during the install. Late in the install process, you will have a chance to look at the filesystem layout. Partition 2 will be sliced up into / in s0, swap in s1, overlap will be in s2, and /export/home in s7. These four slices are the reason that in Step 2a we added four to several lines. After the Solaris install, Linux will see hda5 as hda9. If you use more than four slices in Solaris, you will have to modify Step 2a as appropriate. Reboot. Study Listing 3 to see what the partition table looks like after the Solaris installation, especially the cylinder buffers around the Solaris partitions.
Partitioning and Patching
During the installation process, you will be asked to partition your system. Partitioning helps security in two ways. First, you can protect critical patitions, such as '/' partition, from filling up by creating seperate patitions for logging and mail. Second, partitioning allows you to restrict which partitions have which capabilities, such as making the '/usr' partition, for all the system binaries, read only.
Therefore, I recommend a separate partition for both "/var" and "/usr". "/var" is where all the system and firewall logging and email spoolling goes. By isolating the /var partition, you protect your root partition from overfilling. By isoloating the /usr partition, we can create this read-only, helping to protect system binaries from modification or potential remote exploit. You may want to consider an seperate partition for "/opt' also, as this is where the FW-1 NG binaries will be located.
Firewall-1 NG logs and configuration files are located in "/var/opt/CPfw1-50". Most Solaris systems have two or more drives, such as the Ultra 10 or 2 IDE drives for an x86. If you are not mirroring the second drive, dedicate the drive for all the firewall logs and configs. Once again, this protects all the other partitions from filling up. With such a setup, a 20GB hard drive and 128MB of RAM could look as follows:
/ - everything else swap - 256MB (or traditionally 2x amount of RAM) /var - 400MB /var/opt/CPfw1-50 - 15GB or 2nd drive /usr - 500MB (if you want separate ReadOnly partition).
Once the system has rebooted after the installation, be sure to install the Recommended and Security patch cluster from Sun. Also, FW-1 NG requires two additional patches that are not part of the cluster, specifically 108434-02 and 108435-02. You will have to download and install these patches in addition to the patch cluster. Be sure to use your go between box to get the patches, the firewall box should always remain on an isolated network. Patches are CRITICAL to maintaining a secure firewall and should be updated at least once a week. http://www.securityfocus.com maintains an excellent vulnerability database.
Google matched content
docs.sun.com Solaris 8 Advanced Installation Guide
SecurityFocusJumpStart for Solaris Systems, -- The JumpStart Architecture and Security Scripts (JASS) toolkit provides a Solaris system administrator with an easy to use and easy to implement method of hardening Solaris systems. This toolkit provides the ability to install identical hardened Solaris operating system images to multiple systems.
JumpStart Architecture and Security Scripts for the Solaris Operating Environment
- Part 2:
Updated for Toolkit version 0.2",
Alex Noordergraaf and Glenn Brunette, Sun Blueprints, November 2000
Architecture and Security Scripts for the Solaris Operating - Part 3:
Updated for Toolkit version 0.2",
Alex Noordergraaf and Glenn Brunette, Sun Blueprints, November 2000
jumpstart.txt -- practical instructions with Troubleshooting Tips
#! Most errors occur in the sysidcfg file or the add_install_client. #! syntax.
To avoid troubleshooting headaches, do the following:
# cat /dev/null > /etc/bootparams
Run the add_install_client again
Reboot the client and try again.
#! Common sysidfcg errors occur when network_interface entries #! are not space delimited.
Closely scrutinize the file. One #! typo will abort the entire jumpstart.
Solaris x86 - Documents
As you can see in the Customized column below, with my 4-gig drive I transferred 1.4 GB to /opt and about 650 MB to each / and /var which left 250 MB for the /export/home slice.
The Before column below was displayed with the sizes given in Mbytes:
The Solaris OE software is organized into three components:
Software groups. Software groups are collections of Solaris OE software packages. Each software group includes support for different functions and hardware drivers. The Solaris OE is made up of five software groups:
Core (SUNWCreq)contains the minimum software required to boot and run the Solaris OE in a minimum configuration, without the support to run many server applications. It includes:
a minimum of networking software, including Telnet, File Transfer Protocol (FTP), Network File System (NFS), Network Information Service (NIS) clients, and Domain Name Service (DNS).
The drivers required to run the Common Desktop Environment (CDE), but does not include the CDE software.
The Core software group also does not include online manual pages.
End User System Support (SUNWCuser) Includes the Core software group plus "end user software" plus the CDE.
Developer System Support (SUNWCprog). this is End User System Support software group. plus the libraries, the include files, the online manual pages, and the programming tools.
Entire Distribution (SUNWCall) this is a Developer System Support software group plus additional software needed for servers. Other way to think about it is the entire Solaris OE software release minus OEM support.
Entire Distribution Plus Original Equipment Manufacturers (OEM). This is "install everything option". This software group might be useful in case of non-Sun servers.
To view the names of the cluster configurations, perform the command:
# grep METACLUSTER /var/sadm/system/admin/.clustertoc
The metacluster SUNWCmreq is a hidden metacluster. It allows you to create a minimal core metacluster by de-selecting packages from the core metacluster.
To determine which cluster configuration has been installed on the system, you can use the command:
# cat /var/sadm/system/admin/CLUSTER
The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D
Copyright © 1996-2018 by Dr. Nikolai Bezroukov. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) in the author free time and without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info|
The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: April 18, 2018