Softpanorama (slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-) Softpanorama Search

Tiporama: Solaris Tips

It's not easy to define what is a tip. Tips are setting, commands, etc that are important to know but usually are hidden in the volume of documentation and/or capabilities that are are not evident.

The first and the most important tip that one can get to a Solaris user is to get a good shell prompt. What Sun ships is a disaster.

The second is to install open source software provided by Sun on a separate disk. Not all of it requires root access and administrator permission (difficult to obtain in corporate environment).  Also if the server allow NFS mounting you can mount directory from you workstation to use many of those utilities.

Tips pages are usually  do not last long on the Net. Please be ready to find out that some of the links below already disappeared.

Here are several of my favorite tip pages

• Sun Solaris Tips  -- contains more a dozen very good, often unobvious, high quality tips.

• Sun's BigAdmin --

  has a list of useful command-line examples:

  • listing files by size of a particular partition, e.g. /var can be done using:
    du -ad /var | sort -n

  • Another way of doing this is to use find, e.g. list files greater that 1MB older than 7 days on the current filesystem:
    find . -xdev -mtime -7 -size +1000 -ls

• wgrep is a windowing grep that is useful for grabbing X number of lines before and after a match.
• psrinfo to view the processor info on a system running Solaris
• Add spice to interactive shell programs with tput

  When you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make your application more appealing. The Solaris "tput" command can be used to enhance your user interface.
  
  Here's a couple of quick tput commands that can spice up your user interface:
  
  The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make the "[Enter]" portion of the following echo statement output appear bold:
  
  bold=`tput smso`
  norm=`tput rmso`
  echo "Hit the ${bold}[Enter]${norm} key to continue: \c"
  
  You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:
  
      tput cup 10 40
  
  I once wrote a crude interactive screen editor using tput cup to properly position the cursor when the user hit the various arrow keys.
   

• Finding text strings in binary files

  Ever wondered what's inside some of those binary files on your system (binary executables or binary data)? Several times I've gotten error messages from some command in the Solaris system, but I couldn't tell where the error was coming from because it was buried in some binary executable file.
  
  The Solaris "strings" command lets you look at the ASCII text buried inside of executable files, and can often help you troubleshoot problems. For
  instance, one time I was seeing error messages like this when a user was trying to log in:
  
      Could not set ULIMIT
  
  I finally traced the problem down to the /bin/login command by running the "strings" command like this:
  
      root> strings /bin/login | more
  
  The strings command lists ASCII character sequences in binary files, and help me determine that the "Could not set ULIMIT" error was coming from
  this file. Once I determined that the error message I was seeing was coming from this file, solving the problem became a simple matter.

• Keep commands running after you leave with nohup

  It's 3 p.m., and you want to start a long job running. Unfortunately, you can't be sure that the job will finish by 5 p.m. when you need to leave, and the company is very strict about making sure you log off when you leave. However, if you log off the system, the job will be stopped. What can you do?
  
  On Solaris systems you can use the "nohup" (no hang-up) command to keep jobs running long after you log off the system. Using nohup tells the system not to "hang-up" on your job after you've logged off the system.
  
  Here's how to run the job, and keep it running after you log off:

  root> nohup my-long-job &

  This creates a file named "nohup.out" in the current directory that contains the standard output of the command ("my-long-job") you're running.
  Everyone is happy because the job keeps running, you get to leave at 5 p.m., and you're properly logged off the system.

Old News ;-)

[Nov 30, 2007] freshmeat.net Project details for Expect-lite

About:
Expect-lite is a wrapper for expect, created to make expect programming even easier. The wrapper permits the creation of expect script command files by using special character(s) at the beginning of each line to indicate the expect-lite action. Basic expect-lite scripts can be created by simply cutting and pasting text from a terminal window into a script, and adding '>' '

Release focus: Major feature enhancements

Changes:
The entire command script read subsystem has changed. The previous system read directly from the script file. The new system reads the script file into a buffer, which can be randomly accessed. This permits looping (realistically only repeat loops). Infinite loop protection has been added. Variable increment and decrement have been added to support looping.

Author:
Craig Miller [contact developer]

[Nov 15, 2006] Miscellaneous Solaris notes -- many interesting and unique tips.

A couple of old utilities

scsiinfo' extracts formatting and other parameters from SCSI hard disk drives that aren't listed in /etc/format.dat and can optionally create entries to be added to your system's format.dat file.. Might be useful for old boxes.

$Id: ANNOUNCEMENT,v 1.24 2001/07/16 16:03:14 jdd Exp $

Version 4.7 of scsiinfo is now available.

New in release 4.7:
	o support for Sun's PLN fibre-channel SCSI host adapter.
        o support for Sun's simple SCSI target (sst) driver.
        o -O support (Solaris 2.x) to check for devices already open.
        o autodetection of host adapter include files.
	o Solaris 8 support.

For those unfamiliar with scsiinfo:

Scsiinfo displays information about SCSI devices attached to a given system,
as seen by a supported SCSI device driver.  For each target known to the SCSI
host adapter, scsiinfo reports SCSI transfer information for the device.  In
particular, when a target supports synchronous transfer, the negotiated
maximum transfer rate (in MB/sec) is reported.  Scsiinfo can also report the
type and speed of each supported host adapter attached to the system.  In
addition, it supports querying SCSI disks for geometry and formatting and
optionally generates a format.dat entry based on these values.  Finally,
scsiinfo supports querying SCSI devices for vendor, product, and revision
information, in the style of the Sun OpenBoot prom's probe-scsi and
probe-scsi-all commands.

Only suns with esp, isp, fas, ptisp and glm SCSI controllers
(sun4c/4m/4e/4d/4u) running SunOS 4.1 or later are supported.  The isp, fas
and glm controllers are only supported under SunOS 5.x.

Scsiinfo version 4.7 is available for anonymous ftp from:
	ftp://ftp.cs.toronto.edu/pub/jdd/scsiinfo/scsiinfo-4.7.shar

memconf - memory configuration utility for Sun SparcStations.

memconf' is a Perl script which determines the configuration of the RAM modules in Sun workstations. It uses the SunOS 5.x 'prtconf' and 'prtdiag' utilities extract relevent information and present it in more user-friendly format.

[Jun 5, 2006] open.itworld.com - Using stty to Your Advantage Note that in .progile you should use if statement to determine which erase symbol to use

The most commonly used stty command is undoubtedly the "stty erase ^h" command which is often used in scripts
 

if [ `tty | grep -ci console` -eq 0 ]
then
	stty ERASE ^H
	TERM=SUN
fi

[Jun 5, 2006] Sys Admin Cool Commands

truss -c (Solaris >= 8): This astounding option to truss provides a profile summary of the command being trussed:

$ truss -c grep asdf work.doc
syscall              seconds   calls  errors
_exit                    .00       1
read                     .01      24
open                     .00       8      4
close                    .00       5
brk                      .00      15
stat                     .00       1
fstat                    .00       4
execve                   .00       1
mmap                     .00      10
munmap                   .01       3
memcntl                  .00       2
llseek                   .00       1
open64                   .00       1
                        ----     ---    ---
sys totals:              .02      76      4
usr time:                .00
elapsed:                 .05

It can also show profile data on a running process. In this case, the data shows what the process did between when truss was started and when truss execution was terminated with a control-c. It’s ideal for determining why a process is hung without having to wade through the pages of truss output.

 

truss -d and truss -D (Solaris >= 8): These truss options show the time associated with each system call being shown by truss and is excellent for finding performance problems in custom or commercial code. For example:

$ truss -d who
Base time stamp:  1035385727.3460  [ Wed Oct 23 11:08:47 EDT 2002 ]
 0.0000 execve(“/usr/bin/who”, 0xFFBEFD5C, 0xFFBEFD64)  argc = 1
 0.0032 stat(“/usr/bin/who”, 0xFFBEFA98)                = 0
 0.0037 open(“/var/ld/ld.config”, O_RDONLY)             Err#2 ENOENT
 0.0042 open(“/usr/local/lib/libc.so.1”, O_RDONLY)      Err#2 ENOENT
 0.0047 open(“/usr/lib/libc.so.1”, O_RDONLY)            = 3
 0.0051 fstat(3, 0xFFBEF42C)                            = 0
. . .

truss -D is even more useful, showing the time delta between system calls:

Dilbert> truss -D who
 0.0000 execve(“/usr/bin/who”, 0xFFBEFD5C, 0xFFBEFD64)  argc = 1
 0.0028 stat(“/usr/bin/who”, 0xFFBEFA98)                = 0
 0.0005 open(“/var/ld/ld.config”, O_RDONLY)             Err#2 ENOENT
 0.0006 open(“/usr/local/lib/libc.so.1”, O_RDONLY)      Err#2 ENOENT
 0.0005 open(“/usr/lib/libc.so.1”, O_RDONLY)            = 3
 0.0004 fstat(3, 0xFFBEF42C)                            = 0

In this example, the stat system call took a lot longer than the others.

 

truss -T: This is a great debugging help. It will stop a process at the execution of a specified system call. (“-U” does the same, but with user-level function calls.) A core could then be taken for further analysis, or any of the /proc tools could be used to determine many aspects of the status of the process.

truss -l (improved in Solaris 9): Shows the thread number of each call in a multi-threaded processes. Solaris 9 truss -l finally makes it possible to watch the execution of a multi-threaded application.

Truss is truly a powerful tool. It can be used on core files to analyze what caused the problem, for example. It can also show details on user-level library calls (either system libraries or programmer libraries) via the “-u” option.

pkg-get: This is a nice tool (http://www.bolthole.com/solaris) for automatically getting freeware packages. It is configured via /etc/pkg-get.conf. Once it’s up and running, execute pkg-get -a to get a list of available packages, and pkg-get -i to get and install a given package.

plimit (Solaris >= 8): This command displays and sets the per-process limits on a running process. This is handy if a long-running process is running up against a limit (for example, number of open files). Rather than using limit and restarting the command, plimit can modify the running process.

 

coreadm (Solaris >= 8): In the “old” days (before coreadm), core dumps were placed in the process’s working directory. Core files would also overwrite each other. All this and more has been addressed by coreadm, a tool to manage core file creation. With it, you can specify whether to save cores, where cores should be stored, how many versions should be retained, and more. Settings can be retained between reboots by coreadm modifying /etc/coreadm.conf.

pgrep (Solaris >= 8): pgrep searches through /proc for processes matching the given criteria, and returns their process-ids. A great option is “-n”, which returns the newest process that matches.

preap (Solaris >= 9): Reaps zombie processes. Any processes stuck in the “z” state (as shown by ps), can be removed from the system with this command.

pargs (Solaris >= 9): Shows the arguments and environment variables of a process.

nohup -p (Solaris >= 9): The nohup command can be used to start a process, so that if the shell that started the process closes (i.e., the process gets a “SIGHUP” signal), the process will keep running. This is useful for backgrounding a task that should continue running no matter what happens around it. But what happens if you start a process and later want to HUP-proof it? With Solaris 9, nohup -p takes a process-id and causes SIGHUP to be ignored.

prstat (Solaris >= 8): prstat is top and a lot more. Both commands provide a screen’s worth of process and other information and update it frequently, for a nice window on system performance. prstat has much better accuracy than top. It also has some nice options. “-a” shows process and user information concurrently (sorted by CPU hog, by default). “-c” causes it to act like vmstat (new reports printed below old ones). “-C” shows processes in a processor set. “-j” shows processes in a “project”. “-L” shows per-thread information as well as per-process. “-m” and “-v” show quite a bit of per-process performance detail (including pages, traps, lock wait, and CPU wait). The output data can also be sorted by resident-set (real memory) size, virtual memory size, execute time, and so on. prstat is very useful on systems without top, and should probably be used instead of top because of its accuracy (and some sites care that it is a supported program).

trapstat (Solaris >= 9): trapstat joins lockstat and kstat as the most inscrutable commands on Solaris. Each shows gory details about the innards of the running operating system. Each is indispensable in solving strange happenings on a Solaris system. Best of all, their output is good to send along with bug reports, but further study can reveal useful information for general use as well.

vmstat -p (Solaris >= 8): Until this option became available, it was almost impossible (see the “se toolkit”) to determine what kind of memory demand was causing a system to page. vmstat -p is key because it not only shows whether your system is under memory stress (via the “sr” column), it also shows whether that stress is from application code, application data, or I/O. “-p” can really help pinpoint the cause of any mysterious memory issues on Solaris.

pmap -x (Solaris >= 8, bugs fixed in Solaris >= 9): If the process with memory problems is known, and more details on its memory use are needed, check out pmap -x. The target process-id has its memory map fully explained, as in:

# pmap -x 1779
1779:   -ksh
 Address  Kbytes     RSS    Anon  Locked Mode   Mapped File
00010000     192     192       -       - r-x--  ksh
00040000       8       8       8       - rwx--  ksh
00042000      32      32       8       - rwx--    [ heap ]
FF180000     680     664       -       - r-x--  libc.so.1
FF23A000      24      24       -       - rwx--  libc.so.1
FF240000       8       8       -       - rwx--  libc.so.1
FF280000     568     472       -       - r-x--  libnsl.so.1
FF31E000      32      32       -       - rwx--  libnsl.so.1
FF326000      32      24       -       - rwx--  libnsl.so.1
FF340000      16      16       -       - r-x--  libc_psr.so.1
FF350000      16      16       -       - r-x--  libmp.so.2
FF364000       8       8       -       - rwx--  libmp.so.2
FF380000      40      40       -       - r-x--  libsocket.so.1
FF39A000       8       8       -       - rwx--  libsocket.so.1
FF3A0000       8       8       -       - r-x--  libdl.so.1
FF3B0000       8       8       8       - rwx--    [ anon ]
FF3C0000     152     152       -       - r-x--  ld.so.1
FF3F6000       8       8       8       - rwx--  ld.so.1
FFBFE000       8       8       8       - rw---    [ stack ]
-------- ------- ------- ------- -------
total Kb    1848    1728      40       -

Here we see each chunk of memory, what it is being used for, how much space it is taking (virtual and real), and mode information.

df -h (Solaris >= 9): This command is popular on Linux, and just made its way into Solaris. df -h displays summary information about file systems in human-readable form:

$ df -h
Filesystem             size   used  avail capacity  Mounted on
/dev/dsk/c0t0d0s0      4.8G   1.7G   3.0G    37%    /
/proc                    0K     0K     0K     0%    /proc
mnttab                   0K     0K     0K     0%    /etc/mnttab
fd                       0K     0K     0K     0%    /dev/fd
swap                   848M    40K   848M     1%    /var/run
swap                   849M   1.0M   848M     1%    /tmp
/dev/dsk/c0t0d0s7       13G    78K    13G     1%    /export/home

piostat.pl  

#!/local/unix/bin/perl # #Reads the output of iostat(1), with args -xnp, and plots the data for # the UFS partitions on the local box. The partitions are obtained w/ a # simple df. The swap partition is grok'd from /etc/ ...
http://www.sun.com/bigadmin/scripts/submittedScripts/piostat.pl.txt - October 5, 2004

Keep commands running after you leave with nohup

It's 3 p.m., and you want to start a long job running. Unfortunately, you can't be sure that the job will finish by 5 p.m. when you need to leave, and the company is very strict about making sure you log off when you leave. However, if you log off the system, the job will be stopped. What can you do?

On Solaris systems you can use the "nohup" (no hang-up) command to keep jobs running long after you log off the system. Using nohup tells the system not to "hang-up" on your job after you've logged off the system.

Here's how to run the job, and keep it running after you log off:

root> nohup my-long-job &

This creates a file named "nohup.out" in the current directory that contains the standard output of the command ("my-long-job") you're running. Everyone is happy because the job keeps running, you get to leave at 5 p.m., and you're properly logged off the system.

[Dec 25, 2005] Sun Solaris Tips An excellent collection of tips !!!

Use CDPATH to traverse filesystems faster

If you're like many Solaris users and administrators, you spend a lot of time moving back and forth between directories in similar locations. For instance, you might often work in your home directory (such as "/home/al"), the /usr/local directories, web page directories, or other user's home directories in /home.

If you're often moving back-and-forth between the same directories, and you use the Bourne shell (sh) or Korn shell (ksh) as your login shell, you can use the CDPATH shell variable to save yourself a lot of typing, and quickly move between directories.

Here's a quick demo. First move to the root directory:

    cd /

Next, if it's not set already, set your CDPATH shell variable as follows:

CDPATH=/usr/spool

Then, type this cd command:

    cd cron

What happens? Type this and see what happened:

    pwd

The result should be "/usr/spool/cron".

When you typed "cd cron", the shell looked in your local directory for a sub-directory named "cron". When it didn't find one, it searched the CDPATH variable, and looked for a "cron" sub-directory. When it found a sub-directory named cron in the /usr/spool directory, it moved you there.

You can set your CDPATH variable just like your normal PATH variable:

    CDPATH=/home/al:/usr/local:/usr/spool:/home

Group commands together with parentheses

Have you ever needed to run a series of commands, and pipe the output of all of those commands into yet another command?

For instance, what if you wanted to run the "sar", "date", "who", and "ps -ef" commands, and wanted to pipe the output of all three of those commands
into the "more" command? If you tried this:

    sar -u 1 5; date; who; ps -ef | more

you'll quickly find that it won't work. Only the output of the "ps -ef" command gets piped through the "more" command, and the rest of the output
scrolls off the screen.

Instead, group the commands together with a pair of parentheses (and throw in a few echo statements for readability) to get the output of all these
commands to pipe into the more command:

(sar -u 1 5; echo; who; echo; ps -ef; echo; date; echo) | more

Use the "at" command to run jobs some other time

Many times it's necessary to schedule programs to run at a later time. For instance, if your computer system is very busy during the day, you may need
to run jobs late at night when nobody is logged on the system.

Solaris makes this very easy with the "at" command. You can use the "at" command to run a job at almost any time--later today, early tomorrow...whenever.

Suppose you want to run the program "my_2_hour_program" at ten o'clock tonight. Simply tell the at command to run the job at 10 p.m. (2200):

    /home/al> at 2200
    at> my_2_hour_program > /tmp/2hour.out
    at> <CTRL><D>
warning: commands will be executed using /bin/ksh
job 890193600.a at Tue Mar 17 22:00:00 1998

Or suppose you'd like to run a find command at five o'clock tomorrow morning:

/home/al> at 0500 tomorrow
at> find /home > /tmp/find.out
at> <CTRL><D>
warning: commands will be executed using /bin/ksh
job 890215200.a at Wed Mar 18 05:00:00 1998

When you're at the "at" prompt, just type the command you want to run. Try a few tests with the at command until you become comfortable with the way
it works.

Add spice to interactive shell programs with tput

When you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make
your application more appealing. The Solaris "tput" command can be used to enhance your user interface.

Here's a couple of quick tput commands that can spice up your user interface:

The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for
titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make
the "[Enter]" portion of the following echo statement output appear bold:

bold=`tput smso`
norm=`tput rmso`
echo "Hit the ${bold}[Enter]${norm} key to continue: \c"

You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:

    tput cup 10 40

I once wrote a crude interactive screen editor using tput cup to properly position the cursor when the user hit the various arrow keys.

Create a directory and move into it at the same time

Question: How often do you create a new directory and then move into that directory in your next command?  Answer: Almost always.

I realized this trend in my own work habits, so I created a simple shell function to do the hard work for me.

     md () {
          mkdir -p $1  &&  cd $1
     }

This is a Bourne shell function named "md" that works for Bourne and Korn shell users. It can be easily adapted for C shell users.

Taking advantage of the -p option of the mkdir command, the function easily creates multi-level subdirectories, and moves you into the lowest level of the directory structure.  You can use the command to create one subdirectory like this:

     /home/al> md docs
     /home/al/docs> _

or you can create an entire directory tree and move right into the new directory like this:

     /home/al> md docs/memos/internal/solaris8
     /home/al/docs/memos/internal/solaris8>

Easily convert man pages to text documents

Have you ever wanted to convert a man page into a plain text document?
I do this occasionally when I want to share information via an email or other document format.

I used to think this was difficult, but then I discovered a simple way to do it. Here's the wrong way to write the man page for the ls command into a text file named ls.bad:

     man ls > ls.bad

This keeps all of the formatting characters in your document, which is generally not what you want.  Here's a better way that eliminates those formatting characters:

     man ls | col -b > man.txt

The col command with the -b option removes the undesirable backspace characters from the text stream, so the only thing left in your document is the text you want, in the format you want.

How to page more than one command at a time

Have you ever wanted to group a bunch of commands into a paging program like "page" or "more", but didn't know how?

As a system administrator, I always worry about certain things, like who's doing what, what processes are running, what the network traffic looks like, etc.  One day I decided to create a simple alias that would combine all the commands I wanted into one big chunk of information.  Then I realized that it wouldn't all fit into one screen.
Fortunately I knew how to group all of the commands together, so the "more" command could handle them as one set of input.

First, here's the wrong way to try to page a sequence of four commands:

     date; netstat -i; whodo; ps -ef | more

The only command that gets paged properly here is the "ps -ef" command
--the rest of them scroll off the screen before you can read them.

Here's the correct way to page four commands so they're all controlled
by "more":

     (date; netstat -i; whodo; ps -ef) | more

Once you find the commands you want to group together, you can combine them into an alias or shell program.  I recommend a shell program for this, because a few "echo" statements sure make it easier to see where one command ends and the next command begins!

Initializing log files

Like all Unix file systems, open log files can cause a real problem when they get too large and need to be deleted. The problem is, if you delete an open file, the link is removed, but all of the inodes are lost. Even worse, if the program continues to log to the file, the link never re-appears, and additional inodes are lost and are unrecoverable. I suggest two solutions to the above problems.

If you have lost inodes, a simple reboot (make sure FSCK is run on startup) will recover lost inodes and missing filespace.

To empty (or zero out) an open log file, simply issue the following command:

date > logfile

This will 'empty' the file and insert as the first line the output from the date command. If you want a completely empty file, don't enter date,

just > logfile.

This works great on apache and other web server logs, without ever stopping the service.

Don't forget the options that make ls work better for you

Generally speaking, most users type ls or ls -al to see their directory listings. But don't forget that there are a few other cool options that make it easier to read your directory listings.

The -aCF options are my next-favorite listing combination.  The following command:

     ls -aCF

lists (a) all files in columns with special characters appended to the end of each name to show whether the file is a normal file, directory, executable file, or link.

The -m option lets you list files in a comma-separated list, which can be useful if you're going to be exporting the list to a Perl program or shell script.

To sort the listing by file size, try

     ls -al | sort -4n

To reverse the filesize listing, use

     ls -al | sort -4nr

instead.

Using the which command

I think a good command in addition to the 'type' is the 'which' command. You can really see where the executable come from. This is very helpful to find out if there is an alias set to the command and if so - which one.

Example:   # type ls
           ls is a tracked alias for /usr/bin/ls
           # which ls
           ls:     aliased to ls -aF
 

Sun Solaris Tips

Add spice to interactive shell programs with tput

When you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make
your application more appealing. The Solaris "tput" command can be used to enhance your user interface.

Here's a couple of quick tput commands that can spice up your user interface:

The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for
titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make
the "[Enter]" portion of the following echo statement output appear bold:

bold=`tput smso`
norm=`tput rmso`
echo "Hit the ${bold}[Enter]${norm} key to continue: \c"

You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:

    tput cup 10 40

I once wrote a crude interactive screen editor using tput cup to properly position the cursor when the user hit the various arrow keys.

[Jan 17, 2005] Updating OpenBoot PROM for Sun Workstations and Workgroup Servers Based on SPARC Technology

Having the latest version of OpenBoot PROM (OBP) on a SPARC processor-based workstation or workgroup server can be critical when adding new applications or hardware, or when upgrading the machine's Solaris Operating System (OS). Updating may also save some time and difficulty by resolving any latent bugs that have been detected and fixed since the previous releases. The paragraphs that follow guide you through the steps required to do the update.  

Note: This Tech Tip does not cover larger servers; for those systems, see SunSolve document #41723 entitled Updating the Sun Fire 3800-6800 series Flash Proms.

Phil's Solaris hints

• SunScreen GUI
• Solaris Drivers and Developer resources (Separate page)
• KSH korn shell tutorial
• Informational documents
• Inline stuff
• SCCS related goodies
• Portable scripts
• Fun with packaging
• Fun stuff (and other "outside links")
• Third party programs
• Search Bolthole.com

VMware's back

• Introduction
• Choosing VMware Version
• Creating a Virtual Machine
• Installing the Operating System
• Enabling DMA for Hard Disk Drives
• Getting Better Screen Resolution
• Running VMware-Tools on Solaris
• Shrinking Virtual Disks
• Idling the CPU Properly
• Miscellaneous Tips

New Bigadmin community submissions:

• Installing CUPS on the Solaris 9 Operating System
  Find out about the Common UNIX Printing System, an open-source tool that causes a box running the Solaris OS to act like a print server.

• SSH Port Forwarding Through a Proxy Server
  Learn how to use SSH port forwarding (tunneling) through a proxy server for secure connections.

• Hardening the Solaris 9 OS and NcFTP for an FTP Bastion Host
  Read about the build, configuration, and subsequent hardening of UNIX servers that constitute a secured FTP solution.
• Running Wine on the Sun Java Desktop System, Release 2
  A BigAdmin reader describes how to install and use Wine, an open source implementation of the Windows API, on the Sun Java Desktop System, Release 2.

Sys Admin Cool Commands

There are so many commands in Solaris that it is difficult to separate the cool ones from the mundane. For example, there are commands to report how much time a program spends in each system call, and commands to dynamically show system activities, and most of these commands are included with Solaris 8 as well as Solaris 9. This month, I’m highlighting some of the commands that you might find particularly useful.

Systems administrators are tool users. Through experience, we have learned that the more tools we have, the better able we are to diagnose problems and implement solutions. The commands included in this column are gleaned from experience, friends, acquaintances, and from attendance at the SunNetwork 2002 conference in September. “The /procodile Hunter” talk by Solaris kernel developers Brian Cantrill and Mike Shapiro was especially enlightening and frightening because Cantrill wrote code to illustrate a point faster than Shapiro could explain the point they were trying to illustrate!

Useful Solaris Commands

truss -c (Solaris >= 8): This astounding option to truss provides a profile summary of the command being trussed:

$ truss -c grep asdf work.doc
syscall              seconds   calls  errors
_exit                    .00       1
read                     .01      24
open                     .00       8      4
close                    .00       5
brk                      .00      15
stat                     .00       1
fstat                    .00       4
execve                   .00       1
mmap                     .00      10
munmap                   .01       3
memcntl                  .00       2
llseek                   .00       1
open64                   .00       1
                        ----     ---    ---
sys totals:              .02      76      4
usr time:                .00
elapsed:                 .05

It can also show profile data on a running process. In this case, the data shows what the process did between when truss was started and when truss execution was terminated with a control-c. It’s ideal for determining why a process is hung without having to wade through the pages of truss output.

 

truss -d and truss -D (Solaris >= 8): These truss options show the time associated with each system call being shown by truss and is excellent for finding performance problems in custom or commercial code. For example:

 

$ truss -d who
Base time stamp:  1035385727.3460  [ Wed Oct 23 11:08:47 EDT 2002 ]
 0.0000 execve(“/usr/bin/who”, 0xFFBEFD5C, 0xFFBEFD64)  argc = 1
 0.0032 stat(“/usr/bin/who”, 0xFFBEFA98)                = 0
 0.0037 open(“/var/ld/ld.config”, O_RDONLY)             Err#2 ENOENT
 0.0042 open(“/usr/local/lib/libc.so.1”, O_RDONLY)      Err#2 ENOENT
 0.0047 open(“/usr/lib/libc.so.1”, O_RDONLY)            = 3
 0.0051 fstat(3, 0xFFBEF42C)                            = 0
. . .

truss -D is even more useful, showing the time delta between system calls:

 

Dilbert> truss -D who
 0.0000 execve(“/usr/bin/who”, 0xFFBEFD5C, 0xFFBEFD64)  argc = 1
 0.0028 stat(“/usr/bin/who”, 0xFFBEFA98)                = 0
 0.0005 open(“/var/ld/ld.config”, O_RDONLY)             Err#2 ENOENT
 0.0006 open(“/usr/local/lib/libc.so.1”, O_RDONLY)      Err#2 ENOENT
 0.0005 open(“/usr/lib/libc.so.1”, O_RDONLY)            = 3
 0.0004 fstat(3, 0xFFBEF42C)                            = 0

In this example, the stat system call took a lot longer than the others.

 

truss -T: This is a great debugging help. It will stop a process at the execution of a specified system call. (“-U” does the same, but with user-level function calls.) A core could then be taken for further analysis, or any of the /proc tools could be used to determine many aspects of the status of the process.

 

truss -l (improved in Solaris 9): Shows the thread number of each call in a multi-threaded processes. Solaris 9 truss -l finally makes it possible to watch the execution of a multi-threaded application.

Truss is truly a powerful tool. It can be used on core files to analyze what caused the problem, for example. It can also show details on user-level library calls (either system libraries or programmer libraries) via the “-u” option.

Solaris Tips and Tricks

• Solaris 10 has a new feature boot -m verbose which allows you to customize boot console output.
• Common boot errors and their workarounds. (CC)
• In case you ever wanted to know what the heck is going on during the boot process. (CC)
• The basics of the boot command.
• If you haven't sat down and figured out what all those scripts do, here is an analysis of Solaris 8 Startup Files.
• Ever wonder what the box is doing before the banner and OBP prompt is displayed?

Where has the XXX command gone now?

There are too many of these changes to include in this FAQ, but here are some key ones:

a. locations are often different

whoami

/usr/ucb/whoami

make

/usr/ccs/bin/make

hostid

/usr/ucb/hostid

hostname

/usr/ucb/hostname (or use uname -n)

Note that the last two commands are back in /usr/bin in Solaris 2.5.

b. some old commands don't exist or have replacements

pstat -s

swap -s (how much swap space?)

dkinfo

/usr/sbin/prtvtoc raw_dev_name

trace

truss

mount -a

mountall

exportfs

share

bar

cpio -H bar (read only)

This information can be found in the Solaris 2.x Transition Guide - Appendix A (commands), Appendix B (system calls), Appendix C (files).

This guide has undergone some changes from 2.0 -> 2.1 and beyond. Several manuals have ended up being combined into this single manual. This manual discusses administrative transition and developer transition issues.

The command "whatnow" (for Solaris 2.x) is included in the "Admigration Toolkit" package (see below). The Admigration toolkit can be obtained from:

Admigration toolkit

Sample output:

	% whatnow hostname
	hostname                                        4.x command only
	hostname        /usr/ucb/hostname               part of SCP package
	hostname        /usr/bin/uname -n               alternate command

The whatnow command is limited in that it may point to one command which may only implement a subset of the old command (e.g., pstat points to sar, while pstat -s is identical to swap -s)

Make certain that the login shell for root in /etc/passwd is /sbin/sh.

Core files creation blocking in Solaris

The coreadm command controls the generation of core files. To determine the current coreadm settings, run coreadm as root. Output such as the following will be generated:     global core file pattern:
      init core file pattern: core
           global core dumps: disabled
      per-process core dumps: enabled
     global setid core dumps: disabled
per-process setid core dumps: disabled
    global core dump logging: disabled
 

Given the sample configuration above, per-process core dumps are enabled. When a process terminates abnormally or receives an appropriate signal, it will generate a core file named 'core' in the working directory of the process.

To disable per-process core file creation, use:

 

coreadm -d process

This will modify the /etc/coreadm.conf which is read at boot when /etc/init.d/coreadm is executed from a runtime control script. To make permanent changes to coreadm, do not edit the /etc/coreadm.conf file, use the coreadm command.

New Options in Solaris 10 daemons

New Options in Solaris 10 FTPD

docs.sun.com man pages section 1M System Administration Commands

• -a Enables use of the ftpaccess(4) file.
• -r rootdir chroot(2) to rootdir upon loading. Use this option to improve system security. It limits the files that can be damaged should a break in occur through the daemon. This option is similar to anonymous FTP. Additional files are needed, which vary from system to system.

New options in Solaris 10 TELNETD

-U

Refuses connections that cannot be mapped to a name through the getnameinfo(3SOCKET) function.

 

isainfo command

The isainfo command can be used to determine if a Solaris system has been configured to run in 32 or 64 bit mode.  Run the command
  isainfo -v
If the system is running in 32 bit mode, you will see the following output: "32-bit sparc applications". On a 64 bit Solaris system, you'll see:

64-bit sparcv9 applications
32-bit sparc applications

psrinfo to view the processor info on a system running Solaris, the following command can be used

How to  reject remote logging in syslogd

syslogd -t will turn on sysloging but it will not receive remote logging from other devices.

Best way to enable is to go to /etc/init.d/syslog and edit the script. Go to line
/usr/sbin/syslogd >/dev/msglog 2>&1 &

and edit it with the -t option to look like:

/usr/sbin/syslogd -t >/dev/msglog 2>&1 &

The start syslogd again and verify with a ps -ef | grep

Tech-Recipes.com - creating a solaris 8 flash archive boot disk

 

creating a solaris 8 flash archive boot disk Home -> UNIX -> Solaris -> System administration	3794 views
From the computer of: weezlboy  (1 recipe)
created: 2004-05-27 10:53:27 last updated: 2004-05-28 09:15:02
1 comments: View all comments   Add a comment
Description creating a Solaris 8 flash archive boot disk with Schily's mkisofs
Directions #! /bin/csh # script asumptions: # the /opt/make_os directory is present. # the flash archive s8.archive is in the /opt/make_os directory # the file profind is located in /opt/make_os # the mkisofs is located in /opt/schily/bin # the Solaris 8 Software 1 of 2 disk cd /opt/make_os # make the solaris_8 directory to assemble the image in mkdir solaris_8 # pull off the s0 directory from the cd cd /cdrom/cdrom0/ find s0 -print | cpio -pudm /opt/make_os/solaris_8 cd /opt/make_os/solaris_8 # dump the rest of the info from the cd /etc/init.d/volmgt stop sleep 10 foreach i (1 2 3 4 5) dd if=/dev/dsk/c0t2d0s$i of=s8u5.s$i bs=512 end /etc/init.d/volmgt start sleep 10 # remove the packages from the Product directory cd /opt/make_os/solaris_8/s0/Solaris_8/Product rm -rf * # copy the s8.archive file into the Product directory cp /opt/make_os/s8.archive /opt/make_os/solaris_8/s0/Solaris_8/Product # remove the configuration files from the .install_config directory cd /opt/make_os/solaris_8/s0/.install_config rm * # create the s8.profile in the .install_config directory echo "install_type flash_install" > s8.profile echo "archive_location local_file /cdrom/Solaris_8/Product/s8.archive" >> s8.profile echo "partitioning explicit" >> s8.profile echo " " >> s8.profile echo "filesys rootdisk.s0 free /" >> s8.profile echo "filesys rootdisk.s1 1:1450 swap" >> s8.profile echo "filesys rootdisk.s7 1451:4 unnamed" >> s8.profile chmod 644 s8.profile # run check on the rules file to create the rules.ok file # copy the rules.ok to the .install_config directory # rules file looks like echo "any - - s8.profile -" > rules chmod 644 rules /cdrom/cdrom0/s0/Solaris_8/Misc/jumpstart_sample/check rm rules #cd /opt/make_os/solaris_8/s0/Solaris_8/Tools/Boot/usr/sbin/install.d # edit the profind file and modify cdrom() to look like #cdrom() #{ # Factory JumpStart is only allowed with factory # stub images, indicated by the file /tmp/.preinstall # # if [ -f /tmp/.preinstall ]; then # mount -o ro -F lofs ${CD_CONFIG_DIR} ${SI_CONFIG_DIR} >/dev/null 2>&1 # if [ $? -eq 0 ]; then # verify_config "defaults" "CDROM" # fi # fi # gettext " <<< using CDROM install_config >>>"; echo #new # rmdir ${SI_CONFIG_DIR} #new # ln -s /cdrom/.install_config ${SI_CONFIG_DIR} #new #} # copy the profind file from the /opt/make_os directory cp -p /opt/make_os/profind /opt/make_os/solaris_8/s0/Solaris_8/Tools/Boot/usr/sbin/install.d # now edit the sysidcfg on slice 1 lofiadm -a /opt/make_os/solaris_8/s8u5.s1 mount /dev/lofi/1 /mnt rm /mnt/etc/sysidcfg cd /mnt/etc # create a new sysidcfg echo "system_locale=en_US" > sysidcfg echo "timezone=US/Pacific" >> sysidcfg echo "network_interface=primary {hostname=YOUR HOSTNAME" >> sysidcfg echo " ip_address=YOUR HOST'S IP" >> sysidcfg echo " netmask=255.255.255.0" >> sysidcfg echo " protocol_ipv6=no}" >> sysidcfg echo "terminal=vt100" >> sysidcfg echo "security_policy=NONE" >> sysidcfg echo "root_password=PASSWORD FROM SHADOW FILE" >> sysidcfg echo "name_service=NONE" >> sysidcfg echo "timeserver=localhost" >> sysidcfg chmod 777 sysidcfg # cd /opt/make_os/solaris_8 umount /mnt lofiadm -d /dev/lofi/1 # create the image using Schily's mkisofs /opt/schily/bin/mkisofs -R -D -d -L -l -sparc-boot s8u5.s1,s8u5.s2,s8u5.s3,s8u5.s4,s8u5.s5 -o s8u5.image ./s0 # burn the cd #cdrw -C -d cdrom0 -i /opt/make_os/solaris_8/s8u5.image

 

 

Hi.

Just a comment on this otherwise nice script. The delete lines such as:

# remove the packages from the Product directory
cd /opt/make_os/solaris_8/s0/Solaris_8/Product
rm -rf *

and

# remove the configuration files from the .install_config directory
cd /opt/make_os/solaris_8/s0/.install_config
rm *

are extremely dangerous. If for some reason the cd command fails (permission problems, missing directories etc), the next command will wipe the rootdisk clean (or at least every file in the directory the command is issued from and all directories below). A much better version would be to do the rm command directly on the directory:

rm -rf /opt/make_os/solaris_8/s0/Solaris_8/Product/*

In this case the rm command will fail if the directory doesn't exist, and no harm would be done. Another approach would be to test for the existence of the directory prior to issue the commands, and to exit with an error code if the check fails.

Unix/Solaris: One-Liners
Source: http://www.kevlo.com/~ebs/unix_commands.txt
 

Listed here are a bunch of unix commands.
 

--> change file date stamp
touch –t 199906042020 filename

--> move partitions
ufsdump 0f - /dev/rdsk/c0t0s0s0 | (cd /home; ufsrestore xv -)
 

--> lay down file system with 1% minfree and inode density
newfs –m1 –i81920 /dev/rdsk/c0t0d0s0

--> check file system
fsck /dev/rdsk/c0t0d0s0

Q: starting sybase
login as sybase, run: ./install/RUN_SYBASE

Q: logging in as sybase sa
isql -U sa <password>

--> dump a partition and pipe to gzip. Watch > 2GB limit
ufsdump 0f - /home | gzip - >/tmp/home.dump.gz

--> rewind offline a tape
mt –f /dev/rmt/0 rewoffl

--> only allow 300MB for user /tmp access
swap - /tmp tmpfs – yes SIZE=300M

--> verbose interactive restore
ufsrestore –ivf /dev/rmt/1

--> remove a printer from a class
lpadmin –p level5-line1 –r level5-line
 

--> truss a command
truss –-f -–o /tmp/log.txt

--> [DB] feed a script into sybase
isql –Urfe_xfer -Uuser -Ppassword -isqlscript >>blah.txt

--> make a printer class
lpadmin –p level5-line1 –c level5-line

--> remove level2-line2 printer from printer class level2-line
lpadmin -p level2-line2 -r level2-line
 

--> add level2-line3 to printer class
lpadmin -c level2-line -p level2-line3

--> [DB] how to change your password in isql
sp_password password, password-new

--> move a directory
tar cf - ./games | (cd /tmp; tar xvBpf - )

--> [DB] run a sybase script, and dump to file
$ISQL -i$SCRIPTFILE -U$USER -D$DATABASE -P$PASS_ENC >> $SCRIPTLOGFILE

--> move a directory to another server
tar cf - ./games | rsh brucey cd /tmp\; tar xvBpf -
 

--> check for SUID SGID files
ncheck -F ufs -s /dev/dsk/c3t0d0s

-- remove core files
find / -name core –exec rm –f {} \; -o –fstype nfs –prune
 

--> rebuild man pages
catman –w –M man-page-directory or /usr/lib/makewhatis
 

--> vi command to show special characters
: set list
 

--> adding an account
useradd -u 120 –g dls -d /apps/dls –s /bin/ksh -c "comment" -m dls

--> create a mysql database
mysqladmin -uroot -ppassword create ebs

--> starting mysql database
/etc/rc.d/init.d/mysql.server start
/usr/local/bin/safe_mysqld

--> Invoke CPAN module install
perl –MCPAN –eshell

--> dump to zip
ufsdump 0f - /filesystem | /opt/local/gzip - > /tmp/dump.gz

--> shutdown mysql databse
/usr/local/bin/mysqladmin shutdown -ppassword
/etc/rc.d/init.d/mysql.server stop

--> test the loading of a module
PERL_DL_DEBUG=255 perl -e 'use CGI;'

--> shows open files
fuser –cu /

--> Writing a Daemon:
1. edit /etc/services
add service and port.
2. edit /etc/inetd.conf
add in: edwardd stream tcp nowait root /bin/sh /bin/sh /home/sextone/bin/SERVER.mine
3. kill –HUP inetd.conf

--> how to mount a file system
mount /dev/dsk/c3t0d0s4 /apps/data/easysoft/DEVT

--> look at sar log
sar –f /var/adm/sa/sa24

--> write file checksums and size
cksum filename

--> show storage array info
ssaadm display /dev/rdsk/c1t5d2s0
--> show all disks on device d
luxadm display d

--> examine for a specific OS finerprint
nmap –sS -p 80 -O -v <host> = examine OS

--> show print jobs
/usr/ucb/lpq –Plevel6

--> Scan for known ports. log it. do OS scan.
nmap –sS -F -o foo.log -v -O www.foo.com//24 =

--> show status of printer
/usr/ucb/lpc status

--> make a swap file:
dd if=/dev/zero of=swapfile bs=1024 count=65535
mkswap ./swapfile
chmod 600 ./swapfile
swapon ./swapfile

--> show open files for process
lsof –p PID

--> show open files for all TCP connections
lsof –iTCP

--> show open files for internet address
lsof -iTCP@10.20.2.9

--> as above
lsof -i @10.20.2.122

--> examine tcp ports
lsof -iTCP@sarah:1-50000

--> show open files for user.
lsof –u username

--> show processes that has the file in use.
lsof /apps/cms/ECMS-Server

--> show open files and retry every 5 seconds
lsof –p process-id –r 5

--> mount a floppy
mount -t vfat /dev/fd0 /mnt/floppy

--> check here for debugging processes and errno.h for errors
/usr/include
/usr/include/sys
/usr/include/sys/errno.h

--> scp a whole directory, preserve mods
sudo scp -prv devel webadmin@203.19.123.140:/home/httpd/cgi-bin

--> take processor 2 and 3 offline.
psradm -f 2 3
--> show processor stats verbose.
psrinfo –v

--> how to skip grant tables in mysql (over ride security)
/usr/local/libexec/mysqld -Sg

--> how to feed in an SQL program
mysql <create_table.sql

--> rm all files in directories
find . -type f -exec rm {} \;

--> dump packets to a capture file
sudo snoop –o /tmp/tcp.txt cp

--> backup one liner
tar cvf - /home/ebs | gzip - > ebs.tar.gz

--> Look at selected packets in capture file
sudo snoop -i /tmp/tcp.txt

--> unzip and pipe to tar
gzip -dc <kmysql-1_1_6_tar.gz | tar xvf -

--> watch packets from two servers.
snoop sarah brucey

--> enable ip masquerading
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 10.100.100.100/8 -j MASQ

-> view su log file
cat /var/adm/sulog

--> establish a default router or gateway.
echo "sagacity.com" > /etc/defaultrouter
echo "10.100.100.100 sagacity.com sagacity" >> /etc/hosts
change /etc/nsswitch.conf so that hosts has files, dns
edit resolv.conf put in
search .
nameserver 203.7.132.98

--> turn off automounter on /export/home.
vi /etc/auto_master, comment out /export/home

--> configuration file for sudoers
/opt/local/etc/sudoers

--> building ssh-1.2.27 on x86Solaris2.6 needed a few things:
/usr/openwin/bin in path
/usr/xpg4/bin in path
declare AR="/usr/xpg4/bin/ar"
declare NM_PATH="/usr/xpg4/bin/nm"

--> snoop network packets and get size and time stamp entries.
snoop -S -ta empa1

--> access perl CPAN
perl -MCPAN -e shell
install DBI

--> search for no password entries and lock all accounts.
for i in `passwd –sa | grep NP | awk ‘{print $1’`
do
echo “locking $i”
passwd –l $i
done
 

--> delete from a tar
tar --delete -f fs_backup_Sunday.tar home/ebs/tmp

--> Example on backing up files to tape. Must specify non rewinding, else you will over-write the files.
for file in `ls`
do
echo "sending $file to tape..."
echo `date`
tar cvpf /dev/rmt/0n $file
done

--> making/adding a partition.
1. use fdisk to make a parition.
2. mkfs -t ext2 -c /dev/hda11
3. mount -t ext2 /dev/hda11 /opt2
4. update /etc/fstab

--> rebuild the windex file
catman –w –M /usr/share/man
 
 

--> execute tar on remote host sarah and send tarball to standard output,
which becomes standard input for tar xvf – and the file gets dumped locally,
in this case on crawl. you have to cd to dir before tar or else you
will include path in tar
ssh maggie "cd $DIRNAME; tar cvf - $BASENAME" | (cd $TPATH; tar xvf - )

--> dump a remote filesystem and send it to local tape drive.
ssh -–x $fw /usr/sbin/ufsdump 0cf - $fs | dd obs=63k of=$TAPE

--> encrypt filename 1 and output to 1.crypt file
crypt < 1 > 1.crypt ; rm 1

--> decrypt filename 1.crypt and stdout to screen
crypt < 1.crypt

--> send a file to tape
tar cvpf /dev/rmt/0 filename

--> quicker way to search and replace in vi
: %s/existing/new/g

--> shows where and which shared library files an application uses.
ldd binary

--> shell script stuff:
# repeat a command 100 times
x=100
while [ $x -gt 0 ]
do
command
x=$(($x-1))
done

--> Something very important to remember about partitions
It is important to note that Cylinder 0 contains the disklabel, which
contains the partition table. A normal filesystem can be placed
starting at Cylinder 0, since it will not touch the disklabel.
If you lay down a raw device, for a database, over Cylinder 0,
then you will completely lose all your partitions. You will then
have to restore the disklabel, and backup from tape if you happen to do this.

--> move a partition
find . |cpio -pdm /apps

--> cron structure
min hour day-of-month month weekday command

--> PatchDiag Tool. Get patches from:
http://sunsolve.sun.com/private-cgi/patchpage.pl
patchdiag.xref is available at: http://sunsolve.sun.com/sunsolve/patchdiag/
/opt/local/bin/patchdiag -x /opt/local/lib/patchdiag.xref > patchdiag.`uname -n`

--> command showing system parameters
/usr/sbin/sysdef

--> Get Ambient Temperature of Server
/usr/platform/SUNW,Ultra-4/sbin/prtdiag -v

--> good ps formatting showing percent cpu first.
ps -edf -o pcpu,pid,user,arg

--> full details on ps
/usr/bin/ps –A -o user,pid,pcpu,pmem,vsz,rss,tty,s,stime,time,args

--> chown the hidden files as well.
find . -print -exec chown -R sextone:staff {} \;

--> The nsradmin command is a command-line based administrative
program for the NetWorker system. Normally nsradmin monitors
and modifies NetWorker resources over the network.
/usr/sbin/nsr/nsradmin

--> Spray a server
-c number of packets
-d delay in microseconds
-l pakcet size in bytes
/usr/sbin/spray -c 1 –d 20 -l 4096 maggie

--> Turn on bold.
bold=`tput smso`
offbold=`tput rmso`
echo "${bold}You must be the \"root\" user to run this script.${offbold}"

--> good way to send a dir to tape
tar cf /dev/rmt/0n directory

--> example of bringing up an interface
ifconfig hme0:1 inet 10.2.25.52 up

--> show all connections
netstat –f inet

--> rpcinfo makes an RPC call to an RPC server and reports
what it finds.
rpcinfo -b 390109 2 | sort -u

--> rewind a tape fast
< /dev/rmt/0

--> show loaded modules
/usr/sbin/modinfo

--> find world readable files and dirs
find / -type d –perm -2 –print
find . -type f –perm -2 -print

--> adding in a boot alias, eg:
boot sarahroot1 –s
nvalias sarahroot1 /sbus@1f,0/sunw,fas@e,8800000/sd@9,0:a

--> clever way to archive
tar cvf - `find . –print` >/tmp/dumpfile.tar
tar xvf - </tmp/dumpfile.tar

--> tee to a file
echo "Start Date/Time: `date`" | tee -a $LOG_FILE
 

--> read a snoop file
snoop -i anz-telnet.snoop

--> write a snoop log (this will count the number of connections, which is pretty neat).
snoop –osnoop.log sarah

--> set default run level. 5 for gui.
/etc/inittab

--> show all exported filesystems
showmount -e crawl

--> shows all configurable variables for tcp interface.
sudo ndd -get /dev/tcp
- ?
eg:
sudo ndd -get /dev/tcp tcp_conn_req_max_q
128
ndd /dev/arp \?
ndd /dev/ip \?
ndd /dev/tcp \?
ndd /dev/udp \?
ndd /dev/icmp \?
 
 

--> set sticky bit on group files, only the owner can change the mode.
--> the +l is mandatory file and record locking while a program
--> is accessing that file.
chmod g+s,+l file

--> print duplex landscape 4 qudrant printing
mpage –t –l –4

--> install a patch
installpatch .

--> check to see if a patch has been installed
showrev –p |grep package name
 

--> unzip, untar in a /tmp directory
zcat 104708-16.tar.gz | ( cd /tmp; sudo tar xvf - )

--> check out revision level on ssa controller
/usr/sbin/ssaadm display controller
 

--> unzip and untar a file without having to create an intermediate tar file
sudo gzip -dc /tmp/270599/post-EOD.tar.gz |tar xvf -
 
 

--> selectively extract from a tar archive
tar xvf /tmp/iona.tar ./iona/.sh_history

--> send a bunch of files to tape
tar cf /tmp/rules.tar ruleb* objects.C *.W

--> examine section 5 of man
man -s 5 signal

--> shows signals and definitions of structures, eg sigaction
/usr/include/sys/signal.h

--> location of the limits file on solaris
/usr/include/limits.h

--> send an attachment via email from command prompt
uuencode file.tar.gz file.tar.gz | mailx –s “backup” root@crawl

--> zero a file
cat /dev/null > isam.log

--> good way to restore from cdrom a binary file
zcat < /cdrom/cdrom0/Solaris_2.6/Product/SUNWcsu/install/reloc.cpio.Z |
cpio –idm usr/lib/fs/ufs/ufsrestore
 

--> running su as a user then ssh
su - dls-PROD -c "/opt/local/bin/ssh drp-stagger \"cd /tmp; /bin/ls\" "
 

--> verify a newfs format
sudo newfs –Nv /dev/md/dsk/d96
 

--> making lost_found. must be 8192 bytes in size.
mkdir ./lost+found;chown root ./lost+found; chgrp root ./lost+found ;chmod 700 ./lost+found’; cd ./lost+found
nofiles=0 ; while [ "$nofiles" -le 650 ] ; do ; /usr/ucb/touch $nofiles ; nofiles=`expr $nofiles + 1` ; done
 

--> execute lynx
lynx -cfg /usr/lib/lynx.cfg
 

--> sed search example
sed '/Sep\ 25/!d; /castill/!d' /var/log/syslo

-->should only be used at the EEPROM
boot –r
--> should be used at single user mode
reboot -- -r
--> should be used in multiuser mode
touch /reconfigure
 
 

--> performing a remote dump

find MFASYS
|cpio -oc |gzip -c
|ssh brucey -l chaup dd obs=18k of=/dev/rmt/0n

- to extract -
cd /ssa/emphasys/sybase/dump
dd ibs=18k if=<TAPE DEVICE>|gunzip -c |cpio –idc
 

--> boot block located here.
/usr/platform/`uname –i`/lib/fs/ufs
 

--> getting a server on the network
add hosts entry for IP address
clear configs: ifconfig pe0 unplumb
ifconfig pe0 10.20.2.27 netmask 255.0.0.0 up
route add default 10.20.0.1 1
verify the routing table: netstat –rn
add resolv.conf entry: domain rabobank.com.au nameserver 192.192.192.252
edit /etc/nsswitch.conf change hosts to files, dns
 

lesson here is to unplumb interface, and let ifconfig setup the routing.
if you specify an ip address and a netmask it will manage
the routing and the broadcasting.
 

--> find all, files associated with PID 22240
/usr/proc/bin/pfiles 22240
find file based on inode
find –i number
“ncheck –i number
 

--> good redirection example
./a.out </etc/termcap | (sleep 10; cat) >trash

--> synchronize files from one server to another. This is useful for
synchronizing database dump files, binary files, etc. This is definitely a powerful tool.

rsync -avz -e ssh --rsync-path="/usr/local/bin/rsync" `pwd` myhost.com:/home/ebs/public_html

--> Example Awk Script

# run with awk -f/tmp/1.awk /etc/group

BEGIN { FS = ":" }
{ print $1 | "sort" }
{ nlines++ }
END { print nlines }

--> awk example.
awk '/#/ {print "Got a comment"}' /etc/hosts

--> delete every 2nd field in file
awk '{$2= ""; print}' datafile > datafile.new

--> awk average/standard deviation program

x1 += $1
x2 += $1*$1

END {
x1 = x1/NR
x2 = x2/NR
sigma = sqrt(x2 - x1*x1)
if (NR > 1) std_err = sigma/sqrt(NR - 1)
print "Number of points = " NR
print "Mean = " x1
print "Standard Deviation = " sigma
print "Standard Error = " std_err

restore from client using ssh and restore
By : Rob ( Tue May 11 08:23:02 2004 )

from client "linux" to backup server "solaris":

clent> cd /tmp
client> ssh -x server "dd if=/dev/rmt/0ln ibs=63k" | /sbin/restore -ivf -
Verify tape and initialize maps
Input is from file/pipe
user@server's password:
Input block size is 32
Dump date: Tue May 9 07:07:49 2004
Dumped from: the epoch
Level 0 dump of / on client.comp.com:/dev/sda3
Label: /
Extract directories from tape
Initialize symbol table.
/sbin/restore >

 

UNIX Tips and Tricks

• How to tell at what your NIC speed/duplex, etc is set for:

  			bash-2.03# /usr/sbin/ndd -set /dev/hme instance 0
  			Choose instance like this:
  			1. instance 0 - hme0
  			2. instance 1 - hme1
  
  			bash-2.03# /usr/sbin/ndd -get /dev/hme link_status
  			1
  
  			0 - down
  			1 - up
  
  			bash-2.03# /usr/sbin/ndd -get /dev/hme link_speed
  			1
  
  			0 - 10Mbps
  			1 - 100Mbps
  
  			bash-2.03# /usr/sbin/ndd -get /dev/hme link_mode
  			1
  		
  			0 - half duplex
  			1 - full duples
  			

• How to lock the NIC at 100 Mbps full duplex - In the /etc/system file add these lines: set hme:hme_adv_autoneg_cap=0 set hme:hme_adv_100fdx=0
• sys-unconfig - removes networking configuration from the box when it's finished it gives you an OK prompt. At that prompt to boot to restart the machine.
• ifconfigplumb - This command basically will make the interface show up in ifconfig -a.
• How do I change the wallpaper on a Sun Solaris box?
  • I have Root Privileges
    1. Pick the image that you would like tiled all over your background. Use Applications -> Image Viewer to open the file, and then save it as .xpm format.
    2. mkdir /etc/dt/backdrops
    3. chmod 755 /etc/dt/backdrops
    4. cp yourimage.xpm /etc/dt/backdrops
    5. chmod 755 /etc/dt/backdrops/yourimage.xpm
    6. Log out, log back in, and it should appear in the list of backdrops you can pick. The image will be an available selection for all users on your system.
  • I DON'T have Root Privileges
    1. Create the .xpm file as above, then
    2. mkdir ~/.dt/backdrops
    3. cp yourimage.xpm ~/.dt/backdrops
    4. Exit CDE, log in again, and your image will be a valid wallpaper selection for your id henceforth.
• Changing a Sun DHCP box to a Static IP address (Thanks to Dave Brack for these)
  1. Login as root.
  2. Remove the /etc/dhcp.xxxx (xxxx will be whatever your nics device name is)
  3. Create the file /etc/nodename if not already present.
  4. In this file put your workstation/server name.
  5. Create the file /etc/hostname.xxxx (xxxx will be whatever your nics device name is)
  6. In this file put your workstation/server name
  7. Create the file /etc/defaultrouter
  8. enter your default gateway in this file
  9. Edit the /etc/inet/hosts file
  10. Enter your IP and name followed by loghost
  11. If you are going to use DNS enter you name servers in this file as well
  12. Edit the /etc/inet/networks file
  13. Enter the subnet you will be working on (ex. 172.30.30.0 255.255.255.0)
  14. Create an /etc/defaultdomain file
  15. Enter you default domain here (ex. Bigdaddy.com)
  16. If you are going to use DNS rename the /etc/nsswitch.conf file or delete it then rename the /etc/nsswitch.dns to /etc/nsswitch.conf . Then create a /etc/resolv.conf file with your domain and nameservers.

      				Ex. Domain bigdaddy.com
      				nameserver 10.0.1.1
      				nameserver 10.0.1.2

  17. Reboot and Enjoy
• Boot a Sun Solaris/Sparc Platform box off of CDROM drive:
  1. When machine starts booting press [Stop] [Shift] [A]
  2. The type "boot cdrom" and press enter
• Boot a Sun Box to Single User Mode for root password recovery:
  1. When machine starts booting press [Stop] [Shift] [A] - this will put it in the OpenBoot commandline mode. a.k.a. ok prompt
  2. boot -ws cdrom - you will need to put a Solaris install CD in the CD-ROM drive.A
  3. When the Solaris Installation screen appears press [Control] [C] to break out of the script.
  4. Type mount -F ufs /dev/dsk/c0t0d0s0 /mnt - The "/" partition is now mounted at the "/mnt" mount point. From here you can edit the "/etc/shadow" root password file.
  5. Type cd /mnt/etc and press enter.
  6. Type TERM=ansi
  7. Type export TERM
  8. vi shadow (this is you shadow password file).
  9. delete the encrypted portion of the root entry
  10. Example - root:WxzL460hohWsU:10724::::::
  11. Remove the WxzL460hohWsU
  12. Make sure you still have all 8 colons.
  13. reboot
  14. This will leave you with no root password.
• Adding a package - "pkgadd -d"
• Download the latest patch cluster from www.sun.com
• Setting UP HP Printers on a sparc - Download the jetadmin for Solaris. It configures everything the correct way and saves you a lot of headaches.
• Crontab -e will not show anything....You are using ed for an editor. You need to change the environment variable EDITOR to use vi. For example "export EDITOR=vi"
• STILL WORKING ON THIS ONE - Adding additional Hard Drives to a Sun Box - NOTE: This only works if you are adding drives to a controller that is already on the box.
  1. Boot the machine with a "-r" option. This machine will look for new devices. When it finds them it will add the proper files to the /dev/rdsk directory

Enabling TCP Wrappers in Solaris 10

Glenn Brunette's Security Weblog Tip of the Month: Enabling TCP Wrappers in Solaris 10

Before answering this question, let's first provide a little background. TCP Wrappers has been around for many, many years. It is used to restrict access to TCP services based on host name, IP address, network address, etc. For more detailed on what TCP Wrappers is and how you can use it, see tcpd(1M). TCP Wrappers was integrated into Solaris starting in Solaris 9 where both Solaris Secure Shell and inetd-based (streams, nowait) services were wrapped. Bonus points are awarded to anyone who knows why UDP services are not wrapped by default.

TCP Wrappers support in Secure Shell was always enabled since Secure Shell always called the TCP Wrapper function host_access(3) to determine if a connection attempt should proceed. If TCP Wrappers was not configured on that system, access, by default, would be granted. Otherwise, the rules as defined in the hosts.allow and hosts.deny files would apply. For more information on these files, see hosts_access(4). Note that this and all of the TCP Wrappers manual pages a stored under /usr/sfw/man in Solaris 10. To view this manual page, you can use the following command:

$ man -M /usr/sfw/man -s 4 hosts_access

inetd-based services use TCP Wrappers in a different way. In Solaris 9, to enable TCP Wrappers for inetd-based services, you must edit the /etc/default/inetd file and set the ENABLE_TCPWRAPPERSparameter to YES. By default, TCP Wrappers was not enabled for inetd.

In Solaris 10, two new services were wrapped: sendmail and rpcbind. sendmail works in a way similar to Secure Shell. It always calls the host_access function and therefore TCP Wrappers support is always enabled. Nothing else needs to be done to enable TCP Wrappers support for that service. On the other hand, TCP Wrappers support for rpcbind must be enabled manually using the new Service Management Framework ("SMF"). Similarly, inetd was modified to use a SMF property to control whether TCP Wrappers is enabled for inetd-based services.

Let's look at how to enable TCP Wrappers for inetd and rpcbind...

To enable TCP Wrappers support for inetd-based services, you can simply use the following commands:

# inetadm -M tcp_wrappers=true
# svcadm refresh inetd

This will enable TCP Wrappers for inetd-based (streams, nowait) services like telnet, rlogin, and ftp (for example):

# inetadm -l telnet | grep tcp_wrappers
default  tcp_wrappers=TRUE

You can see that this setting has taken effect for inetd by running the following command:

# svcprop -p defaults inetd
defaults/tcp_wrappers boolean true

Note that you can also use the svccfg(1M) command to enable TCP Wrappers for inetd-based services.

# svccfg -s inetd setprop defaults/tcp_wrappers=true
# svcadm refresh inetd

Whether you use inetadm(1M) or svccfg is really a matter of preference. Note that you can also use inetadm or svccfg to enable TCP Wrappers on a per-service basis. For example, let's say that we wanted to enable TCP Wrappers for telnet but not for ftp. By default, both the global and per-service settings for TCP Wrappers are disabled:

# inetadm -p | grep tcp_wrappers
tcp_wrappers=FALSE

# inetadm -l telnet | grep tcp_wrappers
default  tcp_wrappers=FALSE

# inetadm -l ftp | grep tcp_wrappers
default  tcp_wrappers=FALSE

To enable TCP Wrappers for telnet, use the following command:

# inetadm -m telnet tcp_wrappers=TRUE

Let's check out settings again:

# inetadm -p | grep tcp_wrappers
tcp_wrappers=FALSE

# inetadm -l telnet | grep tcp_wrappers
         tcp_wrappers=TRUE

# inetadm -l ftp | grep tcp_wrappers
default  tcp_wrappers=FALSE

As you can see, TCP Wrappers has been enabled for telnet but none of the other inetd-based services. Pretty cool, eh?

You can enable TCP Wrappers support for rpcbind by running the following command:

# svccfg -s rpc/bind setprop config/enable_tcpwrappers=true
# svcadm refresh rpc/bind

This change can be verified by running:

# svcprop -p config/enable_tcpwrappers rpc/bind
true

That is all that there is to it! Quick, easy and painless! As always, let me know what you think!

Take care!

Recommended Links

---

In case of broken links please try to use Google search. If you find the page please notify us about new location

---

***** Sun Solaris Tips An excellent collection of tips !!!

Tips and Tricks at OpenSolaris.org

Solaris tips Sheets

• SunService Tip Sheet for Sun DNS (local copy)
• SunService Tip Sheet for Sun NFS (local copy)
• SunService Tip Sheet for Sun NIS (local copy)
• SunService Tip Sheet for Sun NSKIT (local copy)
• SunService Tip Sheet for Sun PPP (local copy)
• SunService Tip Sheet for Sun DNS (local copy)
• SunService Tip Sheet for Miscellaneous Networking Programs (local copy)
• SunService Tip Sheet for Networking Setup & Modification (local copy)
• SunService Tip Sheet for Sun Routing (local copy)

• Modem

  • Celestes's Guide to Terminals & Modems under Solaris 2.x Version 1.9 (local copy)
  • Using A ZyXEL U-1496 Series Modem With A Sun SPARCstation (Postscript Document) ... thanks to Syed Zaeem Hosain from Z Consulting Group ..
  • Outbound PPP Setup Guide for Solaris 2.x (Postscript Document)
  • PPP Infos  

Phil's Solaris hints

Volume manager tips aka automounter

Solaris Tips and Tricks

Modular Debugger (mdb) cheatsheet (PDF)

Sys Admin Cool Commands

Sun documentation by product

Solaris Admininstror's Quick Reference (PDF)

Solaris Tips and tricks knowledge base (outdated)

• To rename a system do:
   
  • hostname <newname> should do it. For various subsystems, and other machines to know about it, look at:

    /etc/aliases
    /etc/auto_home
    /etc/hostname
    /etc/hosts
    /etc/nodename

Solaris Hints and Tips

Solaris - Tips & Tricks collection

My Solaris page

Some scripts I have written for Solaris that you may find interesting:

• netlink, a script to set duplex/media option settings.
• fix.sh, a script to strip down services in Solaris systems + do network tuning & hardening. Currently for Solaris 8 and 9. Using nddconfig and fixmodes from www.sun.com/security/ somewhere and nettune from http://www.sean.de/Solaris/, the rest of the stuff by me. Run like this: ./fix.sh auto. Run it again if you patch your system, in case the patches re-enables scripts previously set up to not run. Fix-modes and friends are left in /opt/fixit for your convinience, should you need to reverse its actions. I recommend copying fix.sh there as well. Adjust what services you want turned on by editing /etc/startup.conf. Also walk through /etc/inetd.conf to see if there is anything you want on (requires INETD=YES in startup.conf). The script is intended to be run once to do "all" basic security tweaking in one shot. Script requires Perl with MIME::Base64 in your PATH, trying /usr/local/bin first. Your comments, ideas etc. are very welcome!

Oracle Tips and Tricks of the Week Part 3

Everything Solaris Filesystem Tips and Tricks

• General Filesystem Layout
• The "noatime" Option
• The "logging" Option
• The "forcedirectio" Option
• Important Links