Tag Archives: Solaris

Building a NIS User Add Script

Posted on by
Reply

I have an environment where Solaris provides NIS for all the Solaris and Linux systems.  Every time I add a user I’ve had to alter a number of files and that’s pretty lame.

If you have any questions please ask.

#!/bin/bash
###################
# NewUser.sh creates a new user in the NIS environment and pushes that
# user information out to the server systems.
#
# NewUser.sh v1.0 - jay@zidea.com
#
###################
### Declarations
declare -rx SCRIPT=${0##*/}
declare USERNAME
declare FULLNAME
declare PASSWORD
declare USER_HOME
declare LASTID
declare USERID
### Checks if you have the right privileges
if [ "$USER" = "root" ]
then
#### Collect the variables
echo "" ;echo "" ;echo "" ;echo ""
 printf "%s\n" "Enter the user's name (firstname lastname): "
 echo "" ;echo "" ;echo "" ;echo ""
 read -e FULLNAME
printf "%s\n" "Enter the USERNAME (8 characters or less): "
 echo "" ;echo "" ;echo "" ;echo ""
 read -e USERNAME
# Other variables
USER_HOME="/home/$USERNAME"
 LASTID=`tail -1 /etc/passwd |cut -f3 -d:`
 USERID=`expr $LASTID + 1`
# Checks if the user already exists
 cut -d: -f1 /etc/passwd | grep "$USERNAME" > /dev/null
 OUT=$?
# Test for the account and build the files
 if [ $OUT -eq 0 ];then
 echo >&2 "ERROR: User account: \"$USERNAME\" already exists."
 echo >&2 "ERROR: User account: \"$USERNAME\" already exists." >> "$LOGFILE"
 else
 # Create a new user /usr/sbin/useradd
 /usr/sbin/useradd -u $USERID -d $USER_HOME -g staff -s /bin/bash -c "$FULLNAME" -m $USERNAME
 passwd $USERNAME
 PASSWORD=`grep $USERNAME /etc/shadow | cut -f2 -d:`
 echo $USERNAME:x::::: >> /etc/nis_etc/security/passwd.adjunct
 echo $USERNAME:$PASSWORD:$USERID:10:"$FULLNAME":$USER_HOME:/bin/bash >> /etc/nis_etc/passwd
 echo $USERNAME:$PASSWORD:14785:::::: >> /etc/nis_etc/shadow
# Restart the Yellow Pages (NIS)
 pushd /var/yp
 make
 popd
# Setup the $HOME Directory on svnfiles
 ssh root@home.server.com mkdir -pv /files/$USERNAME
 ssh root@home.server.com chown -R $USERID /files/$USERNAME
 ssh root@home.server.com chgrp -R wheel /files/$USERNAME
echo "The user \"$USERNAME\" has been created."
 fi
 exit 0
else
 echo >&2 "ERROR: You must be a root user to execute this script."
 exit 1
fi

Working with ILOM on a Sun/Oracle System

Posted on by
Reply

Sun(now Oracle) and Fujitsu put together a new remote management system (ILOM) that provides a mild improvement over the older ALOM systems.  This guide will get you started.

#### STARTING STOPPING
The ILOM allows you to manage the system (SYS) with a few simple commands:

-> start /SYS
-> stop /SYS
-> reset /SYS

#### MANAGING AUTO BOOT MODE
-> set /HOST/bootmode script=”setenv auto-boot? false”
-> reset /SYS

#### FORCING A BREAK COMMAND
-> set /HOST send_break_action=break command
-> start /SP/console

#### GRAB A CONSOLE CONNECTION
-> start /SP/console

#### CREATE ILOM USER
-> create /SP/users/<username>
Creating user…
Enter new password: ********
Enter new password again: ********
Created /SP/users/<username>

#However, I want my team to be able to use this system just like they did the old ALOM systems
because it simplifies management for me when I’m on vacation.  Create the user as shown below
to have an old school ALOM experience.

-> create /SP/users/admin role=aucro cli_mode=alom
Creating user…
Enter new password: ********
Enter new password again: ********
Created /SP/users/admin

#### SET A PASSWORD
set /SP/users/root password

#### CHANGING THE IP
-> cd /SP/Network
-> set pendingipaddress=<ip_address>
-> set pendingipdiscovery=static
-> set pendingipnetmask=255.255.255.0
-> set pendingipgateway=<ip_address>
-> set commitpending=true

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value.

Remote Access in Solaris with the ALOM

Posted on by
Reply

Resetting the ALOM’s network setting is a little un-intuitive, but it not that hard if you remember that Solaris Sunfire systems (v210, v240, v250, etc.) use the scadm interface to address the eeprom/NVRAM.

cd /usr/platform/`uname -i`/sbin
./scadm set netsc_ipaddr 172.16.3.27
./scadm set netsc_ipnetmask 255.255.0.0
./scadm set netsc_ipgateway 172.16.0.8

# Check your work

./scadm show | grep netsc
netsc_tpelinktest="true”
netsc_dhcp="false”
netsc_ipaddr="172.16.3.27″
netsc_ipnetmask="255.255.0.0″
netsc_ipgateway="172.16.0.8″

You really need to have tpelinktest=”true” before proceeding.

# Reset the interface and then look at the settings.

./scadm resetrsc
./scadm shownetwork

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value.

Duping a Solaris Disk “Disk-to-Disk Copy”

Posted on by
Reply

SUMMARY

We need to make a complete and accurate copy of all data and binaries on one system to another system so that we can test without messing up the original. So we will mount a second drive in the original system… build the second drive to match block-for-block the original… and then mount these and use ufsdump to copy data to the secondary.

Finally, we will remount the new drive in the new system.. run ’sys-unconfig’ and rebuild the physical interfaces completely. :P

There is a command dd (disk duplicate) but that only works if you are 100% successful in getting the partitions correctly build. And if you are doing that… which this document covers, you may as well go ahead and run ufsdump/ufsrecover. ufsdump and recover is more reliable

Continue reading

How to Remove a Solaris Zone Completely

Posted on by
1

Do you have a virtual machine that you need to completely remove.  I’ve always found the commands to be a bit confusing.  This is the order or removal.

In this example ceng52 has to go:

TERM=xterm; export $TERM
zoneadm -z ceng52 halt
zoneadm -z ceng52 uninstall
zoneadm list -civ
zonecfg -z ceng52 delete

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value.

ZFS Cheatsheet

Posted on by
Reply

For those of us who orbit around the sun rather than live there:

There are two main commands for ZFS, “zfs” and “zpool”

"zpool list" - Show current usage on zfs pools
"zpool iostat 5" - Display I/O stats for zfs pools
"zpool vdevs" - Shows current mirror/pool device properties
"zpool create pool c0t3d0 c1t1d0 c4t4d0 c5t2d0" - Creates a pool consisting of c0t3d0 c1t1d0, c4t4d0, c5t2d0
"zpool create -fv pool slice1 slice2" - Creates a pool consisting of slice1 and slice2
"zpool create pool mirror c1t0d0 c2t0d0" - Creates a mirror consisting of c2t0d0 and c2t0d0
"zpool add -f pool mirror c0t1d0s3 c0t1d0s4" - Adds mirror to pool
"zfs list" - Show current zfs filesystems
"zfs create pool/filesystem" - Creates filesystem under pool
"zfs create pool/filesystem /mountpoint" - Creates filesystem under pool and mounts it to mountpoint
"zfs snapshot pool/filesystem@snapshotname" - Takes snapshot of filesystem
"zfs mount pool/filesystem /mountpoint" - Mounts a zfs filesystem to mountpoint
"zfs destroy pool/filesystem" - Deletes filesystem from pool
"zfs destroy pool" - Deletes pool

Package Name: SUNWzfs
Older Solaris 10 u6 and below you cannot export and import the disks. So moving them to new hardware is not possible :(
There is never a need to fsck a ZFS filesystem.

NOTE BENE: I get a lot of traffic on this page and I’m sure some of you guys have cheatsheets and crib notes of your own for zfs. Please feel free to leave a comment with your favorite commands.  We can all learn from each other.

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value

Dealing with ZFS Boot Problems

Posted on by
Reply

As a Sys Admin who gives his user’s plenty of power to sometimes things get messed up in the boot process so that the system cannot boot properly.  No prob0lem you say, boot from CDROM into single-user mode and mount partition, find and fix the problem……. ummmm, wait.  How do I do that?  This article covers how to mount ZFS in single-user mode.  Fixing the problem is up to you.

STEPS

  1. First get an OK prompt.   With a Fujitsu-based system this is accomplished by logging into the contol interface and issuing a sendbreak -d 0.  Refer to your manual, or drop me a comment if you need a hand with this.
  2. Insert the CDROM and issue a “boot cdrom -s”
  3. “zfs list” is going to show you all of the available zpools. 
    NAME                        USED  AVAIL  REFER  MOUNTPOINT
rpool                      12.5G  54.4G    97K  /rpool
rpool/ROOT                 6.97G  54.4G    21K  legacy
rpool/ROOT/s10s_u8wos_08a  6.97G  54.4G  6.97G  /
rpool/dump                 1.00G  54.4G  1.00G  -
rpool/export               2.53G  54.4G  23.5K  /export
rpool/export/home          2.53G  54.4G  2.53G  /export/home
rpool/swap                    2G  56.4G    16K  -
  4. zfs get mountpoint rpool/ROOT/s10s_u8wos_08a is going to show you that the mountpoint is / and we know that is already in use. 
    NAME                       PROPERTY    VALUE       SOURCE
rpool/ROOT/s10s_u8wos_08a  mountpoint  /           local
  5. Change that mount point temporarily with the command “zfs set mountpoint=/mnt rpool/ROOT/s10s_u8wos_08a”
  6. “zfs mount rpool/ROOT/s10s_u8wos_08a”

At this point simply cd on over to the problem file and fix it.  In my case the user had modified the /etc/vsftab file so that it could no longer boot so I had to edit /mnt/etc/vfstab.

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value

Solaris M3000 Hard Drive the inexpensive way

Posted on by
Reply

A couple of years ago we purchased an M3000 with 2 X 146GB hard drives installed.  Is SUN/Oracle proud of their hardware or what?  The price on a replacement hard drive is exorbitant.  Oracle thinks the “G” in GB stands for grand, as in $1,000.

So I go the the two empty bays (the M3000 has a total of 4-bays) and discover fake plastic ‘FILLER” trays that are not suitable for mounting a hard drive.  Searching on the Interwebs you won’t find the part number for the drive bay that works, but I’ll give it to you here:

Part No. MBB2147RC – 147GB 10K SAS SFF 2.5 Inch HD – $170
Part No. 541-0239 – Sun SPUD Hard Drive Mounting Bracket – $35

You will find this part number associated with other SUN/Oracle hardware, but not the M-Series systems.  I’m telling you they work just fine.  I also included the original part number of my original drives.  I happen to have purchased mine from http://www.serversupply.com/ because they are brilliant, inexpensive and reliable.

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value

Working with IPv6 on Solaris

Posted on by
Reply

IPV6 on solaris is a pretty simple thing to do, but requires additional steps that are not required in V4 installations. Here they are.

# Configure an interface or sub interface
# we will use a different interface for V4
# (bge0) and V6 (bge1).  I do this for testing.
touch /etc/hostname6.bge1
ifconfig bge1 inet6 plumb

# Logical interface? - ifconfig bge1:3 inet6 plumb
# Remove it? - ifconfig bge1 inet6 down unplumb

ASSIGN A SPECIFIC ADDRESS

ifconfig bge1 inet6 fe80::abcd up

MATCH IP TO DNS NAME
The file /etc/inet/ipnodes is used by IPV6 to associate an address with interface names.

vi /etc/inet/ipnodes
FE80::abcd machinename.mydomain.com machinename

WHAT ABOUT ARP?
IPV6 does not use ARP. It uses NDP instead. The neighbor discovery protocol daemon advertises its network prefix such as FE80::/10 by sending a neighbor solicitation request/multicast and the node is was looking for send back a reply (neighbor advertisement) giving is Link-layer MAC address. Yes… we have to tell the system which interface (bge1) we want to use/advertise for routing otherwise V6 will work internally only.

# Configure NDP
 vi /etc/inet/ndpd.conf
ifdefault AdvReachableTime 30000 AdvRetransTimer 2000
 if bge1 AdvSendAdvertisements on
 prefix fe80::/10 bge1
### Optional - nsswitch.conf
 # Only needed if DNS lookups are needed
### Restart it
 ifconfig bge1 inet6 down
 ifconfig bge1 inet6 up

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value