From tfb at tfeb.org Wed Oct 1 06:52:52 2008 From: tfb at tfeb.org (Tim Bradshaw) Date: Wed, 1 Oct 2008 11:52:52 +0100 Subject: Summary: how to register a Solaris subscription with SunSolve Message-ID: Thanks to Martin Pre_laber for his helpful response. I mailed / filled in various web forms, the one I think that was most useful was the one Martin recommended, which was this: http://sunsolve.sun.com/show.do?target=feedback . The result of this is that my sunsolve account now has a valid contract, so this process does seem to work. Except: it's not *my* contract/subscription, and its expiry is a long time before my subscription expires. So come December I will have to go through this all again, sigh. --tim -- Tim Bradshaw tfb at tfeb.org / +44 798 098 1475 PGP: 53AA CFA7 553B C611 B984 C4F2 0F11 EA99 0B7A 5ED1 From srinivas.banda at ge.com Wed Oct 1 09:31:20 2008 From: srinivas.banda at ge.com (Banda, Srinivas (GE, Corporate, consultant)) Date: Wed, 1 Oct 2008 09:31:20 -0400 Subject: Server full backup and restore Message-ID: <184D5D31D664A445B4142B6CD9441ED90A1ECA49@STAMLVEM03.e2k.ad.ge.com> Hi Sun Gurus I need to take a Sun server full backup. There is no Veritas netbackup installed and the server doesn't have any tape drive provision. Is it possible to take the server's backup onto another server (say /dump has sufficient free space) and restore it by nfs mounting that backup mountpoint? Are there any other options? Thanks, SB From srinivas.banda at ge.com Wed Oct 1 13:23:49 2008 From: srinivas.banda at ge.com (Banda, Srinivas (GE, Corporate, consultant)) Date: Wed, 1 Oct 2008 13:23:49 -0400 Subject: SUMMARY: Server full backup and restore In-Reply-To: <184D5D31D664A445B4142B6CD9441ED90A1ECA49@STAMLVEM03.e2k.ad.ge.com> References: <184D5D31D664A445B4142B6CD9441ED90A1ECA49@STAMLVEM03.e2k.ad.ge.com> Message-ID: <184D5D31D664A445B4142B6CD9441ED90A1ECA4B@STAMLVEM03.e2k.ad.ge.com> Thanks to everyone for the replies and solutions. This is my first post in sunmanagers. Most of them suggested to use either flarcreate or ufsdump/ufsrestore. I'm going ahead with ufsdump/ufsrestore option. Thanks again... SB > _____________________________________________ > From: Banda, Srinivas (GE, Corporate, consultant) > Sent: Wednesday, October 01, 2008 9:31 AM > To: 'sunmanagers at sunmanagers.org' > Subject: Server full backup and restore > > Hi Sun Gurus > I need to take a Sun server full backup. There is no Veritas netbackup > installed and the server doesn't have any tape drive provision. Is it > possible to take the server's backup onto another server (say /dump > has sufficient free space) and restore it by nfs mounting that backup > mountpoint? Are there any other options? > > Thanks, > SB From Ryan.Anderson at baesystems.com Wed Oct 1 13:27:11 2008 From: Ryan.Anderson at baesystems.com (Anderson, Ryan C (US SSA)) Date: Wed, 1 Oct 2008 12:27:11 -0500 Subject: [SUMMARY] LDAP groups with many members + Sol 10 LDAP client Message-ID: <738m08$kcq47@dmzms99802.na.baesystems.com> The final answer is that you must patch upgrade Solaris 10 to see all members of large LDAP groups. I did find out the specific patch that fixes the behavior is the kernel patch. Solaris 10 SPARC kernel patch 120011-17 or above is supposed to fix this. BEWARE: I also found that the newest kernel patch (127127-11) makes printing from LDAP clients all but impossible, see: http://sunsolve.sun.com/search/document.do?assetkey=1-66-241426-1 RCA -- UNIX Administrator, BAE Systems EIT desk 763-572-6684 mobile 612-419-9362 -----Original Message----- From: sunmanagers-bounces at sunmanagers.org [mailto:sunmanagers-bounces at sunmanagers.org] On Behalf Of Anderson, Ryan C (US SSA) Sent: Tuesday, September 30, 2008 3:05 PM To: sunmanagers at sunmanagers.org Subject: LDAP groups with many members + Sol 10 LDAP client I've found that (like NIS) a Solaris 10 update 4 LDAP client can't see groups after they reach too many members. I found out today a Solaris 10 update 5 client can see the groups fine, but all my systems are update 4. The only workaround I've found is to create multiple groups with the same gidNumber and chunk up the members between them. Is there a setting in Solaris to see the groups properly? Any idea on what Sol 10 patch number might fix the behavior? On Sol 10 u4 & u5, I can do: ldaplist -l group verybiggroup But on u4, every other OS utility can't see the group, ie 'getent group verybiggroup', 'groups '. RCA -- UNIX Administrator, BAE Systems EIT desk 763-572-6684 mobile 612-419-9362 _______________________________________________ sunmanagers mailing list sunmanagers at sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers From nevetas at i-chat.org.uk Wed Oct 1 17:12:15 2008 From: nevetas at i-chat.org.uk (Steven Dunton) Date: Wed, 1 Oct 2008 22:12:15 +0100 Subject: Change Zone Date Message-ID: <004b01c9240a$614bf2d0$23e3d870$@org.uk> SPARC Solaris 10 Can you alter the date of a zone different to the global zone? 'date' command fails as not owner. So I'm guessing not, unless there is another way? Thanks in advance... From jdd at cs.toronto.edu Thu Oct 2 00:30:02 2008 From: jdd at cs.toronto.edu (John DiMarco) Date: Thu, 2 Oct 2008 00:30:02 -0400 (EDT) Subject: Sun Managers Frequently Asked Questions (FAQ) Message-ID: <20081002043002.5719859C096@apps0.cs.toronto.edu> Archive-name: sunmanagers-faq $Id: faq.html,v 1.29 2007/05/25 20:41:16 jdd Exp $ SunManagers Frequently Asked Questions This is collection of common questions posted to the sunmanagers mailing list twice a month. It is intended to benefit Sun System Managers and reduce traffic to the list by providing quick answers to common problems. Keeping with the style of a similar FAQ for comp.windows.x, questions marked with a '+' indicate questions new to this issue; those with significant changes of content since the last issue are marked by '*' The Information Files maintainer is John DiMarco . All corrections, submissions and FAQ administration-related messages should go to . Do not send questions, subscription or unsubscription requests, or sunmanagers postings to this address; they will be quietly ignored. The List Server maintainer is Bill Bradford . Any problems with the mailing list server should be directed to Bill. _________________________________________________________________ Questions 1. The Sun-Manager's Mailing list 1.1) How do I read, join, post to, or remove myself from the sunmanagers mailing list? 1.2) What is the Sun-Manager's Charter? What are the rules? 1.3) Are there any public archives for the sunmanagers list? 1.4) What should I keep in mind when posting to sunmanagers? 1.5) What other forums are there for Suns? 1.6) Where are the answers to questions about old Suns and old versions of Solaris? 1.7) What fields can I use to filter Sun Managers email? 2. Getting Help Over the Net 2.1) How do I find out what patches are available from Sun? 2.2) * How do I get help migrating to Solaris? 2.3) How do I access Sun's documentation over the net? 2.4) To which web sites can I go for help? 3. Network Directory and File Services 3.1) How do I use DNS for hostname resolution? 3.2) How do I change NIS+ credentials for the root master server? 3.3) When I compile something, errors occur saying _dlopen and other _dl routines can't be found. Why? 4. Window Systems 4.1) + What Window system GUIs are supported by Sun? 5. Disks, Tapes and SCSI 5.1) * What sector/head/cylinders parameters should be used for a hard disk? 5.2) * Can I replace an internal drive in a Sun with a higher capacity model? 5.3) Is it okay to disconnect or connect SCSI devices while powered on? 5.4) How do I configure my sun to use Exabyte 4mm DAT tape drives? 5.5) Why is tagged queueing a problem on my third-party disk? 5.6) Why don't third-party CD-ROMS work on my sun? 5.7) What size and density parameters should I use for ufsdump with a high-capacity tape drive? 5.8) My floppy/cdrom device says "device busy". What do I do? 5.9) What software is available for CD-R/CD-RW? 5.10) Where is my disk space? The "du" and "df" commands disagree. 6. Resource Management and Performance Tuning 6.1) How do I tell what caused my machine to crash? 6.2) What can I do if my machine slows to a crawl or just hangs? 6.3) How do I find out how much physical memory a machine has? 6.4) How do I find out what my machine's memory is being used for? How can I tell if I need more memory? 6.5) Why do some files take up more disk space after being copied? Why are the sizes reported by ls -l and du different? 7. HTTP and Anonymous FTP 7.1) * How do I set up anonymous ftp on my machine? 7.2) + Where can I get a Web server for Solaris? 8. Consoles, Keyboards and Key Remapping 8.1) How do I make the numeric keypad on a sun keyboard work with xterm? 8.2) How do I swap the CAPS LOCK and CONTROL keys on a sun keyboard? 8.3) How do I use a Windows PC for a Sun serial console? 9. Sun models and OS Versions 9.1) * Which Sun models run which version of SunOS? 9.2) How can my program tell what model Sun it is running on? 9.3) How do I find out a Sun's boot prom revision? 9.4) * Which hardware/software is capable of 64-bit? Which is only 64-bit? How can I tell which is running? 10. Miscellaneous Software 10.1) My remote ufsdump is failing with a "Protocol botched" message. What do I do? 10.2) * Where can I get a C compiler for Solaris? 10.3) How do I read Microsoft Word documents on my Sun? 10.4) How do I restore to a different location the contents of a tarfile created with absolute pathnames? 11. Miscellaneous Hardware 11.1) * How come my mouse occasionally doesn't work? 11.2) How can I turn my old sun into an X-Terminal? 11.3) * How can I use an SVGA monitor on my Sun? 11.4) Where can I find alternate pointing devices for my Sun? 12. Networking 12.1) Why do both my net interfaces have the same ethernet address? 12.2) How can I know the hardware vendor from an ethernet address? 12.3) * How do I set my ethernet interface to e.g. 100Mb full duplex? 12.4) How do I find out what process is using a particular port? 12.5) I have a lot of ports in WAIT states. Why? 13. Electronic Mail 13.1) * Where can I get a POP or IMAP server for my sun? 14. Printing 14.1) + How do I get started with LP-style printing in Solaris? 14.2) How do I configure a non-postscript printer for postscript? 15. Misc System Administration 15.1) I've forgotten the root password; how can I recover? 15.2) How do I disable/remap STOP-A/L1-A? 15.3) How do I manage services in Solaris 10 and later? Do I still make links in /etc/rc*.d? Answers _________________________________________________________________ 1. The Sun-Manager's Mailing list _________________________________________________________________ 1.1) How do I read, join, post to, or remove myself from the sunmanagers mailing list? Point your web browser to http://www.sunmanagers.org Persons without web access should send a mail message to "sunmanagers-request at sunmanagers.org" containing the single word "help". Messages can be posted to the list by mailing them to the address "sunmanagers at sunmanagers.org". Do not do this until you have read the charter/policy (question 1.2) and the "how to post" document at http://www.sunmanagers.org. The policy and the "how to post" document is sent to the entire list twice a month. It is also sent out to every new subscriber and is available at http://www.sunmanagers.org. The latest version of the FAQ (this file) is available at http://www.sunmanagers.org _________________________________________________________________ 1.2) What is the Sun-Manager's Charter? What are the rules? 1: This list is NOT moderated! Every message that is sent to the list will be passed on to every member of the list. 2: Requests to have addresses added or removed from the list should NOT be sent to the entire list. Instead, addresses should be added or removed via the web page at http://www.sunmanagers.org Similarly, test messages of any sort should not be sent to the list. 3: This list is intended to be a quick-turnaround trouble shooting aid for those who administer and manage Sun systems. Its primary purpose is to provide the Sun manager with a quick source of information for system management problems that are of a time-critical nature. 4: All responses are to be mailed back to the questioner and are NOT to be sent to the entire list. Any response to a list message sent to the list, rather than to the person asking the question, will be deleted without notice. The person who originally asked the question has the responsibility of summarizing the answers and sending the entire summary back to the list. When a summary is sent back to the list, the word "SUMMARY" should be the first word of the "Subject" line. 5: Discussions on ANY topic are not allowed and will not be tolerated. If you want to discuss something, take it to the appropriate Sun newsgroup. 6: If it is not specifically related to Sun system management, then it does NOT belong on this list. Requests for vendor recommendations are tolerated, provided that the hardware in question is something that system managers normally purchase. 7: Commercial Advertising of any sort on the list is strictly prohibited. 8: Postings about employment, either employment sought or offered, are not permitted on this list. Please use a more appropriate forum, e.g. one of the newsgroups in the misc.jobs USENET hierarchy. 9: Requests for software (free or otherwise) should be limited to software that is directly related to Sun SYSTEM MANAGEMENT ONLY. 10: Read the appropriate manuals BEFORE posting, including the "Read This First" documents. Oftentimes the manuals contain answers for common problems. 11: When including a traceback from a system panic, make sure that it is a symbolic traceback. Numeric tracebacks (the ones included as part of the panic message) are not helpful; don't bother sending them to the list. 12: A posting to sunmanagers is not a general invitation to email the poster -- if you wish to send email to a sunmanagers poster, the email you send should be related to the posting, else it will be unsolicited email and may be treated like any other unsolicited email (e.g. spam). Sunmanagers is not to be used to collect email addresses of people who manage Sun systems. Those who do this not only violate the list's policy, but risk seriously offending the very people they are attempting to reach. 13: PLEASE PLEASE PLEASE...Think before you send a message! Ask yourself "is this really appropriate?" There are enough other newsgroups and mailing lists around to cover the marginal topics. Perhaps there is another forum that is more appropriate? Check the list of Sun specific newsgroups included in the FAQ. Perhaps your message would be more appropriate there? Remember that Sunmanagers is very public: we have thousands of subscribers, all postings are archived for posterity on various archive sites, and these sites are in turn searchable via various web engines. Submitting a posting is irreversible -- once it goes out, it cannot be taken back! Failure to adhere to these guidelines may result in severe chastisement by the list participants. Not only will you succeed in looking like a careless fool, and in making Sun Systems Managers all over the world annoyed at your incompetence, you may end up damaging your professional reputation. _________________________________________________________________ 1.3) Are there any public archives for the sunmanagers list? Sunmanagers' official archive is accessible at http://www.sunmanagers.org All postings are automatically archived. It is our policy not to accommodate requests to modify the archives, so if you are uncomfortable with your submissions in their entirety being public, do not submit them. Also, various members also keep their own archives on their own initiative. Some of these are public. Here are some we know about: http://aa11.cjb.net/sun_managers/index.htm Hank Leininger maintains a searchable archive site of messages (both questions and summaries) in Florida. It can be accessed at: http://marc.theaimsgroup.com/?l=sun-managers Dataman Benelux in the Netherlands hosts a "fuzzy" full-text index of the Sun Managers mailing list at: http://www.dataman.nl/cgi-bin/sunmanagers Manfred Liebchen maintains an archive site in Germany. It can be accessed at: http://www.uni-koeln.de/RRZK/Abt-Systeme/sun/infos/SUN-MANAGERS/sunman .html Older summaries (up to mid-1999) are available at http://www.latech.edu/sunman.html _________________________________________________________________ 1.4) What should I keep in mind when posting to sunmanagers? * VERY IMPORTANT! Before you post, read the sunmanager's list policy, which is available at http://www.sunmanagers.org * Sun Managers is a huge unmoderated mailing list. Every message you send will be passed on to every member of the list. This means you have access to a much larger audience when you need help, but it also means you can embarrass yourself in front of a huge number of people, most of them professionals in your field, including colleagues, peers, and possible future employers. Further, your posting will be archived in various places, some public, some private -- we have no way of knowing all the archive locations. Some of these archives, including the official one at http://www.sunmanagers.org, are web-searchable. It is our policy not to accommodate requests to remove or modify postings as archived on http://www.sunmanagers.org. Once you submit your message, it will be irretrievably accessible to a large number of people. There is no "taking it back". * Sun Managers is completely voluntary. Nobody is required to help you. We are all cooperating by sharing our knowledge. Accept with grace whatever responses you get, and don't hound people if they are helpful or they won't be the next time. * Sun Managers is not the list to use when you run out of other places to post. Job postings, PC questions, X questions all have their own lists and newsgroups. Use only the appropriate list or newsgroup for such things, not Sun Managers. Inappropriate postings will only make people annoyed at you. * The more information you give about a problem, the easier it is for others to help you. This doesn't mean you should uuencode the kernel and post it, but you should include your OS version, your hardware, and all relevant symptoms of your problem. Unless the request is of a general nature, the output of "uname -a" is almost certainly helpful. * When making a summary, please summarize as much as possible all the answers you received, even the ones you didn't decide to follow: if you receive several different suggestions, and decided on one, remember that somebody else reading the summary may not find the suggestion you followed to be the best one in his or her situation, and may benefit from one of the suggestions you didn't choose. * Be generous. If you have the information requested (especially if it is obscure) then please respond. You may be the person requesting help next time. _________________________________________________________________ 1.5) What other forums are there for Suns? Other forums that relate to Suns: USENET Newsgroups (accessible via "rn", "readnews", "nn", netscape, etc.): There is an entire USENET hierarchy devoted to Sun equipment. Some of these groups include: * comp.sys.sun.admin - Sun system administration * comp.sys.sun.announce - Announcements pertaining to Sun equipment * comp.sys.sun.apps - Applications that run on Suns * comp.sys.sun.hardware - Sun hardware (and clones too, I think) * comp.sys.sun.misc - Miscellaneous * comp.sys.sun.wanted - Sun stuff to buy or sell Other newsgroups that may also be of interest: * comp.unix.solaris - Solaris on all platforms * alt.sys.sun - may not be available everywhere * comp.sys.sun - newsgroup equivalent of sun-spots * comp.sources.sun - Sun-specific sources (not very active) Mailing lists: Sun Flash (Sun Product Announcements/news releases) sunflash-request at sunvice.East.Sun.COM - add/remove requests SunHelp (Discussion/help/chat about Sun machines and Software) http://www.sunhelp.org/mailman/listinfo/sunhelp Rescue (Rescuing old Sun equipment from the dump) http://www.sunhelp.org/mailman/listinfo/rescue Sunergy (Sun Commercial Newsletter) sunergy_information at Sun.COM - add/remove requests Suns-at-home (Home use of Sun Workstations) Suns-at-Home-Request at net-kitchen.com - add/remove requests Suns-at-Home at net-kitchen.com - submissions Suns-at-Home-Archives at net-kitchen.com - archive requests ssa-managers (Sun RAID software and hardware products) majordomo at eng.auburn.edu - add/remove requests (e.g. send "subscribe ssa-managers" in message body) veritas-users (Veritas products) http://mailman.eng.auburn.edu/mailman/listinfo CIAC notes (US. DOE Computer Incident Advisory Capability) ciac-listproc at llnl.gov - add/remove requests listmanager at cheetah.llnl.gov - human list manager CERT Advisory mailing list (security notifications for Suns and others) cert-advisory-request at cert.org - add/remove requests Solaris on Intel-based (x86) machines http://groups.yahoo.com/group/solarisx86/ Old list archives at: http://www.egroups.com/list/solarisonintel/ Auspex: managers of Auspex NFS file servers auspex-request at princeton.edu - add/remove requests auspex at princeton.edu - submissions Solbourne: managers of Solbourne SPARC systems "info-solbourne" list majordomo at acsu.buffalo.edu - add/remove requests info-solbourne at acsu.buffalo.edu - submissions ftp://ftp.acsu.buffalo.edu/pub/misc/info-solbourne.tar.z archives disksuite-l: for users who use Sun's Solstice Disksuite software majordomo at lists.veritel.com.br - add/remove requests sysadm at veritel.com.br - list owner Linuxmanagers: for users of Linux, including Sun Linux. http://www.linuxmanagers.org NOTE: if you wish to be added to one of the above mailing lists, send mail to the REQUEST address! Do not send add requests to the main address! For Web pages, see the answer to question 2.4. _________________________________________________________________ 1.6) Where are the answers to questions about old Suns and old versions of Solaris? Those questions and answers used to be in this FAQ, but since they're no longer frequently asked, they've been moved elsewhere. The FAQ as of late 2005 contained information about pre-UltraSPARC suns and versions of Solaris before Solaris 8, and is available at ftp://ftp.cs.toronto.edu/pub/jdd/sunmanagers/faq-2005. The FAQ as of late 2000 contained information about pre-SPARC suns, early SPARCstations, and SunOS 4.x, and is available at ftp://ftp.cs.toronto.edu/pub/jdd/sunmanagers/faq-2000. _________________________________________________________________ 1.7) What fields can I use to filter Sun Managers email? The following headers will exist in any mail to the list: To: sunmanagers at sunmanagers.org List-Help: List-Post: List-Subscribe: , List-Id: The Sun Managers Mailing List List-Unsubscribe: , List-Archive: _________________________________________________________________ 2. Getting Help Over the Net _________________________________________________________________ 2.1) How do I find out what patches are available from Sun? If you have a software service agreement with Sun, you can use Sun's "SunSolve ONLINE" service to obtain patches. Check your service agreement for details. Many anonymous ftp sites have partial collections of patches. WARNING: if you ftp patches from an ftp site, you are trusting whomever put them there. To be absolutely safe, get your patches from a trusted source. Rik Harris maintains a WAIS archive (sun-fixes.src) of most available patch READMEs. The Sun User Group (SUG) CD ROM also has a collection of Sun patches. _________________________________________________________________ 2.2) * How do I get help migrating to Solaris? Start by reading the Solaris FAQ, maintained and posted periodically to comp.unix.solaris by Casper Dik . It can be obtained at http://www.science.uva.nl/pub/solaris/solaris2 Then go to the Solaris Security FAQ, maintained by John Pancharian and hosted by IT World at http://www.itworld.com/Comp/2377/security-faq/ Sun has a programme for developers/companies to migrate to Solaris. It's documented at http://advantage.sun.com/partners/10moves/. _________________________________________________________________ 2.3) How do I access Sun's documentation over the net? Sun has a web site devoted to documentation, at http://docs.sun.com _________________________________________________________________ 2.4) To which web sites can I go for help? This is not a complete list, but: First, see the answer to question 2.2. Sun's documentation is available at http://docs.sun.com You can search the Sun newsgroups at http://www.dejanews.com Sun-Managers Archives are described in the answer to question 1.3 above. Some sites suggested by Jeffrey Meltzer are: * SolarisGuide - http://www.solarisguide.com * SunHelp - http://www.sunhelp.org * SolarisCentral - http://www.solariscentral.org * SunGuru - http://www.sunguru.com * SunFreeware - http://www.sunfreeware.com TechTarget has a search engine at http://searchenterpriselinux.techtarget.com that also covers Solaris. Eric De Mund suggests the BigAdmin site run by Sun, at http://www.sun.com/bigadmin Alan Pae suggests Sun Country, at http://www.ilkda.com _________________________________________________________________ 3. Network Directory and Files Services _________________________________________________________________ 3.1) How do I use DNS for hostname resolution? In Solaris 2.x, this is easy: simply edit /etc/nsswitch.conf and put "dns" before (or instead of) nis or nisplus on the line that begins with "hosts:". For example, to look up hostnames first in the host file and then in the DNS, use "hosts: files dns" _________________________________________________________________ 3.2) How do I change NIS+ credentials for the root master server? If an NIS+ system is functioning correctly and only the root password and root private keys for the system need to be changed, follow these steps: 1) Login as root for the system and change the root password in the /etc/shadow file: {root}3% passwd passwd: Changing password for root New password: Re-enter new password: {root}4% 2) Change the system's private key in the cred table: {root}4% chkey -p Updating nisplus publickey database. Reencrypting key for 'unix.ramayan at bharat.i n'. Please enter the Secure-RPC password for root: Please enter the login password for root: {root}5% 3) If running replica server(s) then wait until the changes to the credential object table has been propagated to its replicas. This could be up to 2 minutes. 4) Change the system's /etc/.rootkey: {root}5% keylogin -r Password: Wrote secret key into /etc/.rootkey {root}6% The procedure above will work for any system -- root server, root replica, non-root servers, and all clients. The steps above change only the system's root password and private keys, not the public keys for the system. Thanks to Ronald W. Henderson . However, if you want to change all the root credentials, including the public key, follow these steps: Use the passwd command on the root master server to change the root password. But DO NOT follow this with a chkey -p to update the credentials for the root master server, because this will disable the entire NIS+ domain. The only way to recover from this is to rebuild the domain from scratch! It is possible to change the credentials of the root master server, but it is not easy. The procedure follows: To change the keys for the root master server do as follows: 1. use these commands in this order: nisupdkeys -CH master.server.name. groups_dir.domain.name. nisupdkeys -CH master.server.name. org_dir.domain.name. nisupdkeys -CH master.server.name. domain.name. (This CLEARS the public key for the HOST "master.server.name" in this directory.) 2. Kill rpc.nisd and restart it at security level O then run this command: nistbladm -R cname=master.server.name. cred.org_dir.domain.name. nisaddcred des 3. Shutdown and restart any replicas of org_dir.domain.name. at run level O nisping org_dir.domain.name. nisdupdkeys domain.name. nisupddkeys org_dir.domain.name. nisupdkeys groups_dir.domain.name. 4. Kill and restart all rpc.nisd servers at level O to security level 2. Note that changing a server's key affects all directory objects containing the key. Thanks to Rogerio Rocha and Sun INFODOC ID 2213 for this information. _________________________________________________________________ 3.3) When I compile something, errors occur saying _dlopen and other _dl routines can't be found. Why? You are probably trying to compile something statically. You must either include stub routines for the _dl routines, or you must link the C library (or -ldl) dynamically. The source code below provides do-nothing stubs for the routines in question. /* libdl stubs -- John DiMarco */ char *dgettext(domainname, msgid) char *domainname; char *msgid; { return(msgid); } void *dlopen(pathname, mode) char *pathname; int mode; { return((void *)NULL); } void *dlsym(handle, name) void *handle; char *name; { return((void *)NULL); } char *dlerror() { return(NULL); } int dlclose(handle) void *handle; { return(0); } _________________________________________________________________ 4. Window Systems _________________________________________________________________ 4.1) + What Window system GUIs are supported by Sun? Sun's default window system for Solaris is CDE; Gnome is also supported. Sun's Java Desktop System and the Sunray software for Linux uses Gnome. _________________________________________________________________ 5. Disks, Tapes and SCSI _________________________________________________________________ 5.1) * What sector/head/cylinders parameters should be used for a hard disk? The format program can almost always figure this out on its own by querying the drive, but if you wish, you can specify your own in /etc/format.dat. A format.dat file containing entries submitted by various people is available for anonymous ftp at ftp://ftp.cs.toronto.edu/pub/jdd/sunmanagers/format.dat It is currently maintained by John DiMarco (jdd at cs.toronto.edu). New entries are welcome; mail them to sunmanagers-format at sunmanagers.org For SCSI disks on modern suns, a format.dat entry can be auto-generated using John DiMarco's scsiinfo program, available at ftp://ftp.cs.toronto.edu/pub/jdd/scsiinfo/. It will query the disk directly, and has an option to generate an appropriate format.dat entry. Finally, you can compute your own entry. For SCSI disks, any combination of cylinders, heads, and sectors that does not add up to more than the rated formatted capacity of the drive will normally work. A grossly different geometry may result in some slight performance degradation, but it should still work. The SCSI protocol hides most of the drive details from the host, and hence the host need not know much about the drive to format or use it. _________________________________________________________________ 5.2) * Can I replace an internal drive in a Sun with a higher capacity model? Yes, usually. If you purchase it from someone other than Sun, it is wisest to make sure that it is either a model of drive that is supported by Sun for that machine, or that it at least does not dissipate more heat than the hottest of the drives supported by Sun. The Sun Systems Handbook lists various drives supported on various models; you can query it on the web for modern Suns at http://sunsolve.sun.com/handbook_pub/Systems. For systems which are not maximally configured (e.g. there are empty internal drive bays), it might be safe to exceed this limit a bit, but caveat emptor. Disk drive heat dissipation/power figures are available on the drive's datasheet, available on the drive vendor's web site. The most relevant figure is the wattage indicated for "Read/Write" or "Seek". Unfortunately, different vendors report this in different ways; read the vendor's documentation to see what this figure indicates. This figure is sometimes indicated in amps at 5V and 12V; convert to watts by multiplying the voltage by the amperage in each case, and adding the two together. _________________________________________________________________ 5.3) Is it okay to disconnect or connect SCSI devices while powered on? On older machines (without onboard SCSI controllers), it is never a good idea to do this. You risk blowing a fuse on the CPU board, or part of the SCSI hardware. On newer machines (sparcstations and later), many people have done this regularly without problems. Halt the machine (sync;L1-A), remove or add the device, then continue. However, it is possible to blow the SCSI termination power fuse on the motherboard. If your machine hangs immediately on powerup unless the SCSI bus is externally terminated, this fuse may need to be replaced. Caveat Emptor. _________________________________________________________________ 5.4) How do I configure my sun to use Exabyte 4mm DAT tape drives? Add the following to /kernel/drv/st.conf: tape-config-list = "EXABYTE EXB-4200", "Exabyte 4mm EXB-4200", "EXBT-4200", "EXABYTE EXB-4200c", "Exabyte 4mm EXB-4200c", "EXBT-4200c" EXBT-4200 = 1,0x34,1024,0x0029,4,0x63,0,0,0,3; EXBT-4200c = 1,0x34,1024,0x0029,4,0x63,0,0x13,0,3; Exabyte also recommends that their 4mm tape drives have firmware revision levels of at least the following when used on suns: * EXB-4200 No restriction, but revision 148 or higher is recommended * EXB-4200c Level 149 minimum (mode select for compression) Thanks to Dave Hightower . _________________________________________________________________ 5.5) Why is tagged queueing a problem on my third-party disk? Tagged Command Queueing (TCQ) is an optional part of the SCSI-2 specification. It permits a drive to accept multiple I/O requests for execution later. These requests are "tagged" by a reusable id so that the drive and the OS can keep track of them. The drive can reorder these requests to optimize seeks. For more details, see the SCSI-2 specifications. A draft version is available at ftp://ftp.cs.toronto.edu/pub/jdd/scsi-doc/scsi2.10b.gz SunOS 4.x and earlier never uses tagged queueing. However, Solaris 2.x will make use of tagged queuing if the drive claims to support it. Unfortunately, some drive manufacturers have found it hard to design their drives to do tagged queueing properly, and this particular area has been a common source of bugs in drive firmware. If it is not possible to turn off tagged queueing in the drive that is causing the problem, Solaris 2.x can be told not to use tagged queueing at all, by putting the following line in /etc/system: set scsi_options & ~0x80 The "scsi_options" kernel variable contains a number of bit flags which are defined in /usr/include/sys/scsi/conf/autoconf.h. 0x80 corresponds to tagged queueing. However, this turns off tagged queueing for the entire machine, not just the problematic drive. Because tagged queueing can provide a significant performance enhancement for busy drives, this may not always be desirable. In Solaris 2.4 and later, it is possible to disable tagged queueing and set or clear other scsi options on a per-controller or per-drive basis. The appropriate technique is described in the esp(7) and isp(7) man pages. _________________________________________________________________ 5.6) Why don't third-party CD-ROMS work on my sun? When Sun first decided to add CD-ROM support, there were already a great number of systems in the field, all of which contained boot proms that expected to boot from disks with 512 byte sectors. Sun had to decide between replacing a whole lot of boot proms or finding a way to make a CDROM act like a disk with 512 byte sectors in order to support it as a boot device. They chose the latter approach. Many third party CD-ROM drives use 1024 or 2048-byte sectors, which causes the SCSI driver to see a "data overrun". When the driver asks for N "blocks" (which it thinks are 512 bytes each ) it gets more data back than it expected. Some CD-ROM drives can be told to use 512 byte sectors by setting a jumper, cutting a trace, or using a software command (mode select). Details vary widely, but if you are seeing a data overrun on a third party CD-ROM, then it is most likely doing 1K or 2K transfers and will need some work to be a boot device for a Sun. Thanks to Kevin Sheehan For more information about third-party CD-ROMS on Suns, consult the CD-ROM FAQ, maintained by Mike Frisch and Martin Hargreaves . It can be found on the World Wide Web at ""http://saturn.tlug.org/suncdfaq". A UK mirror is available at ""http://www.datamodl.demon.co.uk/suncd/". _________________________________________________________________ 5.7) What size and density parameters should I use for ufsdump with a high-capacity tape drive? The only purpose of the ufsdump size and density parameters is to let dump calculate the capacity of each tape and then decide for itself when it needs a new tape. If the filesystem you are dumping is larger than the tape, you will need to use more than one tape. But ufsdump can detect the end of media for all modern tape drives, and will automatically prompt for new tapes when needed, so as long as the size and density parameters indicate a tape as long as or longer than the one you're using, ufsdump will behave properly. Thanks to Niall O Broin _________________________________________________________________ 5.8) My floppy/cdrom device says "device busy". What do I do? The Volume Manager (vold) is probably holding the device open. You can access a floppy through the volume manager by typing "volcheck" and looking in /floppy/*. CD-ROMs don't require volcheck; just insert one and the volume manager should automatically notice, and mount it under /cdrom/*. Unmount by typing "eject floppy" or "eject cdrom", respectively. The Volume Manager can be configured by editing /etc/vold.conf. If you need to access a floppy or CD-ROM special device, however, you may need to turn off the volume manager. As root, type "/etc/init.d/volmgt stop". To turn it back on, type "/etc/init.d/volmgt start". _________________________________________________________________ 5.9) What software is available for CD-R/CD-RW? Commercial Software: GEAR by Elektoson - http://www.elektroson.com/ Young Minds - http://www.ymi.com/ - High-end integrated hardware/software solution Creative Digital Research - http://www.cdr1.com/ Joerg Schilling has developed an excellent cd recording package called cdrecord. This package should meet most needs. See http://www.fokus.gmd.de/research/cc/glone /employees/joerg.schilling/private/cdrecord.html for much more information, including supported hardware. Andy McFadden has an excellent CD-Recordable FAQ at: http://www.cdrfaq.org Thanks to Mark Belanger _________________________________________________________________ 5.10) Where is my disk space? The "du" and "df" commands disagree. If a process is holding open a file, and that file is removed, the space belonging to the file is not freed until the process either exits or closes the file. This space is counted by "df" but not by "du". This often happens in /var/log or /var/adm when a long-running process (e.g. syslog) is holding open a file. In the case of syslog, send it a HUP (e.g. kill -HUP ). You can use LSOF (ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/lsof) to find which processes are holding open a particular file. Thanks to Stefan Voss and Michael R. Zika Under Solaris 2.6 and later, files which have been unlinked can still be accessed through the /proc interface. If a process is holding open such a file for writing, but it's inconvenient or impractical to kill the process or get it to close the file, you can free up the disk space by truncating (not removing) the file from under /proc; e.g., # cd /proc/1234/fd # ls -l c--------- 1 root 24, 12 Jan 1 11:33 0 c--------- 1 root 24, 12 Jan 1 11:33 1 c--------- 1 root 24, 12 Jan 1 11:33 2 --w------- 1 root 314159265 Jan 1 11:37 3 # : > 3 # ls -l c--------- 1 root 24, 12 Jan 1 11:33 0 c--------- 1 root 24, 12 Jan 1 11:33 1 c--------- 1 root 24, 12 Jan 1 11:33 2 --w------- 1 root 0 Jan 1 11:38 3 Thanks to Dan Astoorian Brian Poole writes: Another possible cause of df & du disagreeing is if the files are being 'hidden' under a mount. I ran into this recently where I had a large number of files in /tmp (from adding patches in single user mode) that were on the root partition. Thus when I was looking for them in multiuser mode, I couldn't find them because of the tmpfs overlay. I exported the root partition via NFS and upon mounting it found the hidden files and deleted them. _________________________________________________________________ 6. Resource Management and Performance Tuning _________________________________________________________________ 6.1) How do I tell what caused my machine to crash? The crash messages will usually be displayed on the console, and are usually logged to /var/adm/messages via syslog as well after a warm reboot. In older versions of Solaris, the "dmesg" command may also show crash messages. If your system repeatedly crashes with similar looking errors, try searching through the patch list on the Sun patch database for a description that matches your machine. In versions of Solaris 2 up to and including Solaris 2.6, uncomment the "savecore" line in the file /etc/init.d/sysetup to enable crash dumps. As of Solaris 7 and later, crash dumps are enabled by default; see the manual page for dumpadm(1M) for information on how to customize system dump configuration. To report a crash dump, you need a symbolic traceback for it to be useful to the person looking at it. Type the following: cd /var/crash/`hostname` echo '$c' | adb -k unix.0 vmcore.0 The "crash" utility can be useful for analyzing crash dumps for Solaris up to and including Solaris 8. "Crash" has been superseded by "mdb" (modular debugger) as of Solaris 8. Thanks to Dan Astoorian _________________________________________________________________ 6.2) What can I do if my machine slows to a crawl or just hangs? Try running "ps" to look for large numbers of the duplicate programs or processes with a huge size field. Some system daemons occasionally can get into a state where they fork repeatedly and eventually swamp the system. Killing off the child processes doesn't do any good, so you have to find the "master" process. It will usually have the lowest pid. Another useful approach is to run vmstat to pin down what resource(s) your machine is running out of. You can tell vmstat to give ongoing reports by specifying a report interval as its first argument. The programs "top" and "sps" are good for finding processes that are loading your system. "Top" will give you the processes that are consuming the most cpu time. "Sps" is a better version of "ps" that runs much faster and displays processes in an intuitive manner. Top is available at ftp://ftp.groupsys.com/pub/top/. Sps is available at ftp://ftp.csv.warwick.ac.uk/pub/solaris2/sps-sol2.tar.gz. Doug Hughes has written a small, quick PS workalike called "qps", available from his web page at http://www.eng.auburn.edu/users/doug/second.html Sometimes you run out of memory and you won't be able to run enough commands to even find out what is wrong. You will get messages of the type "out of memory" or "no more processes". Note that "out of memory" refers to virtual memory, not physical memory. On a Solaris system, virtual memory is generally equal to the sum of the swap space and the amount of physical memory (less a roughly constant amount for the kernel) on the machine. The command "swap -s" will tell you how much virtual memory is available. You can sync the disks to minimize filesystem corruption if you have to crash the system: Use the L1-A sequence to crash the system. If you are on an older system, type "g0" and you will get the message "panic: ... syncing file systems". When you see the word "done", hit L1-A again and reboot. On systems with the "new" prom, type "n" to get into the new command mode and type "sync". _________________________________________________________________ 6.3) How do I find out how much physical memory a machine has? Use /usr/sbin/prtconf if the machine is running Solaris. If it's a sun4u running Solaris 8 or previous, /usr/platform/sun4u/sbin/prtdiag is very helpful. It's /usr/sbin/prtdiag in Solaris 9 and later. On high-end machines, /usr/sbin/cfgadm -al can also provide memory information. The banner message on reboot (or type "banner" in the monitor on machines with Openboot proms) will usually report the amount of physical memory. Alternatively, you can open up the case and count SIMMS and/or memory boards. A perl script "memconf" is also available that identifies the sizes and locations of SIMM/DIMM memory modules installed in a Sun system. It also works on several SPARC clones and with Sun Explorer data. It is maintained by Tom Schmidt . Download memconf from http://www.4schmidts.com/unix.html _________________________________________________________________ 6.4) How do I find out what my machine's memory is being used for? How can I tell if I need more memory? To discover how much virtual memory (i.e. swap) is free, run "swap -s" or "vmstat". If you're using tmpfs for /tmp, "df /tmp" will also work. Discovering how physical memory is being used can be more difficult, however. Memory pages that are not being used by processes are used as a sort of extended cache, storing pages of memory-mapped files for possible later use. The kernel keeps only a small set of pages free for short-term use, and frees up more on demand. Hence the free memory reported by vmstat is not an accurate reflection, for example, of the amount of memory available for user processes. An easy way to determine whether or not your machine needs more memory is to run vmstat and examine the po (page out) column and the sr (scan rate) column. If these columns consistently show large numbers, this suggests that your machine does not have enough memory to support its current workload, and frequently needs to write pages belonging to active processes to disk in order to free up enough memory to run the current job. _________________________________________________________________ 6.5) Why do some files take up more disk space after being copied? Why are the sizes reported by ls -l and du different? Some files -- core files being one common example -- contain "holes", areas which were seeked over without being written. These files are called "sparse". When read back, these areas appear to contain zeros; however they do not occupy disk space. The "length" of such a file (as reported by "ls -l") will exceed its "size" (as reported by "ls -s" and reflected in the results of du or df). cp, cpio, and tar do not detect holes; they read and copy the zeros, and the resulting files will contain all-zero blocks (which occupy space) where the input files contained holes (which do not). dump will detect holes in the dumped files, and restore will reproduce them. Thanks to Perry Hutchison GNU tar has an "-S" option which preserves holes, and Joerg Schilling's "star" has "-sparse" and "-force_hole" options which can be used to preserve and re-insert holes, respectively. star is available for download at ftp://ftp.fokus.gmd.de/pub/unix/star _________________________________________________________________ 7. HTTP and Anonymous FTP _________________________________________________________________ 7.1) * How do I set up anonymous ftp on my machine? See the ftpd man page, and follow its instructions. You will also need to set up nsswitch.conf in etc. However, you should consider using a different ftpd, such as http://www.wu-ftpd.org. Solaris "pkg" versions of proftpd and wuftpd are available at: http://metalab.unc.edu/pub/packages/solaris/sparc/ ftp://ftp.adelaide.edu.au/pub/4.3/ftpd-sirius.tar.Z The stock Sun ftpd will log some information if you add the "-l" flag in /etc/inetd.conf: ftp stream tcp nowait root /usr/etc/in.ftpd in.ftpd -l Warning: it will log passwords of ordinary users. Also enable syslogd by adding: daemon.info /var/adm/syslog to "/etc/syslog.conf". _________________________________________________________________ 7.2) + Where can I get a Web server for Solaris? The open-source Apache web server and related tools are available on the Solaris Software Companion CD, which is part of the media kit for the Solaris distribution. The contents of this CD are also available for free download at http://www.sun.com/software/solaris/freeware. Apache binaries can also be retrieved from the following sites and many others: * http://www.sun.com/software/solaris/freeware * ftp://metalab.unc.edu/pub/packages/solaris/sparc/ * http://www.gnu.org/order/ftp.html * http://sunfreeware.com The Sun Java System Web server is available for download from Sun at http://www.sun.com/software/products/web_srvr/home_web_srvr.xml; the Sun Java System Application Server is available for purchase from Sun at http://www.sun.com/software/products/appsrvr. _________________________________________________________________ 8. Consoles, Keyboards and Key Remapping _________________________________________________________________ 8.1) How do I make the numeric keypad on a sun keyboard work with xterm? You need to patch the /usr/lib/X11/app-defaults/XTerm and $OPENWINHOME/lib/app-defaults/XTerm files as described in sun patch 100713-01 or later. Thanks to Margarita Suarez _________________________________________________________________ 8.2) How do I swap the CAPS LOCK and CONTROL keys on a sun keyboard? There are two ways to do it, one with xmodmap (for X11 only), and the other using keytables. Margarita Suarez suggests editing $OPENWINHOME/etc/keytables/US5.kt. There are two places where keys 119 (CapsLock) and 76 (Control) should be swapped: the MODMAP section and the KEYSYMMAP section. The latter is most important, because that's where the "Pseudo-Lock" function (which controls the locking behaviour of the key) is defined. Doug Hughes suggests using xmodmap with the following: remove Lock = Caps_Lock remove Control = Control_L keysym Control_L = Caps_Lock keysym Caps_Lock = Control_L add Lock = Caps_Lock add Control = Control_L In X11, you can change your keyboard layout as you please using the xkeycaps application, which allows you to edit and remap your keyboard on the fly, as well as save configurations to be sourced by xmodmap. xkeycaps is available from http://www.jwz.org/xkeycaps/ and in the contrib section of your friendly X11 source archive. Thanks to Dan Pritts for the info on xkeycaps. _________________________________________________________________ 8.3) How do I use a Windows PC for a Sun serial console? Wire up a serial cable from the Sun's serial cable to one of the PC serial ports. PC serial ports are usually (but not always) DB9 (9-pin), while Sun serial console ports are usually (but not always) 25-pin (DB25). You generally need to connect them through a "null modem adapter". For more information on serial ports, see Sunhelp's UNIX serial port resources page, at http://www.sunhelp.org/unix-serial-port-resources The next problem is that the version of Hyperterminal which comes with some versions of Windows cannot generate a BREAK signal. You can obtain a new version of Hyperterminal from http://www.hilgraeve.com/htpe/index.html There are many free alternative terminal programs. Special mention should be made of TeraTerm: http://hp.vector.co.jp/authors/VA002416/teraterm.html which has been updated with SSH support as Teraterm Pro, which is available from http://www.ayera.com/teraterm For newer suns which support ALOM, a serial or telnet connection to the ALOM is generally preferable. A pinout of the serial RJ-45 ALOM connector can be found in Sun's "Sun Advanced Lights Out Manager (ALOM) 1.6 Administration Guide". Thanks to Harvey Wamboldt _________________________________________________________________ 9. Sun models and OS Versions _________________________________________________________________ 9.1) * Which Sun models run which versions of SunOS? SunOS 5.x = Solaris 2.x Sun dropped the "2." when Solaris (2.)7 came out. i.e. Solaris 7 = "Solaris 2.7" = SunOS 5.7, Solaris 8 = "Solaris 2.8" = SunOS 5.8 and so on. In the following list, the specified OS is the earliest supported on the specified hardware. Some CPU modules may require later OS versions than listed. * Ultra 1 model 140, 170: Solaris 2.5 * Ultra 1 model 140E, 170E, 200E: Solaris 2.5.1 * Ultra 2: Solaris 2.5.1 * Ultra 5,10,30,60,250,450: Solaris 2.5.1HW1297 or Solaris 2.6HW0398 * Ultra Enterprise: Solaris 2.5.1 * SunBlade 100, SunBlade 1000: Solaris 8HW1000 * SunBlade 150: Solaris 8 5/03; Solaris 9 4/03 * 3800, 4800, 4810, 6800: Solaris 8HW0401 * B100s: Solaris 8 12/02, Solaris 9 4/03 * V100: Solaris 8 2/02 * V120: Solaris 8 10/01 * V210, V240: Solaris 8 12/02, Solaris 9 4/04 * V250: Solaris 8 7/03, Solaris 9 8/03 * 280R: Solaris 8 2/02, Solaris 9 12/02 * V440: Solaris 8 7/03, Solaris 9 12/03 * V490,V890: Solaris 8 2/04, Solaris 9 4/04, Solaris 10 3/05 * V880: Solaris 8 10/01, Solaris 9 4/03 * E2900,E4900,E6900: Solaris 8 2/04, Solaris 9 4/04, Solaris 10 3/05 * B200x, v20z, v40z: Solaris 9 x86 4/04 * v20z,v40z single-core: Solaris 10 x86, Solaris 9 HW 4/05 x86 * v20z,v40z dual-core: Solaris 10 x86, Solaris 9 HW 9/05 x86 * X2100: Solaris 10 x86 * X4100,4200: Solaris 10 x86 3/05HW1 * T1000: Solaris 10 1/06 * T2000: Solaris 10 3/05HW2 9.2) How can my program tell what model Sun it is running on? On older suns, the model type is encoded in the hostid, and /usr/sbin/prtconf will reveal the model type. "Suntype", written by John DiMarco (jdd at cs.toronto.edu) is a shell script which does the appropriate thing on all suns. It is available for anonymous ftp at ftp://ftp.cs.toronto.edu/pub/jdd/suntype Alternatively, grab Michael Cooper's "sysinfo" program, which provides all sorts of information about a given system, including the machine type. sysinfo is available on the web at http://www.magnicomp.com/, although it is now a commercial product that is free only for educational and non-profit organizations. _________________________________________________________________ 9.3) How do I find out a Sun's boot prom revision? Type "banner" at the prom, or type "/usr/sbin/prtconf -V" to determine the prom revision of a particular machine. Alternatively, grab Michael Cooper's "sysinfo" program, which provides all sorts of information about a given system, including the prom revision. sysinfo is available on the web at http://www.magnicomp.com, although it is now a commercial product that is free only for educational and non-profit organizations. _________________________________________________________________ 9.4) * Which hardware/software is capable of 64-bit? Which is only 64-bit? How can I tell which is running? All UltraSPARC and SPARC64 (Primepower) hardware is capable of running in 64-bit mode; earlier SPARCs (HyperSPARC, SuperSPARC, etc.) are 32-bit only. Only some UltraSPARC-I, UltraSPARC-II, and UltraSPARC-II-i systems are capable of both 32-bit and 64-bit operation; later UltraSPARC systems are 64-bit only. Early UltraSPARC-I hardware (up to 200MHz) suffers from a bug where, in 64-bit mode, a certain code sequence can cause the processor to stall, and thus UltraSPARC-I machines run in 32-bit mode by default. To allow a 64-bit kernel on such a machine, edit/create /platform//boot.conf and add the line: ALLOW_64BIT_KERNEL_ON_UltraSPARC_1_CPU=true All Sun Opteron hardware is capable of both 64-bit and 32-bit operation, but Solaris x86 on some Opteron models (X2100, X4100, X4200) runs in 64-bit mode only. Sun Xeon and Pentium-III hardware are capable only of 32-bit operation. "isainfo -kv" or "isainfo -b" will indicate whether a system is running in 32-bit or 64-bit mode. _________________________________________________________________ 10. Miscellaneous Software _________________________________________________________________ 10.1) My remote ufsdump is failing with a "Protocol botched" message. What do I do? The problem produces output like the following: ... DUMP: Dumping /dev/rsd0a (/) to /dev/nrst8 on host foo DUMP: mapping (Pass I) [regular files] DUMP: mapping (Pass II) [directories] DUMP: estimated 8232 blocks (4.02MB) on 0.00 tape(s). DUMP: Protocol to remote tape server botched (in rmtgets). rdump: Lost connection to remote host. DUMP: Bad return code from dump: 1 This occurs when something in .cshrc (or .profile) on the remote machine prints something to stdout or stderr (eg. stty, echo). The remote ufsdump command doesn't expect this, and chokes. Other commands which use the rsh protocol (eg. rdist, rtar) may also be affected. The way to get around this is to add the following line near the beginning of .cshrc, before any command that might send something to stdout or stderr: if ( ! $?prompt ) exit This causes .cshrc to exit when prompt isn't set, which distinguishes between remote commands (eg. rdump, rsh) where these variables are not set, and interactive sessions (eg. rlogin) where they are. _________________________________________________________________ 10.2) * Where can I get a C compiler for Solaris? Sun's "Studio" compiler suite can be obtained at http://www.sun.com/software/products/studio. Various third-party commercial SPARC compilers are also available, including: * http://www.ghs.com * http://www.apogee.com * http://www.windriver.com * http://www.pgroup.com * http://www.intel.com (Solaris x86 only) The open-source GCC compiler and related tools are available on the Solaris Software Companion CD, which is part of the media kit for the Solaris distribution. The contents of this CD are also available for free download at http://www.sun.com/software/solaris/freeware Thanks to Eric Boutilier GCC binaries can be retrieved from the following sites and many others: * http://www.sun.com/software/solaris/freeware * ftp://metalab.unc.edu/pub/packages/solaris/sparc/ * http://www.gnu.org/order/ftp.html * http://sunfreeware.com More information on this topic is available at http://www.kevininscoe.com/geek/sun/compilesun/ Thanks to Kevin Inscoe _________________________________________________________________ 10.3) How do I read Microsoft Word documents on my Sun? You can obtain some of the raw content of the document by using the "strings" command. Note that Word documents (and documents produced by other Microsoft Office programs, like Excel) can sometimes contain hidden information that is not normally accessible from Word, but is visible using "strings" (this can be a good reason not to distribute documents in MS Office formats). It is possible to run some versions of Microsoft Word on your Sun, using Bochs, WABI, SoftWindows, WinCenter, WinDD, SunPC, or some other Windows integration product. You can use a word-processor that can import the various MS Word formats. For example, Word Perfect from Corel Corporation is capable of reading and saving in various MS Word formats. Word Perfect is available for several versions of UNIX, including SPARC/Solaris 2.x. Sun's StarOffice is available for various operating systems, including Solaris/SPARC, from http://www.sun.com/staroffice. OpenOffice is also freely available for Solaris x86 and SPARC from http://www.openoffice.org. From a PC/Mac, you can print postscript output to a file, and view the postscript on the Sun using docviewer or ghostscript/ghostview. Thomas Anders points out that LAOLA (a Perl4 package that can read Word6 and Word7 format is available on the web at http://user.cs.tu-berlin.de/~schwartz/pmh/. Another option (suggested by Thomas ) is a GPL-licensed command-line utility called "antiword". His mutt mailcap file is setup as follows: application/msword; antiword %s; copiousoutput; description="Microsoft Word Tex t"; nametemplate=%s.doc Antiword is available from http://www.winfield.demon.nl. _________________________________________________________________ 10.4) How do I restore to a different location the contents of a tarfile created with absolute pathnames? Tarfiles should not normally be created with absolute pathnames, only with relative pathnames. Do not type "tar c /path/name" to create a tar archive, type "(cd /path; tar c name)" instead. Note: if you do "(cd /path/name; tar c .)", you will indeed avoid absolute pathnames, but beware that the tarfile created may silently overwrite the permissions of the current directory when unpacked. That's OK if you unpack it via: "mkdir name; cd name; tar xf /my/tarfile.tar That's not OK if you unpack it via: "cd /tmp; tar xf /my/tarfile.tar" It's not OK because you will change the permissions of /tmp. If you do have an archive created with absolute pathnames, you can unpack it in a different location by using GNU's version of tar, which will strip off the leading /. Alternatively, you can use pax to strip off the leading /, as follows: pax -r -s '/^\///' and Stephen Kives _________________________________________________________________ 11. Miscellaneous Hardware _________________________________________________________________ 11.1) * How come my mouse occasionally doesn't work? If it is a mechanical mouse, it may need cleaning. Open up the bottom panel by rotating it, and remove the mouse ball. Clean the mouse ball. With a Q-tip, clean off any grime on the rotors inside the mouse. _________________________________________________________________ 11.2) How can I turn my old sun into an X-Terminal? You can simply replace the ttymon entry for the console in /etc/inittab with a command that starts up an X server. _________________________________________________________________ 11.3) * How can I use an SVGA monitor on my Sun? Some older suns use a 13W3 video connector, which looks something like this: ----------------- \ O O ::::: O / ------------- A simple adapter will connect a Sun to a SVGA multi-sync monitor, providing the monitor (like most better monitors these days) will accept composite sync and operate in 1152x900 66 Hz (or whatever output your sun produces) mode. (Check the manufacturer's data sheets, usually on the Web.) Similarly, adapters are available to connect Sun 13W3 monitors to PCs or newer Suns with SVGA connectors. Adapters are available from many vendors: search for 13W3 on Google. This and many other interesting facts about Sun video are answered in the Framebuffer FAQ, at one of: * http://www.uark.edu/sunfaq/FrameBuffer.html * http://bul.eecs.umich.edu/~crowej/sunfaq/FrameBuffer.html A related FAQ by the same person is the Colormap FAQ at one of: * http://www.uark.edu/sunfaq/ColormapFAQ.html * http://bul.eecs.umich.edu/~crowej/sunfaq/ColormapFAQ.html _________________________________________________________________ 11.4) Where can I find alternate pointing devices for my Sun? Bert N. Sure claims that Mousetrak makes an excellent line of pointing devices. The url is "">http://www.mousetrak.com". SunExpress (http://sunexpress.usec.sun.com) and Qualix (http://www.qualix.com) distribute them. Bert uses the top-of-the-line "Evolution" trackball, which has six user-definable buttons and a large ball which is manufactured by a billiard ball company in Belgium. For 3-D input, SunExpress (http://sunexpress.usec.sun.com) sells the SpaceBall 3003, in addition to the standard Sun "SunDials" product. Dan Pritts indicates that one can buy a box from sun called the sun interface converter for $75 that allows you to use a ps/2-style keyboard or pointing device, or both, and still use your sun keyboard or mouse. In particular, the sun interface converter supports the Microsoft "natural keyboard". _________________________________________________________________ 12. Networking _________________________________________________________________ 12.1) Why do both my net interfaces have the same ethernet address? The Ethernet version 2.0 specification (November 1982) states: The physical address of each station is set by network management to a unique value associated with the station, and distinct from the address of any other station on any Ethernet. The setting of the station's physical address by network management allows multiple multiple data link controllers connected to a single station to respond to the same physical address. This doesn't normally constitute a problem because each interface will typically be on a different subnet. If, for some reason, different ethernet addresses are required on different interfaces (for example, to attach two interfaces to the same subnet), a new one may be assigned using the ifconfig command. Alternatively, for all modern Sun hardware, you can set the "local-mac-address?" eeprom variable to "true", which will cause each NIC to use a unique MAC address. This is needed for many failover and trunking configurations. _________________________________________________________________ 12.2) How can I know the hardware vendor from an ethernet address? The first three octets of a six-octet ethernet address typically uniquely identifies the hardware vendor of the particular network interface card. This is called the "Organizationally Unique Identifier" (OUI). OUI information, including the most recent list of public OUIs can be found at http://standards.ieee.org/regauth/oui Note that it is possible that an unidentified OUI could be used, since vendors are not required to make their OUIs public, and many network interfaces, including Suns, can be configured to use a custom ethernet address, so there is no guarantee that the OUI will correctly identify the vendor. _________________________________________________________________ 12.3) * How do I set my ethernet interface to e.g. 100Mb full duplex? The answer to this question assumes you have an hme ethernet interface; similar techniques should work for other ethernet interfaces; consult the man page for the ethernet driver (e.g. if you have an eri driver, "man eri") for more details. If you are not sure which ethernet driver is in use, "ifconfig -a" will tell you. For example, if ifconfig -a shows e.g. "hme0", you have an hme ethernet interface. All of Sun's ethernet network interfaces faster than 10Mbits are capable of negotiating with a network switch; if this is working, the ethernet interface will automatically choose the fastest supported setting. However, this may not necessarily work with some networking gear, or there may be some other reason to choose a slower setting, e.g. cat3 wiring. If the two ends have different ideas about what mode the link is, you may see "late collision" messages, dropped packets, or complete failure. To force a particular mode, e.g. 100Mb FD, you can use ndd as follows: # turn off autonegotiation ndd -set /dev/hme adv_autoneg_cap 0 # turn on 100Mb full-duplex capability ndd -set /dev/hme adv_100fdx_cap 1 # turn off 100Mb half-duplex capability ndd -set /dev/hme adv_100hdx_cap 0 # turn off 10Mb full-duplex capability ndd -set /dev/hme adv_10fdx_cap 0 # turn off 10Mb half-duplex capability ndd -set /dev/hme adv_10hdx_cap 0 You may have to force the other end (e.g. switch) to use the same mode. Consult the manual for your switch. NB: Fast ethernet hubs are always 100Mb half-duplex, and ethernet hubs are always 10Mb half-duplex. If you have more than one hme card in your system, before issuing the above ndd commands, you need to first select the specific hme card you want to set. For example, to select hme2, type: ndd -set /dev/hme instance 2 Subsequent ndd commands to /dev/hme will only apply to hme2. If you want to force all the hme cards on your system to a specific mode at machine boot, you can set hme driver variables in /etc/system. For example, to force all hme cards on the system to use 100Mbit FD, put the following in /etc/system: set hme:hme_adv_autoneg_cap=0 set hme:hme_adv_100fdx_cap=1 set hme:hme_adv_100hdx_cap=0 set hme:hme_adv_10hdx_cap=0 set hme:hme_adv_10fdx_cap=0 _________________________________________________________________ 12.4) How do I find out what process is using a particular port? Ports are held open in the same way as files are, by file handles within the process. In most states, a port will also have a handle into another process on the other side of that connection. If you need to find out which process is holding open a particular port, run lsof (ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/lsof) and grep for the port number. Thanks to Stuart Whitby _________________________________________________________________ 12.5) I have a lot of ports in WAIT states. Why? The state of sockets can be seen with the "netstat -a" command. When a process attempts to close an ESTABLISHED connection, the transition will show a number of WAIT states, depending on which stage of the shutdown the port is at. When the initial FIN is sent from side a) of the connection, side a) will change to FIN_WAIT_1, side b) will change to CLOSE_WAIT, and acknowledge the FIN packet. The acknowledgement causes side a) to change to FIN_WAIT_2. A socket will rarely be in FIN_WAIT_1 for more than a couple of seconds unless there is a problem with communications. In this state, data may still be sent from side b) to side a), but not vice versa. When side b) receives a close from the associated application, or the FIN_WAIT_2_FLUSH_INTERVAL is reached without data being sent, it will send a FIN and change to LAST_ACK. Side a) moves to TIME_WAIT upon receiving this FIN and acknowledges the packet, causing any references to this connection on side b) to disappear. The socket in TIME_WAIT will remain for twice the maximum segment lifetime (normally a total of four minutes) before dropping, in case dropped data packets are resent and misinterpreted by a new application on this port. Thanks to Stuart Whitby _________________________________________________________________ 13. Electronic Mail _________________________________________________________________ 13.1) * Where can I get a POP or IMAP server for my sun? The PINE email package comes with both a POP and an IMAP server. PINE can be found at http://www.washington.edu/imap. An old, unmaintained Berkeley popd can be found at ftp://ftp.cc.berkeley.edu/pub/pop (not recommended), and Casper Dik's enhanced version of this for Solaris is found at ftp://ftp.fwi.uva.nl/pub/solaris/. A POP server can also be found as part of the Eudora ftp repository, at ftp://ftp.qualcomm.com/quest/unix/servers. A faster alternative is the CMU Cyrus IMAP server, which changes the mailbox format to something that is more efficient. It can be found at ftp://ftp.andrew.cmu.edu/pub/cyrus-mail. The Courier IMAP daemon also takes a similar approach; it's available at http://www.courier-mta.org/imap. Finally, Dovecot takes an intermediate approach by using the standard mailbox format but adding some autogenerated index files; Dovecot is available at http://dovecot.org. If a commercial package is desired, there are many, including Sun's Internet Mail Server. See http://www.sun.com _________________________________________________________________ 14. Printing _________________________________________________________________ 14.1) + How do I get started with LP-style printing in Solaris? Printing is configured using the "lpadmin" interface, which is extensively documented. For a general overview, however, start with the basic principles of Solaris printing, documented at http://developers.sun.com/solaris/articles/basicprinting.html, and the Solaris printing FAQ, at http://www.freelab.net/unix/sun/solarisfaq/printfaq.html. More information about printing in Solaris is available at http://www.opensolaris.org/os/community/printing/history. _________________________________________________________________ 14.2) How do I configure a non-postscript printer for postscript? Use the Printer Compatibility Database at http://www.linuxprinting.org (http://www.linuxprinting.org/database.html) to find out if a ghostscript driver is available for your non-PS printer. Then you can use ghostscript to translate postscript to something the printer can understand. There are various "any2ps" scripts and packages around (apsfilter, cups, foomatic, magicfilter). Ghostscript and foomatic are bundled in Solaris 10. Apsfilter in particular is one of the most flexible filters available: the most recent version can be found at http://www.apsfilter.org. For Solaris 2.x or later, you will need to add a BSD-style printing package such as LPRng (http://www.lprng/org): the system-V-style "lp" printing package that comes with Solaris will not easily work with apsfilter. Thanks to Andreas Klemm for this information. A much older version of APSfilter was posted to comp.sources.misc as part of volume 42, and is available from a comp.sources.misc archive site (eg. ftp://ftp.uu.net/usenet/comp.sources.misc/volume42/apsfilter). If you are using Solaris, follow Alexander V. Panasyuk's instructions in http://cfauvcs5.harvard.edu/SetGSprinter4Solaris.html _________________________________________________________________ 15. Misc System Administration _________________________________________________________________ 15.1) I've forgotten the root password; how can I recover? You need to have access to the machine's console. 1. Note the root partition (e.g. /dev/sd0a or /dev/dsk/c0t3d0s0) 2. Hit STOP-A or L1-A (or, on an ASCII terminal or emulator, send a ) to halt the operating system, if it's running. 3. Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart server (boot net -s) (NB: if it asks you for a prom password, see below.) 4. Mount the root partition (e.g. /dev/dsk/c0t3d0s0) on "/a". "/a" is an empty mount point that exists at this stage of the installation procedure. (mount /dev/dsk/c0t3d0s0 /a) 5. Set your terminal type so you can use a full-screen editor, e.g. vi. (you can skip this step if you know how to use "ex" or "vi" from open mode). If you're on a sun console, type "TERM=sun; export TERM"; if you're using an ascii terminal (or terminal emulator on a PC) for your console, set TERM to the terminal type (e.g. TERM=vt100; export TERM). 6. Edit the passwd file (/a/etc/passwd for SunOS 4.x, /a/etc/passwd.adjunct for SunOS 4.x with shadow passwords/C2 security), /a/etc/shadow for Solaris 2.x and remove the encrypted password entry for root 7. cd to /; Type "umount /a" 8. reboot as normal in single-user mode ("boot -s"). The root account will not have a password. Give it a new one using the passwd command. Thanks to Stefan Voss PROM passwords: Naturally, you may not want anyone with physical access to the machine to be able to do the above to erase the root password. Suns have a security password mechanism in the PROM which can be set (this is turned off by default). The man page for the eeprom command describes this feature. If security-mode is set to "command", the machine only be booted without the prom password from the default device (i.e. booting from CD-ROM or install server will require the prom password). Changing the root password in this case requires moving the default device (e.g. the boot disk) to a different SCSI target (or equivalent), and replacing it with a similarly bootable device for which the root password is known. If security-mode is set to full, the machine cannot be booted without the prom password, even from the default device; defeating this requires replacing the NVRAM on the motherboard. "Full" security has its drawbacks -- if, during normal operations, the machine is power-cycled (e.g. by a power outage) or halted (e.g. by STOP-A), it cannot reboot without the intervention of someone who knows the prom password. _________________________________________________________________ 15.2) How do I disable/remap STOP-A/L1-A? First, be sure you want to do this. If the problem is that users are halting and rebooting the machine, note that disabling STOP-A will merely prompt them to powercycle the machine (or remove and re-insert the keyboard plug) instead. This is actually worse. But if you're sure you want to do this, compile and run this little program. /* Enable or disable abort sequence. John DiMarco */ #include #include #include #include #ifdef FILENAME_MAX #include #include #else /* !FILENAME_MAX */ #include #include #endif /* !FILENAME_MAX */ #define ERR -1 #define DISABLE 0 #define ENABLE 1 #define KEYBOARD "/dev/kbd" main(argc,argv) int argc; char *argv[]; { static struct kiockey k; int fd, mode=ERR; if(2==argc){ switch(*(argv[1])){ case 'e': mode=ENABLE; break; case 'd': mode=DISABLE; break; } } if(ERR==mode){ printf("Usage: %s [enable|disable]\n", argv[0]); exit(1); } if(0>(fd=open(KEYBOARD, O_RDWR))){ perror(KEYBOARD); exit(1); } k.kio_tablemask = KIOCABORT1; k.kio_station=mode; (void)ioctl(fd, KIOCSETKEY, &k); printf("Abort sequence is now %s.\n", mode?"enabled":"disabled"); } Stefan Voss points out that in Solaris 2.6 or later, you can type "kbd -a enable|disable" or put "KEYBOARD_ABORT=enable|disable" in /etc/default/kbd. As of Solaris 2.6 with patch 105924-10 installed, Solaris 7 with patch 107589-02 installed, or Solaris 8, you can also set the abort sequence to the Alternate Break character sequence (" ~ ", with at least half a second between characters, and at most 5 seconds for the whole string) with the command "kbd -a alternate", or by putting "KEYBOARD_ABORT=alternate" into /etc/default/kbd. Alternatively, you can disable all break signals by putting the line: set abort_enable=0 into /etc/system, and rebooting. Thanks to Dan Astoorian _________________________________________________________________ 15.3) How do I manage services in Solaris 10 and later? Do I still make links in /etc/rc*.d? In Solaris 10 build s10_64 and later, Sun introduced the service management facility (smf) which makes /etc/init.d and /etc/rc?.d scripts "legacy". Management of the services is now done through svc* commands. The legacy init.d scripts are now specified as running in run-level "milestone". From the man pages: * /etc/rcS.d (milestone/single-user:default) * /etc/rc2.d (milestone/multi-user:default) * /etc/rc3.d (milestone/multi-user-server:default) Each service name is now named with a Fault Management Resource Identifier (FMRI) with the scheme "svc:". For example, the sendmail service would have be "svc:/network/smtp:sendmail". You can also abbreviate the FMRI by using the instance name (e.g. sendmail) or using the last parts of the service name like: * sendmail * :sendmail * smtp:sendmail To check all services in the machine, run "svcs -a". From the list, you can enable and disable services through "svcadm". To disable, use "svcadm disable [options] ". For example: svcadm disable svc:/network/smtp:sendmail or svcadm disable sendmail One useful option is "-t", to temporarily disable the service until reboot. To enable, use "svcadm enable [options] ". For example: svcadm enable svc:/network/smtp:sendmail Useful options are "-r" to enable the service including all dependencies, and "-t" to temporarily disable the service until reboot. Dependencies and other information on the service can be invoked via "svcs -l " As an alternative to using "ps" to check service processes, you can now use "svcs -p " to list the processes associated with the service. For further information, check the man pages on smf, svcs, svcadm and svcfg. Thanks to Neil Quiogue From torgenes at gmail.com Thu Oct 2 01:51:55 2008 From: torgenes at gmail.com (Tumsifu Orgenes) Date: Thu, 2 Oct 2008 08:51:55 +0300 Subject: CITRIX ERROR Message-ID: Hello,I am having problems with citrix. The citrix used to launch application properly but suddenly from nowhere it gives SSL error which says 'The *Citrix SSL* Relay name could not be resolved (*SSL error* 40)' Please assist. Rgds, Torgenes From Rob.McMahon at warwick.ac.uk Thu Oct 2 03:16:29 2008 From: Rob.McMahon at warwick.ac.uk (Rob McMahon) Date: Thu, 02 Oct 2008 08:16:29 +0100 Subject: SUMMARY: Sun Dual GigE on V890 In-Reply-To: <48D0D38D.7080607@warwick.ac.uk> References: <48CFE25A.9090205@warwick.ac.uk> <48D0D38D.7080607@warwick.ac.uk> Message-ID: <48E4754D.1050007@warwick.ac.uk> Rob McMahon wrote: >> I've just installed a shiny new X7285A Sun PCI-X Dual GigE UTP Low >> Profile card in a V890 running Solaris 10: >> >> SunOS narcissus 5.10 Generic_118833-36 sun4u sparc SUNW,Sun-Fire-V890 >> Solaris [... which the e1000g0 driver ignored ...] Having had the chance for some downtime, this was fixed by installing the latest 10_Recommended patch cluster. Cheers, Rob -- E-Mail: Rob.McMahon at warwick.ac.uk PHONE: +44 24 7652 3037 Rob McMahon, IT Services, Warwick University, Coventry, CV4 7AL, England From Ugo.Balestrieri at alcatel-lucent.it Thu Oct 2 09:10:15 2008 From: Ugo.Balestrieri at alcatel-lucent.it (BALESTRIERI UGO) Date: Thu, 2 Oct 2008 15:10:15 +0200 Subject: Oracle 10g export on Solaris 10 Message-ID: <72B2DB3EB0EAE243B7613C6F00B7C16FB0A4F6@FRVELSMBS21.ad2.ad.alcatel.com> Hi all; I need to export all my oracle 10g db on Solaris 10, I tried at first with one table using the following commands with some errors : SQL> CREATE DIRECTORY dpump_dir1 AS '/usr/apps/datafiles'; >From oracle unix user : /var/home/oracle $ expdp tables=QOSSYSTAP directory=dpump_dir1 dumpfile=exppQOSSYSTAP.dmp job_name=QOSSYSTAP_EXPORT Export: Release 10.2.0.3.0 - 64bit Production on Wednesday, 01 October, 2008 17:22:46 Copyright (c) 2003, 2005, Oracle. All rights reserved. UDE-00008: operation generated ORACLE error 1034 ORA-01034: ORACLE not available ORA-27101: shared memory realm does not exist SVR4 Error: 2: No such file or directory UDE-00003: all allowable logon attempts failed Have anybody faced the same result ? Thanks in advance, Ugo _______________________________________________ sunmanagers mailing list sunmanagers at sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers From rdimpson at yahoo.com Thu Oct 2 14:24:10 2008 From: rdimpson at yahoo.com (Rob dimpson) Date: Thu, 2 Oct 2008 11:24:10 -0700 (PDT) Subject: Solaris 10 + HP Jetadmin Message-ID: <167316.40437.qm@web57412.mail.re1.yahoo.com> Folks, I have Jetadmin as my print server on Solaris 8 and want to upgrade it to Solaris 10. I know it is officially not supported. Is there any issues I need to know. Is there any other alternative to JetAdmin, I dont wanna use CUPS or any other opensource product. Would be happy to use anything which is supported by vendor. Thanks, Rob From Jerry.Springer at aa.com Thu Oct 2 14:29:07 2008 From: Jerry.Springer at aa.com (Springer, Jerry) Date: Thu, 2 Oct 2008 13:29:07 -0500 Subject: FW: NFS Mounts from multiple NAS heads Message-ID: <3F8BC906B0EB2F489BD054C60C759A7A2AEC946DE8@cdcdc0043100.corpaa.aa.com> We have a setup where we have 2 servers located in different facilities for DR purposes. Each facility has a NAS device with the data being replicated between the them. Both servers will NFS mount a filesystem from the NAS device at one of the facilities. In the event that the NAS device goes down or the whole facility goes down, the server needs to be able to detect that it's NFS mount is now stale (or that the NAS is no longer responding) and then mount the filesystem from the NAS in the other facility. How can server B detect that the NFS server (aka NAS head) that was serving the mount is now gone/ no longer responding? Jerry Springer Sr. Infrastructure Engineer Technology Architecture & Engineering American Airlines(r) MD 4362 HDQ2 Office: 817-931-3145 Fax: 817-963-4965 email: jerry.springer at aa.com From Brad_Rosser at health.qld.gov.au Thu Oct 2 22:03:08 2008 From: Brad_Rosser at health.qld.gov.au (Brad Rosser) Date: Fri, 03 Oct 2008 12:03:08 +1000 Subject: LDAP client behaviour - Solaris 9 vs 10 Message-ID: <48E609FC02000016000252B3@gwiaext.health.qld.gov.au> Hi, I'm in the midst of converting our organisation's Solaris Naming Services infrastructure from NIS to LDAP and I've come across some differences in the way clients access the LDAP server depending on whether they are running Solaris 9 or Solaris 10. Everything seems to be working for both operating systems despite the differences under the hood ... I'd just like to ask if the Solaris 9 behaviour in particular is as expected, or whether things can be tuned/optimised better. I'm running Sun Java Directory Server Enterprise Edition 6.3 on a Solaris 9 system and am starting to test it with Solaris 9 (9/05) and Solaris 10 (5/08) clients. I've set up my profile to have proxy credential authentication using 'simple' authentication for standard LDAP services but 'tls:simple' for pam_ldap and passwd services. I.e. the pertinent parts of the profile with regard to the above, from 'ldapclient list' output, is as follows: NS_LDAP_BINDN= uid=hostproxy,ou=People,dc=..... NS_LDAP_AUTH= simple NS_LDAP_SERVICE_AUTH_METHOD= pam_ldap:tls:simple NS_LDAP_SERVICE_AUTH_METHOD= keyserv:tls:simple NS_LDAP_SERVICE_AUTH_METHOD= passwd-cmd:tls:simple I did most of my principal testing with a Solaris 10 client, and the behaviour I observed from looking at the LDAP server log and the occasional snoop showed what I thought was the correct behaviour in the following types of connections being made: #1 - on the boot of the client a couple of anonymous connections would search for attributes 'supportedControl' and 'supportedSASLMechanisms' on the base root of the LDAP server. Similar connections would be made periodically every five minutes. #2 - on boot an LDAP connection would be made, bound to the proxy, searching for the profile; #3 - a persistent LDAP connection would be made, bound to the proxy, which conducted multiple searches, all associated with name service activity requested by the client during its normal operation, for the lifetime of the client's uptime; #4 - Encrypted (SSL) LDAPS connections would be made to the LDAP server whenever a user logged in or changed his password. The LDAPS connections would be bound to the user concerned. This all made perfect sense as far as I was concerned. I'm not sure what was generating the #1 connections every five minutes - the LDAP cache daemon on the client? I'd guess that the #3 persistent connection was held open by that daemon - or maybe nscd? - to forward all the naming service queries requested by the machine. And pam_ldap/passwd operations were made by SSL connections and bound to the user concerned. But recently I've set up a Solaris 9 client using exactly the same procedure ('ldapclient init' using the same profile and so forth) and I've noted quite markedly different behaviour: A. There seems to be no 'persistent', long-running connection such as #3 above. Every single name service request that the Solaris 9 client makes seems to result in a separate, short-lived LDAP connection which is created, bound to the proxy, runs the search and then terminates. B. When a user changes his password it is stored in the LDAP server in {crypt} format. Yet when a user changes his password on a Solaris 10 client it is stored in {SSHA} format on the LDAP server. C. Logging in via ssh on the Solaris 9 client seems to show that it has multiple personalities. :-) After entering a user name I'm given a 'Password:' prompt. If I enter the correct password I am logged in ... but a standard, non-encrypted, 'LDAP' connection is made to the LDAP server and bound to the user. But if I enter the wrong password I am then given a second prompt - 'LDAP Password:' - and if I enter the correct password this second time I am logged in ... and an SSL, 'LDAPS' connection is made and bound to the LDAP server. I'd appreciate any advice or discussion about these observed differences between Solaris 9 and Solaris 10 clients. Begin a newcomer to LDAP I was happy with the Solaris 10 behaviour - it seemed to behave exactly as I expected - so the Solaris 9 activity shook me somewhat. Is (A) normal for Solaris 9 clients? One of the improvements made to Solaris 10 being the 'caching' activity (of the LDAP cache daemon?) and standard name service requests consigned to a long-running persistent connection? Why are user passwords stored in {crypt} format under Solaris 9? I guess I'm not fully conversant with all the intricacies of how passwords are managed; I haven't elected to encrypt 'userPassword' - the command 'dsconf list-encrypted-attrs' gives zero output - but with the behaviour of the Solaris 10 client I (naively) assumed that 'userPassword' was encrypted on the LDAP server anyway. :-) From my reading of the LDAP server documentation I'm fuzzy on whether the 'userPassword' is a special case that is always encrypted regardless. The behaviour of (C) really puzzles me. Do I have to adjust the Solaris 9 pam.conf to modify the behaviour of login/sshd to remove the LDAP connections made in the clear up login? I *don't* have any special entries in the pam.conf files for either Solaris 9 or Solaris 10 clients; do I (for some reason) need 'sshd' entries for the pam.conf for Solaris 9? Any references to documentation on these sorts of mysteries, or documentation out there on the differences between Solaris 9 and Solaris 10 LDAP behaviour would be most gratefully received. Thanks, Brad ***************************************************************************** *** This email, including any attachments sent with it, is confidential and for the sole use of the intended recipient(s). This confidentiality is not waived or lost, if you receive it and you are not the intended recipient(s), or if it is transmitted/received in error. Any unauthorised use, alteration, disclosure, distribution or review of this email is strictly prohibited. The information contained in this email, including any attachment sent with it, may be subject to a statutory duty of confidentiality if it relates to health service matters. If you are not the intended recipient(s), or if you have received this email in error, you are asked to immediately notify the sender by telephone collect on Australia +61 1800 198 175 or by return email. You should also delete this email, and any copies, from your computer system network and destroy any hard copies produced. If not an intended recipient of this email, you must not copy, distribute or take any action(s) that relies on it; any form of disclosure, modification, distribution and/or publication of this email is also prohibited. Although Queensland Health takes all reasonable steps to ensure this email does not contain malicious software, Queensland Health does not accept responsibility for the consequences if any person's computer inadvertently suffers any disruption to services, loss of information, harm or is infected with a virus, other malicious computer programme or code that may occur as a consequence of receiving this email. Unless stated otherwise, this email represents only the views of the sender and not the views of the Queensland Government. ***************************************************************************** ***** From sunhux at gmail.com Fri Oct 3 04:58:07 2008 From: sunhux at gmail.com (sunhux G) Date: Fri, 3 Oct 2008 16:58:07 +0800 Subject: recovering a V120 with unknown eeprom password & inaccessible ALOM Message-ID: <60f08e700810030158o305b0ec4ibbe36f22eec62b82@mail.gmail.com> Hi I've inherited a V120 with unknown eeprom password which I intend to reinstall with Solaris 10 & then use it as NFS/Samba server. When this V120 boots up, it would hang the console (ie my notebook's Hyperterm session) while it's firing up Liebert's Multilink script. Stop-A (Ctrl-Break in Hyperterm which only works occasionally) brings up this message : Type go(continue), boot or login. Any of the above 3 options will prompt for a (eeprom) password I happen to be lucky at one point that I got a "Console login:" prompt after waiting for 2 hours watching the LIebert Multilink UPS messages at the console/hyperterm. I was dumb not to have seized the earlier opportunity to use "eeprom security-password=" when I managed to get the chance earlier to login but instead shut it down to try to get to OBP (ok prompt) which did not materialize as I later found it needs an eeprom password. My notebook has a serial cable connected to the ALOM port on this V120 - gets to see the bootup messages till the point Liebert Multilink messages show up. Any way for me to recover from this so that I could boot from Solaris 10 DVD & reinstall? Does V120 has a little processor (like V880) that requires us to press certain key combination/ sequence to get to OBP/ok prompt mode? Thanks U From sunhux at gmail.com Fri Oct 3 07:18:43 2008 From: sunhux at gmail.com (sunhux G) Date: Fri, 3 Oct 2008 19:18:43 +0800 Subject: Summary: recovering a V120 with unknown eeprom password & inaccessible ALOM Message-ID: <60f08e700810030418n42815cf8je5c657ac0a0ce2c9@mail.gmail.com> Thanks to Rhys (D R Hughes), his reply appended below. I've also managed to recover from it : after waiting for 3 hrs, the "Console login:" prompt appeared & managed to login with root (lucky root lets me in). Then used "eeprom security-mode=none" to clear the eeprom password. Also, took the opportunity to trim down all those startup script (yes, Liebert's /etc/init.d/LiebertM script is the culprit that slowed down A LOM port). Reboot is now smooth & fast & without firmware password Thanks ========================================================= Have a look at Sun doc 816-2090-10.pdf (SunFire V120 and Netra 120 "Server User's Guide" from; http://docs.sun.com/app/docs/coll/netra120 ) >From memory (failing badly) with a serial terminal attached to the V120's LOM port (ie; first serial port) your type the LOM escape sequence #. (ie; "hash" and "dot" characters). Provided nobody has altered this default LOM escape sequence you should get the LOM> prompt. At the LOM> prompt you probably need to enter the equivalent LOM command to "Stop" plus "N" (or "L1" plus "N") poweron (ie; both keys must be held down as the machine is poweron and until the OK> prompt appears [so you probably can't do the equivalent from a serial term, but it may be worth trying]) key sequence to reset the NVRAM to its default settings. To do this on the V120, at the LOM> prompt enter "boot reset_nvram". Hopefully this will reset the V120's NVRAM to factory defaults. However the unknown password will probably still be stored in memory even though its been disabled. So its a good idea to change the passwd to one you know and store safe, enable it to test it and then decide whether or not to keep it enabled or to disable it. I think that the NVRAM settings are stored on the "System Configuration Card", so if you have another compatible SunFire machine you could try changing the card (ie; whilst they're powered off). On Fri, Oct 3, 2008 at 4:58 PM, sunhux G wrote: > Hi > > I've inherited a V120 with unknown eeprom password which I intend > to reinstall with Solaris 10 & then use it as NFS/Samba server. > > When this V120 boots up, it would hang the console (ie my notebook's > Hyperterm session) while it's firing up Liebert's Multilink script. > > Stop-A (Ctrl-Break in Hyperterm which only works occasionally) > brings up this message : > Type go(continue), boot or login. > Any of the above 3 options will prompt for a (eeprom) password > > I happen to be lucky at one point that I got a "Console login:" > prompt after waiting for 2 hours watching the LIebert Multilink UPS > messages at the console/hyperterm. I was dumb not to have > seized the earlier opportunity to use "eeprom security-password=" > when I managed to get the chance earlier to login but instead > shut it down to try to get to OBP (ok prompt) which did not > materialize as I later found it needs an eeprom password. > > My notebook has a serial cable connected to the ALOM port > on this V120 - gets to see the bootup messages till the point > Liebert Multilink messages show up. > > Any way for me to recover from this so that I could boot from > Solaris 10 DVD & reinstall? Does V120 has a little processor > (like V880) that requires us to press certain key combination/ > sequence to get to OBP/ok prompt mode? > > > > Thanks > U From nitin.gizare at wipro.com Fri Oct 3 08:53:00 2008 From: nitin.gizare at wipro.com (nitin.gizare at wipro.com) Date: Fri, 3 Oct 2008 18:23:00 +0530 Subject: V240 that hangs on boot after the hardware watchdog enabled Message-ID: <8068EA5DFF3D964CB9B957236985862B09255D00@BLR-EC-MBX06.wipro.com> Hello, I have a V240 that hangs on boot after the hardware watchdog enabled message comes up. I'm hoping that someone else may have com across an answer for this. SUN V240 2 x 1.5Ghz CPU 4GB Mem Solaris 8 2/04 Pls help me Nitin Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com From mid.xinef at gmail.com Fri Oct 3 11:34:04 2008 From: mid.xinef at gmail.com (Midgard) Date: Fri, 3 Oct 2008 10:34:04 -0500 Subject: how to create a zone with 4G of ram Message-ID: <907c65c90810030834r3c203234o1472c7ae0c537dbd@mail.gmail.com> Hi Admins I need to create a zone in a m5000, I have to put only 4G of RAM, how can I do it? Thanks in advance Mid From dani.calloway at gmail.com Fri Oct 3 14:14:07 2008 From: dani.calloway at gmail.com (Dani Calloway) Date: Fri, 3 Oct 2008 10:14:07 -0800 Subject: jumpstarting and ILOM Message-ID: We recently received some new Sun SPARC T5120 servers, and we need to jumpstart them. However, they came with a new "feature" which Sun calls ILOM - integrated lights out manager. With the ILOM, however, I can't figure out how to instruct the system to boot (and, thus, install) via the network. I have to reboot the system, hit Break at the exact correct moment during the boot to get an OK prompt and execute "boot net - install" from there. So, my question is: is there a way to make the system boot from network while in the ILOM shell, or do I have to continually reboot and break the boot sequence until I get the timing right and can netboot from the OK prompt? -- Dani Calloway From sorrillo at jlab.org Fri Oct 3 14:41:41 2008 From: sorrillo at jlab.org (Lawrence Sorrillo) Date: Fri, 03 Oct 2008 14:41:41 -0400 Subject: Solaris releases Message-ID: <48E66765.5010409@jlab.org> I am having trouble dicphering the version and update release of Solaris 10. Solaris 10 5/08 what does the 5 mean and the 08 mean? Solaris 10 11/06? Can someone point me to a specific link that explains this or can someone explain what these letters after "Solaris 10" is supposed to mean? ~Lawrence From GT4NE1 at gmail.com Fri Oct 3 23:56:59 2008 From: GT4NE1 at gmail.com (GT4NE1) Date: Fri, 3 Oct 2008 20:56:59 -0700 Subject: Solaris 10 disk partition question Message-ID: Hi all, I have a new M4000 I'm installing Solaris 10 5/08 on and am wondering why when I specify the following disk paritions during install 1 - / xxxxxxx 2 - swap 2000 3 - 4 - 5 - /export xxxx 6 - 7 - df -k ends up showing so much more swap space. bash-3.00# df -k Filesystem kbytes used avail capacity Mounted on /dev/dsk/c0t0d0s0 63523667 3961217 58927214 7% / /devices 0 0 0 0% /devices ctfs 0 0 0 0% /system/contract proc 0 0 0 0% /proc mnttab 0 0 0 0% /etc/mnttab swap 15724160 600 15723560 1% /etc/svc/volatile objfs 0 0 0 0% /system/object fd 0 0 0 0% /dev/fd swap 15723592 32 15723560 1% /tmp swap 15723624 64 15723560 1% /var/run /dev/dsk/c0t0d0s5 5045478 5025 4989999 1% /export Thank you, GT From fabiomiranda at ice.co.cr Sat Oct 4 01:17:30 2008 From: fabiomiranda at ice.co.cr (Fabio A. Miranda) Date: Fri, 03 Oct 2008 22:17:30 -0700 Subject: Summary: Boot disk mirror using SVM Message-ID: <48E6FC6A.4010907@ice.co.cr> Thanks for all the answers ( metadevices is a hot topic in Solaris gurus fields) Problem: Fresh install of Solaris 10 on V440 (2 x 72GB FC-AL). Slice for metadb was not present, not free space, while using format came across "partition mounted" type of errors (even in single user mode). Solution: I. V440 has raid controler, it's straightforward to use it via: raidctl ( man option -c). Note that HW mirroring is MUCH better than Software one. Always count on HW mirroring if present. II. Got one answer that claims Solaris 10 made a bit change that requires, even in single usermode with partition unmounted, to exclude partition intented to be reduced out of /etc/vstab. There is also a shell variable you set via export ( sorry, I delete the e-mail ). So, let's say I want to get some extra space out of /export, I go to single usermount, umount /export, vi /etc/fstab, comment /export entry, format, par, p, and then add new slice ( FYI: s7 is usually used to metadb by Sun practices). Also, remmber to metadb -a -f -c 3 /dev/dsk/cXtXdXsX III. ufsdump/ufsrestore the current partitions to c1t1 and boot from there, then repartition c1t0. Thanks again, as usual, sunmanagers is a true source of expertise and knowledge. fabio. From sunhux at gmail.com Sat Oct 4 06:52:45 2008 From: sunhux at gmail.com (sunhux G) Date: Sat, 4 Oct 2008 18:52:45 +0800 Subject: flarcreate / flash archive backup of root (that's SDS/metadevice) Message-ID: <60f08e700810040352y60a00141s2933a14cfa09e70a@mail.gmail.com> Hi, I seem to recall a few weeks back, someone posted about taking flash archive of a root disk that's Veritas encapsulated but can't seem to find it in archive. I would like to take "flar create" of the root partition but "df -k" showed it's an "/dev/md/..." metadevice. Would it work? Any precautions when doing recovery/restore? Suppose the root metadevice is damaged & I want to restore the flash archive to a simple disk partition for booting up, would this work (I don't mind losing the metadevice mirroring/RAID features & replace with a simple disk partition) - in case after relocating datacentre, many disks failed & we don't have much time to rebuild the metadevices. Thanks for inputs U From cbarnar1 at earthlink.net Sun Oct 5 06:05:11 2008 From: cbarnar1 at earthlink.net (Christopher L. Barnard) Date: Sun, 5 Oct 2008 05:05:11 -0500 Subject: Summary: jumpstart and Packages In-Reply-To: <4FB1EFF3-1707-481B-A3DA-DE571FB3C587@earthlink.net> References: <4FB1EFF3-1707-481B-A3DA-DE571FB3C587@earthlink.net> Message-ID: <58692A33-37C4-4135-9562-BEDFA443CE76@earthlink.net> I asked > In our environment, /usr/local and /opt/local are the same. Usually > this > is accomplished by having /usr/local be a symlink to /opt/local. But > occasionally there are old systems that have /opt/local as a symlink > back > to /usr/local either because the local stuff won't fit in /opt but > will > fit in /usr or because /usr/local is a separate filesystem that just > happens to be mounted as /usr/local. > > I have a package that installs into /[usr|opt]/local/bin just fine > when installed interactively. It has no problem with the symlink. > > pkgadd -d OpenSSH*. > > But when I put it into jumpstart, the jumpstart barfs on the symlink: > > [...] > pkgadd: ERROR: unable to create package object . > pathname does not exist > unable to create directory > /a/usr/local/bin > /a/usr/local/bin/scp > pkgadd: ERROR: unable to create directory : (17) File > exists > [...] > > (in jumpstart, the finished server image is mounted as /a). > > Note that it is trying to create the directory /usr/local. Yes it > exists. > Its a symlink. My jumpstart rules created it about five lines earlier > than this package install. > > Does anyone have any idea why > (1) this works interactively but not in jumpstart, and > (2) what I need to do to get this to work? I build these packages > myself, > so I am quite comfortable editing the pkg image build if that is > needed. > I intentionally do not have in the package prototype the definition > of /usr/local so that both a symlink and an existing directory work. > The package installation just acts with the blind trust that > /usr/local exists in some form or other. The answer: yes, /usr/local exists. It is a symlink to /opt/local which is not the same as /a/opt/local. I changed it to a relative symlink (/usr/ local -> ../opt/local) and it works like a charm. Thanks to the many many folks who pointed out the bad symlink. Christopher L. Barnard cbarnar1 at earthlink.net ----------------------------------------------------------------------- When I was a boy, I was told that anyone could be president. Now I am beginning to believe it. -- Clarence Darrow From sunhux at gmail.com Sun Oct 5 21:22:39 2008 From: sunhux at gmail.com (sunhux G) Date: Mon, 6 Oct 2008 09:22:39 +0800 Subject: accidentally "rm -r *" on one of the VxFs rootdg member Message-ID: <60f08e700810051822x381d6a6fjf7a6278e79e0196@mail.gmail.com> I'm practically green with VxFs & was trying to detach a rootdg VxFs disk member to take flash archive & blundered. These are what I did on that fateful Solaris 8 while trying to follow some of the suggestions in the link below : http://www.sunmanagers.org/pipermail/sunmanagers/2001-June/004650.html Both / & /la are mirrorred VxFs partitions : # ufsdump 0uf /dev/rmt/0n / # ufsdump 0uf /dev/rmt/0n /la (the other partitions are just swap, /var/run, /proc) # vxprint -g rootdg -hmvps (hit ENTER at this point - did not complete the line) # vxprint -g rootdg -hmvps rootvol rootvol-01> /var/tmp/rootdg.txt # mkdir /rut # mount /dev/dsk/c0t0d0s2 /rut # cd /rut # rm -r * (meant to do "rm -r 8_Recommended") The server crashes to maintenance mode at this point, so in this mode, I tried to clone back from the other good disk : # dd if=/dev/rdsk/c0t8d0s2 of=/dev/rdsk/c0t0d0s2 & it's been 15 hrs & the "dd" is still running. Should I stop the "dd" & attempt to restore back from the tape using ufsrestore? As I'm completely green to VxFs, appreciate if someone could supply the actual commands /steps to recover from this (whether ufsrestore or any other methods) The configuration which I've managed to capture earlier : # vxprint rootdg | more Disk group: rootdg TY NAME ASSOC KSTATE LENGTH PLOFFS STATE TUTIL0 PUTIL0 dg rootdg rootdg - - - - - - # vxprint -g rootdg | more TY NAME ASSOC KSTATE LENGTH PLOFFS STATE TUTIL0 PUTIL0 dg rootdg rootdg - - - - - - dm disk01 c0t8d0s2 - 35363560 - - - - dm rootdisk c0t0d0s2 - 35368271 - - - - erase this!! sd rootdiskPriv - ENABLED 4711 - - - PRIVATE v rootvol root ENABLED 10243888 - ACTIVE - - pl rootvol-01 rootvol ENABLED 10243888 - ACTIVE - - sd rootdisk-B0 rootvol-01 ENABLED 1 0 - - Block0 sd rootdisk-02 rootvol-01 ENABLED 10243887 1 - - - pl rootvol-02 rootvol ENABLED 10243888 - ACTIVE - - sd disk01-01 rootvol-02 ENABLED 10243888 0 - - - Thanks U From sunhux at gmail.com Sun Oct 5 23:21:50 2008 From: sunhux at gmail.com (sunhux G) Date: Mon, 6 Oct 2008 11:21:50 +0800 Subject: accidentally "rm -r *" on one of the VxFs rootdg member : Part2 Message-ID: <60f08e700810052021r708a5d5wf66f32465d1a7b6f@mail.gmail.com> One listmate suggests to increase the "bs" (blocksize). So, 1) kill -9 existing_dd_pid 2) dd if=/dev/rdsk/c0t8d0s2 bs=10485760 of=/dev/rdsk/c0t0d0s2 & & a few minutes later, a couple of messages appeared on console: warning: vxvm: vxio: error on Plex rootvol-01 while reading volume rootvol offset 3112720 length 16 warning: vxvm: vxio: Plex rootvol-01 detached from volume rootvol warning: vxvm: vxio: rootdisk-02 subdisk failed in plex rootvol-01 in vol rootvol Should I kill it & restart with a smaller bs as this E250 has only 512MB memory (as given by 'prtdiag -v | grep -i mem'). Or what's the ideal value to set for bs? Since I did "rm -r *" on one of the disk member earlier, would this affect the other member of the rootdg (ie files get deleted too due to mirroring)? Thanks again U On Mon, Oct 6, 2008 at 9:22 AM, sunhux G wrote: > > I'm practically green with VxFs & was trying to detach a rootdg > VxFs disk member to take flash archive & blundered. > > These are what I did on that fateful Solaris 8 while trying to > follow some of the suggestions in the link below : > http://www.sunmanagers.org/pipermail/sunmanagers/2001-June/004650.html > > Both / & /la are mirrorred VxFs partitions : > # ufsdump 0uf /dev/rmt/0n / > # ufsdump 0uf /dev/rmt/0n /la > (the other partitions are just swap, /var/run, /proc) > > # vxprint -g rootdg -hmvps (hit ENTER at this point - did not complete > the line) > # vxprint -g rootdg -hmvps rootvol rootvol-01> /var/tmp/rootdg.txt > # mkdir /rut > # mount /dev/dsk/c0t0d0s2 /rut > # cd /rut > # rm -r * (meant to do "rm -r 8_Recommended") > > The server crashes to maintenance mode at this point, so in this mode, > I tried to clone back from the other good disk : > # dd if=/dev/rdsk/c0t8d0s2 of=/dev/rdsk/c0t0d0s2 > > & it's been 15 hrs & the "dd" is still running. > > Should I stop the "dd" & attempt to restore back from the > tape using ufsrestore? As I'm completely green to VxFs, > appreciate if someone could supply the actual commands > /steps to recover from this (whether ufsrestore or any other > methods) > > > The configuration which I've managed to capture earlier : > # vxprint rootdg | more > Disk group: rootdg > TY NAME ASSOC KSTATE LENGTH PLOFFS STATE TUTIL0 > PUTIL0 > dg rootdg rootdg - - - - - - > # vxprint -g rootdg | more > TY NAME ASSOC KSTATE LENGTH PLOFFS STATE TUTIL0 > PUTIL0 > dg rootdg rootdg - - - - - - > dm disk01 c0t8d0s2 - 35363560 - - - - > dm rootdisk c0t0d0s2 - 35368271 - - - - > erase this!! > sd rootdiskPriv - ENABLED 4711 - - - > PRIVATE > v rootvol root ENABLED 10243888 - ACTIVE - - > pl rootvol-01 rootvol ENABLED 10243888 - ACTIVE - - > sd rootdisk-B0 rootvol-01 ENABLED 1 0 - - > Block0 > sd rootdisk-02 rootvol-01 ENABLED 10243887 1 - - - > pl rootvol-02 rootvol ENABLED 10243888 - ACTIVE - - > sd disk01-01 rootvol-02 ENABLED 10243888 0 - - - > > > > Thanks > U From eavanzi at romi.com.br Mon Oct 6 10:16:55 2008 From: eavanzi at romi.com.br (Edson Luiz Avanzi) Date: Mon, 6 Oct 2008 11:16:55 -0300 Subject: Mounting ext3 partition on Solaris 9 Message-ID: <002401c927be$2ff6e930$3405a8c0@MI02310> I'm not getting to mount in read only an ext3 partition under Solaris 9 (SPARC). I've tried the unsupported ext2fs driver for Solaris: http://paulf.free.fr/software.html The error when I execute the unsupported driver is bellow. Thanks in advance for any help or any online information. Edson ----------------------------------------------------------------------------- --------------------------- DEV> make MACH=sparc /opt/ext2fs_9/sparc cc -c -v -I.. -D_KERNEL -D_SYSCALL32 -Xa ../fslib.c Reading specs from /usr/local/lib/gcc/sparc-sun-solaris2.9/3.4.6/specs ucbcc: unrecognized option `-Xs' ucbcc: unrecognized option `-Xa' Configured with: ../configure --with-as=/usr/ccs/bin/as --with-ld=/usr/ccs/bin/ld --enable-shared --enable-languages=c,c++,f77 Thread model: posix gcc version 3.4.6 /usr/local/libexec/gcc/sparc-sun-solaris2.9/3.4.6/cc1 -quiet -v -I.. -I/usr/ucbinclude -D_KERNEL -D_SYSCALL32 ../fslib.c -quiet -dumpbase fslib.c -mcpu=v7 -auxbase fslib -version -o /var/tmp//ccuAUyUV.s ignoring nonexistent directory "NONE/include" ignoring nonexistent directory "/usr/local/lib/gcc/sparc-sun-solaris2.9/3.4.6/../../../../sparc-sun-solaris2 .9/include" #include "..." search starts here: #include <...> search starts here: .. /usr/ucbinclude /usr/local/include /usr/local/lib/gcc/sparc-sun-solaris2.9/3.4.6/include /usr/include End of search list. GNU C version 3.4.6 (sparc-sun-solaris2.9) compiled by GNU C version 3.3.2. GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072 ../fslib.c: In function `fsputmntlist': ../fslib.c:279: error: `sigset_t' undeclared (first use in this function) ../fslib.c:279: error: (Each undeclared identifier is reported only once ../fslib.c:279: error: for each function it appears in.) ../fslib.c:279: error: syntax error before "mask" ../fslib.c:287: error: `mask' undeclared (first use in this function) ../fslib.c:295: error: `omask' undeclared (first use in this function) ../fslib.c:308: error: syntax error before ')' token ../fslib.c:321: error: syntax error before ')' token *** Error code 1 make: Fatal error: Command failed for target `fslib.o' Current working directory /opt/ext2fs_9/sparc *** Error code 1 make: Fatal error: Command failed for target `sparc' Esta mensagem foi enviada utilizando-se os recursos de tecnologia da informagco das Indzstrias Romi S.A. e i destinada exclusivamente para quem i dirigida, podendo conter informagco confidencial e/ou legalmente privilegiada. Se vocj nco for destinatario desta mensagem e a recebeu por engano, queira nos informar e elimina-la de sua base de dados, abstendo-se de divulgar, copiar, distribuir ou, de qualquer forma, utilizar a informagco nela contida, por ser pratica ilegal. Fica desprovida de eficacia e validade a mensagem que contiver vmnculos obrigacionais, expedida por quem nco detenha poderes de representagco para agir em nome das Indzstrias Romi S.A. As opiniues, conclusues ou declaragues de intengco sco do emitente da mensagem e nco vinculam as Indzstrias Romi S.A., a menos que sejam confirmadas por um representante autorizado. As mensagens enviadas para e recebidas pelas Indzstrias Romi S.A. sco monitoradas para assegurar o cumprimento da polmtica interna de seguranga de informagco. As Indzstrias Romi S.A. nco se responsabilizam por vmrus e/ou ameagas eletrtnicas. From Crist.Clark at globalstar.com Mon Oct 6 14:14:03 2008 From: Crist.Clark at globalstar.com (Crist Clark) Date: Mon, 06 Oct 2008 11:14:03 -0700 Subject: Setting a 255.255.255.255 Netmask Message-ID: <48E9F2F7.33E4.0097.0@globalstar.com> I've got a situation where I want to assign a 255.255.255.255 netmask to an interface. It's easy enough to do with the ifconfig(1M) command, # ifconfig bge2 plumb 192.168.222.18 netmask 255.255.255.255 broadcast 255.255.255.255 # ifconfig bge2 bge2: flags=1000802 mtu 1500 index 6 inet 192.168.222.18 netmask ffffffff broadcast 255.255.255.255 ether 0:14:4f:a2:ee:98 But if I add, 192.168.222.18 255.255.255.255 To the netmasks(4) file, I get this, # ifconfig bge2 plumb 192.168.222.18 netmask + broadcast + Need net number for mask # ifconfig bge2 bge2: flags=1000802 mtu 1500 index 7 inet 192.168.222.18 netmask ffffff00 broadcast 192.168.222.255 ether 0:14:4f:a2:ee:98 It gives an error message and the classful (in this case, Class C0) address for the network number. Now, I could just do this "manually" in the hostname.bge2 file, but I actually want to do this in a non-global zone. I don't know how to pass extra ifconfig(1M) parameters into the configuration of a zone's interfaces via the "add net" in zonecfg(1M). How do I get a 255.255.255.255 netmask on a non-global zone. I guess I could still kludge up a hostname.bge2:1 to do it, but is there a "cleaner" way? (I know of whole 'nother approach to this, but have never tried that in a zone either.) From fabiomiranda at ice.co.cr Mon Oct 6 18:35:51 2008 From: fabiomiranda at ice.co.cr (Fabio A. Miranda) Date: Mon, 06 Oct 2008 16:35:51 -0600 Subject: IP kern.notice message dst FFFFFFFF src 7F000001 Message-ID: <48EA92C7.9070809@ice.co.cr> Hello, I have a m4000 logging this on a daily basis (200 entrie/day), I wonder how can stop this "spam" without disable kern.notice facility: Oct 3 18:11:30 cltrde3 ip: [ID 390400 kern.notice] dst FFFFFFFF src 7F000001 AFAIK, this error is not Solaris related, can anyone confirm nature of this error ? How can this be blocked, disabled ? References: http://mail.opensolaris.org/pipermail/networking-discuss/2007-June/015859.html Thanks, fabio From sunhux at gmail.com Mon Oct 6 22:42:31 2008 From: sunhux at gmail.com (sunhux G) Date: Tue, 7 Oct 2008 10:42:31 +0800 Subject: help needed to rebuild VxFx Veritas encapsulated partitions after ufsrestore Message-ID: <60f08e700810061942k48d623d2nc71e9f347721b9b4@mail.gmail.com> Hi, Due to earlier blunder of "rm -r *", I've now ufsrestored root slice 0: # fsck -y /dev/rdsk/c0t0d0s2 # mount /dev/dsk/c0t0d0s0 /mnt # cd /mnt # ufsrestore -rvf /dev/rmt/0n (this restores the root) Then during the bootup, it failed to load drv/vxio & a few other items (guess it has to do with the following) : # eeprom | grep -i devalias nvramrc=devalias vx-disk01 /pci at 1f,4000/scsi at 3/disk at 8,0:a How do I go about fixing the above? Never tried using Veritas vx... commands really. Then entered Ctrl-D to let bootup continue. After bootup, 'df -k' showed : Filesystem kbytes used avail capacity Mounted on /dev/vx/dsk/rootvol 5043518 4852076 141007 98% / /proc 0 0 0 0% /proc fd 0 0 0 0% /dev/fd mnttab 0 0 0 0% /etc/mnttab swap 1355712 16 1355696 1% /var/run swap 1355840 144 1355696 1% /tmp /dev/dsk/c0t8d0s4 5043518 4847919 145164 98% /mnt lines in /etc/vfstab : #device device mount FS fsck mount mount #to mount to fsck point type pass at boot options # #/dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr ufs 1 yes - fd - /dev/fd fd - no - /proc - /proc proc - no - /dev/vx/dsk/swapvol - - swap - no - /dev/vx/dsk/rootvol /dev/vx/rdsk/rootvol / ufs 1 no logging /dev/vx/dsk/la /dev/vx/rdsk/la /la ufs 2 yes - swap - /tmp tmpfs - yes - #NOTE: volume rootvol (/) encapsulated partition c0t0d0s0 #NOTE: volume swapvol (swap) encapsulated partition c0t0d0s1 #NOTE: volume la (/la) encapsulated partition c0t0d0s6 There's no "vxmirror" command, only vx* tools available are : # ls -d vx* vxassist vxdiskadd vxfddstat vxmend vxquota vxrestore vxtask vxclust vxdiskadm vxinfo vxmkcdev vxquotaoff vxrlink vxtrace vxconfigd vxdmpadm vxinstall vxnetd vxquotaon vxrvg vxtunefs vxdctl vxdump vxiod vxnotify vxrecover vxsd vxupgrade vxdg vxedit vxlicense vxplex vxrelayout vxserial vxvol vxdisk vxedquota vxmake vxprint vxrepquota vxstat What do I do next to rebuild back rootdg mirror. The full "vxprint -hm..." output capture before the disaster occurred are appended below the = = = lines : = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = sd rootdiskPriv tutil0=" tutil1=" tutil2=" dev=201/3 busy=off devopen=off enabled=on detach=off writeonly=off nodevice=off removed=off is_log=off da_name=c0t0d0s2 device_tag=c0t0d0 dm_name=rootdisk path="/dev/vx/dmp/c0t0d0s3 pl_name= comment="Private region area putil0="PRIVATE putil1=" putil2=" volatile=off dm_offset=10243888 dev_offset=10243889 len=4711 updat