Sys Admin Junk
Whenever I come across something that saves my life, I put it here. If you'd like to
add something relevant to Solaris sysadmin, send it to me.
Solaris stuff
- Allowing a normal user to halt the system
- Setting up simple DNS services
- Accessing a remote printer
- Remote diagnostic commands
- Changing a system's timezone
- Installing the HighWater PEL driver
- Removing the HighWater PEL driver
- Deleting all corefiles on a system
- Finding big files created within the last few days
- Skey-enabling a server
Allowing a normal user to halt the system
The following lets a user halt the system by typing "su halt"
- Become superuser
- run admintool
- create a new user
- Username: halt
- User ID: 0
- Group ID: 1
- Shell: Other: /usr/sbin/halt
- Passwd: Normal
- Don't create a home directory
Setting up simple DNS services
- Edit /etc/hosts and add an entry for your internet gateway
- Edit /etc/nsswitch.conf and change the hosts line to read: hosts: files dns
- Create /etc/resolv.conf
- Add your domain name: domain la.cortron.com
- Add your nameserver's address: nameserver 205.147.0.100
- Save file
- Create /etc/defaultrouter and add the hosts entry for your gateway
- Create /etc/defaultdomain and add your domain name
Accessing a remote printer
Forget trying to set up access to a print server under Solaris 2.X admintool. It doesn't
work. In the following example, the print server is server, the print client is client,
and the printer name is laser.
- lpsystem -t s5 server
- lpadmin -p laser -s server
- lpadmin -p laser -T unknown
- lpadmin -p laser -I any
- acceptlaser
- enable laser
- lpadmin -p laser -D "desciption of remote printer"
- lpadmin -d laser (only if you want this to be the default printer)
- lpstat -t (shouldn't display any error messages)
Remote diagnostic commands
- rup [ip addr]: how long a system has been running
- netstat -rn: shows system routing table
- ifconfig -a: shows configured network interfaces
- tail -f [filename]: monitor a logfile
- sysdef -h: print system's hostid
- uname -n: print system's hostname
- prtconf: print hardware & driver info
Changing a system's timezone
You change a system's timezone by editing the TIMEZONE file. A listing of timezone files
can be found in /usr/share/lib/zoneinfo
- su
- edit file: /etc/TIMEZONE
- change line: TZ=US/Pacific;export TZ
- save changes & exit
- reboot system
Changing a system's timezone
You change a system's timezone by editing the TIMEZONE file. A listing of timezone files
can be found in /usr/share/lib/zoneinfo
- su
- edit file: /etc/TIMEZONE
- change line: TZ=US/Pacific;export TZ
- save changes & exit
- reboot system
Installing the HighWater PEL driver
This example assumes that the filename of the PEL driver is "pel". Note that ln
command below uses two different kinds of single quote (the first and last ones are
backward quotes).
- power down system
- install PEL board
- boot
- login as superuser
- cp <path to pel driver> /usr/kernel/drv
- add_drv -i "SUNW,pelboxif" pel
- check if it loaded by: modinfo | grep pel
- ln -s `find /devices -name '*SUNW,pelboxif*' -print` /dev/pel0
- chmod 777 /dev/pel0
- halt
- boot -r
Removing the HighWater PEL driver
- become superuser
- rem_drv pel
- halt
- turn power off
- remove PEL board
- boot -r
Deleting all corefiles on a system
- become superuser
- find / -name core -exec rm -f {} \; -print
Finding big files created within the last few days
A few notes: the -mount parameter restricts the search to a single filesystem. If you
want to search all mounts, remove -mount. Also, there needs to be at least 3 spaces before
the +6
- find <pathname> -mount -mtime -<days> -ls | sort
-rnt +6
Here's a script that does the job
Skey enabling a server
Before you start this procudure, you should ftp
orbis.net/pub/cortron/utils/unix/skey-server.tar.Z and install it on the server using tar
xvf skey-server.tar.Z
Replacing the login binary
- su root
- mv /usr/bin/login /usr/bin/login.original
- install -o bin -g bin -m 14755 /usr/local/bin/login /usr/bin/login
Replacing the FTP daemon
- su root
- run /usr/local/bin/ftpcheck to make sure binaries are in proper location (don't
worry about XFERLOG or FTPHOSTS)
- chmod 644 /etc/inet/inetd.conf
- vi /etc/inet/inetd.conf
- change line for in.ftp to ftp stream tcp nowait root /usr/local/etc/ftpd ftpd
- save file
- chmod 444 /etc/inet/inetd.conf
- find process number of in.inetd (ps -e | grep inetd)
- kill -HUP <in.inetd's process number>
Initializing Skey logins
- su root
- vi /etc/skey.access
- add line: permit port console
- add line: deny
- save file
- chmod 644 /etc/skey.access
- create an empty file called /etc/skeykeys
- chmod 666 /etc/skeykeys
- /usr/local/bin/keyinit <login name>
- type secret password
- test your login from a remote machine
|