Sun Doc Updated As On 24 May 2009

SUN SOLARIS 10 OS
Sun Solaris 10 Operating System Page 2 of 174 2
Acknowledgements
I can no other answer make, but, thanks, and thanks to my well wisher,
evergreen admiring personality Mr. T. Gurubalan, Sun Microsystems Inc,
who influenced, crafted, guided, cooked me to taste Sun.
Words cannot convey my gratitude, you can have no idea how much it
means to me. It’s stunning. Special Thanks to My IMS Batch-2, who fueled
me to explore more heights technically.
Raja, Aravindh, Sathish, Senthil, Hari Krishnan, Murali, Raman, Rakesh,
Prabakar, Md.Mukram, Manikandan, Ibrahim.
Aravindh - induced me to script this valuable document.
Raja – kindle, always inspiring me to go little far on extra miles in all

aspects.
Sources are always precious and unavailable, additional thanks to Hari

Krishnan on his consistent work of collecting the resource, with great fuss.
Last but not the least, I would thank all persons behind lights from the
bottom of my heart, but for you all my heart has no bottom. Thanks!
Thanks! Thanks!
Sun Solaris 10 OS/Storage-SVM,VxVM Manickam

Kamalakkannan
Fingered by: Manickam Kamalakkannan
# 103, Housing Unit
Rajagopalapuram
Periyar Nagar
Pudukkottai – 62203
Tamil Nadu
Mail: kamalmanickam@yahoo.co.in
kamalmanickam@gamil.com
Mobile: + 91-99946 11237
Topics Include
1. Basic Unix commands

2. Editors – vi in detail
3. SCSA Part -1
Exam Code: 300-200
1. Directory Hierarchy
2. File System
3. Naming Convention
4. Disk Administration
5. Performing Mounts & Umounts
6. OS Installation
7. Package Administration
8. Patch Administration
9. Boot up & Shutdown procedures
10. Performing System Security
11. User & Group Administration
12. Performing System Monitoring & Scheduling
13. Printer Administration
14. Performing Backup & Restore
4. SCSA Part - 2
Exam Code: 300-202
1. Interface configuration
2. Clinet-Server model
3. SMC - Solaris Management Console
4. Swap configuration
5. NFS - Network File System
6. AutoFs
7. Raid - SDS/SVM
8. Naming Service
9. NIS - Network Information Service
10. ACL - Access Control List
11. Crash and Core Dumps
12. Jumpstart Installation
13. System Messaging
NOT Under IMS but Included in SUN

Certification:
14. RBAC - Role Based Access Control

Kamalakkannan
15. Zone Administration
16. Flash Installation
5. SVM
6. VXVM [Partially]
7. RSC – Remote System Console
8. Sun Cluster 3.1
BASIC COMMANDS
# pwd -> present working directory
# mkdir -> to create a new directory

syn: # mkdir <new-dir_name>
eg: # mkdir newfolder
this command will create a new directory named 'newfolder'
syn: # mkdir <path_new_dir_name>

eg: # mkdir /new/akash
This command will create a new directory named àkash`
inside the dir 'new'.
syn: # mkdir -p <path_dir_name>

eg: # mkdir -p /tenth/eng_medium/half/a_section
this command will create a new directory named à_section'
inside the new dir `/tenth/eng_medium/half'
this command will create the parent dir if it is not created earlier.
cd -> to change from one directory to another

syn # cd
this command will move to the parent dir
syn: # cd <path>
eg: # cd /tenth/eng_medium/half/a_section
this command will move to the location
/tenth/eng_medium/half/a_section.
Hence if the command # pwd is executed
the output will be
/tenth/eng_medium/half/a_section
syn: # cd .. -> to move to the previous dir

Kamalakkannan
ls -> to list the contents of the current directory
syn: # ls
lists the contents of the directory
syn: ls -l => long list
d rwx r-x r-x 3 root root 512 Sep 21 22:31 tenth

1 2 3 4 5 6 7 8 9 10
WHERE
1 -> provides the info about the displayed name is a file or a dir
if its 'd' -> its a directory
if its '-' -> its a regular file
2 => premission on the file/dir for the owner
3 => permission on the file/dir for the owner's group
4 => permission on the file/dir for the others
5 => specifies the link count
6 => specifies the owner of the file/dir
7 => specifies the group to which the file/dir belongs
8 => size of the file/dir
9 => date and time of creation of the file/dir
10 => name of the file/dir
SYN: # ls -lh
provides the size of the file and dir in human readable format
syn: # ls -p
provides the information about dir or file
dir is represented with "/" symbol
syn: # ls -R
displays all the sub-dir and files inside the directory specified
# ls -R | more
displays all the sub-dir and files in pagewise
eg: # ls -R /tenth | more]
will display only the sub-dir and files inside the folder
/tenth

Kamalakkannan
syn: # ls -a
will display all the files and directories including the hidden files
and directories.
syn: # ls -i
will display the information of inodes
syn: # ls -t
will display the information about the recently accessed file/dir
on time stamp
cat => to create, update, view the contents of the file.
syn: # cat > <new_file>

eg : # cat > maths
will create a new file named `maths`
syn: # cat > <path_file_name>

eg: # cat > /tenth/eng-medium/half/a_section/science
will create a file named `science` in the specified location
syn: # cat >> <file_name>

will update the contents to the file
eg: # cat >> maths
syn: # cat <file_name>

eg: # cat maths
will display the contents of the file
syn: # cat -n <file_name>

eg: # cat -n maths
will display the contents of the file along with the line number
ctrl+d => to save the contents to the file
# clear -> to clear the screen

ctrl+l => to clear the screen
touch -> to create number of empty files

syn: # touch <file1,file2,file3 file4, file5.....>
eg: # touch welcome to the world of unix domain
will create number of empty files named
`welcome, to, the,. world, of unix, domain'
respectively
# date
will display the date and time
Kamalakkannan
# cat /etc/release => displays the version of the operating system
installed
Syn: # banner "any word"

will display the words inside " " as a banner.
cp => to copy the contents of the one file to another

syn: # cp <source_file> <destination_file>
# cp <source_file_path_name>
<destination_file_path_name>
eg: # cp new old

will copy the contents of the file `new' to òld` file
in the current location.
# cp new /tenth/eng-medium/old
will copy the file `new` to the specified location.
NOTE: There is no need for the existance of the destination file earlier.
syn: # cp -r <source_dir_name> <destination_dir-name>

eg: # cp -r /tenth /ninth
will copy all the files and dir inside the dir `tenth`
to a new dir `ninth`.
r => recurssively
mv => to move/rename the files

syn: # mv <source_file> <destination_file>
# mv <source_file_path_name>
<destination_file_path_name>
eg: # mv test newfile

will move & rename the file `test` to `newfile` in the current
location
Note: Work only with BASH Shell
# history => displays the commands used in the termina
# history -c => to clear the commands stored in the history
alias => to assign alias to the command TEMP.
syn: # alias <variable>=<command>

eg: # alias c=clear
here `c` is assigned to clear command.
hence `c` performs the function of clear command
Note: it'll work with BASH shell.
Kamalakkannan
both `c` and `clear` command will work.
head => to view the top `n` number of lines from a file
syn: # head -n <file_name>
where `n` can be any number
eg: # head -5 newfile
will display the first 5 lines from the file `newfile`.
tail => to view the last few number of lines from a file
syn: # tail -n <file_name>
eg: # tail -5 newfile
will display the last 5 lines from the file specified
less => to view the contents of the file in page-wise

syn: # less <file_name>
eg: # less /etc/passwd
will display the content of the file in page-wise
more => similar to less with more options

syn: # more <file_name>
# more /etc/passwd
will display the contents of the file in page-wise
rm => to remove the file

syn: # rm <file_name>
eg: # rm test
will remove the file named test
syn: # rm -r <dir_name>
eg: # rm -r /newfolder
will remove the dir named `newfolder` along with its contents
syn: # rm -i <file_name>
eg: # rm -i test
will delte the file interactively. It'll prompt for a question.
rmdir => to remove the dir

syn: # rmdir <dir_name>
eg: # rmdir /newfolder
will delete the dir 'newfolder' when its empty.
hostname => to view to hostname of the system

syn: # hostname
will display the host name
domainname => to view the domain name

syn: # domainname
Kamalakkannan
will display the domain name
bc => binary calculator

syn: # bc
ctrl+z => to send the process to background
bg => to view the process running at the background

syn: # bg
fg => to bring back the command from background to fore ground

syn: # fg n
where n -> is the number of the process
eg: # fg 1
which => provides the information about the location of the command
syn: # which <command>
eg: # which ls
arch => to identify the arch of the system

syn: # arch
wc => word count

syn: # wc <file_name>
eg: # wc test
will display the number of lines, charactes and words in the file
specified
# wc -l test
will display only the number of lines
#wc -w test
will display only the number of words
# wc -c test
will display only the number of characters
listusers => will display the number of users existing in the system
syn: # listusers
# listusers -g <group_name>
eg: # listusers -g others
will display the users who belongs to the group named others
man => provides the help manual for each command

syn: # man <command>
eg: # man ls
Kamalakkannan
will display the help manual for the specified command
syn: # man -d <command>
eg: # man -d ls
will display the method of searching the manual pages along
with its path
syn: # man –l <command>

eg: # man –l cat
will lists all manual pages found matching name within the search
path.
grep => used to search the keywords in the file

syn: # grep <keyword> <file_name>
eg: # grep good test
will display the whole line that contains "good" from the specified
file "test"
syn: # grep -i <keyword> <file_name>
eg: # grep -i good test
same as above, but ingnoring the case (upper or lower)
syn: # grep -v <keyword> <file_name>
eg: # grep -v good test
will leave the specified keyword "good" and display the rest.
in nutshell, just reverse of grep.
syn: # grep -h <keyword> <file1> <file2> <file3>
eg: # grep -h good test1 test2 test3 test4
will search the keyword "good" from the multiple files and
displays the same.
wall => to broadcast the message to all the users who are currently
logged in
syn: # wall
< message>
ctrl+d -> to save and send the message
eg: # wall
hai! good morning
ctrl+d
write => to send the message to the particular user who is currently
logged in
syn: # write "<user_login_name>
<message>
ctrl+d
eg: # write "shiva"
welcome to our org!
ctrl+d
will display the message only the specified user.

Kamalakkannan
TOD
/etc/motd => message of the day
This file contents will be broadcasted to all the users whenever they login
to the system.
/etc/issue => by default this file will not exist. Root is permitted to create a
file in this name. Can edit anything to this file. When the user is prompted
for login the message typed in the above fie [/etc/issue] will be displayed.
The difference between /etc/motd and /etc/issue is, the contents of the
/etc/motd file will be displayed after the user is logged in. Where is in
/etc/issue, the contents of the file are displayed before the user is logged
in.
# compress => to compress the file

syn: # compress <file_name>
eg: # compress test
will compress the specified file 'test'
# uncompress => to uncompress the file

syn: # uncompress <file_name.extn>
eg: # uncompress test.Z
will uncompress the file specified
Note:
It's not possible to read the contents of the compressed file
Using the command "cat"
# zcat => used to view the contents of the compressed file

Without uncompressing it.
syn: # zcat <file_name.extn>
eg: # zcat test.Z
will display the contents of the compressed file
# gzip => to compress the file

syn: # gzip <file_name>
eg: # gzip test
will compress the file test with the extension .gz
# gzcat => to view the contents of the compressed file with extension .gz
syn: # gzcat <file_name>
eg: # gzcat test.gz
# gunzip => to uncompress the compressed file with extension .gz

syn: # gunzip <file_name-extn>
eg: # gunzip test.gz
will uncompress the specified file
# cal => to display the calender

Kamalakkannan
syn: # cal
will display the current month of the current year
syn: # cal <year>

eg: # cal 2008
will display the whole 2008
syn: # cal <month> <year>

eg: # cal 9 2008
will display only the specified month from the specified year
# uname -a
will provide number of informations
which includes
1. os installed
2. os version
3. hostname
4. arch
# uname -X
will display the following information.
eg output is displayed.
System = SunOS
Node = sys1
Release = 5.10
KernelID = Generic_118855-33
Machine = i86pc
BusType = <unknown>
Serial = <unknown>
Users = <unknown>
OEM# = 0
Origin# = 1
NumCPU = 2
# find
this command is used to search the file
# find / -name passwd

will search for the search word `passwd` in the location / (root)
# find /etc -name passwd

will search for the key word passwd only the /etc location.
# whereis passwd
will display the location of the file/command
# prtconf | grep -i mem

Kamalakkannan
will display the total memory (physical) allocated to the system
# psrinfo
provide the infomation about the staus & the number of processors
attached to the system
eg output:
0 on-line since 11/28/2008 08:21:25
1 on-line since 11/28/2008 08:21:35
WITH BASH SHELL:
ctrl+l => to clear the screen

ctrl+e => to move the cursor to the end of the command
ctrl+a => to move the cursor to the begining of the command
ctrl+b => to move the cursor to the begining of the word in the command
crtl+c => to terminate the process
crtl+z => to send the process to the background
ctrl+p => to bring back the previous command
ctrl+d => to save the content to the file
ctrl+r => to search for the commands from the history

Kamalakkannan
EDITORS
1. vi
2. pico
3. vim
4. emac
VI EDITOR COMMAND
# vi <new_file_name>
to create a new file
# vi <file_name>
to open a file
esc+i => to insert the characters to the file

esc+A => to bring the cursor the end of the line and add the contents to
the
file
esc+x => to delete a single characater
esc+dd => to delete a complete line
esc+dw => to delete a word
esc+o => to create an empty line just below the cursor
esc+O => to create an empty line just above the cursor
esc+G => to bring the cursor the end of the file
esc:n => to move the cursor to the n-th line
for eg: esc:10 => will move the cursor to the 10-th line
esc:set nu => to set line number
esc:set nonu => to remove the line number
esc/<keyword> => to search the keyword
esc:n,md
where n and m are the number of lines
for eg: esc:5,10d
will delete the lines from 5 to 10.
esc+u => undo operation

Kamalakkannan
esc:w => to write/save the content to the file and move the cursor to the
original position
esc:q => to quit the file without saving
esc:wq => to write/save and quit from the file
esc:wq! => to write/save & quit from the file forcefully
esc+R => to replace the characters

esc+yy => to copy the line
esc+p => to paste the line
esc+J => to join the line
esc+l => to move the cursor by right side.
esc+j => to move the cursor downward by single line

esc+k => to move the cursor upward by one line
esc+h => to move the cursor left side by single character
esc+$ => to bring the cursor to the end of the line

esc+I => to bring the cursor to the begining of the line
# vi -R <file_name>
to open the file with read only
# vi -x <file_name>
to assign the password for the file.

Kamalakkannan
DISK ADMINISTRATION
Permitted Tag names for the slices:

1. boot
2. root
3. backup
4. alternates
5. unassigned
6. stand
7. home
8. reserved
9. swap
10. usr
11. var
Re-labeling a disk:
1. VTOC on the disk has been destroyed.

2. Accidentally changed the partition information on the disk an did not
save a backup label in the /etc/format.dat
# prtvtoc /dev/[r]dsk/c0t0d0s0 > /var/tmp/v1t0d0.vtoc
# fmthard –s /var/tmp/c1t0d0.vtoc /dev/rdsk/c1t0d0s2

# fmthard –s /dev/null /dev/rdsk/c1t0d0s2
Kamalakkannan
To initialize the VTOC of a disk
NOTE:
1. ‘# fmthard ‘ command cannot write a disk label on a unlabeled disk.
Use # format utility for this purpose.
2. When using the # format utility to change the size of the disk slice
is automatically designated that expands & shrinks to accommodate
the slice resizing operations. This temporary slice is referred to as
the free hog and it represents the unused disk space on a disk
drive.
FREEE HOG:
When using the format utility and change the size of the disk slices, a
temporary slice is automatically designate that expands & shrinks to
accommodate the slice resizing operations. This temperory slice is refered
to as the free hog & it represents the unused disk space on a disk drive
NOTE:
1. To operating system a file system appears as a collection of files &

directories used to store & organise data for access by the system and its
users.
2. To operating system, a file is a collection of control structures and data

blocks that occupy the space defined by a partition, which allow for data
storage & management.
# modinfo -c | grep -w dad
-c displays the number of the instances that is installed
-w will search the key word between < >.
-> provides the information, whether the drivers files are installed.
-> provides information, to verify the device driver is available as a kernel
module
NOTE:
1. The ufs file system does not allow fragment of the same file to to be
stored in two different data blocks.
2. When the state flag is "clean, stable, logging" file system scans are not
run
# newfs -N
# newfs -m 2 /dev/rdsk/c0t3d0s5
Kamalakkannan
will create a file system with the minfree value 2%. By default 10%
1. The fist line printed by the newfs command describes the basic disk
geomerty.
2. 2nd line describes the 'ufs' file system created in this slice.
3. 3rd & remaining line list the beginning sector locations of the backup
super blocks.
FSCK:
SUPER BLOCK CONSISTENCY:

Super block is checked for inconsistencies involving the following
parameter 1. file system size 2. free block count
3. free inode count
CYLINDER GROUP BLOCK CONSISTENCY:

Checks, unallocated data blocks claimed by inodes, the unallocated data
block count, and unallocated inode count.
INODE CONSISTENCY:
Checks
1. for the allocation state of inodes
2. Type
3. Link count
4. Duplicate blocks
5. Bad blocks
6. inode size
7. Block count for each inode
8. Any unreferenced inode with non-zero link count is linked to the file
system's lost+found
DATA BLOCK CONSISTENCY:

1. fsck cannot check ordinary data blocks but it can check directory data
blocks.
2. In ordinary data blocks, the fsck command check for inodes that points
to unallocated blocks tagged as in use, allocated blocks tagged as free.

Kamalakkannan
Left blank knowingly
FILE SYSTEM / DIRECTORY HIERARCHY

Kamalakkannan
Directory Structure
/ - root's home directory

/dev - provides the information of logical devices
/dev/dsk - provides all the possibilites of the slices
with its file system.
Purely dependent of hardware
/dev/rdsk - provides all the possibilities of the
raw disk slices
dependent on hardware
NOTE:
Information’s available on /dev/dsk and /dev/rdsk remains same.
/devices - provides the information about, the location to which the

hardware devices are connected to.
/usr - Unix System Resources

/usr/bin - will have the binary executables.
cannot be read by the root user.
the resources under this directory can be
used by both root user and non-root user
/usr/sbin - will have binary executables that can
be exectuted only by the root user
mostly system related administration task
commands will be resided to this directory
/etc - holds all the configuration related with system and its
services
/var - provides all the logs related with the system
/opt - optional directory, where 3rd party applications can

be installed
/mnt - is a optional directory, where the devices can be

mounted
/proc - process directory

process id for every process will be generated
/export/home - is the location of non-root user's home

directroy. Normally at the time of creating a
user account that newly created user will have
his home directory under this location.
for eg: /export/home/shiva
/export/home/hari

Kamalakkannan
Inodes:
1. Every file and directory will be assigned by a unique number by the
operating system.
2. Inode wil store the information about the files and directories.
3. It holds the information like, the permissionship of the owner of the file,
permissionship of the file to a group, other permissionship, when it is
modified.
4. It'll also have pointers which will point to the data.
Link file:
2 types of links
a. hard link
b. soft link or symbolic link
Hard link:
1. when hard link is created, the link count is increased.
2. Inode number remians same for the source file and the destination file
3. If the source file is deleted, still datas from the destionation file can be
accessed.
4. The souce file permissionship is inherited to the destination files.
5. Both the source and destination file will show the same size. But the
destination files will NOT occupy the disk space
Soft link / symbolic link:

1. inode number for the destination and source file will be different
2. if the source is deleted, the datas from the destination file is not viewed.
3. The permissionship of the source file and the destination file will be
different.
4. it will have a pointer at the end to indicate the souce file
5. it will be indicated with the "l".
To create a hard link:

# ln <source-file-name> <destination-filename>
# ln one /Desktop/ims/hlink
here
one = source file name
/Desktop/ims = is the location of the hard linked file
hlink = is the hard linked file name
To create a soft/symbolic link:

# ln -s <source-file-name> <destination-file-name>
# ln -s one /Desktop/ims/soft_hai
here
one = source file name
/Desktop/ims = is the location of the soft linked file
soft_hai = is the soft linked file name

Kamalakkannan
Naming conventions:
3 Naming conventions
1. Logical name
2. Physical name
3. Instance name
Logical Name:
c# t# d# s#
c = specifies the controller
t = specifies the target
d = specifies the disk
s = specifies the slice
can be seen at /dev/dsk and /dev/rdsk
Instance Name:
1. Generated by the kernel for each devices connected to the system
# prtconf
will display the what are the devices attached to the system and all the
possibilites of connecting the devices
# prtconf | grep -v not

will display only the devices that are attached to the system
# cat /etc/path_to_inst
1. not recommended to edit
2. will display the information about physical location where the devices
are connected to and their corresponding instance
name
# format
command displays the number of hardisks attached to the system along
with its physical and instance name
1. format is a utility
2. It has two tires
a. format>
b. partition>
3. ctrl+c - to exit from the format utility
4. can be executed only by the root user
format> help
will provide the information about what are the commands that can be
used in format> tire.
format> fdisk
Kamalakkannan
is used to delete, view the windows partition informations through
Solaris OS.
format> partition
will move the next tire partition>
partition> help
will provide the information about what are the commands that can be
used in the partition> tire
partition> print
will print the disk layout which provides number of information about the
slices
part - specifies the number of slices
NOTE:
x86 arch - will have 9 slices
sparc arch - will have 7 slices
Tag name
Is the name given to the slice
Only selected names can be assigned to the slice
Permitted tag names: root, backup, alternates, reserved, usr,
stand, boot, home, swap, var, unassigned
1. Tag names can be repeated

2. Slices can be created in any sequence
3. While creating the slices, make sure about the starting cylinders.
Avoid wastage of cylinders
Avoid overlapping of cylinders
Flag:
States the status of the slices
Cylinders:
Specifies the starting and ending cylinders of a particular slice
partition> lable
to lable or to make OS to recognize the changes done with the partition
NOTE:
partition> lable
will only make the OS to recognize the change done and it will not be
stored in any file.
format> save
will save the changes done to a file
by default: format.dat
It can also be stored in any location with any file name
Kamalakkannan
partition>name
is used to name the partition table
max 8 characters is supported
NOTE:
# newfs /dev/rdsk/c0d1s4
to create a file system for the slice c0d1s4
# mkdir /slice4
# mount /dev/dsk/c0d1s4 /slice4
used to mount the slice slice4 under the location /slice4
# cd /slice4
# touch one two three
to access, to write some datas to the slice4
NOTE:
Mounted slices cannot be deleted.
Only after unmounting the slices it can be deleted.
# cd
# umount /dev/dsk/c0d1s4
to unmount the mounted slice
format> verify
to view the partition table, slices information
# newfs
will create a new file system
will prompt for confirmation
then it creates a ufs file system
it also displays the number of primary super backup blocks
which can be used by the # fsck command
# newfs -N /dev/rdsk/c0d1s6
will NOT create the file system but
will only display the number of primary super backup blocks (only if the
particular slice is having the file system)
# newfs -T /dev/rdsk/c0d1s6
will create a file system that can hold a file size in tera bytes.
NOTE:
1. When # newfs command is executed, the command reads the entry of
the file /etc/default/fs and accordingly the file system is created.
Kamalakkannan
2. By default the entry of the file /etc/default/fs
LOCAL=ufs
and hence # newfs command will create only ufs file system.
# fstyp
will dispaly number of informations about the particular slice
# fstyp -v /dev/dsk/c0d1s6 | grep -i min

will display the minimum free space for the praticular slice, slice6
Note:
1. The default minfree value for every slice is 1% of its own size.
2. The minfree value can either be increased nor be decreased.

But the minimum will be 1%
# tunefs -m 10 /dev/dsk/c0d1s6
this command will increase the minfree value to 10% for the slice, slice6
# tunefs -m 1 /dev/dsk/c0d1s6
will decrease the minfree value to 1% for the slice, slice 6
# prtvtoc
will print the volume table of contents
# prtvtoc /dev/dsk/c0d1s0
Here, the output of a particular hard disk drive with different slice remains
same.
for eg:
# prtvtoc /dev/dsk/c0d1s6 -> output will be same as

# prtvtoc /dev/dsk/c0d1s4
This above command will display the informations about the slice layout,
where it is mounted, flag state, hard disk drive geometry.
Note:
If we have more than one hard disk drive with the SAME geometry and if
we require same layout in all the hard disk drive, then VTOC of one disk can
be copied to another using a command # fmthard
# fsck - File System ChecK
# df
# df -h
will provid the information about
1. what are the slices mounted
Kamalakkannan
2. what is the total size of the each slices
3. how much of space is used in each slcies
4. how much of free space is available in each slcies
5. where it is mounted
6. how much of % of space is used in each slices
Note:
Solaris 8 supports
# df -bk
Solaris 9 and Solaris 10 supports

# df
and its options
# df -h
# du
will display the how much of the disk space is used
# du -h
will display how much of the disk space is used in human readable format
NOTE:
# man ls > list
# du -h > disk_use
the above commands will not display the output, instead,
the output is redirected to a file named list and disk_use respectively.
Hence we can open the files list and disk_use to the see the output of the
commands.
VTOC:
Resides in Track0, Sector0
It occupies 512 bytes of space
holds the information about the hard disk layout, geometry
Bootblock:
Resides in next 15 sectors next to vtoc
track0
Sector 1 to sector 15
Will be active in the root hard disk drive
Primary super block:

Will reside next to boot block
track0
Sector 16 to sector 31
Primary backup super block:

Kamalakkannan
track0
Sector 32
Apart from sector32, backup will be available in some other blocks for
every slice. it can be seen by executing the command
# newfs -N /dev/rdsk/c0d1s6
Data block:
1. Size of each data block is 8kb
2. Data block is further divided into 8 fragments
3. Size of the each fragment is 1 kb
4. a data block can be used only by a single file.
Data blocks cannot be shared by any files
5. Data block is the area where the user (both root and non-root) is given
right to store the data.
Inode:
Will provide the following information
1. Ownership permissions
2. Group permissions
3. Other permissions
4. When the file/dir was modified
5. Pointers
2 types of pointers
a. Direct pointer
b. Indirect pointer
3 types of indirect pointer
i. single indirect pointer
ii. double indirect pointer
iii. triple indirect pointer
6. a file will have 12 direct pointers

a single direct pointer can refer 8kb of datas
so 12*8 = 96kb of datas can be refered by a direct pointer.
7. If the file size is more than that,

a single indrect pointer will appear and it can point out
2048 additional direct pointer
2048 * 8 = 16 Mb
8. If the file is more that 16 Mb

a double indirect pointer will appear and it can refer
2048 additional singel indirect pointer
2048 * 16 mb = 32 Gb
9. If the file size is more than that, triple indirect will appear and it can refer
2048 additional double indirect pointer
2048 * 32 = 64 Tb
In short
8kb = 1 data block

1 data block = 1 direct pointer
Kamalakkannan
2048 * 8 kb = 16 mb (single indirect pointer=2048 direct
pointers)
2048 * 16 mb = 32 Gb ( double indirect pointer= 2048 single

indirect pointers)
2048 * 32 Gb = 64 Tb ( triple indirect pointer=2048 double

indirect pointers)
File system
1. Disk Based File system
2. Distributed file system
3. Pseudo file system
Disk based file system:

ufs - unix file system
for slices.
Kamalakkannan
default file system for sun solaris
hsfs - high sierra file system

used for optical media
udfs - universal disk file system
pcfs - personal computer file system
Distributed file system:

NFS - Network file system
used to share the resources
Pseudo file system
mntfs - mount file system. Used by /mnt dir

tmpfs - temporary file system. Used by /tmp dir
procfs - process file system. Used by /proc dir
These directories will be unmounted automatically when the system goes

down.
/system/object
1. uses objfs
2. object file system
3. This file system is used by the kernel to store details relating to the
modules currently loaded by the kernel.
devfs
1. used by /devices directory
2. Used to manage name space of all devices on the system.
ctfs
1. used by /system/contract directory
2. used by SMF to track the processes which compose a service, so
that a failure in a past of a multi-process service can be identified as
a failure of that service.

Kamalakkannan
PERFORMING MOUNTS AND UNMOUNTS
# mount =>
1. will display the informations about the permanently mounted and
temp mounted slices and other removable media.
2. can be used only by the root user
# mount -F <file_system_type> -o <options> <mount_point>

this command will mount the specified slices or the media.
eg: # mount /dev/dsk/c2d0s3 /mnt/slice3
NOTE:
Since the sliece uses only the UFS file system it's not necessary to
specify the file system while mounting.
PLS REF the SLIDES for default options.
eg: # mount -F hsfs /dev/c0t0d0s0 /mnt/cdrom

used to mount the cdrom
eg: # mount -F pcfs /dev/c4t0d0p0 /mnt/pendrive

used to mount the pen drive
/etc/vold.conf => volume management configuration file which holds the

actions to be performed.
vold => is the daemon which will be running at the background while the
volume management process is started.
/etc/rmmount.conf => is the configuration file for the removable media
# iostat -En
will provide us the information about the removable media where it is
connected, for eg: ,to which controller, target and so on.
# df -h => will provide what are the slices and the medias that are
mounted
# /etc/init.d/volmgt start => will start the volume management process

# /etc/init.d/volmgt stop => will stop the volume management process
# fuser -cu <mount_point>

eg: # fuser -cu /mnt/cdrom
will provide the information about the users using the mount slice or
media, along with the process
# fuser -ck <mount_point>

eg: # fuser -ck /mnt/cdrom
will forcefully kill the process that is run by the user.
# umount <mount_point>
eg: # umount /mnt/cdrom
# umount <device>
Kamalakkannan
eg: # umount /dev/dsk/c0t0d0s0
will umount the devices.
# mountall => will mount all the slices which is having the option "yes"
at "mount at boot" in the file /etc/vfstab
#umoutall => reverse of mountall
/etc/mnttab:
1. cannot be editable
2. will hold all the entries of the slices & media mounted
3. reffered by the #mount command
/etc/vfstab
1. Holds the permanent mounted slice information
2. editable by the root user
NOTE:
/etc/vfstab
0 – UFS file system are not checked. However, non-UFS file system are
checked
- - Not checked
1 – Checked one at a time in the order they appear in the /etc/vfstab file.
/, /usr, /var – SMF mounts the file systems as specified under

/lib/svc/method directory beginning with fs.
To determine the file system:
1. # mount
2. # cat /etc/vfstab
3. # cat /etc/default/fs
4. # cat /etc/dfs/dfstypes
5. # fstyp /dev/rdsk/c0t0d0s7
Volume Management [VOLD] features automatic detection of CD-ROM.

However, it does not detect the presence of diskette that has been inserted
in the drive until volcheck command is run. This command instructs the
vold daemon to check the diskette drive for any inserted media. Volume
Management can mount ufs, pcfs, hsfs & udfs file system.
/etc/rmmount.conf -> removable media

Kamalakkannan
PACKAGE ADMINISTRATRION
Package is a collection of executable files and directories.

Collection of packages is termed as package cluster.
# pkgadd => to add the packages

# pkgadd -d <path_of_the_cdrom> . <package_name>
eg: # pkgadd -d /mnt/cdrom/Solaris_10/Product . SUNWbash
where
-d -> specifies the format of the package as data stream
or
move to the location of the dir where the packages resides and start
installing.
# cd /mnt/cdrom/Solaris_10/Product
# ls
# pkgadd -d . SUNWbash
To copy the packages to the spool dir

by default its /var/spool/pkg
# pkgadd -d /mnt/cdrom/Solaris_10/Prosuct -s spool SUNWbash
this above command will copy the package to the dir spool
and hence we can install the package without the cdrom.
NOTE:
All the installed packges informations are stored to the file
/var/sadm/install/contents
All the installed packages will be in /var/sadm/pkg
# pkgrm => used to remove the package

# pkgrm <pkgname>
eg: # pkgrm SUNWbash
will remove the specified package from the system
NOTE:
catageroies of the packages
* system
* ALE - Alternate Language Environment
* Application
* CTL - Common Text Layout
Kamalakkannan
# pkginfo => to gather the information on the packages installed.
# pkginfo => displays all the list of the packages installed to the system
# pkginfo -l <package_name>
eg: # pkginfo -l SUNWbash
will provide the detailed information about the installed package
# pkginfo | wc -l
will provide the number of packages installed in the system
# pkgchk => to check the installed packages

# pkgchk -l -p <path of the command>
eg: pkgchk -l -l /usr/sbin/useradd
will provide the information about what is the package that is associated
with the command.
# pkgchk -p /etc/shadow
will provide the info when the file is recently updated from its installation.
# pkgtrans –s /mnt/cdrom/Solaris_10/Product /test SUNWbash

SUNWman
Here
pkgtrans => is a command to translate the packages into a file with data
stream
format
-s => specifies the source of the packages where it’s available.[cdrom is
mounted under /mnt/cdrom and the packages is available accordingly].
test => can be any file name to store or to translate the packages under
any location
SUNWman and SUNWbash – are the packages combined as a single file

test.
# file /test
Shows the format of the file.
As usual install the package using the command # pkgadd
Eg:
# pkgadd /test
Note:
No . is used to install the translated package.
# pkginfo –p
Displays the partially installed packages
We can confirm it by executing the following command, by specifying the

package name.
Kamalakkannan
For eg.,
# pkginfo –l SUNWman
INSTALLATION OF SUN SOLARIS 10 OPERATING SYSTEM SOFTWARE
a. Reduced Networking Support Software Group – SUNWCrnet

b. Core System Support Software Group – SUNWCreq
c. End User Solaris Software Group – SUNWCuser
d. Developer Solaris Software Group – SUNWCprog
e. Entire Solaris Software Group – SUNWCall
f. Entire Solaris Software Group with OEM - SUNWCXall

Kamalakkannan
OK prompt / OBP – OpenBoot PROM / Boot PROM Monitor Mode /

init 0
Ok nvramrc
NVRAMRC contents are displayed
Ok oem-logo?
If true, displays customized oem logo specified by oem-logo
ok boot net – install

Jumpstart boot. Boot off the network jumpstart server and install/upgrade
the operating system. [NOTE: There is a space both before and after the -.
The – serves as a place holder argument for the command.]
Ok boot –a
Ask me. Interactive mode prompts for the names of the boot files.
[Helpful if you need to boot off an alternate /etc/system file after kernel
unable modifications.]

Kamalakkannan
Ok boot –r
Reconfigure boot. Boot and search for all attached devices, then build
device entries for anything which does not already exist. Useful when new
devices are added to the system.
Ok boot –s
Single user. Boots the system to run level 1.
Ok boot –v
Verbose boot. Show good debugging information.
Ok boot –V
Verbose boot. Show a little debugging information.
Ok .enet-addr
Displays the enternet address
Ok .version
Display version and date of the boot PROM
(pritconf –V in a shell when booted)
Ok .speed
Display processor and bus speeds
Ok .env
On severs, this command is used to obtain status information about the
system’s power supplies, fans, and temperature sensors.
The environmental monitoring sub-system monitors for high temperature

conditions, as well as fan and power-supply failure conditions. The actions
performed by the monitor are controlled by the setting of the variable ‘env-
monitor’. The available options for setting up the environmental monitor
are:
1. enabled - Environmental monitor will monitor the system and

take appropriate actions including shutting down the system in the event of
an error condition.
2. disabled - environmental monitor is disabled
3. advise - environmental monitor will perform routinge checks

and will only report failures.
Use setenv env-monitor <option> to change the current mode
Ok .idprom
Displays ID PROM contents

Kamalakkannan
Ok sync
Call the operating system to write information to hard disk drive
Ok firmware-version
Displays major/minor CPU firmware
Ok reset
Reset entire system [similar to performing a power cycle]
Ok reset-all
Reset entire system [similar t performing a power cycle]
Ok set-defaults
Reset all the PROM settings to the factory settings
Ok eject
Ejects the drive
Ok eject cdrom
Ok test device
Test the specified device
Ok test net
Test the primary network controller
Ok test-all
Test all devices available with the self-test capability
Ok test scsi
Test the primary SCSI controller
Ok watch-net
Monitors network broadcast packets for default interace
. for a good packet
X for a bad packet
Ok watch-net-all
Monitors network broadcast packets for all the interfaces
Obdiag
Invokes an optional interactive menu tool which lists all self-test methods
available on a system; provides commands to run self test. (More for
servers and very machine specific. Reference the specific hardware manual
for the machine to get additional information on running obdiag.
Ok nvedit
Enter the NVRAMRC editor. If data remains in the temporary buffer from a
previous nvedit session, resume editing those previous contents. IF not,
read the contents of NVRAMC into the temporary and begin editing it.
Kamalakkannan
NVRAMRC [nvedit] Editor Commands:
Control-b = Moves backward one character.

Escape b = Moves backward one word.
Control-f = Moves forward one character.
Escape f = Moves forward one word.
Control-a = Moves backward to beginning of line.
Control-e = Moves forward to the end of the line.
Control-n = Moves to the next line of the script edit buffer.
Control-p = Moves to the previous line of the script edit buffer.
Return (Enter) = Inserts a new line at the cursor position and advances
to the
next line.
Control-o = Inserts a new line at the cursor position and stays on
the
current line.
Control-k = Erases from the cursor position to the end of the line,
storing
the erased characters in a save buffer. If at the end of
the line
joins t he next line to the current.
Delete = Erases the previous character.
Backspace = Erases the previous character.
Control-h = Erases the previous character.
Escape h = Erases from beginning of word to just before the
cursor,
storing erased characters in the save buffer.
Control-w = Erases from beginning of word to just before the
cursor,
storing erased characters in a save buffer.
Control-d = Erases the next character.
Escape d = Erases from the cursor to the end of the word, storing
the
erased characters in a save buffer.
Control-u = Erases the entire line, storing the erased characters in
a
save buffer.
Control-y = Inserts the contents of the save buffer before the
cursor.
Control-q = Quotes the next character (allows you to insert
control chars)
Control-r = Retypes the line.
Control-l = Displays the entire contents of the editing buffer.
Control-c = Exits the script editor, returning to the OpenBoot
command
interpreter. The temporary buffer is preserved, but is
not
written back to the script. (Use nvstore to write it
back.)
Ok show-devs
Display list of installed and probed devices
Kamalakkannan
Ok show-pci-devs
Display all PCI devices
Ok show-disks
Display a list of known disks in format for use in creating device alias.
Use-nvramrc? By default its false

If true, execute commands in NVRAMRC during system start-up.
Command hold down the keys/keys during the power-on sequence:

1. Stop Bypasses POST
2. Stop-A Abort
3. Stop-D Enter detailed diagnostic mode
4. Stop-N Reset NVRAM content to default values
5. Stop-F Enter forth on TTYA instead of probing [use fxedit to continue
with the
Initialization phase].
Setting Security Variables:

Not recommended to do practice or implement.
The NVRAM security variables control the set of operations users are
allowed to perform from the OpenBoot PROM user interface and can be set
with the following:
OK setenv security-password password
Sets the PROM security password to what is specified in the password filed.
This password must be between zero and eight characters [any characters
after eight are ignored] and the passwords takes effect immediately – no
reset is required. Once set, if we enter an incorrect password there is a
delay of around 10 seconds, before we are able to try again and the
security-#badlogins counter is incremented. The password is never
shown as we type it or with the printenv.
OK printenv security-mode
Displays the current mode for the PROM security
OK setenv security-mode mode
Where mode can be

1. none
a. No password is required
b. Default
Kamalakkannan
2. command
a. All commands expect for boot and go require password
3. full
a. All commands expect for go require the password
Caution:
We must set our security password before setting the
security mode. [The password is blank by default, but if already
set by someone, we won’t know what it is and will not be able to
disable it] If we forgot the security password, we may not be
able to use our system and must call the vendor for a
replacement of a PROM.
Ok printenv security-#badlogins
Display the number of failed security password attempts
Ok setenv security-#badlogins number
Reset the security-#badlogins counter. This counter keeps track

of the nuber of failed security password attempts.
Changing the power-on banner:

The banner information seen from the power-on can be modified
with the oem-banner and oem-banner? Configuration settings.
By default the banner shows information like processor type,
speed, PROM revision, memory, hosted and the Ethernet
address.
Ok banner
Display the power-on banner
Ok setenv oem-banner string

Set the power-on banner to the string
Ok setenv oem-banner? True

Activate the custom banner
Ok setenv oem-banner? False

Restore the original system power-on banner
Kamalakkannan
BOOTUP & SHUTDOWN PROCEDURES
Note:
1. The bootblk program is placed on the disk
drive by the installboot command during
system installation.
2. Boot program phase:
a. UFS boot program locates & loads the
appropriate 2-part kernel.
b. [i] genunix – Is platform independent
generic kernel file
[ii] unix – platform specific kernel file
3. When ufsboot loads these 2 files into memory,
they are combined to form the running kernel.
4. Solaris 10 for SPARC only runs on 64-bit
systems
5. The /etc/init file is a symbolic link to /sbin/init
Note:
# bootadm - manage bootability of GRUB-enabled operating
system
# bootadm list-menu
The location for the active GRUB menu is: /boot/grub/menu.lst
default 0
timeout 10
0 Solaris 10 11/06 s10x_u3wos_10 X86
1 Solaris failsafe

Kamalakkannan
# bootadm list-archive
Lists the files and directories to be included in the

boot archive. Applies to both SPARC and x86 platforms.
SMF – Solaris Management Facility an important feature of Sun

Solaris 10 0S.
# cat /etc/default/init
Features of SMF includes,

1. Provides service management via service configuration database
[list of services and their various supported methods].
2. Proves legacy rc script support [old programs will work].
3. Facilitates service dependencies
4. Permits automatic restarts of failed and/or stopped service.
5. Provides service status information [0nline/offline, dependencies]
6. Causes each defined service to log individually to : /var/svc/log
7. Defines a Fault Management Resource Identifier [FMRI].
FMRI provide categories of services
a. network
b. milestone
8. Can load mutually exclusive services in parallel.
9. SMF support multiple instances of services.
Status:
Degraded: The service instance is enabled, but is running at a

limited capacity
Disabled -> Services are not enabled and not running

Disabled: The service instance is not enabled and is not running.
Legacy_run - > the services are not controlled by SMF

Legacy_run: The legacy service is not managed by SMF, but can
be observed.
This state is only used by legacy services that are started with
RC scripts
Maintenance -> this state needs roots’s interrogation. In

this case the services has to be make available manually
Maintenance: The service instances has encountered an error
that must be resolved by the administrator
Offline -> Services are enabled but not running

Offline: The service instance is enabled; the service is not yet
running or available to run.

Kamalakkannan
Online -> Services are enabled and its running
Online: The service instance is enabled and has successfully
started.
Uninitialized: This state is the initial state for all services before
their configuration has been read.
3-primary SMF utilities:
1. # svcs – Lists services and provides additional information
2. # svcadm - Service administration utility,

Permits interaction with services, including state
transitions
3. # svcfg - Service configuration

Permits interaction with service configuration
database
svc.startd - Is the default service manage/restarter
inetadm - Is the default, delegated service restarter for INETD

daemon
Monitoring the services:
# svcs –a
-a option will display all services, including disabled services
# svcs
List out what are the services running, status of the service, FMRI
# svcs –l
-l option will give detailed information about a service.
Eg: svcs –l network
# svcs –l <FMRI>
List out the detailed information about the specified FMRI. Status of the
service can also be viewed.
Eg: # svcs –l telnet
# svcs –d
-d option lists the services or service instances upon which the given
Kamalakkannan
service instance depents.
Eg: svcs –d milestone/network:default
svcs –d milestone/multi_user
svcs –d network/inetd
# svcs –D
-D option will display the other services depends on a given service.
eg: svcs –D milestone/multi-user
# svcs –p
-p option is to view the processes associated with a service
instance.
eg: svcs –p svc:/network/inetd:default.
# svcs –x
If a service fails for some reason and can not be restarted, you can
list the service using the –x option.
Service Administration: [using svcadm]
# svcadm - manipulate service instances
# svcadm enable <FMRI>

Starts the service
# svcadm disable <FMRI>

Disables the service
# svcadm enable –t <FMRI>

Starts the service temp, for this session. When restarted the service will no
longer available
# svcadm enable –s <FMRI>

Will start all the instance that is associated with specified FMRI
# svcadm restart <FMRI>

To re-read the changes performed to the configuration file.
# svcadm –v refresh <FMRI>

To re-read the changes performed to the configuration file.
NOTE:
milestone/single-user represents run level S of previous versions of

Solaris
milestone/multi-user represents run level 2 of previous version of
Solaris
Kamalakkannan
milestone/multi-user-server represents run level 3 of previous
versions of Solaris.
Service Administration: [using inetadm]
# inetadm - observe or configure inetd-controlled services
1. INETD is a super-server which proxies connection to servers.

2. INETD services are traditionally defined in /etc/inetd.conf
3. inetadm permits control of key/value or name/value pairs of services
# inetconv - convert inetd.conf entries into smf service manifests,

import them into
SMF repository
# inetadm – Displays what are the services that are controlled by “inetd”
# inetadm –l <FMRI>
Displays detailed information about the FMRI specified.
Eg: # inetadm –l telnet
# inetadm –d <FMRI>
To disable the specified service
Eg: # inetadm –d telnet
# inetadm –e <FMRI>
To enable the specified service
Eg: # inetadm –e telnet
# inetadm –p
Displays the global setttings
# sys-unconfig - undo a system's configuration

sys-unconfig does the following:
Saves current /etc/inet/hosts file information in

/etc/inet/hosts.saved.
If the current /etc/vfstab file contains NFS mount entries, saves

the
/etc/vfstab file to /etc/vfstab.orig.
Restores the default /etc/inet/hosts file.
Removes the default hostname in /etc/hostname. interface files for

all interfaces
configured when this command is run. To determine which interfaces
are
configured, run the command 'ifconfig-a'. The /etc/hostname.interface
files
Kamalakkannan
corresponding to all of the interfaces listed in the resulting
output, with the
exception of the loopback interface (lo0), will removed.
Removes the default domainname in /etc/defaultdomain.
Restores the timezone to PST8PDT in /etc/TIMEZONE.
Disables the Network Information Service (NIS) and Network

Information Service
Plus (NIS+) if either NIS or NIS+ was configured.
Removes the file /etc/inet/netmasks.
Removes the file /etc/defaultrouter. Removes the password set for

root in
/etc/shadow.

Kamalakkannan
FILE PERMISSIONS
# chmod => used to change the permisssionships of the dir and the file
syn: # chmod <user/group/other> <operator>
<read/write/execute>
eg: # chmod u+rwx hai
u => user
g => group
o => other
a => all
r => read
w => write
x => execute
+ => to add
- => to remove
= => to assign
# chmod 777 hai

ABC
A => permissionship for the owner ( 7 = rwx)

B => permissionship for the group ( 7 = rwx )
C => permissionship for the other ( 7 = rwx )
NOTE:
6 - rw-
5 = r-x
4 = r--
# chown => used to change the ownership

syn: # chown <new_owner> <file_name>
eg: # chown hari jai
where
hari => new owner
Kamalakkannan
jai => file name
Note:
Ownership can be changed only by the ROOT user.
# chgrp => used to change the group

syn: # chgrp <new_group> <file_name>
eg: # chgrp admin text
where
admin => group name
text => name of the file
# chown <new-user-name>:<new_group_name> file_name

Eg:
# chown castro:night newfile
This command changes both the ownership & group for the specified file.
ADVANCE FILE PERMISSIONSHIP
1. SETUID - 4
2. SETGID - 2
3. STICKY BIT - 1
when the SETUID is assigned to a file, all the users who are accessing the
file will become the owner of the file at that moment.
A good eg for SETUID is # passwd command

we can check this by
# ls -l /usr/bin/passwd
# chmod 4644 one

Assign the SETUID to the file one with default permission
setuid will have the impact only in the user's execution area
s -> indicates execution permission is enabled
S -> indicates execution permission is NOT enabled
NOTE: This is applicable for SETGID also.
# chmod 2644 one

Assign the SETGID for the file one
Its recommended to assign SETGID for a dir.
To check:
login as user -> shiva ( in his home dir)

NOTE: shiva belongs to solaris group (primary)
$ pwd
$ mkdir check

Kamalakkannan
login as root user
# cd /export/home
# ls -l
# chgrp admin check
# chmod 2755 check
or
# chmod g+s check
NOTE: admin group already exists
# ls -l
Again login as user -> shiva
$ pwd
$ cd check
$ touch welcome to the world of unix
$ ls -l
We can see the difference
STICKY BIT
1. Its useful when the sticky bit permission is implemented to the

directory.
2. If a directory is with the sticky bit, every user has the right to create
a file inside that dir [provided with write permission].
3. Only the root user and the owner of the file is permitted to delete
the created file.
To implement:
# mkdir test
# chmod 1777 test
Now login as a user named che and create a file inside the directory test.
To check:
Login as another user named castro and try to delete the file created by
che.
System will not permit to delete the file by the user castro.
# find / -user root -perm -2000

used to identify what are the files that having the SETGID permissions

Kamalakkannan
used to identify what are the files that are having the SETUID permissions

used to identify what are the files that are having the STICKY BIT
permissions
USER ADMINISTRATION
Files involved:
/etc/passwd
/etc/shadow
/etc/skel
/etc/group
Default password policy specification:

/etc/default/passwd
In nutshell:
# useradd – used to create the user account

# usermod – to modify the user properties
# userdel – to delete the user account
# groupadd – to add the group

Kamalakkannan
# groupmod – to modify group
# groupdel – to delete the group
Security Policy specification:

/etc/security/policy.conf
This is the file where the encrypted password algorithm is defined. When
user is created, assigned a password the above file is read and the
encrypted password will be created according to the algorithm defined.
# useradd –D
Displays the default parameters assigned to the #useradd cooomand
# useradd -m -d /export/home/stalin -u 801 -g admin -s /bin/bash -c

"admin team" stalin
# useradd -u 902 -m -d /export/home/castro -s /bin/bash -k

/etc/skel_tech -g tech -G admin,accounts,support castro
-u => to specify the user id

-d => to specify the directory path
-m => to create the home directory [since home directory will not
present initially when the user is created]
- c => to pass the comment about the user
-g => to add/specify the primary group
-G => to add the secondary group
-s => to specify the shell
-k => to specify the alternate skel dir
-o => to specify the duplicate id
Note:
syn: # id <user_name>
eg: # id castro
will provide the information about the user id and the primary group he
belongs to.
syn: # id -a <user_name>
eg: # id -a castro
will provide the information about the user id, primary group and secondary
groups the user belongs
syn: # id
will provide the information about the user id and primary group the
currently logged user
# userdel <login-name>
# userdel shiva
will only delete the useracount named shiva
# userdel -r <login-name>
# userdel -r shiva
will delete the useraccount along with the home dir and the datas created
by the specified user.
Kamalakkannan
# passwd -d <login_name>
# passwd -d shiva
will remove the password the user specified
NOTE:
# logins -p
will provide the information about the user who is not having the passwd
# passwd -n <min> -x <max> -w <warinig> <login_name>

# passwd -n 45 -x 100 -w 98 shiva
where
-n => minimum password age
-x => maximum passwod age
-w => waring date
# passwd -l <login-name>
# passwd -l shiva
will lock the user specified
# passwd -u <login-name>
# passwd -u shiva
will unlock the user account
# usermod -l <new-login-name> <old-login-name>

# usermod -l che castro
here in this case, the login-name castro is changed to che.
ASSINGNING THE PASSWORD TO A GROUP

Step:1
# groupadd solaris
this command creates a group named `solaris`
Step 2.A :
# useradd -m -d /export/home/shiva -g solaris -s /bin/bash shiva
# passwd shiva
these above commands creates the user account shiva belongs to the
group solaris & assign the password to them.
Step 2.B:
# useradd -m -d /export/home/lingesh -s /bin/bash lingesh
# passwd lingesh
these commands creates & assings the password to the user account
lingesh
Step 3:
Kamalakkannan
As a root user or as any user create a file.
Here let’s create a file with the root user account
# mkdir /new
# cd /new
# cat > one
# ls -l
this will display the default permission ship and the group the owner (here
root) belongs to.
# chmod 664 one
This command will change the permission ship to file 'one'
# chgrp Solaris one
this command will change the group to 'Solaris' for the file 'one'
Step 4:
To assign the password to a group
a. Copy the second field (encrypted password) of any user account from
the file /etc/shadow
b. Paste the same to the second field of the file /etc/group
Step 5: To check
a. Login as the user (shiva - who belongs to solaris group)
and make the changes to the file. It'll change.
b. Login as the other user (lingesh - who DOESNT belong to solarsi group)
and try to make the changes to the file.
We'll be prompted with "permission denied"
To avoid this login to the solaris group
c. # newgrp solaris
this command will prompt for the password of the group Solaris
and allows to take the group permission ship.
NOTE: When the user is login to the group the shell changes.
How to duplicate the user id to another newly creating user ?

Step 1:
For eg:
# useradd -m -d /export/home/redhat -s /bin/bash -g admin -u 3000 redhat
# passwd redhat
this command will create the user account with the following
login name: redhat

home dir/base dir : /export/home/redhat
user id : 3000
primary group : admin
shell: bash
# useradd -m -d /export/home/suse -s /bin/ksh -g solaris -u 3000 -o suse

Kamalakkannan
# passwd suse
this command will create the user account with the following
login name: suse

home dir/base dir : /export/home/suse
user id : 3000 NOTE: Duplicated using the option -o
primary group: solaris
shell: korn
NOTE: DONOT duplicate the root id to any user, if happens it leads to

security breech.
MISC
1. # /usr/ucb/vipw -> opens the /etc/passwd file in the text layout.

works only in the init level 3
User friendly to edit the file
2. # pwck => checks the entry of the file /etc/passwd and if any errors
it'll be displayed
3. # grpck => checks the entry of the file /etc/group and if any errors it'll
be displayed
4. # echo $? => provides the info status on the command executed

if its 0 -> command is executed successfuly
if other than 0 -> its shows error occurance
Trouble shooting:
At single user mode, whilst CD_ROM is mounted
# TERM = sun
# export TERM
# vi /etc/shadow

Kamalakkannan
FTP IMPLEMENTATION
Wu – ftpd => Washington University ftpd daemon
1. FTPD binds to TCP port 21 and is running by default.

2. SMF controls FTP service configuration.
3. # svcs –a l ftp
Displays the status of the ftp service.
4. # pkginfo –l | grep ftp*
Displays the detailed information about ftp service.
5. # pkginfo –x | grep ftp*
Displays package information
6. SUNWftp - includes useful user packages, which includes
a. ftpcount, ftpwho [displays the connected users & process
information]
b. ftpconfig – utility is used to setup anonymous/guest ftp

c. SUNWftpr – includes
1. /etc/ftpd
ftpaccess – primary configuration file for wu-ftpd
ftphost – allow/deny access to users from hosts
ftpservers – allows root to define virtual hosts
ftpusers – users listed are NOT permitted to access the
server via ftp
ftpconversions – facilitates tar, compress, gzip support
wu –ftp daemon supports 2 types of ftp connections
1. PORT – Active ftp

a. Client -> TCP:21 [Server-Control-Connection]
b. Client executes ‘ls’ -> results in server initiating a connection back to the
client usually on
TCP:20 [ftp-data]
2. PASU – Passive ftp

a. Client -> TCP:21 [Server-Control-Connection]
b. Client executes ‘ls’ -> results in server opening a high port and
instructing the client to
source (initiate) a connection to a server.
c. Client sources data connection to high port on server.
# ftpcount
Shows current number of users in each ftp server class
-v Displays the user counts for ftp server classes defined in virtual host
[ftpaccess]
Kamalakkannan
-V Display program copyright and version information then
terminate
# ftpwho
Shows current process information for each ftp server user
1. It’ll display which user is logged in along with the process id
2. Status of the user will be displayed
3. Will also display the password given by the anonymous user
Note:
Login time via ftp is defined in the file /etc/ftpd/ftpaccess
Time out in seconds.
Anonymous ftp configuration:
# ftpconfig
Setup anonymous ftp
Note:
1. If the /var/ftp dir does’nt exist, this above command will create and
update the dir for anonymouns ftp.
2. Guest connections can be blocked/jailed using chroot
3. This can also be achieved by using GUI web browser to check the
anonymous login using ftp.
# ftpconfig /var/ftp
# cd /var/ftp
# ls –l
At location bar of the web browser:
ftp://192.168.0.100
1. Will by default show the anonymous user
Ftpd – class support:
Facilitates the grouping of users for the purpose of assigning directives
3- default classes:
1. Real users:
a. Can login using shell [ssh/telnet]
b. Can browse the entire directory
2. Guest users:
a. Are temporary users
3. Anonymous user:
a. General public for download capability
Kamalakkannan
All the 3 default classes is defined to the file /etc/ftpd/ftpaccess
Guest user support:
1. # useradd –d /export/home/guests –s /bin/true guests

Note:
In this case the user is permitted to login through ftp. He/she cannot
login/access any shell.
2. # passwd guests
3. # mkdir /export/home/guests
4. # chown guests /export/home/guests
5. # ftpconfig –d /export/home/guests
6. Update the configuration file /etc/ftpd/ftpaccess
Edit anywhere in the file. It also have the entry commented out.
# guest user <guest_user_name>
guest user guests
7. Restart the ftp service

# svcadm restart ftp
Note:
Guest users are similar to real users, except guest users are
jailed/chrooted.

Kamalakkannan
PERFORMANCE MONITORING
# users => display a compact list of users logged in
# who am i
# whoami
# who
#w
# rusers => who is logged in on remote machines
# rusers –l <host_name>
Displays who is currently logged to this machine along with the remote
access.
# whodo
Displays who is doing what
# groups
Print group membership of user
# groups <user_name>
Print group membership of the specified user
# uptime => provides the information about the uptime of the system
Kamalakkannan
# last => provide the info about the currently logged in users,
When the system came to upstate, when rebooted and so on.
# vmstat => provides info on virtual memory
# pagesize => provides info on the paging size of the memory
# prstat => provides the information about

1. The process id
2. User using that process
3. cpu utilization for that process
4. Command running
5. RAM utilization
this command will work in terminal even in text layout.
# /usr/dt/bin/sdtprocess & => similar to 'prstat' command but

menu driven.
It works only with graphics, in the init level 3.
The important process & its process id’s
sched [scheduling] - process id is 0

init [initialization] - process id is 1
svc.stard [SMF] - process id is 7
Network Monitoring: Additional information:

# netstat
Show the network status
1. Lists connections of All protocol & address families to and from

machine.
Address families include:
a. INET – ipv4
b. INET6 - ipv6
c. UNIX - UNIX Domain Sockets [ Solaris/BSD/Linux/HP-UX/IBM-
AIX/etc]
Protocols include:
TCP, IP, ICMP [which controls ping, echo], IGMP, RAWIP, UDP [DHCP,
TFTP]
2. Lists routing table

3. Lists DHCP status for various interfaces
4. Lists net-to-media table. Network to MAC [Network card] table

Kamalakkannan
# netstat usage:
# netstat
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q
State
-------------------- -------------------- ----- ------ ----- ------ -------
accel1.telnet intel.32961 49640 0 49640 0
ESTABLISHED
1 2 3 4
Where
1 => hostname of the sender
2 => port/protocol
3 => hostname of the receiver / remote
4 => port/protocol of remote
Note:
1. # cat /etc/services
Displays the well known port number and their corresponding
services
2. Hostname is displayed while using the # netstat command can be

possible only of the /etc/hosts file is having the entry of the ip-
address and corresponding hostname [resolve].
This file will be indirectly checked.
When issuing the # netstat command it will read the file
/etc/nsswith.conf and this file redirect to read the file /etc/hosts
[provided the entry is made].
4. Sockets are found only for TCP connections [connection oriented].
5. Sockets are NOT found for UDP connections since they are
connection less.
6. No need to remember all the ports, just ‘grep’ from /etc/services.

Eg: # grep syslog /etc/services
# netstat –a
a. Shows the state of all packets
b. All routing table entries / all interfaces, both physical & logical
c. Returns ALL protocols for ALL address families [TCP/UDP/UNIX].
UDP: IPv4
Local Address Remote Address State
-------------------- -------------------- -------
*.route Idle
*.sunrpc Idle
Kamalakkannan
*.* Unbound
*.32771 Idle
[Output truncated]
# netstat –n
a. Shows network addresses as numbers. Normally # netstat
displays addresses as
symbols.
b. It disables name resolution of hosts and ports and hence
displays the ip-address.
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
192.168.0.100.23 192.168.0.19.32961 49640 0 49640 0
ESTABLISHED
192.168.0.100.32921 192.168.0.5.6000 500576 0 49640 0
ESTABLISHED
127.0.0.1.32923 127.0.0.1.32879 49152 0 49152 0
ESTABLISHED
[Output truncated]
# netstat –i
a. Returns the state of the physical interfaces. Pay attention to
errors/collisions/queue whilst troubleshooting.
b. When combined with ‘-a’ options displays report on logical
interfaces.
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis

Queue
lo0 8232 loopback localhost 131536 0 131536 0 0 0
hme0 1500 accel1 accel1 186731 0 189733 0 0 0
NOTE:
mtu - Maximum Transmission Unit
In general the loopback address mtu will be high.
# netstat –m
a. Show the STREAMS memory
[How much TCP packets is working on the system]
streams allocation:
cumulative allocation
current maximum total failures
streams 300 336 2463 0
queues 742 756 5539 0
mblk 488 1778 192771 0
dblk 489 2009 1062735 0
linkblk 7 169 8 0
syncq 17 50 77 0
qband 2 127 2 0

Kamalakkannan
917 Kbytes allocated for streams data
# netstat –p
Returns net-to-media information
[MAC/layer-2 information] i.e., to arp table.
Net to Media Table: IPv4

Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
hme0 192.168.0.5 255.255.255.255 00:16:41:ef:d5:ff
hme0 accel1 255.255.255.255 SP 08:00:20:c4:a2:fb
hme0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
# netstat –P <protocol>
Returns active sockets for specified protocol
Eg: # netstat –P tcp
Note:
1. Protocols should be specified with small letters
2. The following protocols are only allowed ip|ipv6|icmp|icmpv6|
tcp|udp|rawip|raw|igmp
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
accel1.telnet intel.32961 49640 0 49640 0 ESTABLISHED
accel1.32921 192.168.0.5.6000 500576 0 49640 0
ESTABLISHED
localhost.32923 localhost.32879 49152 0 49152 0
ESTABLISHED
[Output truncated]
# netstat –r
a. Returns routing table
b. Normally, only interface, host, network & default routes are
displayed
c. Combined with ‘-a’ option, all routes will be displayed, including
cache.
Routing Table: IPv4

Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 accel1 U 1 19 hme0
224.0.0.0 accel1 U 1 0 hme0
localhost localhost UH 47 133672 lo0
# netstat –D
Returns DNCP configuration [includes releases/renewal etc]

Kamalakkannan
# netstat –an –f [inet|inet|6|unix]
-f => allows to specify the family address
Eg: # netstat –an –f inet

Displays only ipv4 information
UDP: IPv4
Local Address Remote Address State
-------------------- -------------------- -------
*.520 Idle
*.111 Idle
*.* Unbound
*.32771 Idle
*.* Unbound
[Output truncated]
Misc
#ln –s /dev/pts/9 soft

# telnet 192.168.0.10 | tee soft
To have the output of your machine in to the another person

Kamalakkannan
PROCESS SHCEDULING
# at => executes the command only once

every user has the right to execute the at command
syn: # at <time>
eg: # at 1030
# atq
will provide the info abt the scheduled task along with their id.
# at -l
will provide the info abt the job id and the user who scheduled the process
/etc/cron.d/at.deny
this file will have the login name of the users who are denied to use the at
command.
/etc/cron.d/at.allow
this file will not be present by default.
this file has to be created mannualy
this file holds the login name of the users who are having the permission to
access the at command.
In general system will check for the /etc/cron.d/at.allow file first and then
moves to the file /etc/cron.d/at.deny
/var/cron/log
this file logs the at command shceduling
/var/spool/cron/atjobs
is a directory which holds the at schedule
# cron => will execute the process recurssively

it has number of fileds
1. minute filed - 0 to 59
2. hour filed - 0 to 23
3. day of month - 1 to 31
4. month filed - 1 to 12
Kamalakkannan
5. day of the week - 0 to 6
NOTE:
0 = sunday
1 = monday
respectively
6. command field => what command has to be executed
* => on every month/day
PRINTER CONFIGURATION
# printmgr &
=> This above command opens a menu
=> Printer configuration can be menu driven
NOTE:
1. Before configuring the printer make sure about the compatablity with
the sun microsystems.
2. Check the make and the type
3. The port to which the printer is connected physically.
Once the menu is opened,

1. Enable the "confirm actions" from the main menu
2. Select the newly attached printer
a. give the printer name ( can be any name )
b. description can also be anything
c. choose the correct port
(here we have choosen /dev/pts/7 for our eg. In thiscase
if we want to specify the port choose " other')
d. select the type of the printer
e. select -> the banner options if required or never print banner
f. user access list -> by default every user is given the right
to sent the request to the printer. If we want to restrict,
add the specific users from the user list.
g. apply the changes
# lp <file_name>
eg: # lp check_printer
will the print the file named "check_printer" to the default printer

Kamalakkannan
# lpstat -d
displays which is activated as the default printer if we have configured
more than one printer
# lpstat -p
displays status of all the printers that are configured to the system
# lpadmin -d <printer_name>
eg: # lpadmin -d hp
will activate "hp" as the default printer if we had configured more than one
printer.
# reject <printer_name>
eg: # reject hp
this command will reject the requests to the printer named "hp"
ie.. hp printer will not accept the requests from any user including the root.
Note:
In the above case, printer is physically connected, activated but the
request will not be fulfilled or not accepted.
# accept <printer_name>
eg: # accept hp
this command will start sending the request to the printer named "hp"
In other words printer starts printing the desired output.
# disable <printer_name>
eg: # disable hp
this command will disable the printer. In other words printer is not
activated.
cc
# enable <printer_name>
eg: # enable hp
will ativate/enable the printer specified.
/var/lp/logs/requests -> provides the information on the print logs which

inclues
1. which user given the print request
2. date & time of the request
3. size of the file
4. user id, group id
5. file name
6. location of the file
# lpq
provide the information about the request in the queue.

Kamalakkannan
BACKUP & RESTORE
1. ufsdump command is used to take backup

options:
u -> to update the file /etc/dumpdates
S -> to check the size required to take a backup
f -> specify the device
n -> to nofify
2. ufsrestore -> used to restore the contents

r -> recursively
v -> verbose/detailed information
f -> device
i -> interactively
NOTE:
1. Its recommended to take backup after unmounting the file system
syn: # ufsdump <level of backup>uf <device to which backup is to

Kamalakkannan
be done>
<device which is going to be backedup>
eg: # ufsdump 0uf /dev/rdsk/c1d0s6 /dev/dsk/c1d0s5

0 -> level of the backup
0-> complete backup
/dev/rdsk/c1d0s6 -> the destination or the media where the backup is done
/dev/dsk/c1d0s5 -> source or the media which the data resides
Where
u – Updates the file /etc/dumpdates
f – Specifies the device
NOTE:
Move the directory or the location where we wanna restore the datas.
syn: # ufsrestore rf <device from where the datas has to be

restored>
eg: # ufsrestore rf /dev/rdsk/c1d0s6
Taking a backup of a root slice
NOTE:
1. Enter into the system maintenance mode
2. Then check the destination size of the tape/disk
3. Proceed with the backup.
# ufsdump 0uf /dev/rdsk/c1d0s6 /dev/dsk/c1d0s0

here, slice6 is taken as backup device which has nearly 4gb of space
Restoring the root backup
1. Boot from the cd

2. DONOT mount the root slice (ie s0)
3. Create the file system for the root slice
4. Mount the root slice in /a dir
5. Move to the /a dir
6. restore the backedup information
7. a. install the bootblk in the case of SPARC
b. install the grub in the case of X86/X64
8. restart the system.
# cd /
# mount /dev/dsk/c1d0s0 /a
# cd /a
# ufsrestore rvf /dev/rdsk/c1d0s6
# rm restoresymtable
# cd /usr/platform/ùname -m`/lib/fs/ufs
# installboot bootblk /dev/rdsk/c1t1d0s0 -> SPARC
# installgrub -fm /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c1d0s0
-> X86/X64 arch
Kamalakkannan
where
-f => suppresses interaction when overwriting the master boot record
-m => installs GRUB stage1 on the master boot sector interactively
# cd /
# umount /a
# init 6
SNAPSHOT
1. Used to take a backup (indirect backup) of the mounted/online slice

2. Whenever snapshot is performed a virtual device will be created under
/dev/fssnap
# fssnap -F ufs -o bs=/var/tmp /mnt/slice5

where
-F => specifies the file system
-o => options
bs => backing store. which will be used to store the information when
snapshot/backup is being performed to the mounted slice
NOTE:
Here we consider that
c1d0s5 is mounted under /mnt/slice5 and is holding some data.
In above case after the command is executed, /mnt/slice5 is snapshoted

and stored to -> /dev/fssnap/0
# fssnap -i
Provides the info about all the snapshots available in the system
# fssnap -d <device>
eg: # fssnap -d /dev/fssnap/0
Deletes the device
HOW TO TAKE A BACKUP OF THE SNAPSHOTED DEVICE
NOTE:
The device is in unmounted state by default.
# ufsdump 0uf /dev/rdsk/c1d0s7 /dev/fssnap/0
NOTE:
Kamalakkannan
We can also mount the /dev/fssnap device and chek whether all the
informations are snapshoted properly or not.
The condition is that, we able to mount it only in `ro` option. (read only)
# mount -o ro /dev/fssnap/0 /cj

Restoring the datas remains same as usuaul.
CONFIGURING THE NETWORK INTERFACES
# dladm -> to configure the data link interfaces

Kamalakkannan
# dladm show-dev
Display the instance name of the interfaces in the current system.
# ifconfig -a
Displays the interface (instance name), ipaddress, state of the interface
card, netmask, MAC address.
# ifconfig <instance_name_of_the_interface> plumb

eg: # ifconfig nge1 plumb
Will activate the interface
# ifconfig <instance_name_of_the_inetrface> unplumb

eg: # ifconfig nge1 unplumb
will deactivate the interface
# ifconfig <instacne_name_of_the_interface> <ipaddress>

eg: # ifconfig nge1 100.0.0.10
will assign the ipaddress 100.0.0.10 to the interface nge1
# ifconfig <instacne_name_of_the_interface> up
eg: # ifconfig nge1 up
will make the interface in up state and its ready to communicate.
# ifconfig <instance_name_of_the_interface> <ipaddress> up

eg: # ifconfig nge1 100.0.0.10 up
Will assign the ipaddress to the interface and bring it to up state.
NOTE:
# grep network /etc/path_to_inst
Will also display the instance name that is associated to the hardware.
Keep in mind that this above command works with SPARC and not with
x86/x64.
# snoop => used to snoop/monitor the network packets transmitted

between the machines.
NOTE:
When the user is trying to login using telnet the uers login name along with
the password and commands executed by him can be snooped or
monitored.
But when the user is trying to login remotely using "rlogin" it CANNOT be
snooped.
# snoop <source_machine_ip> <destination_ip>

eg: # snoop 100.0.0.3 100.0.0.10

Kamalakkannan
SWAP CONFIGURATION
To increase the swap/virtual memory.
1. We can add a slice to the swap memory
2. We can add a file to the swap memory
Again whilst adding,

it can be temp adding the slice/file
it can be perm adding the slice/file ( by adding the entry to the file
/etc/vfstab )
# swap -l
this lists out what are the files and slices that are dedicated or associated
to the swap/virtual memory
# swap -s
this lists the summary of the virtual memory.
# mkfile <size> <location_of_the_file>

eg: # mkfile 200m /empty_swap
this command create a file with 200mb with the name "empty_swap" under
/ (root).
NOTE:
The file can be created anywhere in the mounted slices and can be
associated/dedicated to the swap/virtual memory.
# swap -a <swap_file_name_or_disk_slice>
eg: # swap -a /empty_swap
this command will add the file /empty_swap (with size 200 m) to the virtual
memory.
# swap -a /dev/dsk/c1d0s5
will add the slice s5 to the swap/virtual memory.
NOTE:
The slice 5 has to be created earlier along with the file system before
adding to the swap/virtual memory.
# swap -d <swap_file_slice>
eg: # swap -d /empty_swap
# swap -d /dev/dsk/c1d0s5
will delete/remove the associated/dedicated slice/file from the
swap/virtual memeory.
### SMC - Solaris Management Console ###
This is menu driven web application

Can perform number of administration tasks as a root user
Normal user is given the right to open the console but with limited tasks.
Kamalakkannan
# smc &
will open the solaris management console.
CRASH & CORE
Carsh - will make a snapshot/backup the OS fatal error when occurred.
# dumpadm
This command will read the info from the configuration file
/etc/dumpadm.conf
NOTE:
Both with # dumpadm and # coreadm
commands its recommeded to use the commands and DONOT edit the
configuration file.
Crash and core dump:
CRASH DUMP:
OS generates a crash dump by writing some of the contents of the Physcial
memory to a pre-determined dump device, which must be a local disk slice.
/var/crash/ùname -n`/vmcore.x
where
x = integer indentifying the dump
/var/crash/ùname -n`/unix.x
NOTE:
Within the crash dump directory a file named bounds is created. The
bounds file holds a number that is used as a suffix for the next dump to be
saved.
The configuration file for crash dump is

/etc/dumpadm.conf
1. This file is not recommened to edit

2. This file provides the following information
a. which slice is dedicated for dump
By default swap slice (slice-1) is dedicated for this purpose.
b. Provides the information about dumpadm or crash
is enabled or disbaled.
Kamalakkannan
c. What contents has to be dumpded. By default Kernel
contents will be dumpded.
d. displays the save core directory.
# dumpadm
This command reads the file /etc/dumpadm.conf and the output will be
displayed accordingly.
Eg output is given for kind ref:
Dump content: kernel pages

Dump device: /dev/dsk/c0d1s1
Savecore directory: /var/crash/server
Savecore enabled: yes
# dumpadm -d /dev/dsk/c0d1s5
Will change the default (/dev/dsk/c0d1s1) dumpdevice to
/dev/dsk/c0d1s5

Dump device: /dev/dsk/c0d1s5 (dedicated)
Here the dumpdevice is changed.
# dumpadm -n
will disable the save core.
Savecore enabled: no
Here save core is disabled.
# dumpadm -y
will enable the save core.
Here save core is enabled.
NOTE:
1. save core is by default enabled.
Only if the save core is enabled dumpadm will dump the contents to the
device specified.
2. # dumpadm
command updates the file /etc/dumpadm.conf
Kamalakkannan
and hence the configuration remains permanent.
# dumpadm -s /var/crash/Unix
This command change the save core directory.

Savecore directory: /var/crash/Unix/
Here savecore directory is changed.
# dumpadm -c all
This will ask the system to dump all the pages from the physical memory.
The default dump contents is kernel pages.
Dump content: all pages

Savecore directory: /var/crash/Unix/
Here the default dump content is changed to "all pages"
Coreadm:
When a process terminates abnormally it typically produces a core file.
1. A core file is a point-in-time copy of RAM allocated to a process.

2. The copy is written to a more permanent medium - hard disk drive.
3. A core file is also a disk copy of the address space of a process at a
certain point-in-time.
4. A core file will have the following information:
a. task name
b. task owner
c. priority
at the time of execution.
5. OS generated 2 possible copies of core file based on the configuration.
a. GLOBAL CORE FILE:
i. created mode is 600
ii. owned by super-user
iii. non-priviledged users are not permitted to examine
b. ORDINARY PER_PROCESS CORE FILE:

i. created mode is 600
11. Owned by the owner of the process
NOTE:
If the directory defined in the global core file does not exist, it has to be
created manually.
The configuation file is /etc/coreadm.conf
This file is not recommended to edit.

But the updations to the file can be performed by using the command
Kamalakkannan
# coreadm
# coreadm
reads the entries of the file /etc/coreadm.conf and the configuration is
displayed.
Coreadm Pattterns:
%m = machine name
%n = system known name
%p = process-id
%t = decimal value
%u = effective user
%z = which process executes
%g = effictive group id
%f = execuitable file name
-d = disable
-e = enable
# coreadm option argument
NFS - NETWORK FILE SYSTEM

NFS - Network File System
NFSV4- NFS Version 4.0 is used with Solaris-10
NFS is used to
1. Share the resources which includes the sharing of the database and the
sharing of hardware resource (especially the Hard disk drive slice).
Before starting NFS, pls make sure of the following:
1. Network card is plumbed.

2. NIC card is asssigned with ip
3. NIC card ip is in UP-flag
4. All systems are coming under same Class of IP.
# share
1. Makes a local directory on an NFS server available for mounting
2. It also displays the contents of the file /etc/dfs/sharetab
3. It also updates the file /etc/dfs/sharetab
Syn: # share -F nfs <name_of_the_dir_to_be_shared>

Kamalakkannan
eg: # share -F nfs /empty
A B C D
Where
A = command to share the directory temp.
B = option -F to specify the file system
C = nfs to indicate what is file system
D = here "/empty" is the directory to be shared
Syn:#mount -F nfs <nfs_server_ip_node_name>:<shared-dir>

<mount-point>
Eg: # mount -F nfs 192.168.1.51:/empty /mnt/remote
A B C D E F
Eg: # mount -F nfs Unix:/empty /mnt/remote

A B C D E F
WHERE
A = command to mount the shared resource
B = option -F to specify the file system
C = "nfs" specifies the file system
D = specifies the node name or ip address of the nfs server
E = Shared directory at the Server
F = Mount point at the client
NOTE:
1. Before mounting the resource at the mounting point at Client, Make sure
that the mount point exists.
2. If instead of ip-address of the nfs-server, node name is used to mount
the resource, make sure the client system's /etc/hosts file is upadated or
resolved with nfs-server name and ip.
# cat /etc/dfs/fstypes
will provide the information about the utilities supported by NFS.
nfs, cachefs and autofs will be supported.
nfs => to share the resource
cachefs => for sync. when file at the client side is updated, the source file
at the server will also get updated. For this updatation, cachefs is requried.
autofs => for automatic mounting of the resource on demand.
# dfshares
Lists available shared resources from a remote/local NFS server along with
the ip-address or with the node-name
syn: # dfshares
will check for the local system
syn: # dfshares <ip-address_or_node-name>
eg: # dfshares 192.168.1.51
eg: # dfshares Unix
Checks the system Unix/192.168.1.51 for the shared
Kamalakkannan
resource.
# shareall
Reads and executed share statements from the file
/etc/dfs/dfstab
# unshare
Makes a previously available directory unavialable for client side mount
operations
# unshareall
Makes a perviously shared resources unaviloable
/etc/dfs/dfstab
has the entries of the permanenlty shared resource
This file is editable
Lists the local resources to share at boot time.
/etc/dfs/sharetab
is NOT editable.
Permanent sharing can be performed by editing the file

/etc/dfs/dfstab
Some example entries of the file /etc/dfs/dfstab

share -F nfs /empty
share -F nfs -o ro=sun3,rw=sun10 /another
share -F nfs -o ro=192.168.1.20,rw=sun10 -d "It's slice-5"
/mnt/slice5
Explanation"
Here
share -F nfs /empty
According to the above entry to the file /etc/dfs/dfstab

'/empty" directory is shared using nfs file system to all the clients in the
network with defalut opiton (ie., rw)
share -F nfs -o ro=sun3,rw=sun10 /another

1. "/another" directory is shared using nfs file system
2. it is shared as read only (ro) for the client sun3
3. It is shared as read/write (rw) for the client sun10
Note:
Irrespective of the file or directory permission /another.

Kamalakkannan
share -F nfs -o ro=192.168.1.20,rw=sun10 -d "It's lsice-5" /mnt/nfs-
slice

1. "/mnt/nfs-slice" directory is shared using nfs file system
2. It is shared as read only (ro) for the client 192.168.1.20
3. It is shared as read/write (rw) for the client sun10
4. A description (optional) is given as "It's slice-5" as a comment
NOTE:
If the svc:/network/nfs/server
service does not find any 'share' commands in the /etc/dfs/dfstab file, it
does not start the NFS server daemons.
To view the status of the nfs service:
# svcs -a | grep nfs
To start the nfs service:

Solaris-10:
# svcadm enable nfs/server
# svcadm enable nfs/clinet
Solaris-9 and earlier version:

/etc/init.d/nfs.server start
/etc/init.d/nfs.clinet start
To stop the nfs service:

Solaris-10:
# svcadm disable nfs/server
# svcadm disable nfs/client
Solaris-9:
/etc/init.d/nfs.server stop
/etc/init.d/nfs.client stop
To make permanent mount of nfs resource at client:

1. Edit the file /etc/vfstab of the client.
Eg entry:
192.168.1.51:/empty - /mnt/remote nfs - yes -
Unix:/another - /mnt/new nfs - yes -
NFS client daemons:

1. statd - works with the lockd daemon to provide crash recovery functions
for the lock manager
2. lockd - supports record-locking operation on NFS files
3. nfs4cbd - NFSv4 call back daemon.
Kamalakkannan
statd and lockd deamon runs on both server and client.
NFS server daemons:

1. statd
2. lockd
3. mountd
4. nfsmapid
4. nfslogd
NOTE:
NFSv4 uses the well-known port number 2049.
/etc/nfs/nfslog.conf
Configuration file. Lists information defining the location of configuration
logs used for NFS server logging.
/etc/default/nfslogd
List configuration information describing the behavious of the nfslogd
daemon for NFSv2 and 3.
/etc/default/nfs
Contains parameter values for NFS protocols and NFS deamon

Kamalakkannan
Autofs
1. It's a client side service to make the shared resource available at the
client side on demand.
2. Autofs file is initialized by
/lib/svc/automount script
/lib/svc/method/svc_autofs script starts the autofs daemon.
NOTE:
automountd deamon is completely independent from the automount
command. Because of this separation, we can add/modify/delete map
information without having to stop and start the automountd daemon
process.
Autofs types:
1. Master map
2. Direct map
3. Indirect map
4. Special map
Master map:
1. Lists the other maps used for establishing the autofs file system.
2. The automount command reads this map at boot time.
Direct map:
Lists the mount points as ABSOLUTE PATH names. This map explicitly
indicates the mount point on the client.
Usually /usr/share/man directory is a good example for direct mapping.
/- mount point is a pointer that informs the automount facility that full
path names are defined in the file specified by MAP_NAME (for eg: here
its /etc/direct_map).
NOTE:
1. /- is NOT an entry in the default master map file (/etc/auto_master)
2. The automount facility by default automatically searched for all map

related file in /etc directory.
Indirect map:
Lists the mount points are relative path names. This map uses a relative
path to establish the mount point on the client.
/export/home - is a good example for indirect map while implementing NIS.
An indrect map uses a key substitute value to establish the association

between a mount point on the client and a directory on the server. Indirect
map are useful for accessing specific filesystems, such as home directories,
from anywhere in the network.

Kamalakkannan
Special map:
Provides access to NFS service by using theri host names.
NOTE:
+ symbol at the beginning of the
+auto_master line in the /etc/auto_master file directs the automountd
daemon to look at the NIS, NIS+ or LDAP databases before it reads the rest
of the map.
If this line is commented out, only the local files are searched
unless the /etc/nsswitch.conf files specifies that NIS, NIS+ or LDAP should
be searched.
auto_home
This maps provide the mechanism to allow users to access their centrally
localted $HOME directories
-hosts map
Provides access to all resources shared by NFS servers. The server are
mounted below the /net/hostname directory, or if only the server's ip-
address is known, bleow the /net/ipaddress directory. The server does not
have to be listed in the hosts database for this mechanism to work.
EG: for Direct Maps:

SERVER SIDE configuration:
For sharing the man pages from the server 192.168.1.51 to clients.
1. Edit the file /etc/dfs/dfstab

share -F nfs -o ro /usr/share/man
2. Save the file
CLIENT SIDE configuration:

1. Edit the file /etc/auto_master
/- direct_map
2. Save the file
3. Create a file /etc/direct_map file with the following contents

edit:
# vi /etc/direct_map
/usr/share/man 192.168.1.51:/usr/share/man
4. Save the file
5. Make sure autofs service is running

# svcs -a | grep autofs
Kamalakkannan
Start the service if its offline.
# svcadm enable autofs
6. Then automount the shared resources.

# automount -v
here
-v = provides the detailed information about the automounted resources.
SYSTEM MESSAGING
the /etc/syslog.conf
the above file is responsible for sending or redirecting the errors to the
logfile or console or user or cental log host.
1. Daemon
2. user process
3. kernel
4. logger ( this is only a command to generate the error which is used to
check out configuration performed on the file /etc/syslog.conf).
These above four where they can generate the errors.
Level of errors:
emerg - 0 (Priority)
alert - 1
crit - 2
err - 3
warning - 4
notice - 5
info - 6
debug - 7
none - 8
# tail -f /var/adm/messages
will display all the errors generated by all the users.
Note:
-f option along with the tail command refresh the file and keep on display
the contents to the users.
To check:
Let's consider two systems. HOSTA and HOST123
1. Login as 'root' user using telnet to the system HOST123 from HOST A.
Try to do some activity which generate some errors. For eg: try to plumb
the interface. Note: keep it in mind do not disturb the interface to which
you have connected.

Kamalakkannan
Mean while
Open the file using
# tail -f /var/adm/messages
in the system HOST A.
We can observe the changes to the file.
/etc/syslog.conf
1. this file is editable
To make changes to the file
i.e to re-direct the logs to the central log host
this file has to be edited.
By default the errors will be generated to the file /var/adm/messages
Note:
Before doing any configuration its recommended to have a backup copy of
the default configuration file.
/etc/init.d/syslog start
/etc/init.d/syslog stop
start & stop the syslog daemon respectively.
Its good the compile (using m4) and restart the syslog daemon after doing
the changes to the file /etc/syslog.conf
# svcadm enable system/system-log

Starts the syslogd daemon
# svcadm disable system/system-log

Stops the syslogd deamon
# svcadm refresh system/system-log

Makes the Operating System to re-read the configuratiton file
/etc/syslog.conf
This command is must if the changes is done to the configuration file.
eg entry from the file /etc/syslog.conf
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
A B C D E
where
A = *.err
means, all (user process, kernel, daemon, logger) who ever
generating the error message

Kamalakkannan
B = kern.debug
means, only kernel generating debug messages
C = daemon.notice
means, only deamon generating notice messages
D = mail.crit
means, only mail generating critical messages
E = /var/adm/messages
all above mentioned messages have to be logged to the file
/var/adm/messages
To test:
1. edit the file /etc/syslog.conf
*.notice /var/log/logs-test
2. Save the file
3. Create a empty file under /var/log

# touch /var/log/logs-test
4. Refresh the system-log

# svcadm refresh system-log
5. To test the configuration

eg: # logger -p local0.notice Notice:level "test message"
eg: # logger -p local0.notice Crit:level "test message"
Note:
If the same message is generated for several times, the same message will
not be logged to the specified file.

Kamalakkannan
ACL - ACCESS CONTROL LIST
# setfacl -> to assign the acl permissions to the file

# getfacl -> to know the assigned acl permissions to the file
eg: # getfacl one (NOTE: file named "one" is already created and acl has
been implemented to the file)
The following is the output of the above command.
# file: one
# owner: root
# group: root
user::rw-
user:bill:rwx #effective:rw-
group::r-- #effective:r--
mask:rw-
other:---
# ls -l
total 4
Kamalakkannan
-rw-r--r-- 1 root root 0 Nov 27 09:24 four
-rw-r--r-- 1 root root 1389 Nov 27 09:27 hai
-rw-r-----+ 1 root root 0 Nov 27 09:24 one
-rw-r--r-- 1 root root 0 Nov 27 09:24 three
-rw-r--r-- 1 root root 0 Nov 27 09:24 two
NOTE:
Only the file "one" is displayed with "+" -> which shows that acl has been
implemented
To assign the acl value:

eg: # setfacl -s user::rw-,group::rw-,other:---,mask:r--,user:bill:rwx
new
A B C D E F G H
where
A -> command to assign the acl
B -> to substitute the acl permissions to the file
C -> user acl permissions
D -> group acl permissions
E -> other acl permissions
F -> ACL mask value
G -> to sepcify a sperate acl permission to a particular user
H -> name of the file
# getfacl -d /acl/four
to get the default acl entries
# setfacl -d u:root /acl/four

to delete the acl entries
# getfacl one | setfacl -f - three

A B C D E
where
A -> to get the acl entires
B -> source file
C -> to assign the acl entries
D -> source file
E -> the file name to which the acl entry has to assigned
The acl entries assigned to the file "four" will be assigned to the file "seven"
eg:
#setfacl -s user::rwx,group::rw-,other:r--,mask:rw-,user:karl:rw- test
A B C D E F G H
Here
Kamalakkannan
A = setfacl => command to assign or set the acl permissionship
B = -s => option 's' to specify that we are assigning the acl
permissionship to a file
C = user::rwx => permissionship for the owner of the file
D = group::rw- => permissionship of the file owned by a primary group
E = other:r-- => permissionship for others
F = mask:rw- => acl mask.
Note:
Although a particular user is given the permission to modify the file, and if
mask is assigned as r-- (read only), that particular user is denied to modify.
In short only acl mask permissionship plays the vital role
G = user:karl:rw- => user named 'karl' is given the permissionship

to read and write the file
H = test => name of the file
eg: # getfacl test
# file: test
# owner: lenin
# group: acl
user::rwx
user:karl:rw- #effective:r--
group::rw- #effective:r--
mask:r--
other:r--
To view the acl permissionship for the file named 'test'

from the output
we can understand that,
acl mask is assigned as = r--

user:karl is assigned with rw-
Since the acl mask is assigned as r--, user karl cannot modify the file test,
even though he was given the permission.
eg: # getfacl test
# file: test
# owner: lenin
# group: acl
Kamalakkannan
user::rwx
user:karl:rw- #effective:rw-
group::rw- #effective:rw-
mask:rw-
other:r--
here
acl mask is assigned as rw-

and hence the user karl can modify the changes to the file named 'test'.
Since karl is given the permission.
eg:
# ls -l
-rwxrw-r--+ 1 lenin acl 150 May 13 11:58 test
A
here
A = + => indicates that the file 'test' is assigned with acl permissionship
# setfacl -d user::rw- test
To remove/delete the acl permissionship
eg # getfacl test | setfacl -f - /export/home/lenin/another

A B C D E
where
A = to get the acl entries of the file (test)
B = source file name (here : test)
C = to assign the acl entries
D = option -f to assingn the acl entries
E = the file name to which the acl entry has to be assigned.
Here the acl permissionship of the file "test" is assigned to the file
"/export/home/lenin/another"
To assign the acl permission of one file to another file.
eg: # getfacl another
# file: another
# owner: lenin
# group: acl
Kamalakkannan
user::rwx
user:karl:rw- #effective:rw-
group::rw- #effective:rw-
mask:rw-
other:r--
NAMING SERVICE

Kamalakkannan
NIS -> Network Information System
used to store the centralized user administration
works with same environment
LAN
DNS -> Domain Name System

WAN
LDAP -> Light Weight Directory Access Protocol

works with other environments too.
With ref to the diagram.

(1) -> whenever the user is trying to login to the system by issusing the
user login name and password system first go and check the enties to the
file /etc/nsswitch.conf.
nsswitch.conf -> Name Servcie SWITCH CONFiguration file.
it'll inform the system that the way how the user logins has to be searched.
For eg: first with nis server, then with local files and so on.
We are provided with number of templates for the naming service.

nsswitch.nis
nsswitch.nisplus
nsswitch.dns
nsswitch.ldap
(2) -> after reading the entry of the file, it moves and reads the file
/etc/hosts
(3) -> now it'll reaches the NIS server

(4) -> reads the database of the NIS server to permit the user logins.
/etc/passwd, /etc/shadow and some files will be checked and if the issued
login name exists in the database of the NIS server. The system responds
+ively.
(5) And it'll be redirected to the client to authenticante the login.
NIS SERVER CONFIGURATION STETS
1. # cp /etc/nsswitch.nis /etc/nsswitch.conf
2. # domainname aita.com
3. # domainname > /etc/defaultdomain
4. # cd /etc
5. # touch ethers bootparams locale timezone netgroup netmasks
6. # ypinit -m

Kamalakkannan
7. # /usr/lib/netsvc/yp/ypstart
# /usr/lib/netsvc/yp/ypstop
8. # ypcat hosts
9. # ypcat user5 passwd
10. # ypwhich
TO CONFIGURE NIS CLIENT:
1. # cp /etc/nsswitch.nis /etc/nsswitch.conf
2. # domainname accel.com
3. # domainname > /etc/defaultdomain
4. # ypinit -c
5. # /usr/lib/netsvc/up/ypstart
6. # ypwhich -m
TO UPDATE THE USER ADDITION:
1. # cd /var/yp
2. # /usr/ccs/bin/make
# ypwhich
will display the name of the NIS Master server
# ypmatch -k <user_name> passwd

# ypmatch -k shivan passwd
will display the entry for user "shivan" in the passwd database
# ypcat hosts
will display the hosts database
# ypinit -m
to initate the NIS Master server
# ypinit -c
to intiate it as a client when prompted for list of servers,
provides the server name.

Kamalakkannan
NIS search status codes:
SUCCESS - requested entry was found
UNAVAIL - source was unavailable
NOTFOUND - source contains no such entry
TRYAGAIN - source returned an
"I'm busy, try later' message
ACTIONS:
Continue - try the next source
Return - stop looking for an entry
Default Actions:
SUCCESS = return
UNAVAIL = continue
NOTFOUND = continue
TRAGAIN = continue
Note:
NOTFOUND = return
The next source in the list will only be searched if NIS is down or has been
disabled
Normally, a success indicated that the search is over and an unsuccessful

result indicates that the next source should be queried. There are
occassions, however when you want to stop searching when an
unsuccessful search result is returned.
Information handled by a name service includes,

1. system (host)names and address
2. User names
3. Passwords
4. Groups
5. Automounter configuration files
(auto.master, auto.home)
6. Access permisssions & RBAC database files
NOTE:
YP to NIS,
1. NIS was formerly known as SUN Yellow Pages (YP). The functionality of
the second NIS remains the same, only the same has changed.
2. NIS administration database are called MAPS.
3. NIS stored information about workstation names and addresses, users,

the network itself, and network services. This collection of network
information is reffered to as the NIS NAMESPACE.
4. Any system can be an NIS client, but only system with disks should be
NIS servers, whether master or slave.

Kamalakkannan
5. Servers are also clients of themselves.
6. The master copies of the maps are located on the NIS master server, in
the directory /var/yp/domain_name
7. Under <domain-name> directory each map is stored as 2 files.

a. mapname.dir
b. mapname.pag
/etc/bootparams:
1. Contains the path names that clients need during startup: root, swap and
possibly others.
/etc/ethers:
1. Contains system names and ethernet addresses. The system name in
the key - ethers.byname
2. Contains system names and etehnet addresses. The ethernet addresses
is the key in the map - ethers.byaddr
/etc/netgroup:
1. netgroup - contains groupname, username and system name. The
groupname is the key.
2. netgroup.byhost - contians the group name, user name and system

name is the key.
3. netgroup.byuser - contains the group name, user name and system

name. The username is the key.
/etc/netmask:
netmasks.byaddr - contains the network masks to be used with YP
subnetting. The address is the key.
/etc/timezone:
timezone.byname - contians the default timezone database. The timezone
name is the key.
/etc/shadow - agening.byname
/etc/security/auth_attr - authorization attributes for RBAC. contains the

autorizzation description database, part of RBAC.
/etc/auto_home - auto.home
Automounter file for home directory.
/etc/auto_master - auto.master
Master automounter map
/etc/security/exec_attr
Kamalakkannan
Contains execution profiles, part of RBAC
/etc/hosts
hosts.byaddr
hosts.byname
/etc/group
group.byid
group.byname
group.byaddr
/etc/usre_attr
contains the extended user attributes database, part of RBAC
/etc/security/prof_attr
Contains profile descriptions, part of RBAC
/etc/passwd
/etc/shadow
passwd.byname
passwd.byid
map.key.pag and map.key.dir
map - base name of the map

(hosts, passwd and so on...)
key - the map's sort key

(byname, byaddr and so on...)
pag - the map's data
dir - an index to the *.pag file
These above were some of the databases, files are reffered after activating
NIS. Still some more files and directories are there.
To construct a NIS slave server:
# ypinit -s
To delete the NIS server configuration:
1. Replace the file

# cp /etc/nsswitch.files /etc/nsswitch.conf
2. Remove the binding directory

# cd /var/yp
# rm -rf binding
Kamalakkannan
Note:
Make sure that the yp services are stopped.
# /usr/lib/netsvc/yp/ypstop
JUMP START
It’s a type of remote installation.

OS image will be kept in the server and the same is used to install in the
client side.
The important of jumpstart is that, we can implement with different arch.
ie. .. the server is installed with x86 (Solaris 10) and still we can have the
OS image of SPARC and install it to the client. The same can be done vice
versa.
I BOOT PROCESS:
1. Client issues a RARP broadcast request to the network

2. Server passes translated IP in RARP response
3. Client uses tftp to request its boot program
4 & 5. Server searches for a symbolic link point to a boot program.
Server returns
‘inetboot’ program.
6 & 7. Client runs inetboot program. Client sends a whoami reques.
8. Server looksup the hostname & responds to client
9. Client sends a getfile request
10. Server returns information obtained from ‘/etc/bootparams’ file
11. The inetboot program mount ‘/’ file system.
Kamalakkannan
12. Client loads its kernel and starts the init program
13. Client mounts the configuration directory & runs sysid tool
14. Client users boot params information to mount the initialization
directory
15. Client runs the SUNinstall program to install the operating
environment.
1. Bootprom is sending the RARP request to the local subnet.

2. in.rarpd runs in boot server. This daemon uses /etc/ethers and
/etc/inet/hosts file for configuring IP address for client.
3. tftp resides inside bootprom.
4. & 5. tftp request is handled by in.tftpd daemon. It searches for tftp-
boot directory for a
Symbolic link file that points to bootstrap program [inet boot].
6& 7. whoami request
8 rpc.bootparamd daemon looks for the client hostname
9 file -> to get location of the / (root) file system
10. Server sends /etc/bootparams
11. mount / file system
12. Loads kernel -> start init program
13. Configuration runs sysidtool
14. Mount init directory
15. SUNinstall runs
RARP - Reverse Address Resolution Protocol

ARP - Address Resolution Protocol
Custom Jumpstart:
1. Requires up-front work
2. The most efficient way to centralize and automate the operating system
installation at large enterprise
3. A way to install groups of similar system automatically and indentically.
Jumpstart:
1. Automatically install the Solaris software on SPARC based system just by
inserting the Solaris CD and powering on the system.
2. For new sparc systems shipped from Sun Mircrosystems, this is the
default method of installing the operating system.
Commands:
# ./setup_install_server
Sets up an install server to provide the OS to the client during the
jumpstart installation. This command is also used to setup a boot only
server when -b option is specified.
# ./add_to_install_server
A script that copies additional packages within a product tree on the Solaris
10 software and Solaris 10 languages CD's to the local disk on an existing
Kamalakkannan
install server.
#./add_install_client
A command that adds network installation information about a system to
an install or boot server's
/etc files so that the system can install over the network.
# ./rm_install_client
Removes jumpstart clients that were previously setup for network
installation
#./check
Validates the information in the rules file.
Componets of Jumpstart server:

1. Boot & Client identification service:
These services are provided by a networked boot server and provide the
information that a jumpstart client needs to boot using the network.
2. Installation services:
These are provided by a networked install server, which provides an image
of the Solaris OS environment the jumpstart client uses as its source of
data to install.
3. Configuartion services:
These are provided by networked configuration server and provide
information that a jumpstart client uses to partition disks and create file
systems, add/remove Solaris packages and perform other configuration
task.
The Boot Server:

1. Also called the Start-up server, is where the client system access the
startup files.
2. When a client is first turned on, it does not have an OS installed or an IP
address assigned, therfore, when the client is first started, the boot server
provides this information.
3. The boot server running the RARP daemon, in.rarpd, looks up the
Ehternet addresss in the /etc/ethers files, checks for corresponding name in
its /etc/hosts file, and passes the IPaddress back to the client.
Important files which boot server will lookup:
/etc/ethers
/etc/bootparams
/etc/dfs/dfstab
/etc/hosts
/tftpboot
/etc/ethers:
1. When the jumpstart client boots, it has no IP address; so it broadcasts its
Ethernet address to the network using RARP.
2. Boot server receives this request and attempts to match the client's
Kamalakkannan
Ethernet address with an entry in the local /etc/ethers file.
3. If a match is found, the client name is matched to an entry in the
/etc/hosts file. In response to the RARP request from the client, the boot
server sends the IP address from the /etc/hosts
file back to the client. The client continues the boot process using the
assigned IP address.
4. An entry for the jumpstart client must be created by editing the
/etc/ethers file or by using the add_install_client script.
/etc/bootparams:
1. Contains entries that network clients use for booting.
2. Jumpstart clients retrieve the information from this file by issuing
requests to server running rpc.bootparamd program.
/tftpboot:
1. When booting over the network, the jumpstart client's boot PROM makes
a RARP request, and when it receives a reply the PROM broadcasts a TFTP
request to fetch the inetboot file from any server that responds & executes
it.
The Install server:

1. The boot server and the install server typically the same system.
2. The install server is a networked system that provides Solaris 10 DVD/CD
images from which we can install Solaris 10 on another system on the
network.
The Configuration server:

1. The server that contains a jumpstart configuration directory is called a
configuration server. It is usually the same system as the install and boot
server, although it can be completely different server.
2. The configuration directory on the configuration server should be owned
by root and should have permissions set to 755 (by default).
3. The configuration directory has rules, rules.ok, class file, the check script
and the optional begin and install scripts.
Begin and Finish scripts:

1. A beign script is a user-defined BOURNE shell script, located in the
Jumpstart configuration directory on the configuration server, specifies
within the rules file, that performs tasks before the Solaris software is
installed on the system.
2. Output from the begin script goes to
/var/sadm/system/logs/begin.log
3. Begin script should be owned by root with default permission.
4. Finish scripts
/var/sadm/system/logs/finish.logs
II CONFIGURATION:
1. Boot service
2. Installation service
3. Identification service
4. Configuration service

Kamalakkannan
INSTALLATION SERVICE:
1. Create a directory with at least 5 GB of space for holding OS image.
For eg: # format

Create a slice s4 with 5 GB
# newfs /dev/rdsk/c0t0d0s0s4
# mkdir jstart
# mount /dev/dsk/c0t0d0s4 /jstart
# mkdir /jstart/install
2. Insert cd/dvd of Sun Solaris 10 OS

# cd /cdrom/cdrom0/Solaris-10/Tools
3. # . /setup_install_server /jstart/install
In the case of cd, insert the 2nd cd,

# cd /cdrom/cdrom0/Solaris_10/Tools
# . /add_to_install_server /jstart/install
INDENTIFICATION SERVICE
WTD – What to do?
1. Create a dir /jstart/config [It can be any directory].
2. Create a dir in the name of jumpstart client under above created
directory
/jstart/config/jclinet1 [optional]
3. Create a file ‘sysidcfg’ [File name should be sysidcfg].
4. Share the dir ‘sysidcfg’
HTD – How to do?

1. # mkdir /jstart/config
2. # mkdir /jstart/config/jclient1 [//jumpstart client 1//]
3. # cd /jstart/config/jclient1
4. # vi sysidcfg
network_interface=Primary
{
hostname=jclient1
netmask=255.0.0
protocol-ipv6=no
default_route=none [//gateway]
}
name_service=none
sercurity_policy=none
system_locale=en_us
timezone=Asia/Calcutta
timeserver=localhost
root_password=<copy_and_paste_from_the_etc/shadow_file>
5. # cat >> /etc/dfs/dfstab

share –F nfs –o ro /jstart/config/jclient1
Kamalakkannan
Crtl+d
6. # shareall
7. # svcadm enable nfs/server
8. # share [//to check whether the resources are shared]
CONFIGURATION SERVICE:
How the installation proceeds in Jumpstart clients
Provides information about
a. Installation type
b. System type
c. Disk partitions or file system
d. Cluster selection
e. Software package addition/deletion
WTD – What to do?

1. Create a profile under /jstart/config/jclient1 directory in any name
Note: Profile file is also known as class file.
2. Create rules file to choose the right profile for the client in the same
directory
3. Run the check script to get rules.ok file
HTD – How to do?

1. # vi /jstart/config/jclient1/prof1
install_type intial_install
system_type standalone
partitioning explicit [// It means manual layout]
filesys c0t2d0s0 7000 /
fielsys c0t2d0s1 512 swap
cluster SUNWCXall
package SUNWman delete
:wq!
Note:
In the case of X86 for partitioning
fdisk all solaris all
2. # vi /jstart/config/jclient/rules
#hostname <jumpstart_client> <Pre_script> <Profile_name>
<Post_script>
# any - - profilename -
hostname jclient1 – prof1 - -
Optional:
# vi /jstart/config/jlient1/PS1
#!/bin/sh
echo “Disabling auto power shutdown features & nfs4”
Kamalakkannan
touch /a/etc/Shutodown
touch /a/etc/.NFS4 inst_state.domain
:wq!
# chmod 555 PS1
3. # cd /jstart/install/Solaris_10/Misc/jumpstart_sample
4. # cp check /jstart/config/jclient1
5. # cd /jstart/config/jclient1
6. # . /check [It will verify the rules files. If the syntax is correct it created
rules.ok file]
BOOT SERVER
1. # vi /etc/ethers
# <mar_address> <jumpstar_client_name>
8:0:20:f9:54:50 jclient1
:wq!
2. # vi /etc/inet/hosts
<ip_address_jumpstart_client> <client_hostname>
100.0.0.1 jclient1
:wq!
3. # cd /jstart/install/Solaris_10/Tools
# . /add_install_client –C <js_server_name:profile> -P
<js_server_name:sysidcfg-path>
<client_name> <platform_group>
Eg:
# . /add_install-client –C 100.0.0.108:/jstart/config/jclient1 –P
100.0.0.108:/jstart/config/jclient1
jclient1 sun4u
Client side : Sparc

Ok boot net – install
In the case of Intel server:

Eg:
# . /add_install_client –d <mac.add> -S 100.0.0.1 /jstart/install

–C 100.0.0.1:/jstart/config/jclient2
-P 100.0.0.1:/jstart/config/jclient2 i86pc
TO TAKE THE OS IMAGE:

Kamalakkannan
1. Make sure that we have enough sapce to have the OS image.
Its recommened to have atleast 5 gb of space to have the OS image for
solaris 10. The image can be kept in any location.
1. # cd /cdrom/cdrom0/Solaris_10/Tools
2.a # ./setup_install_server /shivan
(In the case of DVD)
Only in the case of Cd,

2.b # ./add_install_server /shivan
TO ENABLE THE BOOT SERVICES:
1. Edit the following files

/etc/ethers
/etc/hosts
2. Ensure that the tftp server is enabled
CONFIGURING INDENTIFICATION SERVICES:

1. Create a dir /export/config (it can be any dir)
2. Create a dir in the name of the jumpstart client (to which os is going to
be installed. here we have taken node1 as the jumpstart client)
Contents of the dir includes,

# mkdir -p /export/config
# cd /export/config
# mkdir node1
# cd node1
Here node1 is the name of one our client machine to which we are going to
install. And its not mandatory to have the node name here.
3. Create a file sysidcfg.

NOTE:
The file name should be "sysidcfg"
The contents of the sysidcfg file
# vi sysidcfg
network_interface=primary
{
hostname=node1
netmask=255.0.0.0
protocol_ipv6=no
default_route=no
}
name_service=none
security_policy=none
system_locale=en_US
timezone=Asia/Calcutta
Kamalakkannan
timeserver=localhost
root_password= <copy the password from the /etc/shadow file>
:wq!
4. Edit the file /etc/dfs/dfstab

share -F nfs -o ro /export/config/node1
5. # shareall
CONFIGURATION SERVICES:
1. Create a profile file under /export/config/node1 ( in this scenario)

with any name
# vi /export/config/node1/profile1
the contents of the file:
install_type initial_install
system_type standalone
partitioning explicit //manual layout; if auto layout give "default"
filesys c0t0d0s0 7000 /
filesys c0t0d0s1 1000 swap
cluster SUNWCXall
package SUNWman delete //optional
:wq!
NOTE:
Make sure that the harddisk is correctly connected to the specified location
in the client.
2. Create rules file in the same location

# vi /export/congfig/node1/rules
contents of the file
hostname node1 - profile1 -
:wq!
3. Run the check script to get the rules.ok file

# cp /cdrom/cdrom0/Solaris_10/Misc/jumpstart_sample/check check
# ./check
This will verify the rules file and if the syntax is correct, it creates rules.ok
file.
Running add_install_client script:
# cd /export/install/Solaris_10/Tools
# ./add_install_script -c <js_server_name>:<profile_path> -p
<js_server_name>:
<sysidcfg_path> <client_name> <platform_group>
eg:
Kamalakkannan
# ./add_install_client -c aita:/export/config/node1 -p
aita:/export/config/node1 node1 sun4u
IN THE CLINET SIDE:
OK boot net - install
ROLE BASED ACCESS CONTROL [RBAC]
/etc/user_attr
Associates users and roles with authorizations and rights profiles.
/etc/security/prof_attr
Define profiles, lists the profile’s assigned authorizations, and identifies the
associated help file.
/etc/security/exec_attr
Defines the privileged operations assigned to a profile.
/etc/security/auth_attr
Defines authorizations and their attributes.

Kamalakkannan
Create a role named “sdown”.

# roleadd -u 5000 -g 10 -m -d /export/home/sdown sdown
# passwd sdown
Here sdown is the name of the logical user [name of the role]. Name of the
role can be any name.
Create the profile named Shut.

# vi /etc/security/prof_attr
Shut:::Able to Shutdown the system
Note:
A role can be mapped with multiple activities performed by a single profile.
Add the profile to the role.

# rolemod -P Shut,All sdown
Verify that the role is included in the “/etc/user_attr” file.

# more /etc/user_attr
Create a user named user10 and assign it access to the “sdown” role.
# useradd -u 4009 -g 10 -m -d /export/home/user10 -s /bin/ksh -R
sdown user10
# passwd user10
Check the role attributes for user10.

# grep user10 /etc/user_attr
Assign the “shutdown” command to the profile.

# vi /etc/security/exec_attr
Shut:suser:cmd:::/usr/sbin/shutdown:uid=0
Log in as user10.
From his login, shut down the system.
$ /usr/sbin/shutdown -i 6 -g 0
Will display error message
Determine which RBAC profiles are associated with the user10

$ profiles
Determine which roles are associated with user10.

Kamalakkannan
$ roles
Assume the role sdown

$ su sdown
Shut down the system by using “init” command.

$ /usr/sbin/init 0
Will display error message
List the commands that the sdown profile can execute.

$ profiles –l
Shut down the system using the “shutdown” command.

$ /usr/sbin/shutdown -i 6 -g 0
Will ask for confirmation
SVM – SOLARIS VOLUME MANAGER
BASIC COMMANDS USED FOR STORAGE SVM
SVM - Soloaris Volume Manager

Kamalakkannan
SDS - Solstice Disk Suite packages are required to implement SVM
SDS is provided by sun microsystems.
SUNWmd -> Solstice Disk Suite

SUNWmdg -> Solstice Disk Suite Tool
SUNWmdn -> Solstice Disk Suite Log Daemon
COMMANDS:
1. # metadb -> To create & delete replicas of the metadevice

state database
2. # metaclear -> To delete active metadevices and hot spare

spools
3. # metainit -> To configure meta devices
4. # metattach -> To attach a meta device
5. # metadetach -> To detach a meta device
6. # metastat -> To display status for metadevice or hot spare

spool
7. # metasync -> To handle metadevice resync during reboot
8. # metaonline -> To place submirrors online
9. # metaoffline -> To place submirrors offline
10. # metarecover -> TO recover soft partition information

( Scans a specified component to look for soft partition
configuration information and to regenerate the
configuration )
11. # metareplace -> To enable/replace components of submirrors/
12. # metaroot -> To setup system file for / (root)

NOTE: Edit the file /etc/vfstab & /etc/system
to make this working
13. # metaparam -> To modify the parameters of meta devices
14. # growfs -> To non-desctructively expand a UFS-file system
15. # metahs -> To manage hot spares & hot spare spool
ADVANTAGES OF SVM:
Kamalakkannan
Provides 3 major functionalities:
1. Overcome the disk size limitation by providing for joining of multiple disk
slices to form a bigger volume.
2. fault tolerance by allowing mirroring of data from one disk to another

and keeping parity information in Raid5.
3. Performance enhancements by allowing spreading of the data.
RAID 0: Concatenation & Stipping
1. Joining of 2 or more disk slices to add up the disk space
2. Serial in nature. ie., sequential data operation are performed serialy on

first disk then second disk and so on..
3. Due to serial in nature new slices can be added up without having to

take the backup of entire concatenated volume.
4. the address space is contigueous - datas will be stored volume by

voleme.
5. No fault tolerance
6. size of the volume = sum of the all physical components in

that volume
STRIPPING:
1. Spreading of data over multiple disk drives mainly to enhance the
performance by distributing the data.
2. Data is divided into equal sized chunks. By default 16 KB

chunks = interlace
3. Interlace value tells disk suite how much of data is placed on a

component before moving to the next component of the stripe
NOTE:
We can use a concatenated/stripped metadevce for any file system with
the exception of / (root), /usr/, /var and /opt or any file system accessed
during a Solaris install

Kamalakkannan
4. Because the data is spread across a stripe, we gain increased
performance as read/write are spread across multiple disk.
5. Size of the volume = n x smallest size of physical component in tha

volume.
MIRRORING:
1. Write performance is slow
2. Provide faults tolerance
3. Provides data redundancy by simultaneously writing data on to two sub

mirrors
NOTE:
Meta mirror is a special type of meta device made up of one or

more other meta devices. Each meta device within in a meta mirror
is called a SUB-MIRROR.
4. Meta mirror can be defined by using metainit.

a. Additional sub-mirrors can be added at later stage without
bringing the system down or disrupting writes & reads to
existing meta mirror.
b. `metattach` is used, which attaches a sub-mirror to a meta

mirror.
c. When attached, all the data from another sub-mirror in the

meta mirror is automatically written to the newly attached
sub-mirror. This is called RESYNCING.
5. Once meattach is performed, the submirror remain attached (even when
the system is rebooted)
UFS LOGGING (METATRANS):
1. Recording file system changes to the log device & then writes to them
to master device.
2. Used to maintain the file system integrity
3. A pseudo device called, the METATRANS is responsible for managing

the contents of the log of file system updates.
a. Like other meta devices, the metatrans behaves the same as an
ordinary disk device
b. Made up of 2 sub-devices
1. Master device
Kamalakkannan
2. Logging device
4. These can be disk partition, meta devices & meta mirrors
5. Logging device contains

a. Log of file system updates
b. consists of sequence of records, each describes a change to a
file system
6. Master device contains an existing or a newly created UFS file system
RAID 5:
1. Provides fault tolerance
2. Data redundancy
3. Uses less space when compared with mirroring (Raid 1)
4. Data is divided into stripes & the parity is calculated from the data,
than they are stored in such a manner, parity is distributed (rotated)
5. Size of the volume= (n-1) x smallest physical volume

for eg: let's consider n-3. Then,
= 3-1 x 300
= 2 x 300 = 600
6. Minimum 3 hard disk is required

Kamalakkannan
HOT SPARE:
1. Disk suite's hot sapre facility automatically replaces failed sub-

mirror/ Raid components, provided that a spare component is available
and reserved.
2. Are temporary fixes, used until failed components are either repaired
or replaced.
HOTSPARE POOL:
1. Is a collection of slices reserved by Disk Suite to be automatically

substituted in case of a slice failure in either a sub-mirror or
Raid-5 meta device.
2. May be allocated, deallocated or reassigned at anytime unless a slice

in that hot spare pool is being used to replace damaged slice of its
associated meta device.
SOFT PARTITION:
1. Logical partition
2. Dividing logical partitions into number of partitions
NOTE:
Expanding mounted file system:
1. Can expan mounted/unmounted UFS file system with the disk suite
concatenation facilities & the `growfs' command.
2. Expansion can be performed without bringing down the system or

performing a backup
3. Mounted/Unmounted file system can be expanded upto the new size of

the meta device on which the file system resides.
4. Once the file system is expaned it CANNOT be SHRINKED.
SYSTEM FILES ASSOCIATED WITH DISK SUITE:

Kamalakkannan
1. 3 system files
2. a. /etc/lvm/md.tab
b. /etc/lvm/md.cf
c. /etc/lvm/mddb.cf
3. /etc/lvm/md.tab
a. used by metainit & metadb commands as a workspace file
b. each meata device may have a unique entry
c. used only when creating meta devices, hot spare/database
replicas
d. not automatically updated by disk suite utilities
e. have little or no correspondence with actual meta devices, hot
sapres or replicas
f. The output from this file is similar to that displayed when
# metastat -p command
g. # metainit -a => command updates this file
4. /etc/lvm/md.cf
a. automatically updated whenever the configuration is changed
b. basically a disaster recovery file and should NEVER BE EDITED
NOTE:
c. the md.cf file DOES NOT get updated when hot sapring occurs
d. should never be used blindly after a disaster. Be sure to
examine the file first.
5. /etc/lvm/mddb.cf
a. created whenever the `metadb` command is run and is used by
`metainit` to find locations of the meta device state data
base
b. NEVER EDIT this file
c. each meta device state database replica has a unique entry in
this file
NOTE:
d. an entry is made in the mddb.cf file that tells the location
of all the state databases
e. the identical information is edited in the `/etc/system` file
NOTE:
/kernel/drv/md.conf
1. used by the metadisk driver, when it is initially loaded.
2. the only modifiable field in th file is "md"

md -> represents the number of meta devices supported by the
driver
3. if the field is modified, perform reconfiguration boot to build meta

devices (ok boot -r)

Kamalakkannan
4. if the "nmd" is lowered, any metadevice existing between the old
number and the new number MAY NOT PERSIST ENT
5. default: 128 supported upto: 1024
6. if larger number of metadevices are added, performance degradation

will happen
7. if larger meta devices are added replica/state database has to be

increased
META DEVICE:
1. a virtaul device composed of servel physical devices - slices/disks
2. the basic functional unix of the meta disk driver
3. provide increased capacity, higher availabilty & better performance
4. standard meta device name begins with "d" & is followed by a number
for eg: d10, d100
a. by default 128 unique meta devices in the range between
0 and 127
b. additional meta devices can be added
5. meta device names are located in /dev/md/dsk and /dev/md/rdsk
STATE DATABASE / REPLICA / META DATA BASE / md:
1. provides the non-volatile storage necessary to keep track of

configuration & status information for all meta devices, meta mirrrors
2. also keep track of error conditions that have occured
3. when the state database is updated each replica is modified one at a

time
4. needs dedicated disk slice
5. has to be created before the logical device is created
6. minimum 3 databases have to be created
7. N/2 replica is required for the running system
8. N/2+1 replica is required, when the system is rebooted
9. size of one replice is 4mb.

Kamalakkannan
OPERATIONS PERFORMED ON META DEVICES:
1. Mount the meta device on a directory
2. Unmount the meta device
3. copy the files to the meta device
4. Read & writes the files from and to the meta device
5. ufsdump & ufsrestore the meta device
CREATING A MIRROR:
1. A mirror is a meta device composed of one or more sub-mirrors
SUB_MIRROR:
a. Is made of one or more striped or concatenated meta devices
b. Each meta device within a meta mirror is called a SUB MIRROR
2. Mirroring data providesus with maximum data availabilty by maintaing

multiple copies of one data.
3. The system must contain atleast 3 replica/meta state database

replicas before creating mirrors
4. Any file system including /, swap and /usr or any application such
as database can be use a mirror.
5. An error on a component does not cause the entire mirror to fail.
6. To get maximum protection & performance, place mirrored (mirrors)

metadevices on different physical components (disks) and on different disk
controllers. Since the primary purpose of mirroring is to maintain
availability of data, defiining mirrored meta devices on the same disk is
NOT RECOMMENDED.
7. When mirroring existing file system/data, be sure that the existing data
is contianed on the submirror initially defined with the meta mirror. When
second sub-mirrot is subsequently attached, data from the initital submirror
is copied on to the attached sub-mirror.
WTD - What To Do?
1. Create a simple meta device (for eg: 1 stripe - 1 slice)
2. Create another simple metadevice (for eg: 1 stripe - 1 slice)
3. Create a mirror metadevice and associate with one meta device (adding
first sub-mirror)
4. Attach another metadevice with mirror meta device (adding second sub-
Kamalakkannan
mirror)
5. Create file system on mirrored meta device
6. Mount the mirrored meta device
7. access the meta device
EXAMPLE _ HTD - How To Do?
1. # metainit d10 1 1 c0t1d0s3
3. # metainit d30 -m d10

Here, converting d10 into d30 as mirror
d30 => mirror

d10 => sub-mirror
4. # metattach d30 d20

Here
d20 => second sub-mirror
5. # metastat | grep %
To check the sync status
6. # newfs /dev/md/rdsk/d30
# mkdir /mirror
# mount /dev/md/dsk/d30 /mirror
# cd /mirror
NOTE:
1. Sync will happen after attaching to the mirror.
2. When `metattach` command is not used to attached the additional sub-

mirrors, no resync operation occurs.
3. Slice has to be with same size & gemotery, if not greater than the source
size.
BREAKING THE MIRROR:
WTD:
1. Detach the sub-mirror from the mirror (unmounted)
2. Clear the mirror, sub-mirror metadevice
3. Mount the individual slice, the same data will be available in both
physical components.
Kamalakkannan
HTD:
1. # metadetach <mirror> <sub-mirror>
# metadetach d30 d20
2. metaclear d20 => removes the metadevice d20
3. # metaclear -r d30 => removes both the mirror d30 & the sub-mirror
d10
4. # mkdir /mdisk1 /mdisk2

# mount /dev/dsk/c0t1d0s3
# mount /dev/dsk/c0t2d0s3
REPLACING THE FAILED DISK:

1. If any sub-mirrot fails, still data can be accessed using mirror device
2. Suppose if we remove one disk which contans the 2nd sub-mirror, still
we can access the data
3. But the state of 2nd sub-mirror will be OKAY in the output of

'metastat' command, till we create any new file/modifications in the mirror.
After the changes are done, the state will be changed to "maintenance"
REPLACING THE FAILED DISK WITH DIFFERENT TARGET:

# metareplace <mirror-device> <failed_slice> <new-slice>
# metareplace d30 c0t1d0s3 c0t3d0s5
REPLACING THE FAILED DISK IN THE SAME

TARGET/LOCATION/DESTINATION:
1. # metareplace -e d30 c0t1d0s3 c0t1d0s3

Kamalakkannan
MIRRORING A MOUNTED FILE SYSTEM:
Here d15 c0t1d0s5 -> is mounted as /export/home
1. # metainit -f d15 1 1 c0t1d0s5

where
-f => forecefully
d15 -> metadevice
1 -> 1 stripe
1 -> 1 slice
NOTE:
The size & gemotery has to be same or with greater size than the
source disk.
3. # metainit d35 -m d15 -> converting d15 as mirror
4. # metattach d35 d25 -> adding the second sub-mirror
NOTE:
1. Dont'f format or create the file system
2. Edit the file /etc/vfstab

/dev/md/dsk/d35 - /export/home
SOFT PARTITION:
1. Dividing one logical componet into many soft partitions. It can be laid out
over physical disk/mirror/Raid-5
# metainit d5 1 1 c0t11d0s6 => size of slice6 is 6g
# metainit d61 -p d5 1g => soft partition d61 size is 1g
# metainit d62 -p d5 1g
# metainit d63 -p d5 1g
# metaclear d61 => removes soft parition
# metaclear -p d5 -> removes all soft partitions from d5

Kamalakkannan
# metaclear d5 -> removes the logical meta device
HOT SPARE
1. Hotspare facility included with DISK Suite allows automatic replacement

of failed submirror/Raid-5 components, provided space components are
available & reserved.
2. B'coz component replacement & resyncing of failed component is

automatic.
3. A hotsapce is a component that is running (but not being used) which

can be substituted fro a broken component in a sub-mirrot of a two or three
way metamirrot or RAID device.
NOTE:
4. Failed components are a one-way meta mirror cannot be replaced by a
hotspare.
5. Components designanated as a hotsapres cannot be used in submirrots

or another metadevice in the `md.tab` file. Thye must remain ready for
immediate use in the event of a compoenet failure.
HOT SPARE STATES:
1. 3 staes
a. available
b. in-use
c. broken
a. Available:
Available hotspares are running and ready to accept data, but are
not currently being written to or read from.
b. In-use:
In-use hot spares are currenty being written to and read from
c. Broken:
Broken hotspares are out of service.
A hot spare is placed in the broken state when an I/O error occurs
2. The number of hot spare pools is limited to 1000.
DEFINING HOT SAPRE:

1. Hot sapre pools are named `hspnnn` where `nnn` is a number in the
range 000-999
2. A meta device cannot be configured as a hot sapre
3. Once the hot spare pools are defined & associated with a sub mirror, the
Kamalakkannan
hot sapres are àvailable` for use. If a component failure occurs, disk
suite seaches through the list of hot spares in the assigned pool and selects
the first "avialable" co,ponent that is equal or greater in disk capacity.
4. If a hot spare of adequate size is found, the hot sapre`s state changes to
"in-use" and a resync operation is automatically performed. The resync
operation brings the hot spare into sync with other sub-mirrors.
5. If a componet of adequate size is not found, the sub mirror that failed is
considered èrrored` and the portion of the sub mirror no longer replicated
the data.
HOT SPARE CONDITIONS TO AVOID:
1. Associating hot spares of the wrong size with sub mirror. This condition
occurs when hot sapre pools are defined and associated with a sub mirror
& none of the hot spares in the hot sapre pool are equal to or greater than
the smallest component in the sub mirror.
2. Having all the hot sapre within the hot spare pool in use.
In this case immediate action is required.
a. 2 possible solutions
1. first is to add additional hot spare
2. To repair some of the components that have been hot spare
replaced
NOTE:
If all the hot spare are in use and a sub mirror fails due to errors, that
portion of the mirror will no longer be replicated.
MANIPULATING HOT SPARE POOLS:
1. # metahs
-> adding hot spares to hot spare spools
-> deleting hot spares from the hot spare spool;
-> replacing hot spares in hot spare pools
-> enabling hot spare
-> checking the status of the hot spare
ADDING HOT SPARE:

CREATING A HOT SPARE SPOOL
1. # metainit hsp000 c0t2d0s5

Creates a hot spare device with the name `hsp000`
2. # metainit <hotspare-pool-name> <component1> <component3>

<component3>
# metainit hsp000 c0t1d0s6 c0t2d0s6 c0t4d0s7
(or)
# metahs -a hsp000 c0t1d0s6 c0t2d0s6 c0t4d0s7
Kamalakkannan
-a => to add
-i => to obtian the information
DELETING HOT SAPRE:
1. Hot spares can be deleted from any or all the hot spare pools to which
they have been associated.
2. When a hot sapre is delted from a hot spare pool, the position of the
remining hot spare changes to reflect the new position. For eg, if the
second of three hot spares in a hot spare spool is deleted, th 3rd hot spare
moves to the second position.
3. # metahs -d hsp000 c0t11d0s6

-> removing slice form the hot spare spool
-d -> to delete
4. REMOVING HOT SPARE POOL:

NOTE:
Before removing hot sapre pool, remove all the hot spare form the pool
using `metahs` with -d option and provide hot spare name.
# metahs -d <pool-name> <spare-name>

-> deletes only the spare
# metahs -d <hsp-name>
-> to delete the hot spare pool.
REPLACING HOT SPARE:

NOTE:
1. Hot spares that are in the ìn-use` state cannot be replaced by other hot
spare.
2. The order of hot spares in the hot spare pool is not changed when the
replacemebt occurs.
3. # metahs -r <hsp-pool-name> <old-slice> <new-slice>

# metahs -r hsp000 c0t10d0s4 c0t11d0s5
here t11s5 replaces t10s4
ASSOCIATING THE HOT SPARE POOL WITH SUB-MIRROT/ RAID-5

META DEVICE:
1. # metaparam -> modifies the parameters of the meta devices
Syn:# metaparam -h <hot-spare-pool-name> <sub-mirror/raid-5

meta device>
# metaparam -h hsp000 d101
# metaparam -h hsp000 d102
NOTE:
Kamalakkannan
Where d101 and d102 submirrors of d103 mirror
where
-h => specifies the hot spare pool to be used by a metadevice
DISSOCIATING THE HOT SPARE POOL WITH SUB-MIRROR/RAID-5

META DIVICE:
Syn: # metaparam -h none <sub-mirror/raid-5/metadevice>
# metaparam -h none d101
# metaparam -h none d102
where,
none - specifies the meta device is disassociated with the hot spare pool
associated to t11
# metahs -d hsp000 c0t2d0s5 c0t2d0s6
# metahs -d hsp000
# metaclear d100
# metadetach d15 d12
# metaclear d12
# metaclear -r d15
To view status of hot spare pool:
# metahs -i
NOTE:
Suppose the failed disk is going to be replaced to free up hot spare.
# metadevadm -> updates the meta device information

-u => 1. obtian the device ID associated with the disk specifier.
This option is used when, a disk drive has had its device is changed during
a firmware upgrade or due to chaning conroller of a storage.
-v => execution in verbose mode. Has no effect when used with `-u`
option. Verbose is default.
# metadevadm -v -u <hot spare component>

Updating device information
# metadevadm -v -u c0t11d0s4
# metareplace -e d103 c0t10d0s5

To replace in the same destination
1. now hot spare will be avilable
Kamalakkannan
2. status of the spare disk will change from ìn-use` to àvilable`
RAID-5:
# metainit <meta-device-name> -r <component1> <component2>

<component3>
# metainit d100 -r c0t0d0s4 c0t1d0s4 c0t2d0s4

where
-r => specified that the configuration is RAID-5
# metastat | grep % ( to view the sync0
UFS LOGGING:
1. Recording the changes to the file system to logging devie & then
updation the same to master device
2. metatrans device = master device + logging device

-> master device with 500mb as example

-> logging metadevice 1mb for 100mb.
for eg 20mb.
NOTE:
Size of logging device should not be more than 64 mb.
# metainit <meta_trans-device> -t <master-meta-device> <log-meta-

devie>
# metainit d13 -t d11 d12
# newfs /dev/md/rdsk/d13
EXPANDING A FILE SYSTEM:

NOTE:
1. Once a file system is expanded it cannot be shrink.
2. Aborting a `growfs` command may cause a temporary loss of free sapce.

The space can be recovered using `fsck` command after the file syste, is
unmounted using ùmount`.
3. 'growfs' command non-destructively expands a file system upto the size

of the file system's physical device or meta device.
4. 'growfs' write locks the file system when expanding a mounted file
system. Access times are not kept whilel the file system is write-protected.
Kamalakkannan
The 'lockfs' command can be used to check the file system lock status
and unlock the file system in the unlikely even that 'growfs' aborts without
unlocking the file system.
5. We can perform,
a. expanding a non-meta device component
b. expanding a mounted file system
c. expanding a mounted file system to an existing meta mirror
d. expanding an unmounted file system
e. expanding a mounted file system using stripes
f. 'growfs'
1. attach the disk space
2. grow the disk space
# newfs /dev/rdsk/c0t10d0s3
# mkdir /expand
# mount /dev/dsk/c0t10d0s3 /expand
# metainit -f d100 1 1 c0t10d0s3 => dont format
# umount /expand
# mount /dev/md/dsk/d100 /expand
# metattach d100 c0t10d0s6 => new slice6 is attaced tp d100
# growfs -M /expand /dev/md/rdsk/d100 => raw disk is expanded
GROWING A MIRROR:
1. Attach each individual componet to each sub mirror.
2. Grow the mirror
# metainit d21 1 1 c0t10d0s3 // 400mb-c0t10d0s3

# metainit d22 1 1 c0t11d0s3 // 400mb-c0t11d0s3
# metainit d23 -m d21 // one-way sub-mirror
# metattach d23 d22 //two-way sub-mirror
# mkdir /mirror
# mount /dev/md/dsk/d23 /mirror
#metattach d21 c0t10d0s4
Attaching disk space 400mb to sub mirror
# metattach d22 c0t11d0s4
attaching disk space 400mb to sub mirror
# growfs -M /mirror /dev/md/rdsk/d23
mirror will be expanded to 800 mb
# df -h
GROWING RAID-5 DEVICE:
# metainit d75 -r c0t10d0s3 c0t10d0s4 c0t11d0s3 // each with 400mb

#mkdir /raid5
# mount /dev/md/dsk/d75 /raid5
# metattach d75 c0t11d0s6
slice size is 500mb, but it`ll take only 400mb
# growfs -M raid5 /dev/md/rdsk/d75
-M => directory name. The file system to be expanded is mounted on
Kamalakkannan
directory name. file system locking will be used.
# df -h
NOTE:
The newly attached slice will have only data. It won't be used for storing
parity information.
SVM – Solaris Volume Manager
OPTIONAL:
The following file can also be edited to create meta state database / replica
and meta devices too.
File:
md.tab
Edit:
mddb01 -c3 c0t1d0s3 c0t2d0s3 c0t3d0s3
:wq!
# metadb –a –f mddb01
In the above eg, 3 state database/replicas are stored on each of the 3

components. Once the above entry is made to the file md.tab file,
“metadb” command must be run with both the –a & -f options.
RAID-0
Concatenation with stripping:
d10 1 3 c0t3d0s3 c0t4d0s5 c0t5d0s5
:wq!
# metainit –n d10
NOTE:
# metainit –n -> to verify that the information in the md.tab file is
accurate.
-n option enables us tot check our entry
# metainit d10
If the configuration is accurate, run ‘metainit’ to begin using the striped

meta device
Mirroring concatenation of two components

Kamalakkannan
RAID-1
/dev/md/dsk/d50 -m /dev/md/dsk/d1
/dev/md/dsk/d1 2 1 c0t0d0s5 1 c0t1d0s6
Or
/dev/md/dsk/d1 2 1 /dev/dsk/c0t0d0s5
1 /dev/dsk/c0t0d0s6
/dev/md/dsk/d2 2 1 c0t0d0s6 1 c0t1d0s7
# metainit –a
-a -> to activate
# metattach d50 d2
RAID-5
d100 -r c0t0d0s5 c0t3d0s5 c0t5d0s5 -i 20k
where
-i -> interlace size, which is optional
HOTSPARE:
d10 -m d20
d20 1 1 c1t0d0s3 -h hsp000
d30 1 1 c2t2d0s3 -h hsp001
d40 1 1 c2t5d0s3 -h hsp002
hsp000 c2t2dos3 c2t2d0s4 c2t2d0s5

hsp001 c0t2d0s3 c0t2d0s4 c0t2d0s5
hsp002 c0t5dos3 c0t5d0s4 c0t5d0s5
VERITAS VOLUME MANAGER
STORAGE FOUNDATION SPECIALIST FOR UNIX 250-250
Is a storage management software used to manage volumes, to manage

data.

Kamalakkannan
How data are stored?
Hard disks are formatted and information are stored using 2

methods.
7. Physical storage layout
2.Logical storage layout
Vxvm uses both the physical objects and virtual objects to handle the
storage management.
PHYSICAL DISK / PHYSICAL OBJECT: are hardware with block and

raw OS device interfaces that are used to store the data.
VIRTUAL OBJECTS:
1.When one or more physical disks are brought under the control of
veritas, it creates virtual objects called VOLUME, on those physical
disks.
2.Volumes and their physical components are called virtual objects or
vxvm objects.
NOTE:
Vxvm control is accomplished only of vxvm takes control of the physical
disk and the disk is not under the control of another storage manager such
as SVM.
Before the disk can be brought under vxvm control, the disk must be
accessible through the operating system device interface.
Vxvm is layered on top of the OS interface services and is dependent upon

how the OS access physical disks.
Vxvm is dependent upon the OS for the following functionality:
1.OS disk devices

2.Device handles
Virtual Data Storage:
Volume Manager creates a virtual layer of data storage.
1.Virtual storage object that is visible to users and application is called

a VOLUME.
2.A volume is a virtual object, created by vxvm that stores the data.
3.Made up of space from one or more physical disks on which the data
is physically stored.
4.Volume manager volume appears to applications to be physical disk

partitions.
Kamalakkannan
5.All users and applications access volumes as contiguous address
space using special device files in a manner similar to accessing a
disk partition.
6.Volumes have block & character device nodes in the /dev tree.
For eg: /dev/vx/( r ) dsk/..
Figure1:
VOLUME MANAGER CONTROL:
When we place a disk under vxvm control, a CDS disk layout is used,
which ensures that the disk is accessible on different platforms,
regardless of platforms on which disk was initialized.
Figure 2:
Comparing CDS & Sliced disks
CDS SLICED DISKS

1. Private region (meta data) and public region 1. Private region & public region are created on
(user data) are created on a single partition. separate partitions. For eg at 3 and 4
2. Suitable for moving between different 2. Not suitable for moving between the
operating system. different operating system.
3. Not suitable for boot partitions. 3. Suitable for boot partitions.
Note:
1.CDS (Common Disk Layout) disks have specific disk layout
requirement that enable a comman disk layout across different
platforms, and these requirements are not compatible with the
particular platform specific requirement of boot devices.
( CDS requires a Vertias Storage Foundation License)
2. And therefore, when placing a boot disk under volume. manager

control, we must use a SLICED DISK layout
LOGICAL OBJECTS:
1.vmdisk
2.disk group
3.sub dis
4.plex
5.volume
PHYSICAL OBJECTS:
1.Controllers
2.Disks
Kamalakkannan
VMDISK:
1.When a disk is brought under the control of vxvm that disk is called
VMDISK.
2.Can bring the disk under vxvm by 2 methods.
a. Intialization:
1. Intialize the disk as vmdisk
2. The entire data on the disk will be overwritten, ie.,
the data in the disk will be destroyed.
b. Encapsulation:
1. When a disk is brought under the control of vxvm
with encapsulation, all the data (partition) in the
disk will be preserved.
3.Upto 31 characters.
DISK GROUP:
1. Is a collectionn of voulme manager disks that have been put together

into a logical grouping.
2. Grouping of disk is for management purpose, such as to hold the data for
a spefic application or set of applications.
3. Voulme managerobjects CANNOT span disk groups. For eg: volumes

SUB-DISKS, PLEXES and disk must be derived from the same disk group.
Can create additional disk group as necessary.
4. Disk group ease the use of devices in a high availability environmen,

because a disk group and its componetnts can be moved as a unit from the
host machine to another.
SUB-DISKS:
1. Volume manager disk can be dividied into one or more sub-disks.

2. Is a collection of contiguous blocks that represent a specific portion of a
volume manager disk, which is mapped to a specific regions of physical
disk.
3. Is a subsection of a disk's public region.
4. Is the smallest unit of storage in volume manager.
5. Conceptually, a sub-disk is similar to a partition.
6. Max size of a sub-disk is the size of the vxdisk.
7. Can create 4096 sub-disks/vmdisk.
8. Sub-disk cannot be shared amoung two plexes.
PLEX:
1. Voulume manager uses sub-disks to build virtual objects called

PLEXES.
2. Is a structured or ordered collection on sub-disks from one or more
vmdisk.
Kamalakkannan
3. Cannot be shared by 2 volumes.
4. Maximum number of plexes per volumes is 32
5. Between 2 plexes of same volume mirroring occurs by default.
6. Can have minimum one sub-disk and maximum of 4096 sub-disks
7. 3 types of plexes
a. Complete plex: holds a complete copy of a volume
b. Log plex: dedicated to logging
c. Sparse plex: 1. which is not a compelete copy of the
volume
2. Sparse plexes are not used in newer
versions fo voulme manager.
8. Can organixe data on sub-disks to form a plex by using the following
a. Concatenation
b. Striping
c. Mirroring
d. Striping with parity
VOLUME:
1. Is a collection of plexes
2. Is a virtual storage device that is used by applications in a manner
smimilar to physical disk. Due to its virtua in nature a volume is not
restricted by the physical disk size constraints that apply to physical disk.
3. Volume can be as large as the total sum of avialable unreesrved free
physical disk space
4. Minimum of plex in a volume is 1.
Maximum of plexes in a volume is 32.
5. Size of the volume is the size of the least plex.
6. Maximum size of a volume is a size of the disk group.
FIGURE 3:
DAEMONS:
1. vxconfigd - main configuration daemon of vxvm
reponsible for maintaining the vmdisk & disk group
information
2. vxreload - reponsible for hot relocation
3. vxsus - requires open VEA (Veritas Enterprise Adminstrator)
4. vxnotify - reponsible for notifying device object failure
5. vxoid - provides I/O operations
PACKAGE NAME:
1. VRTSvlic - licensing utilities

Kamalakkannan
2. VRTSvxvm - vxvm binaries
3. VRTSob - VEA service
4. VRTSfspro - File system service provider
5. VRTSfsman
6. VRTSvxman - manual pages
7. VRTSobgui - VEA graphical user interface
8. VRTSVmpro - Diks management service provider
9. VRTSvxfs - VXFS software and manual pages.
TO SET THE ENVIRONMENT VARIABLES

(Ater installation of the vxvm)
Edit the file /etc/profile
PATH=$PATH:/opt/VRTS/bin:/etc/vx/bin
MANPATH=$MANPATH:/opt/VRTS/man
export PATH MANPATH
:wq!
# ./etc/profile
# echo $PATH
# echo $MANPATH
NOTE:
MOst commands are located in
1. /etc/vx/bin
2. /usr/sbin
3. /usr/lib/vxvm/bin
INSTALLING THE VERITAS PRODUCTS:

1. Can install by running the script from the cdrom
2. Can install the required package manually by # pkgadd command.
NOTE:
While adding the package manually please ensure the following;
1. ensure teh packages are installed in the correct order
2. always install VRTSvlic first
3. always install the VRTSvxvm package before other vxvm packages.
4. documentation and manual pages are optional
5. After installing the package, using OS specific commands, run vxinstall
to configure vxvm for the first time.
# vxinstall -> to install license key.
Verifying package installaion:
# pkginfo -l VRTSvxvm
vxinstall:
Kamalakkannan
1. is an interactive program that guides through the initial vxvm
configuration
2. the main steps in vxinstall process are
a. entering the license key
b. select the naming method
1. enclosure based naming
2. traditional naming
3. if desired, set up a system-wide default disk group
Enclosure based naming:

a. os independent
b. Is based on the enclosure
c. can be customized to make names meaningful
Traditional based naming:

a. operating system dependent
b. based on physical connectivity information
Solaris: /dev/(r)dsk/c0t0d0s2
VXVM user interfaces:

1. Supports 3 user interfaces
a. VEA - a gui based, that provides access through
icons, menus, wizards and dialog boxes.
b. CLI - unix utilities that invoked from the command
line
c. vxdiskadm - a menu driven, text based interface also
invoked from the command line
NOTE:
vxdiskadm only provides access to certain disk and disk group
management functions.
Disk configuration stages:

1. Has 3 stages
a. Intialize the disk
b. Assing the disk to the disk group
c. assign disk space to the volumes
2. Intialize the disk : Stage 1

a. This occur after the disk is detected by the OS
b. When the disk is initalized, the public & private regions are
created, and the volume manager disk header information is written to the
private region.
c. An initalized disk is placed under vxvm free disk pool.
i. The vxvm free disk pool contains disk that have been initialized
but have not yet assigned to a ddisk group.
3. ASSIGN DISK TO THE DISK GROUP : STAGE 2:

a. vxvm assigns the disk name to the diks and maps this name to
Kamalakkannan
the disk access name.
i. a disk name/ disk media name is the logical
name assigned to the device by vxvm.
ii. vxvm uses this name to identify the disk for
volume operations, such as volume creation &
mirroring.
iii. a disk access record maps the physical
location to the logical name and represents
the link between the disk media and the disk
access name.
b. When a disk is added to the diks group, the media name, diks
access name, the host name and the disk configuration are all written to
the private region of the disk.
4. TO CREATE A VOLUME: STAGE 3:

a. when we create a volume, space in the public region of a disk is
assigned ot the volumes.
Figure4 ( leave a complete page)
CREATING A DISK GROUP:

1. To create a disk group, first wer have to add a disk to a disk group
2. can add a single or multiple disk
3. cannot add a disk to more that one disk group
4. default disk mediia names vary with the interface used to add to a disk
group, but are conventionally in the format
diskgroup##
such as datadg00, datadg01, datadg02 and os on...
5. disk media names must be unique within a disk group.
6. adding disks to a disk group provides additional storage capacity for
creating volumes. adding a disk to a disk group makes the disk space
avialble for use in creating vxvm volume.
CLI:
COMMANDS:
1. # vxdiskadm - used to add or initialize one or more disks, encapsulate

one or more disks, remove disk, remove a disk for replacement, replace a
failed or removed disk, more volumes from a disk, enable access (import)
Kamalakkannan
to a disk group, remoce access (deport) to a disk group, enable
(online) a disk device, disable (offline) a disk device, mark a disk as a spare
for a disk group, turn-off the spare flag on a diks , list disk informations.
2. # vxassist - Utility used to create volume, add mirrors & logs to existing
volumes, exten & shrink the existing volumes, provides the migration of
data from a specified set of disks & provides facilities for the online backup
of existing volumes.
SYNTAX:
# vxassist <option> <keyword> <volume_name> [attributes]
OPTIONS:
-g => to specify the disk group
-b -> background option
-d => file containing defaults for vxassist if not specified,
/etc/default/vxassist is used.
KEYWORD:
make, mirror, growto, growby, shirkby, shrinkto, snapshot, snapstart,
snapwait
ATTRIBUTES:
specifies volume layout, sik controller to include, excluede etc.,
3. # vxdisk - to see the parameters of disks
4. # vxdg - to perform disk group operation
5. # vxdisksetup - ti intialize the setup
6. # vxdiskunsetup - to un-intialialize the setup
7. # vxsd - to perform sub-disk operation
8. # vxplex -> to perform plex operation
9. # vxvol -> to perform volume operation
10. # vxprint -> displays the detailed information on existing vxvm objects
NOTE:
VEA is automatically installed when we run the vxvm installation scripts,
We can also install VEA by manually adding the packages.
VOLUME PATH:
Block device : /dev/vx/dsk/<dg_name>/<volume_name>
Raw device : /dev/vx/rdsk/<dg_name>/<volume_name>
VEA : Viewing commands:

Kamalakkannan
1. Located in /var/adm/vx/veacmdlog
2. displays a history of taks performed in the current session and in
previous sessions.
3. This file is created after the first execution of a task in VEA.
MANAGING VEA:
1. The VEA server program is in
/opt/VRTSos/bin/vxsvc
2. To confirm that VEA server is running

# vxsvc -m
3. To stop and restart the VEA server

# /etc/init.d/isisd restart
4. To kill the VEA server process

# vxsvc -k
5. To display the VEA version number

# vxsvc -v
DISK GROUP:
1. To create a disk group or add disks using vxdiskadm

" Add or initialize one or more disks "
2. To initialize:
Syn: # vxdisksetup -i >device_tag> [attribute]
eg: # vxdisksetup -i Disk_1 { enclosure based naming }
# vxdisksetup -i c2t0d0 { traditional based naming }
3. To initilaize the disk group by adding atleast one disk:

Syn: # vxdg init <disk_group> <disk_name>=<device_tag>
eg: # vxdg init newdg newdg01=Disk1
4. Add more disks to the disk group:

Syn: # vxdg -g <disk_group> adddisk <disk_name>=<device_tag>
eg: # vxdg -g newdg adddisk newdg02=Disk2
VIEWING DISK INFORMATION:

1.To display basic information about all the disks:
# vxdisk -o alldgs list
NOTE:
In a shared access environment, when displaying disks, we should
frequenlty run # vxdctl enable to rescan for the disk changes
2. To display detailed information for a disk

Syn: # vxdisk -g <disk_group> list <disk_name>
eg: # vxdisk -g datadg list datadg01

Kamalakkannan
3. To display a summary for all disks

# vxdisk -s list
4. To display imported disk groups only:

# vxdg list
displays the name, sate & id
5. To display all disk groups, including deported disk groups:

# vxdisk -o alldgs list
6. To display free space in the disk group

# vxdg free
for all disk groups that the host can detect
# vxdg -g <disk_group> free

for specific disk group
CREATING A NON-CDS DISK & DISK GROUP:

1. If we are working with sliced disks & non-CDS disk groups, we can
initalize a disk as a sliced disk & create a non-CDS disk group.
2. To initialize a disk as a sliced disk

Syn: # vxdisksetup -i <device_tag> format=sliced
3. To intialize a non-cds disk group

syn: # vxdg init <diskgroup> <disk_name>=<device_tag> cd =off
EVACUVATING A DISK:
Before renaming the disk, we need to evacuvate data from the disk to
another disk in the disk group.
1. # vxdiskadm
" Move volumes from a disk "
2. Syn: # vxevac -g diskgroup from_disk [to_disk]

eg: # vxevac -g datadg datadg02 datadg03
3. To evacuvate to any disk except for datadg03

# vxevac -g datadg datadg02 !datadg03
REMOVING A DISK FROM VXVM:

1. # vxdiskadm
" Remove a disk "
2. Syn: # vxdg -g <disk_group> rmdisk <disk_name>

Syn: # vxdiskunsetup [-C] <device_tag>
eg: # vxdg -g newdg rmdisk newdg02
# vxdiskunsetup -C Disk-02

Kamalakkannan
NOTE: Remove the disk from the disk group & then uninitialize it.
RENAMING A DISK:
Syn: # vxedit -g <disk_group> rename <old_name> <new_name>
eg: # vxedit -g datadg rename datadg01 datadg03
NOTE:
1. New disk name must be unique within the disk group.
2. Renaming a disk does not auomatically rename sub-disks on that disk.
DEPORITNG A DISK GROUP:

1. What is a deported disk group/
a. the disk group and its volumeas are unavailable
b. the disks cannot be removed
c. the disk group cannot be accessed until it is imported
2. Before deporting a disk group

a. unmount the file system
b. stop volumes
3. When we deport a disk group, we can specify

a. a new host
b. a new disk group name
4. # vxdiskadm
" Remove access to (deport) a disk group "
5. Syn: # vxdg deport <disk_group>

eg: # vxdg deport newdg
6. To deport & rename a disk group

syn: # vxdg -n <new_name> deport <old_name>
eg: # vxdg -n newdg deport olddg
7. To deport a disk group & specify a new host

syn: # vxdg -h <host-name> deport <disk-group>
eg: # vxdg -h fire1 deport newdg
IMPORITNG A DISK GROUP:

1. Importing a disk group re-enables access to the disk group
When we import a disk group, we can
a. specify a new disk group name
b. clear host locks
c. import as temportary
d. force on import
2. # vxdiskadm
" Enable access to (import) a disk group "
3. Syn: # vxdg import <disk-group>

Kamalakkannan
eg: # vxdg import newdg
4. After importing the disk group, start all volumes

# vxvol -g newdg startall
5. To import & rename a disk group

syn: # vxdg -n <new-name> import <old-name>
eg: # vxdg -n newerdg import newdg
6. To import & rename temporarily

syn: # vxdg -t -n <new-name> import <old-name>
eg: # vxdg -t -n newerdg import newdg
7. To clear import lock,

# vxdg -tC -n newerdg import newdg
DESTROY A DISK GROUP:
1. Means that the disk group nolinger exists

2. Retuns all disks to the free disk pool
3. Is the only method for freeing the last disk in the disk group
4. Syn: # vxdg destroy <disk-group>
eg: # vsdg destroy olddg
DISK GROUP VERSIONING:

1. All disk groups have a version number based on the vxvm release
2. Each disk group version supports a set of features. we must upgrade old
disk group versions in order to use new features
NOTE:
We cannot upgrade to a specific version using VEA. We can only upgrade to
the current version. To upgrade to specific version, we have to use
3. To display the disk group version,

# vxdg list newdg
4. To upgrade the disk group version

syn: # vxdg [-T version] upgrade <disk-group>
eg: # vxdg -T 40 upgrade datadg
5. To create a version 50 disk group

# vxdg -T 50 init newdg newdg01=disk01
TO CREATE A VXFS:
# newfs /dev/vx/rdsk/datadg/shivavol
to create the file system
# mkfs -F vxfs /dev/vx/rdsk/datadg/shivavol
NOTE:
Kamalakkannan
If we edit the file
/etc/default/fs
edit:
local = ufs // chage it as vxfs
then there is no need to specify the file system while creating the file
system.
To MOUNT:
# mount -F vxfs /dev/vx/dsk/datadg/shivavol /check
# fstyp /dev/vx/dsk/datadg/shivavol
used to know the file system type
# prtvtoc /dev/vx/dsk/datadg/shivavol
Note:
# prtvtoc -pv | grep bootpath
shows the physical device path of the booted OS.
TO DISPLAY VM OBJECTS STATUS:

1. # vxprint
2. # vxtask list
displays the % progress, task id
3. # vxtask monitor <id>

continuously displays the % of the progress
RANDOM - JUST TO CHECK - CLARIFICATIONS IN NUT SHELL
1. # vxdisksetup -i c0t1d0
to initialize the physical disk to vmdisk
2. # vxdisk list
to view the vmdisk lists
3. # vxinstall
to install license key
4. # vxdg init dg1 d1=c0t1d0 d2=c1t1d0

to initialize the disk group & adding the disks
dg1 - disk group name
d1,d2 - disk names
5. # vxdisk list
6. # vxdg -g dg1 adddisk d3=c1t2d0

Kamalakkannan
adding d3 to the existing disk group dg1
7. # vxdg -g dg1 rmdisk d3

removing the disk d3 form the disk group dg1
8. # vxdg destroy dg1

removing disk group dg1
9. # vxmake -g dg1 sd sd1 d1,100m
10. # vxmake -g dg1 sd sd1 d1,0,100m

A B C D EF G
where
A -> -g option to specify the disk group name
B -> disk group name, here disk group name is dg1
C -> sd - to specify the sub-disk
D -> sd1 - sub-disk 1
E -> disk name. here d1
F -> 0 - offset (offset is the stating point of the sub-dosk
within the disk)
G -> length
11. # vxmake -g dg1 sd sd2 d2,100m
12. # vxprint -st

print sub-disk table
-s -> sub-disk
-t -> prints a single line output
13. # vxprint -vt

print volume table
14. # vxprint -pt

print the plex table
15. # vxmake -g dg1 plex p1 sd=sd1,sd2

A B C D E
where
A -> -g to specify the disk group name
B -> disk group name
C -> option to specify the creation of plex
D -> name of the plex
E -> to specify the sub-disk
creating plex with 2 sb-disks sd1 and sd2 wissh plex name p1
16. # vxdctl default dg1

making dg1 as the default disk group
17. # vxmake vol v1 plex=p1

creating volume v1 which includes plex p1

Kamalakkannan
18. # vxvol start v1
starting the volume
Note:
1. As for vxvm commands the default size unit is "s" - representing the
sector
2. Add suffix such as
a. k - kilo byte
b. m - mega byte
c. g - giga byte
19. # vxprint [-g disk-group] -l subdisk

displays all information for sub-disks in the disk group specified
eg: # vxprint -g nmydg -l mydg02-01
20. # vxprint -hvt

to display the volume, plex & sub-disk record information for all
volumes in the system
INITIALIZING & STARTING A VOLUME:
1. # vxvol [-g diskgroup] start volume

to initialize & start a volume
2. # vxvol [-g diksgroup] init enable volume

can be used to enable the volume without initializing
3. # vxvol [-g diskgroup] init active volume

to restore data on the volume from a backup before using the
command
to make the volume fully active
4. If we want to zero out the contents of the entire volume

# vxvol [-g diskgroup] init zero volume
NOTE:
1. # vxlicrep | more
provides the information about the license
2. # vxdisk list
if invalid - the disk is not under the control of verita
ONLINE - can recognize the availability of the disk
3. # vxdiskadm
option 21 : to identify the new disk connected to the box
SELECTING & NAMING SHCEME:

We can select the naming scheme
1. when we run vxvm installation scripts
2. anytime by using the # vxdiskadm
option - " change the disk naming scheme "
Kamalakkannan
Note: This operation requires the vxvm configuration daemon, 'vxconfigd'
to be stopped and restarted
If we choose enclosure based naming

1. disks are displayed in 3 categories
2. Enclosure:
a. Supported by RAID disk arrays are displayed in
enclosurename_# -> format
b. Disks:
supported JBOD (Just Bunch Of Disks) disk arrays are displayed
with the prefix
Disk_
c. Others:
disks that do not return a path independent identifier to vxvm
displayed in the traditional os based format
System wide reserved disk groups:

1. Reserved names
a. bootdg
b. defaultdg
c. nodg
a. bootdg:
1. if the boot disk is brought under vxvm control, volume manager
assigns bootdg as an alias for the name of the disk group that
contains the volume that are used to boot the system.
2. # vxdg bootdg
# vxdg defaultdg
to display what is set as bootdg or defaultdg
3. # vxdctl defaultdg <disk-group>

to set the default disk group after vxvm installation
STRIPE VOLUME:
1. # vxprint -st
2. # vxmake sd sd3 d1,100,200m

Kamalakkannan
7. # vxmake plex p2 sd=sd3,sd4 layout=stripe stwidth=16k
stripe with(16k) has 32 blocks
8. # vxmake vol strvol plex=p2

creating volume "strvol" which includes plex p2
9. # vxprint -vt
10. # vxvol start strvol
11. # mkfs -F vxfs /dev/vx/rdsk/dg1/strvol
12. # mkdir /mnt/veritas_volume
13. # mount /dev/vx/dsk/dg1/strvol /mnt/veritas_volume
MIRRORING:
2. # vxmake plex p3 sd=sd5,sd6
3. # vxmake plex p4 sd=sd7,sd8
4. # vxmake vol mirvol plex=p3,p4
5. # vxvol start vxvol
6. # mkfs /dev/vx/rdsk/dg1/mirvol
7. # mkdir /mnt/veritas_mirror
8. # mount /dev/vx/dsk/dg1/mirvol /mnt/veritas_mirror
RAID-5:
2. # vxmake sd sd10 d4,100,100m
3. # vxmake sd sd11 d4,200,100m
4. # vxmake plex p5 sd=sd9,sd10,sd11 layout=raid5 stwidth=32
5. # vxmake vol raid5vol plex=p5
6. # vxplex -g <disk-group-name> det <plex-name>

to detach the plex

Kamalakkannan
VXVM ROOT MIRRORING:
1. When root mirroring is implemented, make sure that encapsulation is
selected.
choose option: 2
# cp /etc/system /system.orig
# cp /etc/vfstab /vfstab.orig
# vxdiskadm
Select option : 2 " Add one or mode disk for encapsulation
Select the system disk: c0t0d0
2. Then restart the system

Note:
a. 2 times reboot will happen. now veritas will take the
control of root file system
b. new slice name changed in /etc/vfstab as rootvol, swapvol
c. no need to install boot block
# vxdiskadm
# vxprint
# vxassist mirror rootvol
# vxassist mirror swapvol
# vxprint
# vxassist mirror usr
# vxprint
# vxassist mirror var
# vxprint
not, targer 0 is removed
# vxprint
# init 6
OK boot disk1
Now, insert the new disk in the target 0
# vxdiskadm
Select the option:5
(if not detected)
Select the option:2, then again option5

Kamalakkannan
BREAKING THE MIRROR:
Only mirrored volume has to be removed
# vxplex -o rm dis rootvol-02

dis-disassociate
# vxplex -o rm dis swapvol-02
how to revert the /etc/system & /etc/vfstab

# /etc/vx/bin/vxunroot
RESIZING:
1. # vxassist
2. # vxremake
Using 'vxassist' command will increase or decrease volume size no the file
system size.
TO increase the file system, we have to manually use fsadm (/usr/lib/fs/fxfs)

# vxassist //growby, growto, shrinkto, shrinkby
with resize, it will automatically increase or decrease the volume as well as
the file system.
# vxdisk list
# vxdg init dg d0=c1t1d0 d1=c1t2d0 d2=c1t3d0 d3=c1t4d0

enclosure based naming
# vxdisk list
# vxdg -g dg adddisk d4=c0t1d0

adding disk d4 to disk group dg
# vxassist -g dg make rvol1 100m layout=raid5

with log
# vxprint -hvt rvol1
# vxassist -g dg make rvol2 100m layout=raid5,noraid5log ncol=3
# vxassist -g dg make rvol3 100m layout=raid5,noraid5log
# vxassist -g dg addlog rvol3

adding log to rvol3
Kamalakkannan
# vxassist -g dg make mvol 100m layout=mirror
# vxprint -hvt mvol
# vxassist -g dg addlog mvol
# vxassist -g dg make mvol2 100m layout=mirror logtype=drl

drl - dirty log
# vxassist -g dg make mvol3 100m layout=mirror
# mkfs -F vxfs /dev/vx/rdsk/dg/mvol3
# mkdir /mvol3
# mount -F vxfs /dev/vx/dsk/dg/mvol3 /mvol3
# df -h
# vxprint -vt mvol
# vxassist -g dg growto mvol3 150m

resize to 150mb
# vxprint -vt mvol3
# df -h
# cd /usr/lib/fs/vxfs
# ./fsadm -F vxfs -b 150m /mvol3

to increase the file system size
# vxassist -g dg growby mvol3 50m
# vxassist -g dg -F shrinkto mvol3 150m
# vxprint -vt mvol3
# vxresize -g dg mvol3 200m

increase the volume size as well as file system size
# vxresize -g dg mvol3 100m
# vxedit -g dg -rf rm mvol3
# vxdisk list
# vxedit -g dg set spare=on d4

Kamalakkannan
making disk d4 as spare
# vxdisk list
# vxedit -g dg set nohotuse=on d4

disabiling hotspare
# vxedit -g dg set reserved=on d3
# vxdisk list
# vxedit -g dg set nohotuse=off d1

to remove the hotspare
# vxdg -g dg rm disk d3 //to remove disk from the disk group
SNAPSHOT
1. # vxassist -g dg make cvol1 100m
2. # mkfs -F vxfs /dev/vx/rdsk/dg/cvol1
3. # mkdir /cvol
4. # mount -F vxfs /dev/vx/dsk/dg/cvol1 /cvol
5. # vxprint -hvt cvol1
6. # vxassist -g dg snapstart cvol1
7. # vxprint -hvt cvol1
8. # mkdir /snapvol
9. # mount -F vxfs /dev/vx/dsk/dg/SNAP_CVOL1 /snapvol
now /snapvol can be used for taking backup
10. # df -h
11. # umount /snapvol
12. # vxassist -g dg snapback SNAP_CVOL1

delete & attached
13. # vxedit -g dg rename cvol1-01 p1

Kamalakkannan
renaming the plex
14. # vxprint -hvt
15. # vxplex -g dg att mir p11
16. # vxprint -hvt mir
17. # vxplex -g dg dis p11
18. # vxprint -hvt mir
DEPORITNG & IMPORTING DISK GROUP
1. # vxdg deport dg
2. # vxdisk list
3. # vxdisk -o alldgs list
4. # vxdg import dg
5. # vxdisk list
6. # vxsd -g dg assoc p1 sd3

to attach sub-disk to plex
CREATING A VOLUME:
Before creating a volume, initialize disk & assign them to disk groups
1. Striped volume requires minimum 2 disks
2. Mirrored volume requires minimum one hard disk for each plex. A
mirror cannot be on the same disk that the other plexes are using.
3. Raid-5: Minimum 3 disks are required
1. To create a volume:
# vxassist –g <disk-group> make volume-name length [attributes]

Kamalakkannan
2. To display volume attributes
# vxassist –g <disk-group> help showattrs
CONCATENATED VOLUME:
1. To create a concatenated volume
#vxassist –g datadg make datavol 10g
datadg - disk group name
datavol – volume name
10g – volume size
2. If an /etc/default/vxassist file exists with a different layout
# vxassist –g datadg make datavol 10g layout=nostripe
3. To create a concatenated volume on specific disks
# vxassist –g datadg make datavol 10g datadg02 datadg03
datadg02, datadg03 – disk media name
Figure:
STRIPED VOLUME:
1. To create a striped volume

Kamalakkannan
# vxassist –g <disk-group> make <volume-name> length
layout=stripe ncol=n stripeunit=size [disks]
Example:
# vxassist –g acctdg make payvol 26 layout=stripe ncol=3 !acctdg04
# vxassist –g acctdg make export 2g layout=stripe ncol=3
stripeunit=64k acctg01 acctdg02 acctg03
Figure:
RAID-5:
1. To create a Raid-5 volume
# vxassist –g <disk-group> make <volume-name> length
layout=raid5 ncol=n stripeunit=size [disks]
a. default ncol=3
b. default stripe unit =16k
c. log is created by default. Therefore, we need atleast one or more

disk than the number of coloumns.
Example:
Kamalakkannan
# vxassist –g acctdg make payvol 10g layout=raid5
Figure:
MIRRORED VOLUME:
To create a mirrored volume
# vxassist –g <disk-group> [-b] make <volume-name> length
layout=mirror [mirror=number]
Example:
1. # vxassist –g datadg make datavol 5g layout=mirror
Concatenated mirror
2. # vxassist –g datadg make datavol 5g layout=stripe,mirror

nmirror=3
specifying 3 mirrors
3. # vxassist –g datadg –b make datavol 5g layout=stripe,mirror

nmirror=3
MIRRORED VOLUME WITH LOG:
1.To create a mirrored volume with log
# vxassist –g diskgroup [-b] make <volume-name> length
layout=mirror logtype-drl [nlog=n]

Kamalakkannan
a. logtype = drl (Dirty Log Region) enables drl
b. nlog = n creates nlogs & is used when we want more than one log
plex to be created
2. To create a concatenated volume that is mirrored & logged
# vxassist –g datadg make datavol 5m layout=mirror logtype=drl
ESTIMATING THE VOLUME SIZE:
To determine largest possible size for a volume
# vxassist –g <disk-group> maximize attributes
Ex:
# vxassist –g datadg maxsize layout=raid5
Maximum volume size:376832 (184 mb)
To determine how much a volume can expand
# vxassist –g <disk-group> maxgrow volume
Ex:
# vxassist –g datadg maxgrow datavol
Volume datavol can be extended by 366592 to 1677312 (819mb)
Figure:
DISPLAYING VOULME INFORMATION:
# vxprint –g <disk-group> [options]

Kamalakkannan
# vxprint –g datadg –ht | more
Options: -ht, -vpsd, -r, -l, -A, -a
REMOVING A VOLUME:
1. When a volume is removed, the space used by the volume is freed

and can be used elsewhere
(We should only remove a volume, if we are sure that we
we do not need the data in the volume)
NOTE:
1. A volume must be closed before it can be removed
2. Must manually edit the OS-specific file system table
(/etc/vfstab) in order to remove the entry for the file system and avoid
errors at boot time.
2. Unmount the file system before removing the volume
Syn: # vxassist –g <disk-group> remove volume volme-name
Ex: # vxassist –g datadg remove volume datavol
Syn: # vxedit –g <disk-group> -rf rm volume-name
Ex: # vxedit –g datadg –rf rm datavol
CONFIGURING THE VOLUMES:
ADMINISTERING MIRRORS:

Kamalakkannan
Adding a mirror to a volume:
1. Can add a mirror to an existing concatenated/Striped volume.
Only concatenated/striped volumes can be mirrored.
2. By default, a mirror is created with the same plex layout as the

original volume.
3. A mirrored volume requires at least 2 disks in the same disk group.
4. Synchronization of the new plex is required.
NOTE:
1. Cannot add a mirror to a disk that is already being used by the volume.
Figure:
Syn: # vxassist –g <disk-group> mirror volume
[layout=layout-type] [disk-name]
Ex: # vxassist –g datadg mirror datavol
REMOVING A MIRROR:

Kamalakkannan
Why to remove a mirror?
a. Removing a mirror frees the space occupied by that mirror
b. To reduce the number of mirrors in a volume in order to reduce I/O

to the volume.
Syn: # vxassist –g <disk-group> remove mirror volume [!]dm-name
Ex: # vxassist –g datadg remove mirror datavol ! datadg02
To remove the plex that contains a sub-disk from the disk datadg02.
NOTE: To remove the plex that contains a sub-disk froma specific disk [!] is
used.
# vxassist –g datadg remove mirror datavol datadg0
To remove the plex that uses any disk expect datadg02
We can also used the vxplex and vxedit commands in combination to

remove the mirror.
# vxplex –g <disk-group> dis plex-name
# vxedit –g <disk-group> -rf plex-name
Dirtly Region Logging – for mirrored volumes
1. Logs keep track of changed regions
2. If the system fails, only the changed regions of volume must be

recovered

Kamalakkannan
ADDING / REMOVING THE LOG:
Syn: # vxassist –g <disk-group> addlog volume
[logtype=drl] [nlog=n] [attributes]
1. To add a dirty regions log to an existing mirrored volume.
# vxassist –g datadg addlog datavol logtype=drl
2. To add a Raid-5 log to a Raid-5 volume, no log type is needed
# vxassist –g acctdg addlog payvol
3. To remove a log from a volume
# vxassist –g diskgroup remove log [nlog=n] volume
MOUNT FILE SYSTEM AT BOOT:
To mount the file system automatically at boot time, edit the OS-specific
file system table file to add any entry for the file system.
Specific information such as
1. Device to mount - /dev/vx/dsk/datadg/datavol
2. Device to fsck - /dev/vx/rdsk/datadg/datavol
3. Mount point - /data
4. File system type – vxfs
5. fsck pass – 1
6. Mount at boor – Yes
7. Mount options - -

Kamalakkannan
RECONFIGURING VOLUME ONLINE:
REMOVING A VOLUME:
To resize a volume,
a. specify a desired new volume size
b. add to or subtract form the current volume size
Expanding a volume provides more space to users:
1. Disk space must be available
2. VXVM assign disk space, or can specify disks
Shrinking a volume enable to use space elsewhere. VXVM returns space to

the free space pool.
If volume is resized, its file system must also be resized,
a. vxfs can be expanded or reduced while mounted
b. ufs can be expanded but not reduced
c. ensure that the data manager application supports resizing.sss
RESIZING A VOLUME:
1. Can expand and shrink a mounted
veritas files system but unmounted veritas file system cannot be changed.
2. A mounted or unmounted ufs can only be expanded.
syn:# vxresize [-b] fstype -g <disk-group> volume [+/-] new-length
for ex:
Original volume size : 10 mb

Kamalakkannan
1. # vxresize -g mydg myvol 50m
2. # vxresize -g mydg myvol +10m
3. # vxresize -g mydg myvol 40m
4. # vxresize -g mydg myvol -10m
Figure:
Resizing a volume using vxassist:
syn: # vxassist -g <disk-group> [growto|growby|shrinkby|

shrinkto] volume-size
For example:
Original volume size: 20mb
1. # vxassist -g datadg growto datavol 40m

2. # vxassist -g datadg growby datavol 10m
3. # vxassist -g datadg shrinkto datavol 30m
4. # vxassist -g datadg shrinkby datavol 10m
Figure:
Resizing a file system using fsadm:
syn: # fsadm [fs-type] [-b new-size] [-r raw-dev] mount-point
examle:
Expand the file system/datavol from 512000 sectors to 1024000 sectors
1. verify the free space on the underlying device:

# vxdg -g datadg free
Kamalakkannan
2. Expand the volume using vxassist
# vxassist -g datadg growto myvol 1024000
3. Expand the file system using fsadm

#fsadm -F vxfs -b 1024000 -r /dev/vx/rdsk/datadg/datavol /datavol
4. Verify that the file system was resized by using dg:

# df -k /datavol
Resizing a dyanmic LUN:
1. If we resize a LUN in the hardware, we should resizse the vxvm disk

corresponding to that LUN.
2. Disk headers and other vxvm structures are updated to reflect the new
size.
3. Intended for devices that are part of an imported disk group
syn: # vxassist [-f] -g <disk-group> resize

{access-name|media-name} length=attribute
eg: vxassist -g datadg resize datadg01 length=8GB
What is encapsulation?
1. A process that converts existing partions on a specified disk to volumes.
If any partitions cntain file systems, /etc/vfstab entires are modified so that
the file system are mounted on volumes instead.
(or)
2. Encapsulation is the process of converting partitions into volumes to

bring those partitions under vxvm control.
3. Encapsulation converts existing partitions into volumes, which provides

continued access to the data on the disk after a reboot. After a disk has
been encapsulated, the disk is handl;ed in the same way as an initialized
disk.
NOTE:
1. Encapsulation - preseves the data on the disk
2. Initialization - Destroys the data on the disk
Requirements:
1. One free partition for private & public region
2. S2 slice that represents the full disk
3. 2048 sectors free at beginning or end of disk for private region.
Figure:
What is rootability?
1. Rootability is the process of encapsulating the root file system, swap
device and other file system on the boot disk under vxvm contol.

Kamalakkannan
2. Volume manager converts existing partitions of the boot disk into
volume manager volumes.
3. The system can then mount the standard boot disk file system from
volumes instead of disk partitions.
4. When encapsulating the boot disk, the private regions can be created
form the swap area, which reduces swap area by the size of the private
region.
The private region is created at the begining of the swap area, and the
swap partition begins one cylinder from its original location.
5, requirements are the same as for the data disk encapsulation, but the
private regions is created at the swap space.
Figure:
Why encapsulate the boot disk?

Shuld encapsulate the boot disk only if we plan to mirror the boot disk.
Benefits of mirroring the boot disk:

1. Enables high availability
2. Fixes bad blocks automatically. If the boot disk has bad blocks, thn
volumemanager reads the blocks from the other disk and copes it back to
the bad block to fix it.
3. Improves performance
Limitations of boot disk encapsulation:

1. Encapsulating the boot disk adds steps to OS upgrades.
2. A system cannot boot from a boot disk that spans multiple devices.
3. We should never grow or change the layout of the boot disk volumes.
These volumes map to physical underlying partition on disk and must be
contiguous.
File system requirements:

For root, usr, var and opt volumes:
1. use ufs file systems (VXFS is not avialable until later in the boot process)
2. use contiguous disk space. (Volumes cannot use striped, raid-5
concatenated mirrored or striped mirrored layouts)
3. Do not use drl (dirty log region) on system volumes.

Kamalakkannan
For swap,
1. The first swap volume must be contiguous and therefore cannot use
striped or layerd layouts.
2. Other swap voulumes can be non-contiguous and can use any layout.
However there is an implied 2gb limit of usable swap space per device for
32 bit operating system.
Before encapsulating the boot disk:

1. When we place the boot disk under volume manager control, volume
manager sets bootdg to the appropriate disk group.
2. Set the eeprom variable

# eeprom use-nvramrc? true
This enable volume manager to take advantage of boot disk aliases to

identify the mirror of the boot disk if a replacemebt is required.
If this variable is assigned as false, we must determine which disks are
bootable.
With VXVM 4.0

# vxdiskadm
"Encapsulate one or more disks"
Note: Sliced disk format. The boot disk cannot be a CDS disk
# /etc/vx/bin/vxencap -g diskgroup access-name
After boot disk encapsulation;

View OS specific files to better understand the encapsulation process.
/etc/system
/etc/vfstab
VTOC
NOTE:
VTOC tag no 14 - used for private region
tag no 15 - used of public region
Creating an alternate boot disk

Alternated boot disk : Requirements:
1. An alternated boot disk is a mirror of the entire boot disk. An alternate
boot disk presevers the boot blocka in the case the intitial boot disk fails.
2. Creatng an alternated boot disk requires,
a. the boot disk be encapsulated by VXVM
b. Another diks be available with enough disk space to contian all of
the boot disk partitions
c. Can use only the disks in the boot disk group.
3. The root mirror places the private region at the beinning of the disk, The
remaining partitions are placed after the private region.
1. To mirror the root volume only:
# vxrootmir alternate-disk
2. To mirror all other un-mirrored, concatenated volumes on the boot disk

Kamalakkannan
to the alternate disk:
# vxmirror boot-disk alternate-disk
3. To mirror other volumes to the boot disk or other disks:

# vxassist mirror homevol alternate-disk
4. To setup system boot information on a vxvm disk

# vxbootsetup
Boot from an alternate mirror:
To boot the system using an alternate boot disk after failure of the primary
boot disk,
1. Set the eeprom variabl
OK setenv use-nvramrc? true
OK reset
This above variable must be set to true to enable the use of alternate boot
disks.
2. Check for available boot-disk aliases

OK devalias
{output displays the name of the boot disk and available mirrors}
vx-rootdisk
Vx-diskname
3. Boot from an available boot disk alias

OK boot vx-diskname
Unencapuslating a boot disk:

1. To unencapsulate a boot disk, use vxunroot
Requirements:
Remove all but one plex of rootvol, swapvol, usr, var, opt and home.
2. Use vxunroot when we need to
a. Boot from physical system partitions
b.Chnge the size or location of private region on the boot disk
c. upgrade both the os and vxvm
Note:
Do not use vxunroot if we aer only upgrading vxvm packages, including the
VEA package.
1. Ensure that the boot disk volumes, volumes only have one plex each.
# vxprint -hvt rootvol swapvol usr var
2. If boot disk volumes have more than one plex each, remove the
unnecessary plexes.
# vxplex -o rm dis plex-name
3. Run the untility

# vxunroot

Kamalakkannan
HOT RELOCATON
The system automatically reacts to i/o failures on redundant vxvm objects
and restores redundancy to those objects relocating affected sub-diks.
NOTE:
Sub-diks are relocated to disks designated as spare disks or to free space in
the disk group.
Figure:1
Figure:2
1. vxrelocd detects the disks failure

2. root (admin) is notified
3. sub-diks are relocated to a spare
4.volume recovery is attempted.

Kamalakkannan
REMOTE SYSTEM CONSOLE
Overview of the Sun Remote System Console:
. 1. Sun RSC is a server management tool that allows us to monitor &

control our
server over modem lines and over a network.
2. Provides remote system administration fro geographically
distributed or
physically inaccessible systems.
RSC access:
From workstation running on Solaris, win 9x or win NT.
NOTE:
The sever can boot and operate normally when the RSC software is not
enabled, and Sun console features continue to be available on standard
RS232 ports.
RSC features:
1. Remote system monitoring, error monitoring, including output from
power-on self test and OBP diagnostics.
2. Remote server reboot, power on & power off o demand.
3. Ability to monitor the CPU temperature and fan sensors without
being near the managed server, even when the server is in offline.
4. To run diagnostic tests from a remote console.
5. Remote event notification of server problems
6. Detailed log of RSC events
7. Remote console functions on both the serial & Ethernet ports
Monitoring tools:
Complemented by RSC
1. Solstice SYMON
a. Main & popular tools
b. Main tool for observing system operation behavior and
performance while the server operating system is up and
running.
2. SUN VTS
3. Kadb – kernel debugger
4. OBP
5. Open Boot Diagnostics – OBDiag
RSC use:
1. After installing and configuring SUNRSC s/w on the server & client,
we can use OBP commands & set OBP variables that redirect the
Kamalakkannan
console output to RSC
2. Part of RSC configuration defines & enables alert mechanisms.
a. Alerts provide remote notification of system problems.
b. It can be sent to pagers, mails, to any clients that are
currently logged into RSC.
3. RSC generate alert messages whenever the following error occurs
a. server system resets
b. server temperature crosses the lower & higher fault
c. sever redundant power supply fails
d. power outage occurs at the server site, if an un-interruptible
power supply is in use and it is configured to send an alert to
RSC.
e. Sever undergoes a h/w watch dog reset.
f. Detects 5 un-successful RSC login attempts within 5 min
4. Each alert message includes sever name & other important details
5. RSC controls whether an alert is sent to mail/pager.
6. It always sent alert to any client currently logged into RSC accounts
for that server.
7. If server is running & if tools available
- SUN VTS
- Solstice SyMON
If not running – tools may be available through ‘X’ windows
8. If server is not running & if no tools
a. RSC feature to delay the server
- Show environmental information
- Put the server in debug mode
- Control sever firmware behavior
- Turn server power off & then on if the server is hung
View logs
- Displays detailed log of RSC errors, events & RSC
command history
- Displays & reset server console logs
RSC configuration:
Can control RSC configuration settings for
- Alerts
- Ethernet ports
- Serial ports
- RSC date & time
- RSC password
- RSC user account
1. supports upto 4 protected password user
account for each managed server
2. each with customizable access rights
User-permissions:
-a administration permission, authorized to change the
stat of RSC
configuration variables
-u user administration permissions, authorized to use

commands
that add & delete users, change user permissions &
Kamalakkannan
change the
authorization level of other users.
-c console permission; authorized to connect to the

server console
-r Reset/power permission, authorized to reset, power-

on & power
off the server & reboot RSC.
User interface:
- Graphical
Runs using SUN java (RSC- SUNWrscj)
- Command line
Using standard telnet to RSC ehternet port
To the RSC serial port using PPP (Point-to-point
protocol)
Can also be accessed by connectivity on ASCII

character terminal directly to the RSC serial port.
Note:
- RSC always sent alert messages to any users that
are logged into RSC accounts
- ‘rsradm’ utility / RSC interfaces to configure RSC
after installation
Installation RSC s/w:

SUN RAC s/w is installed as two separate components,
1. Server s/w installed on a SUN enterprise server to enable RSC
h/w.
2. Client s/w installed on a Solaris/windows based client work
station to provide the RSC graphical user interface
Note:
- RSC java application is installed on a Solaris client
machine, it resides in the directory /opt/rsc by
default.
- To run RSC GUI Java application at client, it must
have Java Development kit for Solaris version 1.1.6
Running the server configuration script:

# /usr/platform/’uname –i’/rsc/rsc-config
Redirecting the console to RSC:

- After RSC s/w is installed & configured, the system
console is still available as on any normal SUN
machine.
- At server perform the following
OK diag-output-to rsc
Kamalakkannan
OK setenv input-device rsc
OK setent output-device rsc
- These commands takes effect after the next server
reset
To remove RSC from default console:

- OK diag-output-to ttya
OK setenv input-device keyboard
OK setenv output-device screen
- these commands takes effect after the next server
reset
Some RSC shell commands:
1. environment – displays current environmental

information
2. showenvironment - same as environment
3. show network – displays the currrent n/w
configuration
4. console – connects to the server console
5. break – puts the server in debug mode
6. version – displays version number of RSC
firmware & componets
7. showsc – same as version without the –v
option
8. help – displays a list of RSC shell commands &
brief description of
each
9. poweron – power on the server
10. poweroff – power off the server
11. log history – displays the history of all events
oggedi the RSC even buffer
12. reset – resets the server immediately
Kamalakkannan
13. userperm – sets the authorization for a
user
14. userpassword – set or changes a user’s
password
15. date – displays/sets the current time & date
16. set – set a configuration variable
17. show – displays one/more configuration
variable
18. useradd – adds an RSC user account
19. userdel – deletes an RSC user account
20. usershow – show characteristics of an RSC
user account
ALOM – Advanced Lights Out Management

ELOM – Embedded Lights Out Management
These are also similar to RSC
SUN CLUSTER 3.1
Defining Clustering:
1. Clustering is a general terminology that describes a group of two or
more separate servers.
2. Clusters is a collection of 2 or more system that work together as a
single, continuous available system to provide applications, system
resources and data to users.
Cluster general characteristics:

1. Separate server nodes, each booting from its own, non-shared, copy
Kamalakkannan
of the operating system.
2. Dedicated h/w interconnects, providing private transport only
between the nodes of the same cluster.
3. Multiported storage, providing paths from at least two nodes in the
cluster to each physical storage device storing data for the
applications running in the cluster.
Sun Cluster is a s/w used to build a cluster environment to provide

increased availability and performance.
HA – High Availability:
1. Clusters are generally marketed as the only way o provide high
availability for the applications that run on them.
2. HA can be defined as the minimization of downtime rather than the
complete elimination of downtime.
HA standards:
Usually phrased with wording such as “Provides 5 nines availability”. This
means 99.999% uptime for the application or about 5 min of downtime per
year. One clean server reboot often already exceeds that amount of
downtime.
How cluster provide HA?

In the case of any single h/w or s/w failure in the cluster, application
services and data are recovered automatically 9without human
intervention) and quickly (faster than a server reboot). This is done by
taking advantage of the existence of redundant servers in the cluster and
redundant server storage paths.
Scalability:
1. Clusters also provide an integrated h/w and s/w environment for
scalability.
2. Scalability is defined as the ability to increase application
performance by supporting multiple instances of applications on
different nodes in the cluster.
Sun cluster h/w environment:

1. Cluster nodes with local disk (Unshared disk)
2. Multi host storage (Shared disk)
3. Cluster interconnect (Provides the channel for inter node
communication)
4. Public n/w interface (Used by clients system to access data services
on the cluster. Usually the primary n/w interface)
5. Removable media configured as global device such as tapes and
cdrom.
Sun cluster s/w environment:

1. Solaris 10 OS s/w
2. Sun Cluster 3.1 s/w (Separate s/w not from OS cd)
Kamalakkannan
3. Data service application ( Sun Cluster Agent cd)
4. Volume management 9SVM or VXVM0. Is exceptional when, the
volume management is on the box.
Terminology:
1. Cluster-node:
a. Is a system that runs both Solaris 10 OS s/w and Sun Cluster
s/w.
b. Every node in the cluster is aware when another node joins
or leaves the cluster.
2. Cluster interconnect:
a. This connection is established between all cluster nodes and
is solely used by cluster nodes for the private and data
service communications.
b. This communication path is also known as private n/w.
c. There are 2 variations of interconnect
i. Point-to-Point
ii. Junction based (In this junction based
interconnect, the junction must be switches and
not hubs)
3. CCR – Cluster Configuration Repository:

a. It’s a private, cluster wide, distributed database for storing
information about the configuration and star of the cluster.
b. CCR contains the following information:
i. Cluster & node name
ii. Cluster transport configuration
iii. The names of SVM disk set or Vxvm disk group
iv. A list of nodes that can master each disk group
or disk set
v. Operations parameter values for data services
vi. Paths to data services call back methods
vii. Current cluster status
c. CCR is accessed when error/recovery situations occur or when
there has been general cluster status changes, such as node leaving
or joining the cluster.
4. Local devices:
a. These devices are accessible only on a node that is running
the service and has a physical connection to the cluster.
They are not highly available device.
5. Global device:
a. These devices are highly available to any node in a cluster.
Suppose if a node fails while providing access to a global
device the Sun Cluster s/w switches over to another path to
the device and re-directs the access to the path.
b. This access is known as global device access.
c. Provides simultaneous access to the raw (character) device
associated with storage devices from nodes, regardless of
where the storage is physically attached.

Kamalakkannan
6. Device ID (Global Naming Scheme)
a. Each device in the cluster environment is assigned an unique
id.
b. Access to the global device is possible through the unique
device id (DID) assigned by DID driver instead of traditional
Solaris DID’s.
Eg: /dev/did/(r)dsk/d2s3
c. It’s important to note that DID’s themselves are just global

naming scheme and not a global access scheme.
7. Global file system:

a. This feature makes file systems simultaneously available on
all nodes, regardless of their physical location.
b. UFS, VxFS, HSFS are supported
Eg: # mount –o global,logging /dev/md/dsk/dataset/d100
/global/nfs
8. Data service agents:

a. Is a combination of s/w and an application to run without
modification in a Sun Cluster configuration.
b. S/w of the data service provides the following operations:
i. Starting and stopping the applications
ii. Monitoring the faults in the applications and
recovering from these faults.
c. Configuration files define the properties of the resource, which
represents the applications to the RGM (Resource Group Manager)
9. Resource:
a. In the context of cluster, the word resource refers to any
element above the layer of the cluster frame work which can
be turned on or off and can be monitored in the cluster.
b. Ins a instance (example or first stage of proceeding) of a
resource type that is defined cluster wide.
NOTE:
Data services utilize several types of resources. Application & n/w
resources form a basic unit ie., managed by RGM.
10.Resource group:
a. Are collection of resources
b. Are either fail over or scalable
i. Fail over resource group: Is a collection of
services that always run together on one node of
the cluster at one time and simultaneously fail
over or switch over to another node.
ii. Scalable resource group: Describes the
collection of services that simultaneously sun on
one or more nodes.
11.Resource type:
a. Is a collection of properties that describe an application to
the cluster. This collection includes the information about
Kamalakkannan
how the application is to be started, stopped and
monitored on nodes of the cluster.
b. Eg: 1. The resource type for Sun Cluster HA for nfs is
SUNW.nfs
2. The resource type for Sun Cluster HA for apache is
SUNW.apache
12.Data service types:

a. Fail over data service
b. Scalable data service
c. Parallel data service
Fail over data service:

a. Is a process by which the cluster automatically relocates an
application from a failed primary node to a designated
redundant secondary node.
b. Fail over services uses a fail over resource group which is a
container for application instance resource & n/w resources.
(Logical hostname – nothing but n/w resource).
c. NOTE: Logical host names are IP addresses that can be
configured up on one node and later automatically
configured down on the original node and configured up on
the another node.
Scalable data service:

a. This enables applications instances to run on multiple nodes
simultaneously. This service uses 2 resource groups.
i. Scalable resource group
ii. Fail over resource group
b. Scalable resource group contains the application resources
and the fail over resource group contains n/w resources,
9shared addresses) on which the scalable source depends.
Parallel data service:

a. Sun Cluster systems provide an environment that shares
parallel execution of applications across all the nodes of the
cluster by using parallel data bases,
b. Sun Cluster support for Oracle parallel server/real
applications clusters is a set of packages that, when installed
enables Oracle parallel server/real application cluster to run
on Sun Cluster nodes.
13.Public n/w interface:

a. Clients connect to the cluster through the public network
interfaces.
14.Multi host disk storage:

a. A storage which is connected to more than one node at a
time. It provides the following benefits.
i. Global access to file system
ii. Multiple access to file systems and data
iii. Tolerance for single node failures.

Kamalakkannan
15.Quorum device:
a. Is a disk shared by 2 or more nodes that contribute votes
that are used to establish a quorum for the cluster to Sun.
b. Quorum device acquires quorum vote counts based on the
number of node connections to the device.
c. It acquires the maximum vote count of (n-1) where n is the
number of connected nodes to the quorum device.
d. Each node is assigned exactly one vote.
NOTE:
1. There must be a majority (more than 50% of
all possible vote present) to form a cluster.
2. A single quorum device can be automatically
configured by ‘scinstall’ for 2-node cluster
only.
3. All other quorum devicews are manually
configured after the Sun Cluster s/w
installation is complete.
4. (n/2)+1 quorum devices are required. (Similar
to replica)
e. Quorum device rules:
1. Must be available to both nodes in 2-node
cluster
2. Information is maintained globally in the CCR
database

Kamalakkannan

Kamalakkannan

Sun Doc Updated As On 24 May 2009

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sun Doc Updated As On 24 May 2009

Uploaded by

Copyright:

Available Formats

SUN SOLARIS 10 OS

Sun Solaris 10 Operating System Page 2 of 174 2

Aravindh - induced me to script this valuable document.

Raja – kindle, always inspiring me to go little far on extra miles in all

Sources are always precious and unavailable, additional thanks to Hari

Sun Solaris 10 OS/Storage-SVM,VxVM Manickam

1. Basic Unix commands

NOT Under IMS but Included in SUN

14. RBAC - Role Based Access Control

# pwd -> present working directory

# mkdir -> to create a new directory

syn: # mkdir <path_new_dir_name>

syn: # mkdir -p <path_dir_name>

cd -> to change from one directory to another

syn: # cd .. -> to move to the previous dir

syn: ls -l => long list

d rwx r-x r-x 3 root root 512 Sep 21 22:31 tenth

2 => premission on the file/dir for the owner

3 => permission on the file/dir for the owner's group

4 => permission on the file/dir for the others

5 => specifies the link count

6 => specifies the owner of the file/dir

7 => specifies the group to which the file/dir belongs

8 => size of the file/dir

9 => date and time of creation of the file/dir

10 => name of the file/dir

Sun Solaris 10 OS/Storage-SVM,VxVM Manickam

cat => to create, update, view the contents of the file.

syn: # cat > <new_file>

syn: # cat > <path_file_name>

syn: # cat >> <file_name>

syn: # cat <file_name>

syn: # cat -n <file_name>

ctrl+d => to save the contents to the file

# clear -> to clear the screen

touch -> to create number of empty files

Syn: # banner "any word"

cp => to copy the contents of the one file to another

eg: # cp new old

syn: # cp -r <source_dir_name> <destination_dir-name>

mv => to move/rename the files

eg: # mv test newfile

Note: Work only with BASH Shell

# history => displays the commands used in the termina

# history -c => to clear the commands stored in the history

alias => to assign alias to the command TEMP.

syn: # alias <variable>=<command>

less => to view the contents of the file in page-wise

more => similar to less with more options

rm => to remove the file

rmdir => to remove the dir

hostname => to view to hostname of the system

domainname => to view the domain name

bc => binary calculator

ctrl+z => to send the process to background

bg => to view the process running at the background

fg => to bring back the command from background to fore ground

arch => to identify the arch of the system

wc => word count

man => provides the help manual for each command

syn: # man –l <command>

grep => used to search the keywords in the file