Oracle Solaris 10 Syntax Oracle Solaris 11 Syntax Description lucreate -nnewBEbeadm createnewBECreate a new BE lustatus beadm list Display BE information luactivatenewBEbeadm activatenewBEActivate a BE ludeleteBEbeadm destroyBEDestroy an inactive BE luupgradeor patchadd pkg update Upgrade or update a BE How to Update Your ZFS Boot Environment To update a ZFS boot environmentuse t!e pkg updatecommand" #f you update a ZFS BE by using pkg updatea new BE is created and automatically activated" #f t!e updates to t!e e$isting BE are minimala bac%up BE is created before t!e updates are applied" T!e pkg updatecommand displays w!et!er a bac%up BE or a new BE is created" &" Display your existinBE in!ormation" 2. # beadm list 3. BE Acti ve Mountp oint Space Po licy Created 4. -- ------ ---------- ----- ------ ------- solaris NR / 12.24G static 2011-10-04 09:42 #n t!e above outputNRmeans t!e BE is active now and will be t!e active BE on reboot" '" Update your BE" 6. # pkg update 7. Packages to remove: 117 8. Packages to install: 186 9. Packages to update: 315 10. Create boot envi ronment: Yes 11. DOWN LO AD PKGS FILES XFER (MB) 12. Com pleted 618/618 29855/29 855 600.7 /60 0.7 13. . 14. . . #f your e$isting BE name is solarisa new BEsolaris-1is created and automatically activated after t!e pkg updateoperation is complete" &'" #e$oot t%e system to complete t%e BE activation" &%en' con!irm your BE status" 16. # init 6 17. . 18. . 19. .
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Oracle Solaris 10 Syntax Oracle Solaris 11 Syntax Descriptionlucreate -n newBE beadm create newBE Create a new BElustatus beadm list Display BE informationluactivate newBE beadm activate newBE Activate a BEludelete BE beadm destroy BE Destroy an inactive BEluupgrade or patchadd pkg update Upgrade or update a BE
How to Update Your ZFS Boot EnvironmentTo update a ZFS boot environment use t!e pkg update command" #f you update a ZFS BE by using pkgupdate a new BE is created and automatically activated" #f t!e updates to t!e e$isting BE are minimal a bac%upBE is created before t!e updates are applied" T!e pkg update command displays w!et!er a bac%up BE or a newBE is created"
&" Display your existin BE in!ormation"
2. # beadm list3. BE Active Mountpoint Space Policy Created4. -- ------ ---------- ----- ------ -------
solaris NR / 12.24G static 2011-10-04 09:42
#n t!e above output NR means t!e BE is active now and will be t!e active BE on reboot"
20. # beadm list21. BE Active Mountpoint Space Policy Created22. -- ------ ---------- ----- ------ -------23. solaris NR / 12.24G static 2011-10-04 09:42
solaris-1 - - 6.08G static 2011-10-11 10:42
()" (! an error occurs w%en $ootin t%e new BE' activate and $oot to t%e previous BE"
# beadm activate solaris-1
root@Unixarena-SOL11:~# mkdir /old-be
root@Unixarena-SOL11:~# beadm mount solaris /old-be
root@Unixarena-SOL11:~# pkg -R /old-be list difstat
pkg list: no pa kages mat !ing "difstat" installed
root@Unixarena-SOL11:~#
Rollback operation1.Any time you can rollback the Solaris 11 to old boot environment using below command.root@Unixarena-SOL11:~# beadm a ti ate solaris
root@Unixarena-SOL11:~# beadm l ist
$% & ti e 'ountpoint Spa e (oli ) *reated-- ------ ---------- ----- ------ -------
As in t!e previous releases you display t!e value of t!e sharenfs property by using zfs getsharenfs property or by using t!e zfs get all command synta$"
# zfs get sharenfs rpool/fs1NAME PROPERTY VALUE SOURCErpool/fs1 sharenfs on local
T!e new s!are information is available by using t!e zfs get share command"
# zfs get share rpool/fs1NAME PROPERTY VALUE SOURCErpool/fs1 share name=rpool_fs1,path=/rpool/fs1,prot=nfs local
T!e new s!are information is not available in t!e zfs get all command synta$"
#f you create a s!are of a newly created ZFS file system use t!e zfs get share command to identify t!e share-
name name or t!e share-path name" For e$ample*
# zfs create -o mountpoint=/data -o sharenfs=on rpool/data# zfs get share rpool/dataNAME PROPERTY VALUE SOURCErpool/data share name=data,path=/data,prot=nfslocal
ZFS Sharing Inheritance#n!eritance of t!e zfs share property and t!e sharenfs or t!e sharesmb property wor%s as follows*
• T!e zfs share property is not in!erited from a parent to a descendent file system" #n addition t!e zfsset share command does not support t!e -r option to set a ZFS property on descendent file systems"
• #f t!e sharenfs or t!e sharesmb property is set on a parent file system t!e sharenfs ort!e sharesmb property is also set on t!e descendent file systems" For e$ample*
T!en remove t!e s!are by identifying t!e share-name name" For e$ample*
# zfs set -c share=name=ds rpool/dsshare 'ds' was removed.
#f a s!are is establis!ed by creating a default s!are w!en t!e file system is created t!en a s!are can be removed byt!e share-name name or t!e share-path name" For e$ample t!is s!are is given a default share-name name data and
a default share-path name /data "
# zfs create -o mountpoint=/data -o sharenfs=on rpool/data# zfs get share rpool/dataNAME PROPERTY VALUE SOURCErpool/data share name=data,path=/data,prot=nfs local
.emove t!e s!are by identifying t!e share-name name" For e$ample*
# zfs set -c share=name=data rpool/datashare 'data' was removed.
.emove t!e s!are by identifying t!e share-path name" For e$ample*
# zfs set -c share=path=/data rpool/datashare 'data' was removed.
ZFS File Sharing Within a Non-Global Zone
#n previous Solaris releases you could not create and publis! ,FS or S-B s!ares in a 0racle Solaris non1global2one" #n t!is Solaris release you can create and publis! ,FS s!ares by using t!e zfs set share command and
t!e legacy share command wit! a non1global 2one"
• #f a ZFS file system is mounted and available in a non1global 2one it can be s!ared in t!at 2one"
• A file system can be s!ared in t!e global 2one if it is not mounted in a non1global 2one or is not s!ared to anon1global 2one"
• #f a ZFS file system+s mountpoint property set to legacy t!e file system can be s!ared by using t!e
legacy share command"
For e$ample t!e /export/home/data and /export/home/data1 file systems are available in
• A s!are pat! or description t!at includes a comma 3 4 must be 5uoted wit! double 5uotes"
C#FS S!aring on Solaris &&By Paul Johnson-Oracle on Feb 20, 2012
T!ings !ave c!anged since Solaris &6 3and Solaris && E$press too74 on !ow to properly set up a C#FS server on yourSolaris && mac!ine so t!at 8indows clients can access files" T!ere+s some documentation on t!e c!anges !ere butlet me s!are t!e full instructions from beginning to end"
.ecovering ;asswords in Solaris &&By Paul Johnson-Oracle on Feb 11, 2013
About once a year #+ll find a way to loc% myself out of a Solaris system" <ere+s !ow to get out of t!is scenario" /ou+llneed a Solaris && =ive CD or =ive USB stic%"
• Boot up from t!e =ive CD>USB
• Select t!e +Te$t Console+ option from t!e ?.UB menu
• =ogin to t!e solaris console using t!e username>password of @ac%>@ac%
• Switc! to root
$ sudo su
password jack
• -ount t!e solaris boot environment in a temporary directory
#f prompted for a password !it return since t!is !as now been blan%ed"
Configuring a Basic =DA; Server Client in Solaris &&By Paul Johnson-Oracle on Feb 21, 2013
-on!i urin t%e ServerSolaris && s!ips wit! 0pen=DA; to use as an =DA; server" To configure you+re going to need a simple slapd"conf fileand an =D#F sc!ema file to populate t!e database" First let+s loo% at t!e slapd"conf configuration*
/ou may want to c!ange t!e lines suffi$ and rootdn to better represent your networ% naming sc!ema" -y =DA;server+s !ostname is buford and domain name is !illvalley" /ou will need to add additional domain components 3dc 4if t!e name is longer" T!is sc!ema assumes t!e =DA; manager will be called admin" #ts password is +secret+" T!is isin clear1te$t @ust as an e$ample but you can generate a new one using slappasswd*
[paulie@buford ~]$ slappass"d
?e" pass"ord:
)e-enter ne" pass"ord:
D%%4<EFlyGaHAI;>&=5d/J";f&Ih<KHiaogk5I
.eplace +secret+ wit! t!e entire !as! SS<A -lyFaZ$? /# 6d>Gw f#?!A9Ziaog%6? for t!e rootpw line" ,ow let+screate a basic sc!ema for my networ%"
T!at+s it7 0ur =DA; server is up populated and ready to aut!enticate against"
-on!i urin t%e -lient#+m going to turn my e$ample server buford"!illvalley into an =DA; client as well" To do t!is we need to run t!e
:ldapclient: command to map our new user and group data*
[paulie@buford ~]$ ldapclient manual 1
-a credentialLevel proAy 1
-a authenticationFethod simple 1
-a default%earchOase dc buford!dc hillvalley 1
-a domain?ame buford hillvalley 1
-a default%erverList 063 0;7 0 05* 1
-a proAy ? cn admin!dc buford!dc hillvalley 1
-a proAy'ass"ord secret 1
-a attributeFap group:gidnumber gid?umber 1
-a attributeFap pass"d:gidnumber gid?umber 1
-a attributeFap pass"d:uidnumber uid?umber 1
-a attributeFap pass"d:homedirectory home irectory 1
-a attributeFap pass"d:loginshell login%hell 1
-a attributeFap shado":userpass"ord user'ass"ord 1
-a obCect(lassFap group:posiAIroup posiAgroup 1
-a obCect(lassFap pass"d:posiA<ccount posiAaccount 1
-a obCect(lassFap shado":shado"<ccount posiAaccount 1
-a service%earch escriptor pass"d:ou users!dc buford!dc hillvalley 1
-a service%earch escriptor group:ou groups!dc buford!dc hillvalley 1
-a service%earch escriptor shado":ou users!dc buford!dc hillvalley
As usual c!ange t!e !ost and domain names as well as t!e #; address !eld in defaultServer=ist and t!e
pro$y;assword" T!e command s!ould respond bac% t!at t!e system was configured properly !owever additionalc!anges will need to be made if you use D,S for !ostname loo%ups 3most people use D,S so run t!esecommands4"
,ow we need to c!ange !ow users login so t!at t!e client %nows t!at t!ere is an e$tra =DA; server to aut!enticateagainst" T!is s!ould not loc%out local worries" E$amine t!e two files >etc>pam"d>login and >etc>pam"d>ot!er" C!angeany instance of
auth re.uired pam uniA auth so 0
to
auth binding pam uniA auth so 0 server policy
After t!is line add t!e following new line*
auth re.uired pam ldap so 0
T!at+s it7 Finally reboot your system and see if you can login wit! your newly created user"
Update ?lenn Faden wrote an e$cellent guide to configuring 0pen=DA; using t!e native Solaris user>group>role
management system"
Configuring a Basic D,S Server Client in Solaris &&By Paul Johnson-Oracle on Mar 04, 2013
-on!i urin t%e ServerT!e default install of Solaris && does not come wit! a D,S server but t!is can be added easily t!roug! #;S li%e so*
-y forwarders use t!e 0penD,S servers so any re5uest t!at t!e local D,S server can+t process goes t!roug! t!ere"#+ve also setup two 2ones* !illvalley"db for my forward 2one and &"& H"&I("db for my reverse 2one" 8e need bot! fora proper configuration" 8e also need to create some directories to support t!is file*