lofiadm: /dev/lofictl: No such file or directory, Solaris non-global zone

To avoid the above error in Solaris 10 non-global zone, we need to expose lofi to solaris non-global zone:

/opt/VRTSvcs/bin/hagrp -offline platenggrp -any

Change zonecfg on both nodes in VCS cluster for this non-global zone:

bash-3.00# zonecfg -z plateng01p
zonecfg:plateng01p> info
zonename: plateng01p
zonepath: /zones/plateng01p
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
fs:
dir: /usr/local
special: /zones/plateng01p/local
raw not specified
type: lofs
options: []
fs:
dir: /usr/openv
special: /zones/plateng01p/openv
raw not specified
type: lofs
options: []
net:
address: xx.xx.xx.xx
physical: e1000g0

zonecfg:plateng01p>
zonecfg:plateng01p> add device
zonecfg:plateng01p:device> set match=/dev/lofictl
zonecfg:plateng01p:device> end
zonecfg:plateng01p> add device
zonecfg:plateng01p:device> set match=/dev/lofi/*
zonecfg:plateng01p:device> end
zonecfg:plateng01p> add device
zonecfg:plateng01p:device> set match=/dev/rlofi/*
zonecfg:plateng01p:device> end
zonecfg:plateng01p> exit

bash-3.00# zonecfg -z plateng01p info
zonename: plateng01p
zonepath: /zones/plateng01p
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
fs:
dir: /usr/local
special: /zones/plateng01p/local
raw not specified
type: lofs
options: []
fs:
dir: /usr/openv
special: /zones/plateng01p/openv
raw not specified
type: lofs
options: []
net:
address: xx.xx.xx.xx
physical: e1000g0
device
match: /dev/lofictl
device
match: /dev/lofi/*
device
match: /dev/rlofi/*
bash-3.00#

bash-3.00# /opt/VRTSvcs/bin/hagrp -online platenggrp -any

bash-3.00# lofiadm -a /root/sol-10-u7-ga-sparc-dvd.iso /dev/lofi/1

bash-3.00# lofiadm
Block Device File
/dev/lofi/1 /root/sol-10-u7-ga-sparc-dvd.iso
bash-3.00#

bash-3.00# mount -F hsfs -o ro /dev/lofi/1 /mnt/solaris

bash-3.00# df -kh | grep mnt
mnttab 0K 0K 0K 0% /etc/mnttab
/dev/lofi/1 2.5G 2.5G 0K 100% /mnt/solaris
bash-3.00#

Reference: http://wiki.genunix.org/wiki/index.php/Solaris10_Tech_FAQ

CPIO: Safe way to recursively copy files/folders from one place to another

Copying everything under current directory to another directory: (works in Solaris zones)

find .|cpio -pmd /a/mnt/

Solaris 10 ldapclient and Centos5 openldap-2.3.27-5

ldapclient -v manual -a credentialLevel=anonymous -a defaultsearchbase=’dc=y,dc=com’ -a defaultServerList=ldapvip,ldap1,ldap2 -a serviceSearchDescriptor=passwd:ou=users,dc=y,dc=com?sub -a serviceSearchDescriptor=group:ou=Group,dc=y,dc=com -a serviceSearchDescriptor=netgroup:ou=Netgroups,dc=y,dc=com?sub -a serviceAuthenticationMethod=pam_ldap:simple

Copy pam.conf file over

scp /usr/lib/security/*mkhome*:

# ls -l /usr/lib/security/*mkhome*
lrwxrwxrwx 1 root root 36 Apr 23 2008 /usr/lib/security/pam_mkhomedir.so -> /usr/lib/security/pam_mkhomedir.so.1
-rwxr-xr-x 1 root root 12844 Apr 28 2008 /usr/lib/security/pam_mkhomedir.so.1

It seems pam_mkhomedir was compiled from: http://www.keutel.de/pam_mkhomedir/

cat /etc/pam.conf:

#
# Authentication management
#
# login service (explicit because of pam_dial_auth) #
login auth requisite pam_authtok_get.so.1
login auth required pam_dhkeys.so.1
login auth required pam_unix_cred.so.1
login auth required pam_dial_auth.so.1
login auth binding pam_unix_auth.so.1 server_policy
login auth required pam_ldap.so.1
#
# rlogin service (explicit because of pam_rhost_auth) #
rlogin auth sufficient pam_rhosts_auth.so.1
rlogin auth requisite pam_authtok_get.so.1
rlogin auth required pam_dhkeys.so.1
rlogin auth required pam_unix_cred.so.1
rlogin auth binding pam_unix_auth.so.1 server_policy
rlogin auth required pam_ldap.so.1
#
# rsh service (explicit because of pam_rhost_auth, # and pam_unix_auth for meaningful pam_setcred) #
rsh auth sufficient pam_rhosts_auth.so.1
rsh auth required pam_unix_cred.so.1
rsh auth binding pam_unix_auth.so.1 server_policy
rsh auth required pam_ldap.so.1
#
# PPP service (explicit because of pam_dial_auth) #
ppp auth requisite pam_authtok_get.so.1
ppp auth required pam_dhkeys.so.1
ppp auth required pam_dial_auth.so.1
ppp auth binding pam_unix_auth.so.1 server_policy
ppp auth required pam_ldap.so.1
#
# Default definitions for Authentication management # Used when service name is not explicitly mentioned for authentication #
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_cred.so.1
other auth binding pam_unix_auth.so.1 server_policy
other auth required pam_ldap.so.1
#
# passwd command (explicit because of a different authentication module) #
passwd auth binding pam_passwd_auth.so.1 server_policy
passwd auth required pam_ldap.so.1
#
# cron service (explicit because of non-usage of pam_roles.so.1) #
cron account required pam_unix_account.so.1
#
# Default definition for Account management # Used when service name is not explicitly mentioned for account management #
other account requisite pam_roles.so.1
#other account binding pam_unix_account.so.1 server_policy
other account sufficient pam_unix_account.so.1
other account required pam_ldap.so.1
#
# Default definition for Session management # Used when service name is not explicitly mentioned for session management #
other session required pam_unix_session.so.1
other session optional pam_mkhomedir.so.1 skel=/etc/skel/ umask=0022

#
# Default definition for Password management # Used when service name is not explicitly mentioned for password management #
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1 server_policy
#
# Support for Kerberos V5 authentication and example configurations can # be found in the pam_krb5(5) man page under the “EXAMPLES” section.
#

ppp auth required pam_unix_cred.so.1
ppp auth required pam_unix_auth.so.1
krlogin auth required pam_unix_cred.so.1
krlogin auth required pam_krb5.so.1
krsh auth required pam_unix_cred.so.1
krsh auth required pam_krb5.so.1
ktelnet auth required pam_unix_cred.so.1
ktelnet auth required pam_krb5.so.1

mpxio with local drive

# echo | format
Searching for disks…done

AVAILABLE DISK SELECTIONS:
0. c1t0d0
/pci@0/pci@0/pci@2/scsi@0/sd@0,0
1. c1t1d0
/pci@0/pci@0/pci@2/scsi@0/sd@1,0
Specify disk (enter its number): Specify disk (enter its number):

After “stmsboot -e”, enabling mpxio:

# echo | format
Searching for disks…done

AVAILABLE DISK SELECTIONS:
0. c4t5000C5000B1E7CABd0
/scsi_vhci/disk@g5000c5000b1e7cab
1. c4t5000C5000B1E534Fd0
/scsi_vhci/disk@g5000c5000b1e534f
Specify disk (enter its number): Specify disk (enter its number):

# stmsboot -L
non-STMS device name STMS device name
——————————————————————
/dev/rdsk/c1t0d0 /dev/rdsk/c4t5000C5000B1E534Fd0
/dev/rdsk/c1t1d0 /dev/rdsk/c4t5000C5000B1E7CABd0

Upgrade Sun T5220 Firmware

-> show /HOST

/HOST
Targets:
bootmode
diag

Properties:
autorestart = reset
autorunonerror = false
hypervisor_version = Hypervisor 1.6.0.b 2008/03/01 01:47
macaddress = 00:14:4f:d4:b3:b8
obp_version = OBP 4.28.0 2008/01/22 21:10
post_version = POST 4.28.0 2008/01/22 21:38

send_break_action = (none)
status = Solaris running
sysfw_version = Sun System Firmware 7.1.0.g 2008/04/03 19:35

Commands:
cd
set
show

->

sc> showhost
Sun System Firmware 7.1.0.g 2008/04/03 19:35

Host flash versions:
Hypervisor 1.6.0.b 2008/03/01 01:47
OBP 4.28.0 2008/01/22 21:10
POST 4.28.0 2008/01/22 21:38

sc>

sc> poweroff

sc> flashupdate -s tftp_server_ip_address -f /Sun_System_Firmware-7_2_1_b-SPARC_Enterprise_T5120+T5220.pkg

NOTE: A flashupdate takes about 6 minutes to load a new file.
Some commands are disabled until the file load is complete.
The SC must be reset to complete the upgrade.

Are you sure you want to load the specified file (y/n)? y

……………………………………………………………………………………………….
Operation succeeded
New firmware images were loaded. Reset the SC to complete the upgrade.

sc>

sc> resetsc
Are you sure you want to reset the SC (y/n)? y
Performing hard reset on the SC

wait for a few minutes:

sc> showhost
Sun System Firmware 7.2.1.b 2009/03/04 14:19

Host flash versions:
Hypervisor 1.7.1 2009/01/22 06:50
OBP 4.30.1 2009/01/17 05:30
POST 4.30.1.a 2009/03/04 07:53

sc>

-> show /HOST

/HOST
Targets:
bootmode
diag
domain

Properties:
autorestart = reset
autorunonerror = false
bootfailrecovery = poweroff
bootrestart = none
boottimeout = 0
hypervisor_version = Hypervisor 1.7.1 2009/01/22 06:50
macaddress = 00:14:4f:d4:b3:b8
maxbootfail = 3
obp_version = OBP 4.30.1 2009/01/17 05:30
post_version = POST 4.30.1.a 2009/03/04 07:53
send_break_action = (none)
status = Powered off
sysfw_version = Sun System Firmware 7.2.1.b 2009/03/04 14:19

Commands:
cd
set
show

->

sc> console
Enter #. to return to ALOM.

Serial console stopped.
sc> poweron
sc> Chassis | major: Host has been powered on

sc> console
Enter #. to return to ALOM.
0:0:0>
0:0:0>SPARC-Enterprise[TM] T5120/T5220 POST 4.30.1.a 2009/03/04 07:53
/export/delivery/delivery/4.30/4.30.1.a/post4.30.1-micro/Niagara/huron/integrated (root)
0:0:0>Copyright 2009 Sun Microsystems, Inc. All rights reserved
0:0:0>POST enabling CMP 0 threads: 00000000.ffffffff
0:0:0>VBSC mode is: 00000000.00000001
0:0:0>VBSC level is: 00000000.00000001
0:0:0>VBSC selecting Normal mode, MAX Testing.
0:0:0>VBSC setting verbosity level 2
0:0:0>Basic Memory Tests….Done
0:0:0>Test Memory….Done
0:0:0>Setup POST Mailbox …./Chassis | major: Hot removal of HDD5
Chassis | major: Hot removal of HDD4
Chassis | major: Hot removal of HDD3
Chassis | major: Hot removal of HDD2
Chassis | major: Hot removal of HDD7
Chassis | major: Hot removal of HDD6 D one
0:0:0>Master CPU Tests Basic….Done
0:0:0>Init MMU…..
0:0:0>NCU Setup and PIU link train….Done
0:0:0>L2 Tests….Done
0:0:0>Extended CPU Tests….Done
0:0:0>Scrub Memory….Done
0:0:0>SPU CWQ Tests…Done
0:0:0>MAU Tests…Done
0:0:0>Network Interface Unit Tests….Done
0:0:0>Functional CPU Tests….Done
0:0:0>Extended Memory Tests….Done
2009-05-22 05:50:15.944 0:0:0>INFO:
2009-05-22 05:50:15.954 0:0:0> POST Passed all devices.
2009-05-22 05:50:15.963 0:0:0>POST: Return to VBSC.
2009-05-22 05:50:15.972 0:0:0>Master set ACK for vbsc runpost command and spin…
Chassis | major: Host is running
Chassis | major: Hot insertion of /SYS/MB/CMP0/P0
Chassis | major: Hot insertion of /SYS/MB/CMP0/P1
Chassis | major: Hot insertion of /SYS/MB/CMP0/P2
Chassis | major: Hot insertion of /SYS/MB/CMP0/P3
Chassis | major: Hot insertion of /SYS/MB/CMP0/P4
Chassis | major: Hot insertion of /SYS/MB/CMP0/P5
Chassis | major: Hot insertion of /SYS/MB/CMP0/P6
Chassis | major: Hot insertion of /SYS/MB/CMP0/P7
Chassis | major: Hot insertion of /SYS/MB/CMP0/CORE0
Chassis | major: Hot insertion of /SYS/MB/CMP0/P8
Chassis | major: Hot insertion of /SYS/MB/CMP0/P9
Chassis | major: Hot insertion of /SYS/MB/CMP0/P10
Chassis | major: Hot insertion of /SYS/MB/CMP0/P11
Chassis | major: Hot insertion of /SYS/MB/CMP0/P12
Chassis | major: Hot insertion of /SYS/MB/CMP0/P13
Chassis | major: Hot insertion of /SYS/MB/CMP0/P14
Chassis | major: Hot insertion of /SYS/MB/CMP0/P15
Chassis | major: Hot insertion of /SYS/MB/CMP0/CORE1
Chassis | major: Hot insertion of /SYS/MB/CMP0/P16
Chassis | major: Hot insertion of /SYS/MB/CMP0/P17
Chassis | major: Hot insertion of /SYS/MB/CMP0/P18
Chassis | major: Hot insertion of /SYS/MB/CMP0/P19
Chassis | major: Hot insertion of /SYS/MB/CMP0/P20
Chassis | major: Hot insertion of /SYS/MB/CMP0/P21
Chassis | major: Hot insertion of /SYS/MB/CMP0/P22
Chassis | major: Hot insertion of /SYS/MB/CMP0/P23
Chassis | major: Hot insertion of /SYS/MB/CMP0/CORE2
Chassis | major: Hot insertion of /SYS/MB/CMP0/P24
Chassis | major: Hot insertion of /SYS/MB/CMP0/P25
Chassis | major: Hot insertion of /SYS/MB/CMP0/P26
Chassis | major: Hot insertion of /SYS/MB/CMP0/P27
Chassis | major: Hot insertion of /SYS/MB/CMP0/P28
Chassis | major: Hot insertion of /SYS/MB/CMP0/P29
Chassis | major: Hot insertion of /SYS/MB/CMP0/P30
Chassis | major: Hot insertion of /SYS/MB/CMP0/P31
Chassis | major: Hot insertion of /SYS/MB/CMP0/CORE3

SPARC Enterprise T5220, No Keyboard
…

Virtualbox add disk to Solaris10 x64 guest

1. Add the disk via Virtualbox GUI;
2. In Solaris10: #touch /reconfigure
3. reboot -- -r

Solaris 10 disable X from starting up after boot

svcadm disable svc:/application/graphical-login/cde-login:default

Works for Java Desktop System

Vmware ESX 3.5 – Solaris 10 (x86) guest

Just installed 2 Solaris 10 (x86) guests inside Vmware ESX 3.5 evaluation version. I had to do the following workaround for xorg to work properly:
Run /usr/bin/vmware-config-tools.pl multiple times, and have to delete /etc/X11/xorg.conf file first. Sometimes this conf file is corrupted. After installing vmware tool, it would automatically run this vmware-config-tools.pl file, but that is NOT enough in my case.

Another thing is I need to manually change /etc/hostname.pcn0 to /etc/hostname.vmxnet0

ngroups_max

RHEL 3:
$ getconf NGROUPS_MAX
32

RHEL 4:
$ getconf NGROUPS_MAX
65536
$ /sbin/sysctl kernel.ngroups_max
kernel.ngroups_max = 65536
$ cat /proc/sys/kernel/ngroups_max
65536

RHEL 5:
$ getconf NGROUPS_MAX
65536
$ /sbin/sysctl kernel.ngroups_max
kernel.ngroups_max = 65536
$ cat /proc/sys/kernel/ngroups_max
65536

Solaris 10:
# getconf NGROUPS_MAX
16

To get rid of the above limit:
/etc/system
set ngroups_max = 32

AIX 5.2.0.0:
# getconf NGROUPS_MAX
64

reference:
http://www.j3e.de/ngroups.html

ssh controlmaster / respawn

On Solaris 8, should work in other *nix.

lg:3:respawn: /usr/bin/su – username -c “ssh -nNTx another_server > /dev/null 2>&1″

$ cat config
Host *
  ControlPath ~/.ssh/master-%r@%h:%p
  ControlMaster auto
$