solaris part1
DESCRIPTION
solarisTRANSCRIPT
INSTALLATION OF SOLARIS OPERATING SYSTEM
Your computer is composed of hardware and software. Software applications run
on the software system called the operating system, which in turn runs on the computer
hardware. To build a Solaris 10 system, you need to install Solaris 10 OS on a compatible
hardware machine and then install the applications that your system will be running. The
applications in the Sun Solaris world are distributed in the form of so-called packages.
Sometimes, in between the two releases of an OS, a problem needs to be fixed or a new
feature needs to be added to keep the system up to date.
This is accomplished through the use of what are called patches. So, the central
question to think about in this chapter is: how to install Solaris software and keep your
system up to date? In search of an answer, we will explore three thought streams: installing
Solaris 10 OS.
Hardware Compatibility:
An operating system controls the computer hardware - that is, it runs on top of
hardware architecture. Solaris 10 OS supports the SPARC and x86 families of processor
architectures: Ultra SPARC, SPARC64, IA-32, and AMD64.
To be more specific, the following SPARC systems are supported:
for workstation systems:
Sun Blade <n>, where <n> stands for 100, 150, 1000, 1500, 2000, or 2500.
Ultra <n>, where <n> stands for 2, 5, 10, 30, 60, 80, or 450.
For workgroup (entry level) servers:
Sun Fire <x>, where <x> stands for V100, V120, V210, V240, V250, 280R,
V440, V480, V490, V880, V890, B100s, or B10n.
Sun Enterprise <n>, where <n> stands for 2, Ultra 5S, Ultra 10S, 250, 450,
220R, or 420 R.
For midrange servers:
Sun Fire <x>, where <x> stands for V1280, 3800, 4800, 4810, 6800, E2900,
E4900, or E6900.
Sun Enterprise <n>, where <n> stands for 3000, 4000, 5000, 6000, 3500,
4500, 5500, or 6500.
For high-end servers:
Sun Fire <x>, where <x> stands for E20K, E25K, 12K, or 15K.
Sun Enterprise <n>, where <n> stands for 10000.
Netra Servers.
All these SPARC systems are 64-bit, but they support both 64-bit and 32-bit
applications. Also note that none of these platforms requires any special installation
instructions for Solaris 10 - that is, you can just follow the general procedure described in this
chapter.
Although Solaris was originally designed to run on SPARC hardware, the PC
hardware support has been improving gradually. This makes perfect business sense, because
PC hardware is cheaper than the SPARC hardware and has a larger customer base. Solaris 10
supports the PC hardware that in this book is referred to by the term x86 which includes the
Intel 32-bit family of microprocessors and compatible 64-bit and 32-bit microprocessors from
Advanced Micro Devices (AMD).
The minimum hardware requirements for installing Solaris 10 are listed below:
ITEM REQUIRMENTPlatform Various platforms based on SPARC or x86 systemsMemory for installation or upgrade Minimum: 64MB Recommended: 256MB For
GUI-based installation: 384 MB or higher
SWAP area
Default: 512MB. (You can select double of RAM) (the hard disk space used asmemory)
Processor SPARC: 200 MHz or faster. X 86: 120 MHz or faster.Disk space
Minimum: 12GB
Once you make sure that your machine meets the hardware requirements, you need to
determine which installation method to use.
Installation Options and Requirements:
There is a wide spectrum of installation options (methods) available to install Solaris
10. These options let you choose the installation media such as CD or DVD, the installation
environment such as standalone system or network installation, the installation programs such
as text or GUI installer, and so on.
Initial installation. If your machine does not have any OS installed on it, obviously
you will choose this method. If your machine does have a previous version of OS
installed on it, this method will overwrite the disk with the Solaris 10 OS.
We will describe one system installation using Solaris installation program from CD
or DVD. When you use the Solaris installation program, you have the option to
install in one of the following two modes:
Text installer mode. The Solaris text installer enables you to install interactively by
typing information in a terminal or a console window. You can run the text installer
either in a desktop session with a window environment or in a consolesession. In
addition to keyboard and monitor, the text installer will require a local DVD or CD-
ROM drive or a network connection.
Graphical user interface (GUI) mode. The Solaris GUI installer enables you to
interact with the installation program by using graphic elements such as windows,
pull-down menus, buttons, scrollbars, and icons. In addition to keyboard, monitor,
and video adapter, the GUI installer requires a local DVD or CD-ROM drive, or a
network connection. The minimum memory requirement for GUI installation is 384
MB.
Different installation methods:
1. Install one system interactively (locally) ---- Use the Solaris installation program
fromCD-ROM or DVD.
2. Automatic installation of multiple systems based on profiles created by the system
administrator that contain the installation requirements.
3. Use Custom JumpStart. Replicate the same software and configuration on multiple
systems.
4. Use Solaris flash archive. Install multiple systems over the wide area network (or
Internet).
Solaris Software Terminology:
When you install Solaris 10 on your machine, you install one flavor of Solaris from
several available flavors depending on your needs. In Solaris terminology, this flavor is
called a software group, which contains software clusters and packages. These terms are
described in the following list:
Package: Sun and its third-party vendors deliver software products in the form of
components called packages. A package is the smallest installable modular unit of
Solaris software. In other words, a package is a collection of software - that is, a set of
fi les and directories grouped into a single entity for modular installation and
functionality. For example, SUNWadmap is the name of the package that contains the
software used to perform system administration, and SUNWapchr contains the root
components of the Apache HTTP server.
Cluster: A cluster is a logical collection of packages (software modules) that are
related to each other by their functionality.
Software group: A software group is a grouping of software packages and clusters.
During initial installation, you select a software group to install based on the functions
you want your system to perform. For an upgrade, you upgrade the software group
installed on your system. Remember that in order to manage the disk space, you can
add or remove individual software packages from the software group that you select.
Patch: Generally speaking, a patch is a software component that offers a small
upgrade to an existing system such as an additional feature, a bug fi x, a driver. The
disk space requirement to install Solaris 10 depends on the software group that you
choose to install.
TABLE 2-4
Disk space requirements for installing different Solaris software groups:
Software Group Description sizeReduced Network Support Software Group
Contains the packages that provide the minimum
Contains the packages that provide the minimumContains the packages that provide the minimum with limited network service support. However, it does not activate the network services.
2.0GB
Core System Support Software Group
Contains the packages that provide the minimum support required to boot and run a networked Solaris system.
2.0GB
End User Solaris Software Group
Contains the packages that provide the minimum support required to boot and run a networked Solaris system and the Common Desktop Environment (CDE).
5.0GB
Developer Software Group Contains the packages for the End User Solaris
Software Group plus additional support for software development which includes libraries, man pages, and programming tools. Compilers are not included.
6.0GB
Entire Solaris Software Group
Contains the packages for the Developer Solaris Software Group and additional software to support the server functionality.
6.5GB
Entire Solaris Software Contains the packages for the Entire Solaris
Group plus Original Software Group plus additional hardware drivers, including drivers for hardware that may not be on the system at the installation time
6.7GB
Equipment Manufacturer(OEM) support
When you install Solaris, you install a Solaris software group that contains packages and clusters. It’s time to explore how the installation is performed.
Different software groups. Each group includes the functionality of the inner
groups
Performing Installation:
How to install Solaris 10 on SPARC- or x86-based machines interactively by using
the Solaris installation program from the Installation CD or DVD. Before you start
installation, obviously, you will make sure you have the installation CD or DVD appropriate
for the machine on which you are going to install it.
The other pre-installation requirement checks you should perform are the following:
Make sure your machine meets the hardware requirements described above.
Make sure your machine has one of the following media:
CD-ROM drive for an installation from CD
DVD drive for an installation from DVD
For a system that will not be connected to the network, keep the following
information ready:
The hostname that you will assign to the system you are installing
Language and locales that you plan to use for the system
The root password you are going to use for the root account
The required installation media and software
SPARC Solaris 10 Software CDs.
Solaris 10 Operating System for
SPARC Platforms DVD.
X 86 Solaris 10 Software CDs.
Solaris 10 Operating System for x86 Platforms DVD.
For a system that will be connected to a network, gather the following information:
The hostname that you plan to assign to the system you are installing
Language and locales that you plan to use for the system
The IP address for the machine
The subnet mask for the network
Domain name
The type of name services to be used such as DNS, NIS, or NIS+
The hostname and IP address of the name server
The root password you are going to assign to the root account
If you want to preserve any existing data or applications, you should back up the system.
Once you have checked all the installation requirements, and gathered the required
information, you are ready to install.
Installing on a SPARC Machine:
In order to install Solaris 10 on a standalone SPARC machine by using the installation
CD or DVD, use the following procedure:
1. Insert the installation media into the drive:
(a) If you are installing from the CD, insert the Solaris 10 Software for SPARC
Platforms 1 CD into the CD-ROM drive.
(b) If you are installing from the DVD, insert the Solaris 10 Operating System for
SPARC Platforms DVD into the DVD drive.
2. Boot the system:
(a) If the system is new—that is, nothing is installed on it, turn on the system.
(b) If you want to install a system that is currently running, shut down the system to
reboot from the CD-ROM (or DVD) drive. For example, bring the system to the
boot command prompt ok by issuing an init or halt command. The end result of
this step is the ok prompt;
3. Start the Solaris installation program by booting from the CD or DVD:
(a) If you want to use the Solaris installation GUI, boot from the local CD or DVD by
issuing the following command at the ok prompt: ok boot cdrom
(b) If you want to use the text installer in a desktop session, boot from the local CD or
DVD by issuing the following command at the ok prompt: ok boot cdrom –text
The -text option is used to override the default GUI installer with the text installer
in a desktop session.
(c) If you want to use the text installer in a console session, boot from the local CD or
DVD by issuing the following command at the ok prompt: ok boot cdrom –nowin
The -nowin option is used to override the default GUI installer with the text
installer in a console session. After you issue one of these boot commands, the
installation program starts; it prompts you to select a language to use during the
installation. To tell the installation program to move to the next step, you typically
click Next in a GUI and perform a similar action in the text installer. Here, we are
going to use the GUI terminology when it comes to saying continue or move to
next step. If you are using the text installer, just follow the instruction on the
monitor about what to do to continue.
4. Select the language you want to use during the installation, and press enter. After a
few seconds, the Solaris Installation Program Welcome message appears.
5. Click Next to begin the installation. If you are prompted, answer the system confi
guration questions about such matters as hostname, IP address, and so on. Use the
information that you gathered earlier in this chapter. After you get through the confi
guration questions, the Welcome to Solaris dialog box is displayed.
6. Select whether you want to reboot the system automatically and whether you want to
automatically eject the disc, and click Next. The Specify Media screen appears.
7. Specify the media you are using to install and click Next.
8. Select whether you want to perform an initial installation or an upgrade and click
Next. If you choose to upgrade the existing system, the Solaris installation program
will determine whether the system can be upgraded. For example, to be able to
upgrade, it must have an existing Solaris root (/) fi le system. After detecting the
necessary conditions, the installation program will upgrade the system.
9. Select the type of installation that you want to perform, as shown in the following:
(a) Select Default Install if you want to install the Entire Solaris Software Group and
the Sun Java™ Enterprise System software. This is a good choice if you are a
beginner and your machine has enough disk space.
(b) Select Custom Install if you want to perform the following tasks and you know
how to do it:
Install a specifi c software group
Install specifi c software packages
Install a specifi c locale
Customize the disk layout
Click Next.
10. Answer any additional confi guration questions, if you are prompted. Once you have
provided the required information, the Ready to Install screen is displayed.
11. Click Install Now to install the Solaris software including the OS, and follow the
instructions on the screen. When the installation program finishes installing the
Solaris software, the system will reboot automatically or it will prompt you to reboot
manually. If you chose to install additional products, you would be prompted to insert
the CD or DVD for those products. If you were performing an initial installation, the
installation is complete, and you can move on to the next step. If, on the other hand,
you were upgrading an existing system, you might need to make corrections to some
local modifi cations that were not preserved:
Review the contents of the /a/var/sadm/system/data/upgrade_cleanup file to
determine whether you need to make any correction to the local modifications
that the Solaris installation program could not preserve.
Make corrections to any local modifications that were not preserved.
12. If you did not select the automatic reboot option earlier, reboot the system by issuing
the following command: # reboot
Note that the text installer will not prompt you to select a default or custom
installation. Instead, you will be provided the text installer screens with default values.
Accept those values for default installation, or edit the values to customize the
installation. If you are planning to install Solaris on a PC (x 86 machine), follow the
installation steps presented in the next section.
Installing on an x86 Machine:
Just as on a SPARC machine, you can choose to install the Solaris OS on an x86
machine by using the Solaris installation program from the installation CD or DVD. Note that
the machine’s BIOS must support booting from a CD or DVD. You may need to manually set
your BIOS to boot from a DVD or CD. See your machine’s hardware documentation for
more information on how to set the BIOS.
The installation procedure is described here:
1. Insert the CD or DVD into appropriate drive:
(a) If you plan to boot from the CD drive, insert the Solaris 10 Software -1 CD into
the drive.
(b) If you plan to install from the DVD drive, insert the Solaris 10 Operating System
DVD into the drive.
2. Boot the system by shutting it down, turning it off, and then turning it back on. If you
need to manually set the BIOS to boot from CD or DVD, press the appropriate key
sequence to interrupt the system boot process. After modifying the boot priority in the
BIOS, exit the BIOS to return to the installation program. After executing the memory
test and hardware detection, the screen refreshes, and the Solaris Booting System
screen is displayed.
3. Decide whether you want to modify the device settings. You may need to do this if
you want to perform any of the following tasks:
Install device drivers or Install Time Updates (ITUs). Check your hardware
documentation to see whether you need any ITUs or additional drivers.
Disable Advanced Confi guration and Power Interface (ACPI).
Set up a serial console.
Reset the default boot device.
If you need to modify device settings with the Solaris Device Configuration Assistant
(DCA), press esc. Note that you must press esc within five seconds to interrupt the
installation in order to get the DCA screen displayed. To modify the device settings, follow
the instructions on the DCA screens. Subsequently, the Solaris installation program checks
the default boot disk for the requirements to install or upgrade the system. If the installation
program cannot detect the required system configuration, the program prompts you for any
missing information. When the check is complete, the installation selection screen is
displayed.
4. Select an installation type. The installation selection screen displays the following
options; Select the type of installation that you want to perform:
(a) Solaris Interactive
(b) Custom JumpStart
(c) Solaris Interactive Text (Desktop session)
(d) Solaris Interactive Text (Console session)
Enter the number of your choice (for example, 4 for the text console session) followed
by enter. Solaris Interactive (with GUI) is the default that will be started if you wait for more
than 30 seconds. After you make your selection, the system configures the devices and
interfaces and searches for configuration fi les. After a few seconds, the Solaris Installation
Program screen is displayed.
5. On the Solaris Installation Program screen, press f2 to Continue. Now, there are two
possible scenarios to proceed with:
If the installation program detects the types of display, keyboard, and mouse
on your system, the Select a Language screen is displayed, and you can go to
step 7.
If, on the other hand, the installation program does not detect the types of
display, keyboard, and mouse on your system, the Introduction screen from
the kdmconfig is displayed. In this case, go to step 6.
6. Choose one of the following two ways to go from here:
If you want to install the Solaris OS with the GUI, confi gure your system to
use the keyboard, display, and mouse, by following the instructions on the
screen.
If you want to do the text installation, press f4 to bypass the steps related to
GUI and go directly to step 7.
We are now at Select the Language screen.
7. Select the language you plan to use during the installation and press enter. Within
seconds, the Solaris Installation Program Welcome screen is displayed.
8. Click Next to begin the installation. If you are prompted, answer the remaining
system configuration questions. Use the information that you gathered as described
previously. After you get through the configuration questions, the Welcome to Solaris
dialog box is displayed.
9. Select whether you want to reboot the system automatically and automatically eject
the disc and click Next. The Specify Media screen appears.
10. Specify the media you are using to install and click Next.
11. Select whether you want to perform an initial installation or an upgrade and click
Next. If you choose to upgrade the existing system, the Solaris installation program
will determine whether the system can be upgraded. For example, to be able to
upgrade it must have an existing Solaris root (/) fi le system. After detecting the
necessary conditions, the installation program upgrades the system.
12. Select the type of installation that you want to perform, as shown here:
Select Default Install if you want to install the entire Solaris Software Group
and the Sun Java™ Enterprise System software. This is a good choice if you
are a beginner and your machine has enough disk space.
Select Custom Install if you want to perform the following tasks and you
know how to do it:
(a) Install a specific software group
(b) Install specific software packages
(c) Install a specific locale
(d) Customize the disk layout
We discuss software groups and packages later in this chapter. Click Next.
13. Answer any additional confi guration questions, if you are prompted. Once you have
provided the required information, the Ready to Install screen is displayed.
14. Click Install Now to install the Solaris software including the OS, and follow the
instructions on the screen.
When the installation program finishes installing the Solaris software, the system will
reboot automatically or prompt you to reboot manually. If you chose to install additional
products, you would be prompted to insert the CD or DVD for those products. If you were
performing an initial installation, the installation would complete and you could move on to
the next step. If, on the other hand, you were upgrading an existing system, you might need to
make corrections to some local modifications that were not preserved, which are discussed as
follows:
Review the contents of the /a/var/sadm/system/data/upgrade_ cleanup file to
determine whether you need to make any correction to the local modifications that the
Solaris installation program could not preserve.
Make corrections to any local modifications that were not preserved.
15. If you did not select the automatic reboot option earlier, reboot the system by issuing
the following command:
# reboot
After the installation is complete, you can fi nd the installation logs saved in the
/var/sadm/system/logs and /var/sadm/install/logs directories.
MANAGING FILE SYSTEMS
Files are an important resource supported by an operating system. The way an
operating system organizes files on a medium is called a file system. One of your tasks as a
Solaris system administrator will be managing the file systems supported by Solaris. There
are a number of file system types reflecting the media (e.g., disk or memory) on which the
files can be stored and the various ways of accessing the stored files (e.g., locally or remotely
over a network). Once the data has been stored in files, it is important to keep the data
consistent.
Therefore, handling file system inconsistencies is one of the important tasks that we
will explore in this chapter.
CERTIFICATION OBJECTIVE 4.01
Exploring the Solaris Directory Hierarchy:
As in other operating systems, the files on Solaris are grouped into a directory, and
the directories are organized into a hierarchy. A directory (called folder in the Windows
operating systems) may contain fi les and other directories, called subdirectories. In Solaris,
however, directories are just a special kind of fi le. In this section we explore the Solaris
Directory Hierarchy, beginning with the concept of a file.
File: The Atom of the Solaris World:
As in Java, it is said that everything is object; in Solaris everything is file. File is the
basic unit, the atom, in Solaris. Everything is treated as a file. Here are a few examples:
Commands. These are the executable files.
Devices. All devices on the system, such as disk drive, printer, or terminal, are
Exploring the Solaris Directory Hierarchy treated as files by the system—that
is, the system communicates with them through files.
Directories. The directories are special files that contain other files.
Documents. These are the regular files such as text file or a computer program
containing the source code.
A file occupies the space on disk in units of what is called a block. The blocks are
measured in two sizes: physical block size, which is the size of the smallest block that the
disk controller can read or write, and logical block size, which is the size of the block that
UNIX (Solaris in our case) uses to read or write files. The physical block size and the logical
block size may not be the same.
A file has a name that is a link to the file, and the user accesses the file by its name.
The name is stored inside a directory. All the other information about a file is stored in a data
structure called inode. An inode, which is 128KB in size and is stored in the cylinder
information block, contains the following information about the file:
The type of the file—regular, block special, character special, directory, FIFO named
pipe, socket, symbolic link, or other inode
The file modes (i.e., the read, write, and execute permissions)
The number of hard links to the file
The group ID to which the file belongs
The user ID of the user that owns the file
The number of bytes in the file
An array of addresses for 15 disk blocks
The date and time the file was last accessed
The date and time the file was last modified
The date and time the file was created
Note that the first 12 (0 to 11) of the 15 disk-block addresses point directly to the
blocks that store the file content. In other words, the first 12 elements of the address array
point directly to the logical blocks in which the file content is stored. If the fi le is larger than
12 logical blocks, the additional (up to 3) addresses point to indirect blocks that contain the
addresses of direct blocks. The physical block size is usually 512 bytes, and the logical block
size is set (by default) to the page size of the system, which is 8KB for a UFS file system, the
default file system for Solaris. Because each file needs an inode, the number of inodes on a
file system determines the maximum number of files that can be created on the system.
The maximum number of inodes you can create depends on the size of the file system.
For example, you can create one inode for each 2KB of disk space for a file system of size up
to 1GB. That means 1GB/2KB = 500,000 files can be created at maximum on a fi le system
of 1GB size. For larger file systems, the number of bytes needed on the disk per inode
increases, as shown in Table 4-1.
Files in Solaris are grouped into directories, and the directories are organized into a
directory hierarchy, which we explore next.
Directory Hierarchy in Solaris:
Just as in any other OS, fi les in Solaris are organized into directories, and directories
are organized into a hierarchy called a directory tree, which is an inverted tree with the root
directory (symbolized by /) on the top, which contains other directories. The root directories
and several other directories underneath it are created when you install Solaris. You must be
familiar with the following directories underneath the root:
/bin. Symbolic link to the /usr/bin directory.
/dev. Contains logical device names (defi ned in the next chapter) for the devices.
/devices. Device-related fi les controlled by the fi le system: devfs.
/lib. Contains shared libraries such as SMF executables.
/etc. Administrative and confi guration fi les.
/export. You can defi ne it according to your needs, but commonly used to hold user
home directories.
/home. This is the default mount point for user home directories.
/mnt. Default mount point used to temporarily mount fi le systems.
/sbin. Contains system administration commands and utilities. Used during booting
when /usr//bin has not yet been mounted.
/tmp. Contains temporary fi les that are deleted when the system is rebooted.
/usr. UNIX System Resources. Holds OS commands and programs.
Of course you can create your own directories and files in the already existing tree.
The user refers to the fi les and directories by their names. It can be advantageous not to
expose the real names of some directories and files to users. Instead create something that
points to the file, and if that pointer is deleted, the actual fi le is not (hence the advantage).
These pointers are called links, which we discuss next. Number of bytes per inode with
varying disk size
File system size (GB) No.of bytes per0–1 20481–2 40162–3 6144
3–1000 8192>1000 1084576
The directory tree in Solaris appears as one uniform file system to an ordinary user,
who can assume that it is true for all practical purposes. However, you, the system
administrator, must know that the tree is made of several file systems. Next, we explore the
file systems supported by Solaris.
CERTIFICATION OBJECTIVE 4.02
Understanding Solaris File Systems:
Solaris 10 OS file system, including disk-based, distributed, devfs, and memory fi le
systems related to SMF, and create a new UFS file system using options for <1Tbyte and
>1Tbyte fi le systems.
A file system is a structure of directories that an operating system uses to store and
organize files. The Solaris directory tree, although it looks like one file system, consists of
several file systems connected to the tree, which is called mounting a file system. You will
learn more about mounting in the next chapter. When we refer to a file system, we may mean
any of the following:
A specific type of file system, such as a disk-based file system or a distributed file
system, which we will discuss in this section
The entire directory tree on the system, beginning with the root (/) directory
A subtree that is mounted to a point in the main directory tree
The data structure of a storage medium, such as a disk
The Solaris operating system uses the virtual file system (VFS) architecture, which
enables the kernel to handle basic file operations such as reading, writing, and listing files
within a specific file system. A user can work issuing the same commands across the file
systems—that is, the user does not have to know which specific file system is being used,
hence the name virtual file system. In addition to the VFS, Solaris can also use the memory-
based virtual file systems, which we discuss further on in this section.
There are several types of file systems supported by Solaris. Let’s begin our
exploration with disk-based file systems.
Disk-Based File Systems:
Disk-based file systems reside on, well, disks: hard disks, diskettes, and CD-ROMs.
Solaris supports the following disk-based file systems:
High Sierra fi le system (HSFS). High Sierra is the first file system for CD-ROMs. Its
official standard version is ISO9660 with the Rock Ridge extensions, which provide
all the UFS features and file types except the write and the hard links features. It is a
read-only file system.
PC f le system (PCFS). The personal computer file system is used to gain read and
write access to disks formatted for the disk operating system (DOS) running on the
PCs.
Universal disk format (UDF). The universal disk format fi le system is used to store
information on digital versatile disk or digital video disk (DVD). UNIX f le system
(UFS). The UNIX file system, based on the traditional UNIX fi le system known as
the BSD fast file system, is the default for Solaris.
We will explore this file system further on in this chapter.
Note: the general association of a file system with the specific media device: HSFS with
CD-ROM, PCFS with diskette, UDF with DVD, and UFS with hard disk.
A disk-based file system can be accessed by logging on to the machine to which the
disk is attached. (Everything is connected these days.) So, how can we access files across
systems over the network, or the Internet, which is just a big network? Solaris has the answer
to this question using the distributed fi le systems, which we explore next.
Distributed File Systems:
The distributed file systems, also called network-based file systems, are used to store
data that can be accessed across systems over a network. For example, the files could be
stored on a Solaris system called a server and can be accessed from other Solaris systems
over the network. Solaris 10 supports version 4 of the network file system (NFS), which
improves security by integrating file access, fi le locking, and mount protocols into a single
unified protocol.
So far, we have considered file systems that reside on a disk—that is, the permanent
storage medium. One can imagine storing files in a volatile storage medium—that is,
memory. There are file systems that do exactly that, and those files systems are called
memory-based file systems, which we discuss next.
Memory-Based File Systems:
Memory-based file systems use the physical memory rather than the disk and hence
are also called virtual file systems or pseudo file systems. Note, however, that some virtual
file systems may make use of disk space. For example, a cache fi le system uses a local disk
for cache, and a temporary file system may use a disk for swap space. In general, virtual file
systems provide access to special kernel information and facilities. Virtual file systems
supported by Solaris are listed here:
Cache file system (CacheFS). The cache file system uses the local disk drives to
cache the data from slow file systems such as CD-ROM drives or network fi le
systems. This helps improve system performance.
Loopback fi le system (LOFS). Let’s assume that for some reason you want to make a
fi le system available under an alternative path name. For example, you want to call
the root (/) directory /tmp/newroot. Solaris lets you do that by creating a new virtual fi
le system called loopback fi le system, which will make the entire root (/) fi le system
(in this example) appear as if it were duplicated under /tmp/newroot. In this example,
all the fi les in the root fi le system could be accessed by using a path name that
begins with either a / (forward slash) or /tmp/newroot.
Process fi le system (PROCFS). The process fi le system is used to contain a list of
active processes on the Solaris system by their process ID numbers, in the /proc
directory. This information in the /proc directory is used by commands such as ps.
Other tools such as debuggers can access the address space of the Processes by
making system calls. The PROCFS resides in memory.
Temporary fi le system (TEMPFS). When programs are executed, files are created
and manipulated that may involve significant reads and writes. The temporary file
system is designed to improve the performance of these programs by using the local
memory (and not the disk) for reads and writes. TEMPFS is the default fi le system
for the /tmp directory on Solaris. As a result, the files in the /tmp directory are deleted
when the file system is unmounted, or when the Solaris system is rebooted or
shutdown. You can, however, move these file elsewhere (just like any other file) if
you want to save them.
Other virtual file systems. There are other virtual file systems that do not require
administration. Some of them are listed here:
FIFOFS. First in first out file system. Contains named pipe fi les that are used to give
processes access to data.
MNTFS. Contains information about the mounted file systems.
SWAPFS. This file system is used by the kernel for swapping.
As you now know, everything in Solaris is a file. Solaris treats devices as files too,
and those fi les are managed by the device file system (devfs), which we discuss next.
Device File System (devfs):
The device file system (devfs) manages devices in Solaris 10 and is mounted to the
mount point /devices. Therefore, the content in the /devices directory is controlled by the
devfs, and the fi les in the /dev directory are symbolic links to the files in the /devices
directory. This way, you can continue to access all devices through entries in the /dev
directory.
However, the /devices directory contains fi les only for the currently accessible
devices on the system and dynamically represents the current state of these devices without
requiring any system administration. Note the following two features:
When a driver is loaded and attached to a device instance, a fi le is created in the
/devices directory. A symbolic link is created in the /dev directory and attached to the
file in the devices directory. Unused device entries are detached.
The files in the /proc directory are used by the system to maintain the active processes
on the system; do not delete these fi les. Even if you want to kill a process, deleting a fi le in
the /proc directory is not going to do it. Furthermore, remember that these fi les take no disk
space.
The devfs improves the system performance because only those device entries that are
needed to boot the system are attached. New entries are attached as new devices are
accessed.
The fi les under the /devices directory are entirely controlled by the devfs, and you
cannot change that. Also, the /devices namespace cannot be unmounted. Although Solaris
supports several file systems discussed in this section, the default file system for Solaris is
called UNIX file system (UFS). Most of the time you will be creating a UFS as opposed to
any other file system. Let’s now explore creating UFS file systems.
Creating UFS File Systems:
UNIX file system (UFS) is a disk-based fi le system, which is a default for Solaris. As
a system administrator, you will spend a considerable amount of your time with this system.
UFS offers the following features:
Extended Fundamental Types (EFTs). Provides a 32-bit user ID (UID), a group ID
(GID), and device numbers.
Large file systems. This fi le system can be up to 1 terabyte in size, and the largest file
size on a 32-bit system can be about 2 gigabytes.
Logging. Offers logging that is enabled by default in Solaris 10. This feature can be
very useful for auditing, troubleshooting, and security purposes.
Multiterabyte file systems. Solaris 10 provides support for mutiterabyte fi le systems
on machines that run a 64-bit Solaris kernel. In the previous versions, the support was
limited to approximately 1 terabyte for both 32-bit and 64-bit kernels. You can create
a UFS up to 16 terabytes in size with an individual file size of up to 1 terabyte.
State flags. Indicate the state of the file system such as active, clean, or stable. We
explore the state flags further on in this chapter.
In Solaris 10, logging is enabled by default for all UFS file systems unless there is
insufficient file system space for the log. A multiple number of UFSs are created on your
system disk during the installation of Solaris. These default Solaris file systems are organized
in a hierarchy with the root (/) file system at the top; TABLE 4-3
Default file systems created during Solaris installation:
Filesystem Type Description/ (root) UFS Contains directory and files critical for system operations:
kernel, device drivers, and programs to boot the system. Contains mount point directories for other (local and remote) file systems.
/etc/mnttab MNTFS Provides read-only access to the table of mounted file system only for the local system.
/export/home or /home
NFS, UFS
Mount point for user home directories.
/lib NFS, UFS
Provides mount point for directories that contains shared libraries such as Service Management Facility (SMF) executable fi les.
/opt NFS, UFS
Provides optional mount point, usually for third-party software.
/proc PROCFS Contains a list of active processes on the system by their ID
numbers./system/ CTFS Provides a virtual file system that contains the contract
information contract/system/object OBJFS Used by debuggers to access the information about kernel
symbols without accessing the kernel directly./tmp TMPFS Contains temporary non-system files that will be deleted when
the system is rebooted./usr UFS Contains system files and directories that all users share./var UFS Contains system files and directories that will likely grow,
such as system Logs./var/run TMPFS Contains temporary system files that will be deleted when the
system is rebooted.
Note the following additional points about these file systems:
Owing to their content, the root (/) and /usr file systems are required to run the Solaris
system on your machine, as they contain the system commands and programs.
You will notice that some of the commands in the /usr fi le system (such as mount)
are also included in the root fi le system because they will be needed during boot or in
the single-user mode, when the /usr fi le system has not been mounted yet.
There are two temporary file systems: /tmp for non-system files, probably created by
programs that are running, and /var/run for the system files. In addition to the file
systems created during installation, you can create new UFSs. Before creating a UFS
on the disk, you may need to perform the following tasks:
Format the disk and divide it into slices, if that has not already been done.
In case you are re-creating an existing UFS fi le system, unmount it.
Find out the device name of the slice that will contain the fi le system.
Make a backup of the disk as a protection against loss of data. E
CISE 4-1
Create a UFS File System:
1. Become superuser.
2. Issue the following commands:
To create a file system the command is “format”.
#format (it shows available disks)
Select a disk for example (0,1,2,3) after select a disk you can get format menu
Format>p ( type p it displays partition menu )
partition>p ( again type ‘p’ it displays partition table)
partition>4 (select partition number)
partition> (select defaults)
newstarting cylinder:
partition size : 200m
partition>l ( To save the partition table) yes or no
\partition>q (quit menu)
format>q (quit format menu)
After creation of partition by default the partition is in raw type. To use the partition
in solaris we have to format the partition into Ufs file system. Because solaris supports unix
file system.
To know the file system type:
#fstyp /dev/rdsk/<deviceName>
#fstyp /dev/rdsk/c0t0d0s4
To format the partition into ufs, command is ‘newfs’
#newfs /dev/rdsk/<devicename>
#newfs /dev/rdsk/c0t0d0s4
To use that filesystem we have to mount the filesystem with directory.
Step 1.
Create directory
#mkdir /oracle
To mount the filesystem command is ‘mount’
#mount /dev/dsk/c0t0d0s4 /oracle
To see the mounted file system you can use the following commands
#df –h or df –k
#mount –v (verbose)
#mountall –l (mounts all local filesystems that are listed in /etc/vfstab
#mountall –r (mounts all remote filesystems that are listed in /etc/vfstab
To save the mounted filesystem permanently we have to open the following file.
# vi /etc/vfstab (virtual file system table)
(device) (rawdevice) (mntpt) (fstyp) fsck mount at boot mount option
/dev/dsk/c0d0s4/dev/rdsk/c0d0s4 /oracle ufs1 yes Save the file and exit (:wq!)
All the permanently mount filesystems information saved under
#cat /etc/vfstab (virtual file system table)
#mount /oracle
All the presently mounted filesystems information saved under
#cat /etc/mnttab (mounted table)
To unmount the file system command is ‘umount’
#umount /oracle
Again to mount that filesystem give the following command
# mount /oracle
To mount all filesystems
#mountall
To unmount all filesystems
#umountall
Managing File System Inconsistencies and Disk Space:
Files, and hence file systems, hold data, and the operations are made on the data:
addition, deletion, and modification. During these operations, or for other reasons,
inconsistencies can occur, which we explore next.
File system data consistency is important to ensure that the content of the file system
is always available. To ensure consistency, file systems must be checked periodically. When
you boot a system, a consistency check on the file systems is automatically performed.
However, you can also perform the file system consistency check, when needed, after the
system has been booted. In order to facilitate the consistency check, Solaris offers the fsck
utility. In this section, we explore where the inconsistencies come from, how to detect them,
and how to repair them using the fsck command.
If the fsck command finds the f les and directories that are allocated but unreferenced
(that is, some inodes are allocated to files but not attached to any directory), it names them by
their inode numbers and places them in the lost+found directory. If the lost+found directory
did not exist, the fsck command would create it.
Understanding File System Inconsistencies:
The information about fi les is stored in inodes, and the data is stored in blocks. The
UFS fi le system uses a set of tables to keep track of used inodes and available blocks.
Inconsistencies will arise, for example, if these tables are not properly synchronized with the
data on disk. This condition can arise as a result of an abrupt termination of the operating
system. The reasons for inconsistencies are listed here:
A software error in the kernel
Turning off the system without the proper shutdown procedure (e.g., accidentally
unplugging the system), or through a power failure
Defective hardware, such as problems with the disk Solaris offers the fsck command,
which can be used to fi nd the inconsistencies and repair them. How does fsck know
that a file system needs to be checked for inconsistencies? It uses a flag, called the
state flag, to make this determination. The state fl ag for a fi le system is recorded in
the superblock (discussed in the next chapter). The possible values of the state flag
are:
TABLE 4-4
Possible values of a file system state flag:
State flag value
Description
FSACTIVE Mounted file system has modified data in memory. Data would be lost if power to the system were interrupted.
FSBAD The file system contains inconsistent data.FSCLEAN The file system was unmounted cleanly and doesn’t need to be checked for
consistency.FSLOG Logging is enabled for this file system.FSSTABLE The file system contains consistent data (i.e., no data would be lost if the
power to the system were interrupted).
There’s no need to run fsck before mounting.
The fsck utility makes multiple passes on a file system as listed here:
Phase 1. Checks blocks and sizes.
Phase 2. Checks path names.
Phase 3. Checks connectivity.
Phase 4. Checks reference counts.
Phase 5. Checks cylinder groups.
A file system must be inactive when you use fsck to repair it. Otherwise, the fi le
system changes that were waiting to be written tothe system and the changes that occur
during the repair might cause the fi le system to be corrupted.
Now that you know about the inconsistencies, let’s see how to use the fsck command
to detect and fix them.
Using the fsck Command:
The syntax for the fsck command is presented here:
fsck [<options>] [<rawDevice>]
The <rawDevice> is the device interface in /dev/rdsk. If no <rawDevice> is specified,
fsck looks into the /etc/vfstab file, which lists the file systems. The file systems
represented by the entries in the /etc/vfstab with the following two properties will be
checked:
The value of the fsckdev field is a character-special device.
The value of the fsckpass field is a non-zero numeral.
The options for the fsck command are as follows:
-F <FSType>. Limit the check to the file systems specified by <FSType>.
-m. Check but do not repair—useful for checking whether the file system is suitable
for mounting.
-n | -N. Assume a “no” response to all questions that will be asked during the fsck
run.
-y | -Y. Assume a “yes” response to all questions that will be asked during the fsck
run.
Unmount a file systembefore you run the fsck command on it. This way you will ensure
that you don’t add any inconsistencies during the fsck repair.
EXERCISE 4-2
Checking a File System Manually:
1. Become superuser (e.g., login as root).
2. Unmount a local file system, say /export/home.
3. Use the fsck command by specifying the mount point directory or the
/dev/dsk/<deviceName as an argument to the command. If you provide no argument,
all the file systems with fsck pass field greater than 0 in the /etc/vfstab file will be
checked.
Ex: #fsck –F ufs /dev/rdsk/c0t0d0s4
4. Messages about the inconsistencies will be displayed.
5. The fsck command may not be able to fi x all errors in one run. If necessary, you can
run the fsck command again—for example, if you see a message that looks like the
following:
FILE SYSTEM STATE NOT SET TO OKAY or FILE SYSTEM MODIFIED
6. Mount the repaired file system.
7. Move the files in the lost+found directories to where they belong with their proper
names (you will rename them to their original names). The files and directories that
you cannot identify should eventually be removed to save space.
After you create the file systems, make sure the data on them stays consistent. You
need to monitor how these file systems are using the disks on which they reside. We explore
this system administration task next.
Monitoring Disk Space Usage:
Monitoring disk space usage is an important administrative task, not only to ensure
proper usage of disk space but also to ensure correct functioning of the system. For example,
think of the situation when the disk is full and, as a result, the running programs have no
space to store their data. The Solaris system allows you to get reports on disk space usage at
different levels. You can use commands to determine disk usage by fi le systems, fi les, and
users.
Using the DF Command: Solaris offers the df command to monitor disk space usage at
fi le system level. To be specifi c, the df command can be used to determine the following:
The amount of disk space occupied by currently mounted or unmounted fi le systems
The total amount of used and available space
The fraction of the fi le system’s total capacity that has been used
The file system is specified by referring to the device, or a file, or a directory on the
file system. The following is the syntax for the df command: df [-F <FSType>] [<options>]
[<fileSystem>]
The options are described here:
-a. Report on all file systems.
-b. Print the total number of kilobytes free.
-F <FSType>. Display disk usage information on the fi le systems with the specified
fi le system type.
<file System>. Display disk usage information on the fi le system specified by
referring to a device, fi le, or directory.
-k. Display disk usage information in kilobytes.
-t <type>. Display the total number of blocks along with blocks used for each
mounted file systems.
The output for the df command looks like the following:
Filesystem kbytes used avail capacity Mounted on
senate:/ 7450 4715 1985 70% /
senate:/usr 42280 35295 2756 93% /usr
The headings in the output are self-explanatory. The column after the output
represents total space size allocated to the file system, while the second and third columns
specify used and available space.
Note in the example that the amount of space in the file system (kbytes) is greater
than the sum of the used and available space, because the system reserves a fraction of the
space to ensure that its file system allocation routines work well. You can adjust the reserved
amount, which is typically about 10 percent, by using the tunefs command.
Suppose that with the df command you determine disk usage at the fi le system level.
Further suppose that you want to go into more detail and determine disk usage by directories.
In that case, you will need the du command, which we explore next.
Using the du Command:
The du command is used to get the report on disk usage at the directory and fi le
level. You can use the du command to determine the following:
Total space allocated to a directory
Total space allocated to a directory subtree
Total space allocated to a non-directory fi le—that is, a fi le that is not a directory
The syntax for the du command is presented here:
du [<options>] [<file>]
The operand <file> can be a directory or a non-directory fi le. If <file> is not
specified, the command is run on the current directory. The reported disk space size
allocated to a directory is the sum total of space allocated to the whole subtree of fi les
and directories with the specified directory as the root. The options are listed here:
-a. In addition to the default output, display the size of each non-directory fi le in the
subtree of the specified directory.
-h. Display the output in a human-readable format. All the subdirectories in the target
subtree with the full path name and disk usage information are listed.
-k. Display the fi le sizes in kilobytes rather than blocks (512 bytes), which is the
default. All the subdirectories in the target subtree with the full path name and disk
usage information are listed.
-s. Display only the total sum for the specified file/directory.
Now that you know how to get reports on disk usage at file system level and to go
down to the directories and files level, you can become more ambitious and ask: how can I
find out disk usage by user? Well, Solaris has an answer for you, and the answer is the quot
command, which we explore next.
Using the quot Command:
There will be times when you want to know how much space is being used by each
user on a given fi le system. The quot command is used to get the report on disk usage by
user name. The syntax for the quot command is as follows:
quot [<options>] [<fileSystem>]
The <fileSystem> specifi es the mount point for the fi le system(s) to be checked.
The options are listed here:
-a. Report on all mounted file systems.
-f. Display the output in three columns representing user name, total number of
blocks, and total number of fi les owned by the user.
-v. In addition to the default output, display the number of blocks not accessed during
the past 30, 60, and 90 days.
The quot command displays the disk space in kilobytes, and you can use it as
superuser.
The three most important takeaways from this chapter are the following:
Several file systems are created during Solaris installation, and these fi le systems are
organized into an inverted hierarchy tree with the root (/) fi le system at the top. The
consistency of these fi le systems is checked and maintained using the fsck command.
Most of the file systems reside on disk, and Solaris offers commands to monitor disk
space usage at different levels of detail: df at file system level, du at file level, and
quot at user level.
PERFORMING SYSTEM BOOT AND SHUTDOWN
Performing System Boot and Shutdown once installed, the Solaris operating system is
designed to run continuously so that its resources and services are available to users on a 24 _
7 basis. On occasion, however, you will need to shut down the system and reboot it for such
reasons as system confi guration changes, scheduled maintenance procedures, or anticipated
power outages.
Consequently, you need to be familiar with system boot and shutdown procedures.
The system boot process is controlled by the boot confi guration variables and the system is
shutdown by bringing it down to a level where the power can be turned off. At any given
time the system is running in a state called the run level defined by the services running on
the system.
In Solaris 10, most of the services are managed by the Service Management Facility
(SMF). So, the core question to think about in this chapter is: how to manage the system boot
and shutdown? In search of an answer to this question, we will explore three thought streams:
the boot and shutdown processes, the boot confi guration variables, and the relationship of
SMF to the run levels.
CERTIFICATION OBJECTIVE 3.01
Understanding the Solaris Boot Process:
Exam Objective 3.1: Given a scenario, explain boot PROM fundamentals, including
Open Boot Architecture Standard, boot PROM, NVRAM, POST, Abort Sequence, and
displaying POST to serial port for SPARC.
Exam Objective 3.3: Execute basic boot PROM commands for a SPARC system. The
term booting has its origin in the phrase “pull yourself up by your bootstraps.” The physical
memory of your computer does not keep the program instructions or data when the system is
shutdown. When you just start up your Solaris machine, there is no operating system running
on it. The CPU wakes up, and there is nothing for it in the RAM; therefore, it starts by taking
instructions from a chip that has the instructions burned in. In other words, each
SPARCbased system has a programmable read-only memory (PROM) chip that contains a
program called the OpenBoot PROM monitor. The monitor controls the operation of the
system before the Solaris kernel is loaded into the memory. Understanding the Solaris Boot
Process 65 when a system is turned on, the monitor runs a quick self test to check the
hardware and memory on the system, called power-on self test (POST). If no errors are
found, the system continues the boot process.
The Basic Boot Process:
The boot process takes the machine from the point at which the machine is turned on
to the point at which the operating system (Solaris in this case) takes over the machine. To
understand the boot process, it is important to clearly understand the terms that are explained
in the following text.
The Basic Terms:
The basic terms involved in the boot process are described here:
OpenBoot PROM chip. This is a programmable read-only memory (PROM) chip
based on the OpenBoot architecture standard. It contains a program called OpenBoot
PROM Monitor. Such programs, stored in read-only memory (ROM) or PROM, are
also called fi rmware.
OpenBoot PROM monitor. The most important job of OpenBoot fi rmware
(OpenBoot PROM monitor) is to boot the system, which is the process of checking
the hardware devices and loading and starting the operating system. The boot process
is governed by a number of confi guration variables that are stored in NVRAM.
NVRAM. Non-Volatile Random Access Memory (NVRAM) is a chip that stores the
system confi guration variables whose values determine the startup machine confi
guration. If you modify the variable values, the modifi cations will survive across
system shutdowns and reboots (or across power cycles). That is why it’s called non-
volatile. The variables it stores, called NVRAM confi guration variables, control the
boot process.
OpenBoot confi guration variables. These are the variables that govern the boot
process. They are also called NVRAM confi guration variables.
eeprom. This is the utility that Solaris offers to change the values of the OpenBoot
confi guration variables.
Power cycle. The power cycle of a machine consists of powering on the machine,
booting it, working on it, shutting it down, and turning the power off. The data in
RAM does not persist across power cycles.
66 Chapter 3: Performing System Boot and Shutdown
Now that you can distinguish these terms related to the boot process from each other,
let’s take a look at the boot process itself.
The Boot Phases:
The different phases of the boot process on SPARC-based systems are described here:
Boot PROM phase. The PROM displays the system identification information and
then runs power-on self test (POST), which is a diagnostics routine that scans the
system to verify the installed hardware and memory. POST runs diagnostics on
hardware devices and builds a device tree, which is a data structure describing the
devices attached to the system. After the completion of POST, the PROM loads the
primary boot program bootblk.
Boot programs phase. The bootblk program loaded by PROM finds the secondary
boot program ufsboot located in the UFS file system on the default boot device and
loads it into the memory.
Kernel initialization phase. The ufsboot program loads the kernel into the memory.
The kernel initializes itself and uses the ufsboot program to locate and load OS
modules to control the system. A module is a piece of software with a specifi c
functionality, such as interfacing with a particular hardware device. After loading
enough modules to mount the root (/) file system, the kernel unmaps the ufsboot
program and continues gaining control of the system. At the end of the kernel
initialization phase, the kernel starts the /sbin/init process.
The init phase. The init phase starts when, after initializing itself, the kernel starts
the /sbin/init process, which in turn starts /lib/svc/bin /svc.startd to start the system
services to do the following:
Check and mount file systems.
Confi gure network and devices.
Start various processes and perform tasks related to system maintenance.
The svc.startd process also executes run control (rc) scripts for backward
compatibility. The steps in the boot process are illustrated in Figure 3-1. You might ask: how
can I control the boot process? The boot process is controlled by the boot confi guration
variables. If the value of the auto-boot? Variable is false, the system will display the Boot
PROM prompt: ok. On this prompt you can issue various Boot PROM commands.
Basic Boot PROM Commands:
When the system is turned on or reset, it fi rst runs POST, and then one of the following two
things can happen:
The system will automatically reboot if the value of the confi guration variable auto-
boot? is true, the value of the boot-command variable is boot, and OpenBoot is not in
diagnostic mode. In order to boot, the system will automatically load, and executes
the program and its arguments specified by the boot-file variable from the device
described by the boot-device variable.
If the confi guration variable auto-boot? is false, the system may stop at the OpenBoot
user interface without booting the system and will display the ok prompt.
Turn on
Boot PROM loads
Bootblk
bootblk loads
ufsboot
Kernel user ufsboot
to load modules
ufsboot loads
kernel
Checks system hardware
POST Kernel uses ufsboot to load
some modules and then start
the init process, which in turn starts svc.startd to start system services.
The kernel takes over the system
System services
System modules
Steps in the boot process
Understanding the Solaris Boot Process 67
68 Chapter 3: Performing System Boot and Shutdown
You can issue the Boot PROM commands at the ok prompt. One obvious
command is the boot command to boot the system, which you can use in one of the
following ways:
Issue the boot command without any arguments if you want to boot the system from
the default boot device using the default boot arguments.
Issue the boot command with an explicit boot device as an argument if you want to
boot the system from the specified boot device using the default boot arguments.
Issue the boot command with explicit boot arguments if you want to boot the system
from the default device by using the specified arguments.
Issue the boot command with an explicit boot device and with explicit arguments if
you want to boot the system from the specified device with the specified arguments.
The general syntax of the boot command is shown here:
boot [<device>] [<arguments>]
Arguments and options are described here:
<device>. Specifi es the full path or the alias for the boot device. The typical values
are:
cdrom for CD-ROM drive
disk for hard disk
floppy for 3.5 inch diskette drive
net for network
tape for SCSI tape
<arguments>. Specify the arguments for the boot command such as the name of the
fi le that contains the program that will be started as a result of the command. The
name is relative to the selected device and partition. If this argument is not specified,
the boot program uses the value of the NVRAM parameter: boot-file.
In addition to the boot command there are other administrative and diagnostic
commands that you can issue at the Boot PROM prompt: ok. The commonly used OpenBoot
PROM commands issued from the ok prompt are described in Table 3-1.
ok banner Displays current power-on banner. –h
ok boot [<arguments>]
[<options>]
Boots the system. ok boot
Boots with default options.
ok .enet-addr Displays current Ethernet address of the machine.
ok .version Displays the version of the Boot PROM. —
ok eject <media> Ejects the media. ok eject floppy
ok eject cdrom
ok eject tape
ok help [<category>]
ok help [<command>]
The help command without arguments displays a list of command categories, and,
with a category as an argument, displays help for all the commands in that category.
ok help dump
Displays help for the dump command.
ok password Sets the security password.
ok printenv Displays a table showing the boot confi guration variable names, their
current values, and default values.
ok reset-all Resets the system. It’s equivalent to performing a power cycle.
ok set-default
<varName>
Sets the value of the specifi ed variable to its default value.
ok set-default autoboot?
ok setenv <varName>
<value>
Sets the value of a boot confi guration variable.
ok auto-boot? False
ok show-devs Displays the list of all the devices in the OpenBoot device tree.
ok test <device> Tests the specifi ed device. No message displayed means test
succeeded.
ok test floppy
ok test cdrom
ok test /memory
ok test tape
Commonly used OpenBoot PROM commands (do not type ok; it’s a command
prompt). You can issue the PROM commands either from the console (most commonly) or
from the serial terminal attached to the ttya or ttyb port on a Solaris machine. Table 3-2
presents some useful emergency commands related to booting. You can use the Stop-A
command to get the Boot PROM command prompt from the running system. You can also
use this command to reboot a hung system, as shown Understanding the Solaris Boot Process
69, 70 Chapter 3: Performing System Boot and Shutdown in the following exercise. If you
only want to allow the Stop-A key combination to work during the boot sequence and you
don’t want it to work when the system is up and running, uncomment the following line in
the /etc/default/kbd fi le: KEYBOARD_ABORT = disable
EXERCISE 3-1
Reboot the Hung System:
In order to reboot the hung system and force a crash dump, perform the following
steps. This procedure will work even if the system is not hung.
1. Press the stop key sequence for your system. The specifi c stop key sequence depends
on your keyboard type. For example, it could be Stop-A or L1-A. On terminals, press
the Break key. The system will go to the PROM phase and display the ok prompt.
2. Synchronize the fi le systems and write the crash dump.
N
ok sync
After the crash dump has been written to disk, the system will continue to
reboot.
3. Verify that the system boots to run level 3. The login prompt is displayed when the
boot process has fi nished successfully.
<login prompt>:
Stop Bypass POST.
Stop-A Abort.
Stop-D Enter diagnostic mode. Enter this command if your system bypasses
POST by default and you don’t want it to. Stop-N Reset NVRAM content to
default values.
Emergency commands from keyboard
(<key1>-<key2>
means hold down both keys at the same time)
4. Login as root, and issue the following command to force a crash dump: halt –d
5. At the ok prompt, issue the boot command to boot the system: ok boot
In this exercise, the sync command actually returns control to the OS, which performs
the data-saving operation. This is important because the system may have frozen (crashed)
without saving the data that was supposed to be saved to the disk. When a system is booted, a
certain number of services are started at the end of the boot process. Which services are
started depends on the run level to which the system boots.
Understanding Run Levels:
A run level denoted by a digit or a letter represents the state of a system. The Solaris
system always runs in one of a set of well-defined run levels. Run levels are also referred to
as init states because they are maintained by the init process. The Solaris system has eight run
levels described in Table 3-3. The default run level is specified in the /etc/inittab fi le by the
initdefault entry, and its value in the default version of the fi le is 3. However, note that this
value will be used by the init process only if the milestone property has not been specifi ed
for the SMF facility svc.startd; otherwise, the default run level specifi ed by the milestone
property will be used. You can determine the run level in which your system is currently
running by issuing the following command: who -r
The output will look like the following:
run-level 3 Jul 04 11:15 3 2 1
The parts of this sample output are described here:
run-level 3. The current run level of the system.
Jul 04 11 :15. Time of last run level change.
Understanding the Solaris Boot Process 71
72 Chapter 3: Performing System Boot and Shutdown
3. Current run level of the system, same as column one.
2. Number of times the system has been at this run level since the last reboot.
1. The previous run level.
Different run levels are distinguished from each other by the services or the processes
running on the system. When you boot the system or change the run level with the init (or the
shutdown) command, the init daemon starts processes by reading information from the
/etc/inittab fi le. This fi le contains two important pieces of information for the init process:
which processes to use to start monitor and restart if they terminate, and what to do if the
system enters a new run level. The default inittab fi le installed with Solaris 10 looks like the
following:
ap::sysinit:/sbin/autopush -f /etc/iu.ap
sp::sysinit:/sbin/soconfig -f /etc/sock2path
smf::sysinit:/lib/svc/bin/svc.startd >/dev/msglog 2<>/dev/msglog
p3:s1234:powerfail:/usr/sbin/shutdown -y -i5 -g0 >/dev/msglog 2<>/dev/...
0 Power-down Shut down the operating system so that it will be safe to turn off the
power to the machine.
S or s Single-user Run the system in a single-user mode with some file systems
mounted and accessible.
1. Single-user administrative Run the system in a single-user administrative mode with
all available file systems accessible but user logins disabled.
2. Multiuser Run the system in multiuser mode. Multiple users can log in, all file
systems are accessible, but the NFS daemon is not running.
3. Multiuser with NFS Run the system in the standard mode: normal operations allowed,
NFS used to share resources. Default run level.
4. Alternative multiuser Unused by default, but you can define it according to your
needs.
5. Power-down same as run level 0; in addition it will automatically turn off the power if
the hardware supports that.
6. Reboot Shutdown the system to run level 0 and then reboot it to the default run level
specified in the inittab file.
TABLE 3-3
Solaris run levels:
An entry in the inititab fi le has the following general syntax:
id>:<runState>:<action>:<command>
The colon (:) separated fi elds are described here:
<id>. Specifi es one to four characters long id used to uniquely identify the entry.
<runState>. Specifi es a list of run levels for which this entry will be processed. If
this fi eld is left blank, then the entry is assumed to be valid for all run levels from 0
through 6.
<action>. Specifi es a keyword to tell init how to treat the process specified in this
entry. Some of the valid keywords for this fi eld include:
boot. The entry will be processed only when the init process reads it at boot-time. The
init will start the specified process, will not wait for its termination, and will not
restart it if it dies.
once. If the process specified in the entry is currently running (exists), do nothing and
continue scanning the inittab fi le. If the process does not already exist, start the
process, do not wait for its termination, and do not restart the process when it dies.
respawn. If the process specified in the entry is currently running (exists), do nothing
and continue scanning the inittab fi le. If the process does not already exist, start the
process, do not wait for its termination, and restart the process when it dies.
wait. Start the process and wait for its termination before proceeding further. This
will be done only once when the system enters the specified run level, and all the
subsequent readings of the inittab fi le during the time the system is in the same run
level will ignore this entry.
powerfail. Execute the specified process only if init receives the power fail signal:
SIGPWR.
sysinit. Execute the specified process before displaying the login prompt. Start the
process and wait for its completion before proceeding further. This entry is used only
to initialize the devices.
<command>. Specifi es a command to execute a process.
Understanding the Solaris Boot Process 73
74 Chapter 3: Performing System Boot and Shutdown
As an example, the fi elds of an entry in the /etc/inittab fi le are described in Figure 3-
2.
The Solaris system normally runs in run level 3. Following is the list of things that
happen when the system is brought to run level 3:
1. The init process is started, which reads the /etc/default/init fi le to set any environment
variables. By default, only the TIMEZONE variable is set.
2. The init process reads the inittab fi le and does the following:
Executes any process entries that have sysinit in the <action> fi eld so that any
special initializations can take place before users log in.
Passes the startup activities to the svc.startd daemon.
The init process initiates the core components of the service management
facility, svc.configd and svc.startd, and restarts these components if they fail.
Each run level <n> has a corresponding run control script /sbin/rc<n>:
/sbin/rc0 for run level 0, /sbin/rc1 for run level 1, and so on. When the system
enters a run level <n>, the init process runs the corresponding /sbin/rc<n>
script, which in turn executes the fi les in the /etc/rc<n>.d directory, which are
actually links to fi les in the /etc/init.d directory. This is illustrated in Figure 3-
3. Id: uniquely identifies this entry. This entry is to be processed for run levels
s, 1, 2, 3, and 4 The command to be executed Execute the process specified in
this entry only when the init process receives a power fail signal: SIGPWR
p3:s1234:powerfail:/usr/sbin/shutdown –y – i5 – g0> /dev/msglog Fields of an
entry in the /etc/ inittab file.
The initdefault entry is ignored in Solaris 10 if the milestone property for the
svc.startd facility has been specified to be used as the default run level. You can use the
“svcadm milestone -d” for the functionality similar to modifying the initdefault entry in
previous versions of Solaris.
The /etc/rc<n>.d scripts are always run in ASCII sort order. The scripts have names of
the form:
[K|S][0-9][0-9]*
For example, K03samba and S47pppd are two fi les (actually the links to the fi les in
the /etc/init.d directory) in the /etc/rc2.d directory. Files that begin with K are run to terminate
(kill) a system service, whereas fi les that begin with S are run to start a system service.
If you want to add a run control script to start or stop a service, copy the script into the
/etc/init.d directory and create links in the appropriate rc<n>.d directory corresponding to the
run level where you want the service to start or stop.
You can use the init command or the svcadm command to initiate a transition of the
system from current run level to another run level. The init command takes a run level as an
argument. For example, the following command will transition the system from the current
run level to run level 2: init 2
Now you have an overall view of the boot process, and shutting down the system is
just changing its run level to 0 or 5. However, as a system administrator, you can have more
control over the boot and shutdown procedures that we discuss next.
0 1 2 3 5 6 S
/sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 /sbin/rc6 /sbin/rcS
/etc/rc0.d /etc/rc1.d /etc/rc2.d /etc/rc3.d
/etc/init.d
/etc/rc5.d /etc/rc6.d /etc/rcS.d
Run levels Scripts
Directories containing
the links
Links point to the scripts
in this directory
FIGURE 3-3
Relationship
between run
levels and run
control scripts
Understanding the Solaris Boot Process 75
76 Chapter 3: Performing System Boot and Shutdown
CERTIFICATION OBJECTIVE 3.02
Performing Boot and Shutdown Procedures:
Exam Objective 3.5: Perform system boot and shutdown procedures, including
identifying the system’s boot device, creating and removing custom device aliases, viewing
and changing NVRAM parameters, and interrupting an unresponsive system. The Solaris
operating system is designed to run continuously, but there will be situations that will require
shutdown and reboot. Consequently, you need to know the shutdown and boot procedures
and how to control them by using appropriate commands and by setting the appropriate confi
guration variables.
Performing System Shutdown:
You would shut down a Solaris system only when some system administration task or
an emergency situation requires it, such as adding or removing hardware or preparing for an
anticipated power outage. Shutting down the system means bringing it down to a run level
where it is safe to turn off the power. Guess which command is used to shut down the system.
Yes, you are right, it is the shutdown command. Because shutting down a running system is
equivalent to changing its run level, the init command will work as well. When you shut
down a system, remember the following:
Obviously, you need the privileges of a superuser to shut down the system by using
the proper commands (that is, to shut down the system gracefully).
The commands that can be used for shutting down the system are init and shutdown.
You should use the shutdown command to shut down a server. That is because with
this command logged-in, users and systems that have mounted resources from the
server are notified before the server is actually shut down. Both the shutdown and init
commands take a run level as an argument. The appropriate run level to use for a
system shutdown depend on the situation. Different run levels to be used for different
situations are listed in Table 3-4.
The procedure for shutting down the system by using the shutdown command is
described here step by step:
1. Become a superuser.
2. Issue the following command to determine whether users are logged in to the system:
Who
3. The command will display the list of all users logged on to the system. You may want
to broadcast a message with the shutdown command to alert the users.
4. Issue the shutdown command which has the following syntax:
/usr/sbin/shutdown [-y] [-g <gracePeriod>] [-i <initState>] [<message>]
The options are described here:
-y. Pre-answers the confi rmation questions so that the command continues without
asking for your intervention.
-g <gracePeriod>. Specifi es the number of seconds before the shutdown begins. The
default value is 60.
-i <initState>. Specifi es the run level to which the system will be shut down. Default
is the single-user level: S.
<message>. Specifi es the message to be appended to the standard warning message
that will be sent out. If the <message> contains multiple words, it should be enclosed
in single or double quotes.
For example:
shutdown -i 0 -g 120 “!!!! Power Outage Time Approaching!!!”
To turn off system power due to an anticipated power outage.
Shut down to run level 0 where it is safe to turn off the power, or shut down to run
level 5 where the power will be turned off automatically if the hardware supports this
feature.
Changed kernel parameters in the /etc/system fi le.
Shut down to run level 6 (reboot).
To perform tasks related to fi le system maintenance.
Shut down to single-user mode: run level S or 1, according to your need.
To reboot the system by using the kernel debugger (kmdb) in case the debugger can’t
be loaded at runtime.
Shut down to run level 6.
TABLE 3-4
Different ways of shutting down a system under different situations Performing Boot
and Shutdown Procedures 77
78 Chapter 3: Performing System Boot and Shutdown
If you used the -y option in the command, you will not be prompted to confirm.
5. If you are asked for confi rmation, type y.
Do you want to continue? (y or n): y
6. Use Table 3-5 to verify that the system is at the run level that you specified in the
shutdown command.
7. If you brought the system to single-user mode, press ctrl-d to proceed with normal
startup after you are fi nished with the system administration tasks. This will bring the
system to default run level. There are several commands available to shut down the
system; these commands are summarized in Table 3-6.
8. Prompts for different run levels
Single-user level: S # #
Power-down level: 0 ok
>
Press any key to reboot
Multiuser level: 3 <loginPrompt> <loginPrompt>
TABLE 3-6
Different commands for shutting down the system under different situations init Kills
all active processes and synchronizes the fi le systems before changing to the target run level
(0 or 5).
Recommended for standalone systems when users will not be affected.
halt
poweroff
Synchronizes the fi le systems and stops the processor. Not recommended, because it
does not shut down all the processes. Not a clean shutdown, should be used only in an
emergency.
reboot Synchronizes the file systems and initiates a multiuser reboot.
The init command is the preferred command.
shutdown Calls the init program to shut down the system; the default target run level
is S.
Recommended for servers, because users are notified before the shutdown.
Now that you have learned about the run levels and the system shutdown procedures,
here are some practical scenarios and their solutions.
After you shut down a system, at some point you will need to boot it.
Performing System Boot:
The boot process was discussed in detail previously in this chapter. After a system has
been shut down, it is booted as described here:
By using the boot command on the boot PROM prompt if the system is on the
SPARC machine. If the value of the auto-boot? variable is true, the system will be
booted automatically. We discuss further on in this chapter how to fi nd out the values
of this and other variables.
By using the boot command at the Primary Boot Subsystem menu if the system is on
the x 86 machine.
You want to bring your server down for an anticipated power outage, and you want a
clean shutdown with a 5-minute warning to the users. Issue the shutdown command as
follows:
shutdown -i5 -g300 -y “System going down in 5 minutes.”
You have changed the kernel parameters on your server and want to apply the new
values. What command will you issue?
Reboot the system, for example: shutdown -i6 –y
You want to shut down your standalone system. init 0
You want to shut down a system immediately in an emergency.
Issue one of the following commands:
Halt
Poweroff
Performing Boot and Shutdown Procedures 79
80 Chapter 3: Performing System Boot and Shutdown
It is possible to reboot a system by turning the power off and then back on. However,
use this method only in emergency situations when there is no graceful alternative. Note that
this method is likely to cause fi le system damage because system services and processes are
being terminated abruptly.
You can also boot a system from the network in the following cases:
When the system is installed.
If the system does not boot from the local disk or if the system is a diskless client.
Different methods for booting under different situations are listed in Table 3-7. As
you know by now, the fi rst step in the booting process is to check the hardware devices.
These devices have complicated names, and you can create aliases for them.
Creating and Removing Device Aliases:
OpenBoot directly deals with the hardware devices in the system. Each device is
identified by its full path, which includes the type of the device and where it is located. The
device path can be represented by a short name called a device alias. You can create a
temporary device alias with the devalias command or a permanent device alias with the
nvalias command.
The devalias command issued without any arguments displays all the device aliases
on the system: devalias
Different methods for booting under different situations
System power turned off, for example, due to anticipated power outage.
Turn the system power back on.
Changed the kernel parameters in the /etc/system fi le.
Reboot the system to run level 3. Performed administrative tasks in single-user run
level.
Press ctrl-d to transition the system back to run level 3.
Hardware added to or removed from the system.
Turn the power back on after the hardware addition or removal task is complete.
To recover from a hung system and force a crash dump.
Recovery boot: use Stop-A and halt -d. Take a look at the exercise in a previous
section.
To display the device path name corresponding to an alias, issue the following
command:
devalias <alias>
The <alias> argument specifi es the alias for which you want to know the device path.
To create an alias specifi ed by <alias> for a device path specifi ed by <devicePath>,
issue the following command: devalias <alias> <devicePath>
If the device path specifi ed by <devicePath> already has an alias, it is overwritten
with the new alias. The aliases created by the devalias command are temporary and
are lost when the system is reset or power-cycled.
To create permanent aliases that persist across power cycles, you can use the nvalias
command which has the following syntax: nvalias <alias> <devicePath>
The argument <alias> specifi es the alias, and the argument <devicePath> specifi es
the device path for which the alias is being created. An alias created by the nvalias
command will persist along system shutdowns (power-cycles) until the nvrunalias
command is used, which has the following syntax: nvrunalias <alias>
This will delete the alias specified by the <alias> argument.
The boot process is controlled by the confi guration variables stored in the
NVRAM chip, and therefore these variables are also called NVRAM parameters.
Working with NVRAM Parameters:
The system confi guration variables are stored in NVRAM and therefore are also
called NVRAM parameters. These variables determine the startup confi guration for the
system as well as some related communication characteristics. If you make changes to these
variables, the changes will persist across power cycles because they are stored in non-volatile
memory.
Commonly used NVRAM parameters are described in Table 3-8. The values of the
NVRAM confi guration variables can be viewed and changed by using the commands listed
in Table 3-9. Remember that these commands are issued at the OpenBoot PROM prompt: ok.
Performing Boot and Shutdown Procedures 81
82 Chapter 3: Performing System Boot and Shutdown auto-boot? If true, boot
automatically after power-on or reset, else display the open boot prompt: ok, after
power-on or reset.
True
boot-command Execute this command if auto-boot? is true. Boot
boot-device The device from which the system boots. disk or net
boot-file Arguments passed to the boot program. Empty string
diag-device Diagnostic boot source device. Net
diag-file Arguments passed to the boot program in diagnostic mode. Empty string
diag-switch? If true, run in diagnostic mode, else not. False
fcode-debug If true, include name fi elds for plugin device FCodes. False
input-device Console input device such as keyboard, ttya, or ttyyb. Keyboard
nvramrc The NVRAMRC content. Empty
oem-banner Customized oem banner. Empty string
oem-banner? If true, use customized oem-banner specified by oem-banner. False
oem-logo Customized oem logo displayed in hexadecimal. No default
oem-logo? If true, display customized oem logo specifi ed by oem-logo. False
output-device Console output device such as screen, ttya, or ttyb. Screen
screen-#columns Number of columns on the screen: number of characters per line. 80
screen-#rows Number of on-screen rows (lines). 34
security-#badlogins Number of incorrect security password attempts. No default
security-mode Firmware security level: none, command, or full. None
security-password Firmware security password. It’s never displayed, for good. No
default
use-nvramc? If true, execute commands in NVRAMRC during system startup, else
not. false
A list of NVRAM parameters, also called openboot configuration variables For example,
the printenv command will generate an output like the one shown here:
ok printenv
Variable Name Value Default Value
oem-logo
oem-logo? false false
oem-banner? False false
output-device ttya screen
input-device ttya keyboard
The following command will display the current default boot device for the system:
ok printenv boot-device
To change the boot device, you can issue the following command:
ok setenv boot-device <value>
The <value> parameter specifi es the default device from which to boot such as disk
or net.
Many variable changes do not take effect during the current power cycle. The new values
will certainly be used during the next power cycle or after a system reset. You can also use
the eeprom command from the OS command line to display or change the boot confi guration
variables. For example, the following command will display the values of the boot confi
guration variables:
/usr/sbin/eeprom
Any user can use this command, but only the superuser can use the command to
change the values of a variable by using the following syntax of the command:
eeprom <parameter>=<value>
Commands to view and change the values of the NVRAM parameters
printenv Displays the current variables and their values.
printenv <var> Displays the current value of the variable specifi ed by <var>.
set-defaults Sets the values of all the variables to the factory default.
set-default <var> Sets the value of the variable specifi ed by <var> to its factory
default.
setenv <var>
<value>
Sets the value of the variable specifi ed by <var> to the value
specifi ed by <value>.
Performing Boot and Shutdown Procedures 83
84 Chapter 3: Performing System Boot and Shutdown
For example the following command will set the value of the auto-boot? variable to
false:
eeprom auto-boot?=false
You can fi nd out the OpenBoot PROM revision on your system by issuing the
following command:
prtconf –V
Although the read-only memory used to boot a SPARC machine is called PROM, the
read-only memory to boot an x86 (PC) machine is called BIOS, which we explore
next.
CERTIFICATION OBJECTIVE 3.03
Understanding BIOS Settings and Confi guration:
Exam Objective 3.2: Given a scenario, explain the BIOS settings for booting, abort
sequence, and displaying POST, including BIOS confi guration for x64 and x86-based
system. Like SPARC machines, x86 (PC) machines go through a booting process before the
Solaris operating system takes control of the machine. The read-only memory that contains
the boot instructions is called the Basic Input /Output System (BIOS) in an x 86 machine as
opposed to Boot PROM in a SPARC machine. The functions of the BIOS include controlling
installed peripheral devices such as keyboard and mouse and to providing I /O services via
software interrupts.
The phases of the boot process on an x86 machine are described here:
BIOS. When the system is turned on, the BIOS runs the self-test diagnostics program
for the system’s hardware and memory. If problems are found, the error messages are
displayed with recovery options. If no errors are found, the BIOS boot program is
started automatically, and it attempts to fi nd and load what is called the master boot
record (MBR), mboot, from the fi rst sector in the boot device. An error is displayed if
the mboot fi le does not exist.
Boot programs. The mboot program loads the Solaris boot program called pboot,
which in turn loads the primary boot program, bootblk, whose purpose is to load the
secondary boot program located in the UFS fi le system. If there are more than one
bootable partitions on the system, the bootblk reads the fdisk table to determine the
default boot partition. It builds and displays a menu of available partitions and gives
you 30 seconds to select an alternative partition to boot from. The primary boot
program—bootblk—starts the secondary boot program boot.bin or ufsboot in the root
fi le system, which in turn starts a command interpreter that executes the /etc/bootrc
script. This script presents a menu of choices for booting the system, and you have 5
seconds to specify a boot option or to start the boot interpreter. The default choice is
to load the kernel.
Kernel initialization. After the kernel has been loaded, it initializes itself and uses the
secondary boot program boot.bin (or ufsboot) to load system modules. When the
kernel loads enough modules to mount the root (/) fi le system, it unmaps the
secondary boot program and continues taking over the system. It creates a user
process and starts the /sbin/init process, which then starts other processes by reading
the /etc/inittab file.
init. In Solaris 10, the init process starts /lib/svc/bin/svc.startd, which in turn starts
system services to perform the following tasks:
Check and mount fi le systems
Confi gure network and devices
Start various processes and perform system maintenance tasks
The svc.startd daemon also executes the run control (rc) scripts for backward
compatibility. During the booting process, you have some control over the way in which the
system is booted. Two menus are displayed for you: the Boot Solaris menu and the Current
Boot Parameters menu. The Boot Solaris menu allows you to select the device from which to
boot the Solaris OS. At this point, you can also perform some optional tasks such as viewing
and editing autoboot and property settings. Once you select a boot device Understanding
BIOS Settings and Confi guration 85
86 Chapter 3: Performing System Boot and Shutdown and choose Continue, the
Solaris kernel begins to boot. The menu looks like the following:
Boot Solaris
Select one of the identified devices to boot the Solaris kernel and choose Continue.
To perform optional features, such as modifying the autoboot and property settings,
choose Boot Tasks.
An asterisk (*) indicates the current default boot device.
> To make a selection use the arrow keys, and press Enter to mark it [X].
[X] DISK: (*) Target 0:QUANTUM FIREBALL1280A on Bus Mastering IDE
controller on Board PCI at Dev 7, Func 1
[ ] DISK: Target 1:ST5660A on Bus Mastering IDE controller on Board PCI at Dev 7,
Func 1
[ ] DISK: Target 0:Maxtor 9 0680D4 on Bus Mastering IDE controller on Board PCI
at Dev 7, Func 1
[ ] CD : Target 1:TOSHIBA CD-ROM XM-5602B 1546 on Bus Mastering IDE
controller on Board PCI at Dev 7, Func 1
F2_Continue F3_Back F4_Boot Tasks F6_Help
The second menu that you are offered is the current boot parameter menu, which looks
like the following:
<<< Current Boot Parameters >>>
Boot path: /pci@0,0/pci-ide@7,1/ide@0/cmdk@0,0:a
Boot args:
Type b [file-name] [boot-flags] <ENTER> to boot with options
or i <ENTER> to enter boot interpreter
or <ENTER> to boot with defaults
<<< timeout in 5 seconds >>>
Select (b)oot or (i)nterpreter:
The following fi le contains the eeprom variables used to set up the boot environment on
an x86 machine:
/boot/solaris/bootenv.rc
All directories and fi les needed to boot an x86-based system are contained in the
/boot directory.
In addition to BIOS confi gurations, there may be situations in which you will need to
confi gure (or reconfi gure) some devices such as keyboard, display, and mouse.
CERTIFICATION OBJECTIVE 3.04
Confi guring Devices:
Exam Objective 3.4: Use the Xorg confi guration fi les or kdmconfi g utility to confi
gure the keyboard, display, and mouse devices for an x64 and x86-based system. You can use
the kdmconfig command to confi gure or unconfi gure keyboard, display, and mouse devices
for OpenWindows and internationalization. This command can be used for any of the
following tasks:
To confi gure or unconfi gure the /etc/openwin/server/etc/OWconfig file with the
keyboard, display, and mouse information that is relevant to a client’s machine on
x86-based systems.
To set up the display, pointer, and keyboard entries in the /etc/bootparams
file on a server machine. The information that you enter is stored in the
/etc/bootparams fi le, which contains one entry per client. The entry for a client
contains the client’s name and the values for the boot parameters for that client.
Diskless clients, while booting, retrieve this information by issuing requests to the
server running the rpc.bootparamd.
To set up the monitor, keyboard, display, and pointer keywords in a system identifi
cation confi guration (sysidcfg) fi le. When a diskless client boots for the fi rst time,
or a system installs over the network, the booting software tries to obtain the confi
guration information about the system, such as the system’s root password or name
service, fi rst from a sysidcfg fi le and then from the name service databases.
The kdmconfig command has the following syntax:
kdmconfig [-fv] [-s <hostname>]-c | -t | -u | -d <filename>
The command will display screens for you to enter the information. The options are
described here:
-c. Execute the program in the confi guration mode used to create or update the
/etc/openwin/server/etc/OWconfig fi le. It then displays the screens for you to enter
the information.
Confi guring Devices 87
88 Chapter 3: Performing System Boot and Shutdown
-d <filename>. This option is used to create a system confi guration identification file
that will be used when a diskless client boots for the first time or when you install a
system over the network. It is used to avoid prompts for the user and provide a totally
hands-off booting process. This command displays the same screens as -c option.
The argument <filename> specifies the system identifi cation confi guration fi lename
under which the information will be saved.
-f. Forces screen mode; no network probing will be performed. This option can be
used when you want to debug the client’s confi guration environment.
-s <hostname>. This option is used to set up confi guration information on this
machine for the diskless clients.
-t. Run the command in test mode.
-u. Unconfi gure the system.
-v. Enable verbose mode.
If you issue the kdmconfig command without any options, it will edit the confi
guration information from the OWconfig fi le—that is, it will run like -c option.
You can also use the following commands to reconfi gure the system:
/usr/X11/bin/xorgconfig
/usr/X11/bin/Xorg –configure
As mentioned previously, the services at the init phase of the boot process are started
by the SMF facility svc.startd. Nevertheless, the /etc/rc<n>.d continues to be started
as well, for backward compatibility reasons.
CERTIFICATION OBJECTIVE 3.05
Service Management Facility and Run Levels:
Exam Objective 3.6: Explain the Service Management Facility and the phases of the
boot process. Exam Objective 3.7: Use SMF or legacy commands and scripts to control both
the boot and shutdown procedures. Solaris 10 offers Service Management Facility (SMF) to
provide an infrastructure that augments the traditional UNIX startup scripts, init run levels,
and confi guration fi les. In the init phase, the unit process starts the svc.startd process, which
is an SMF process, and it starts the system services.
Although many standard Solaris services are now managed by SMF, the scripts
placed in the /etc/rc<n>.d directories continue to be executed when a run level transition
occurs. Even though most of these scripts from the previous Solaris releases have been
removed as a result of moving to SMF, the ability to continue running the remaining scripts
allows for third-party applications and services to be added without the need to convert the
services to use SMF.
There is another reason to keep the run-script infrastructure intact for now: the need to
make the /etc/inittab and /etc/inetd.conf fi les available for packages to amend with post
install scripts, called legacy-run services. You can use the inetconv command to convert these
services to the SMF, which will add these services to the service confi guration repository
(the place where SMF maintains the confi guration information). After a service has been
converted to SMF, it will not need to make modifi cations to the /etc/inittab and
/etc/inetd.conf fi les, and it will obviously not use the /etc/rc<n>.d scripts. SMF offers the
svcadm command to administer the SMF services. This command can also be used to change
the run level of a system by selecting what is called a milestone at which to run.
The svcadm command to change the run level has the following syntax:
/usr/sbin/svcadm [-v] milestone [-d] <milestone_FMRI>
If you do not use the -d option, this command will transition the system to the run
level specified by <milestone_FMRI>. If you use the -d option, it will make the run
level specified by the <milestone_FMRI> as the default run level for the system at
boot time. The relationship between the values of <milestone_FMRI> and run levels
is shown in Table 3-10.
S milestone/single-user:default
2 milestone/multi-user:default
3 milestone/multi-user-server:default
Relationship between the init run levels and the SMF milestones
Service Management Facility and Run Levels 89
90 Chapter 3: Performing System Boot and Shutdown
The Fault Management Resource Identifi er (FMRI) is a string that is used to identify
a particular resource for which Solaris can perform automated fault management. You
will learn more about SMF further on in this book. For example, the following
command restricts the running services to a single-user mode:
# svcadm milestone milestone/single-user
The following command restores all the running services:
svcadm milestone all Therefore, you can use the init command or the svcadm command to
initiate a run-level transition. As an alternative to the initdefault entry in the inititab fi le, the
following command will make run level 3 as the default run level:
svcadm milestone -d milestone/multi-user-server
The default milestone defined by the initdefault entry in the inittab fi le is not
recognized in Solaris 10.
The three most important takeaways from this chapter are the following:
A number of programs are executed in the boot process in this order: POST to check
the hardware and memory, the boot programs bootblk and ufsboot, kernel, init, and svc.startd.
Shutting down a system means changing its run level to a level (0 or 5) from which it is safe
to turn off the power.
The boot confi guration variables can be managed with a number of commands issued
at the Boot PROM command prompt ok, such as setenv command to set the value of a
variable. You can also change the values of these variables at the OS command line
by using the eeprom command.
In Solaris 10, most of the services are managed by the Service Management
Facility (SMF), but the run control scripts are still executed to provide backward
compatibility. Do not count on the initdefault entry in the inittab fi le; instead use the
svcadm command to set (or change) the default run level of the system.
Service Management Facility and Run Levels 91
Certification Summary:
There will be situations in which you will need to shut down the Solaris system and
reboot it—for example, scheduled maintenance procedures or an anticipated power outage.
The system boot is controlled by the boot confi guration variables. If the value of the auto-
boot? variable is true, the system will boot automatically by using the default values;
otherwise the Boot PROM command prompt ok will be displayed.
You can manage the boot confi guration variables by using a number of commands at
this prompt, such as printenv to display the current values of the variables and setenv
command to change the value of a variable. You can also use the eeprom command to change
the values of the variables at the OS command line. At the end of the boot process the system
enters the default run level determined by the milestone property of the SMF service:
svc.startd. If this property is set, the initdefault entry in the inittab fi le is ignored in Solaris
10. You can change the default run level of the system by using the svcadm command. A run
level determines which services will be running on the system. You can change the run level
of a running system by using the init command or the svcadm command.
Shutting down the system means changing its run level to a level from which it is safe
to turn off the power. Although most of the services in Solaris 10 are managed by SMF, the
run control scripts are still executed for compatibility and to support legacy services.
Everything in UNIX (and hence in Solaris) is represented by fi les, and fi les are one of the
most important resources supported by an operating system. In the next chapter, you will
explore how to manage fi le systems in Solaris. 92 Chapter 3: Performing System Boot and
Shutdown
INSIDE THE EXAM
Comprehend:
The values of the confi guration variables stored in the NVRAM chip persist across
the power cycles.
In Solaris 10, you should use the SMF command svcadm with the milestone as the
argument to change (or set) the default run level.
You can use either the svcadm or the init command to change the run level of a
system.
Look Out:
In Solaris 10, the initdefault entry in the /etc/inittab fi le is used for the default run
level only if the milestone property for the svc.startd facility has not been defined.
Both the init 0 and init 5 commands will shut down the system, but init 5 will also
attempt to turn off the power if the hardware supports it.
To display and change the NVRAM parameters, the eeprom command is used from
the OS command line, whereas the setenv and printenv commands are used at the
Boot PROM prompt ok.
Memorize:
You push the Stop-A keys to recover form a hung system. The Stop-D keys are used
to force the POST execution if your system bypasses it by default.
The halt -d command is used to force a crash dump.
The devalias command is used to create a device alias that will not persist across
power cycles, and the nvalias command is used to create a device alias that will
persist across power cycles.
The kdmconfig command can be used to confi gure or unconfi gure the /etc
/openwin/server/etc/OWconfig file with the keyboard, display, and mouse information
relevant to a client’s machine on x86-based systems. Two-Minute Drill 93
TWO-MINUTE DRILL
Understanding the Solaris Boot Process
When the system is fi rst turned on, the OpenBoot PROM runs the power-on self test
(POST) to check the hardware and the memory.
The phases of the boot process are Boot PROM, boot programs, kernel initialization,
and the init, in the order given.
During the boot process, programs run in this order: POST, bootblk, ufsboot, kernel,
and init.
Performing Boot and Shutdown Procedures:
After POST, the Boot PROM command prompt ok is displayed if the auto-boot?
variable is false; otherwise the system boots by using default values. At the ok
prompt, you can issue the boot command and some other commands such as test
<device> to test a device.
The setenv command at the ok prompt is used to set the values of the NVRAM
parameters, while the printenv command is used to display the values of the NVRAM
parameters.
Understanding BIOS Settings and Confi guration:
Solaris always runs in one of the available run levels, which are represented by
integers and letters: 0 to 6, and S (for single user).
The default run level is defined by the initdefault entry in the /etc/inittab fi le.
However, in Solaris 10 the initdefault entry is used only if the milestone property for
the svc.startd facility has not been defined, which is preferably used as the default run
level.
Most of the services in Solaris 10 are managed by the Service Management Facility
(SMF), but the run control (rc) scripts are started for backward compatibility.
You can use the init or the svcadm command to change the run levels, and the init or
the shutdown command to shut down the system.
94 Chapter 3: Performing System Boot and Shutdown
Confi guring Devices:
NVRAM parameters are the Boot confi guration variables stored in the NVRAM
chip.
You can use the printenv and setenv commands at the Boot prompt ok to display and
change the NVRAM parameters, respectively, and you can use the eeprom command
at the OS command line to do the same thing.
The set-defaults command at the ok prompt set the value of the NVRAM parameters
to the factory default.
The devalias command is used to create a device alias that will not persist across
power cycles, and the nvalias command is used to create a device alias that will
persist across power cycles.
Service Management Facility and Run Levels:
The svcadm command to change the run level has the syntax:
svcadm milestone <milestone_FMRI>
The svcadm command to change the default run level has the syntax:
svcadm milestone -d <milestone_FMRI>
Self Test 95
SELF TEST
The following questions will help you measure your understanding of the material
presented in this chapter. Read all the choices carefully because there might be more than one
correct answer.
Choose all correct answers for each question.
1. The system confi guration variables that determine the startup system confi guration
are stored in which of the following?
(a) OpenBoot PROM
(b) NVRAM
(c) Boot device
(d) File in the /etc directory
2. Which tasks are performed during the Boot PROM phase of the system startup?
(a) Kernel initialization
(b) Loading ufsboot
(c) Loading bootblk
(d) Executing power-on self test (POST)
3. Which order of tasks best describes the boot process on a SPARC machine?
(a) Executing POST, loading bootblk, loading ufsboot, executing init, starting svc.startd
(b) Executing POST, loading bootblk, loading ufsboot, starting svc.startd, executing init
(c) Executing POST, loading ufsboot, loading bootblk, executing init, starting svc.startd
(d) Loading bootblk, executing POST, loading ufsboot, executing init, starting svc.startd
4. Your Solaris system is hung? Which of the following actions should you take?
(a) Shut the power down
(b) Push Stop-A
(c) Push Stop-D
(d) Push Stop-N
5. Which sequence represents the phases of the boot process on an x86 machine in the
correct order?
(a) Boot PROM, Boot Programs, Kernel Initialization, init
(b) Boot PROM, BIOS, Boot Programs, Kernel Initialization, init
(c) Boot PROM, BIOS, Boot Programs, Kernel Initialization, init
(d) BIOS, Boot Programs, Kernel Initialization, init
6. Which of the following programs is responsible for starting svc.startd?
(a) Svcadm
(b) Svcs
(c) Init
(d) ufsboot
7. In Solaris 10 what would you do to change the default run level of the system,
assuming that the milestone property is set in svc.startd?
(a) Change the value of the initdefault entry in the inittab file.
(b) Use the svcadm command with -d option.
(c) Use the init command.
(d) Use the initdefault command.
8. Which command would you use to change the value of an OpenBoot confi guration
variable at the OpenBoot PROM command prompt ok?
(a) Eeprom
(b) Setvar
(c) Set
(d) Setenv
9. Which of the following commands creates a device alias that will persist across power
cycles?
(a) Devalias
(b) Nvalias
(c) Setenv
(d) dev-alias
10. Which of the following commands can be used to change the run level of the Solaris
system?
(a) Init
(b) Shutdown
(c) Halt
(d) run-level
96 Chapter 3: Performing System Boot and Shutdown
Self Test 97
11. When the SPARC system is being turned on, you push the STOP-D key combination.
What is the effect of you action?
(a) It puts the fi rmware in the diagnostic mode.
(b) It resets the NVRAM parameters to their default values.
(c) It displays a GUI for you so that you can reset the NVRAM parameters.
(d) It resets the NVRAM parameters to their factory default values.
12. Which of the following are the boot phases of an x86-based system?
(a) BIOS loads the MBR program mboot.
(b) The mboot program runs POST.
(c) The mboot program loads the Solaris boot program, pboot.
(d) The pboot program starts ufsboot.
13. Consider the following command and output at OpenBoot prompt:
>ok setenv auto-boot? False
auto-boot? = false
What is the effect of this command on the system?
(a) The syntax for the command is incorrect because the name of the variable is auto-boot
and not auto-boot? So there will be no effect.
(b) The next time you turn the system on, it will not boot until you set the auto-boot?
variable back to true.
(c) The next time you turn the system on, it will boot into single-user mode.
(d) The next time you turn the system on, it will display the OpenBoot prompt ok and you
will need to give the boot command to boot it.
SELF TEST ANSWERS
1. B. The boot confi guration variables are stored in the non-volatile random access
memory (NVRAM) chip.
A is incorrect because OpenBoot PROM contains the OpenBoot PROM
monitor program and not the boot confi guration variables. C is incorrect
because a boot confi guration variable determines which boot device to use,
and D is incorrect because the system must be booted before it has access to
the /etc directory.
2. C and D. The two main tasks of the Boot PROM phase are to execute POST followed
by loading the primary boot program bootblk.
A is incorrect because Kernel Initialization is done in the kernel initialization
phase, and
B is incorrect because ufsboot is loaded in the Boot Programs phase.
A. When you turn the machine on, fi rst the Power- On Self Test (POST) is
run; then the primary boot program bootblk is loaded, which in turn loads the
secondary boot program ufsboot. The ufsboot program loads the kernel, which
starts the init process; then the init process starts the SMF utility svc.startd.
3. B is incorrect because the init process starts the svc.startd, so it has to be started
before svc.startd. C is incorrect because bootblk is the primary boot program and must
be started before the secondary boot program ufsboot. D is incorrect because POST is
the fi rst program that is run when the machine is turned on.
4. B. Pushing the Stop-A combination will eventually take you to the ok prompt, where
you can issue command if you want to synchronize the fi le system and then boot.
A is incorrect because shutting the power down is likely to damage the fi le
system. Never do this unless there is an emergency and you have no other
choice. C is incorrect because pushing Stop-D is used during startup to put the
system into diagnostic mode—that is, to force POST to run, if POST was
bypassed by default. D is incorrect because Stop-N is used to reset the
NVRAM content to default values.
5. D. The phases of the boot process on an x86 machine are BIOS, Boot Programs,
Kernel Initialization, and init.
A, B, and C are incorrect because Boot PROM does not exist in an x86
machine.
6. C. The kernel starts the init program and the init program starts the SMF utility
svc.startd.
A is incorrect because the svcadm command is used to administer the SMF
services such as to disable or enable them. B is incorrect because the svcs
command is used to fi nd the status of services. D is incorrect because ufsboot
starts the kernel and not the svc.startd.
98 Chapter 3: Performing System Boot and Shutdown
7. B. The svcadm command with -d option will change the default run level in Solaris
10.
A is incorrect because the initdefault entry is not used in Solaris 10 if the
milestone property is set for svc.startd. C is incorrect because the init
command can be used to change the run level but not to change the default run
level. D is incorrect because there is no such command as initdefault.
8. D. The setenv command is used to change the value of a boot confi guration
variable at the OpenBoot PROM command prompt ok.
A is incorrect because the eeprom command is used to change the value of a
boot confi guration variable at the OS command line and not at the OpenBoot
prompt.
B and C are incorrect because there are no set and setvar commands at the ok
prompt to change the value of a boot confi guration variable.
9. B. A device alias created with the nvalias command will persist across power cycles.
A is incorrect because a device alias created with the devalias command will
not persist across power cycles. C is incorrect because the setenv command is
used to change the value of a boot confi guration variable. D is incorrect
because there is no such command as dev-alias.
10. A, B, and C. Any of these commands (init, shutdown, and halt) will change the run
level of the system.
D is incorrect because there is no such command as run-level.
11. A. Pushing the Stop-D key combination at startup of a SPARC system will put the
system into diagnostic mode. It is useful to force the POST to run, if the POST was
bypassed by default.
B is incorrect because you need to push the Stop-N key combination to set the
NVRAM parameters to their default values. C is incorrect because no key
press will give you the GUI to reset the NVRAM parameters. D is incorrect
because there is no key combination that you can push to reset the NVRAM
parameters to their factory defaults.
12. A and C. BIOS loads the master boot record program, mboot, which loads pboot.
B is incorrect because POST is run by BIOS, and D is incorrect because the
secondary boot program ufsboot is started by the primary boot program
bootblk, which is started by the Solaris boot program pboot.
13. D. The auto-boot? Parameter is a Boolean whose value determines whether or not the
system will be automatically booted when it is turned on.
A is incorrect because the name auto-boot? Is the correct name for this
parameter?
B is incorrect because even if the auto-boot? Is false, you can boot the system
by issuing the boot command at the ok prompt. C is incorrect because the
auto-boot? Parameter does not determine the run level of the system.
Self Test Answers 99
PERFORMING USER ADMINISTRATION
Managing users on a Solaris system, a significant responsibility of a system
administrator, includes creating, modifying, and deleting the user accounts on the system by
using both the command and the GUI tools. In addition to learning how to accomplish this
task, you will also explore the files in which the user accounts live after you create them.
Furthermore, each user works on a system in a certain environment with a global component
and a customized local component. We will explore the shell initialization files that are used
to set up this environment when the user logs in.
Basics of User Accounts:
Before a user can access and use a system, you need to create an account for that user
on the system. A user account contains the identification and the permissions attached to it,
which allows the user to access and use the system. After logging on to a system, a user can
do things such as accessing files and directories according to the permissions granted to that
user by the system administrator. Multiple users who need identical permission can be
organized into a group, and the permissions can be granted to the group. A permission
granted to a group applies to all the users who are members of the group. This makes security
management more efficient.
In this section, we will explore the structure of a user account and the files in which
the user accounts live. Let’s begin with exploring the structure of a user account.
Structure of a User Account:
A user is required to have a user account on a system in order to log in and use system
resources. A user account contains a set of components, such as the user login name and
password.
Multiple users can be organized into a logical group that has a group name, a group
ID (GID), and of course a list of users. A user must belong to a primary group and can belong
to a maximum of 15 secondary groups. Any permission for a resource granted to the group
apply to each user in the group. A user must belong to at least one group called the user’s
primary group.
Let’s further explore the components of a user account, beginning with the component
called user name or login name.
User Name:
A user name, also called a login name, is a mandatory component of a user account,
which you, the system administrator, create. The user employs the user name and the
password associated with it for logging into a local or a remote system.
The components of user account as follows:
Component DescriptionUser login
nameA unique name for a user on a system; two to eight characters in length. The characters can be letters and numerals; the first character must be a letter and at least one character must be a lowercase letter.
Password A component of a user account that must be kept secret and known only to the user. The user uses it to log into the system along with the user login name.
User ID (UID)
A required unique integer associated with the user name. The numbers from 0 to 99 are reserved for system accounts. Regular users should be assigned UIDs from 100 to 60,000, but they can go as high as the largest 32-bit signed positive number: 2147483647.
Group name A collection of users who share the same set of permissions to the resources. The maximum length of a group name is eight characters. A group has a name, a group ID, and a list of users that belong to it.
Home directory
The root of the subtree of the file system that belongs to the user.
You should not use a user name identical to a mail alias known to the system or an
NIS domain because it may deliver the user’s mail to the alias.
You must exercise the following rules in specifying a user name:
Each user name on a system must be unique.
A user name should be two to eight characters long; a character being a letter or a
numeral.
A user name should begin with a letter, and it should contain at least one lowercase
letter.In order to log in to a system, a user needs a password in addition to a login
name. Let’s take a closer look at the password component.
Password:
A password is a secret component of a user account that is known only to the user of
the account. As a system administrator, you have two choices: specify a password when you
create a user, or force the user to specify a password when the user logs into the system for
the fi rst time. The following are the rules for specifying a password:
The password length, by default, may be six to eight characters long, including letters,
numerals, and special characters.
The minimum and maximum allowed length mentioned previously may be changed
by editing the files /etc/default/passwd and /etc/policy.conf, respectively.
The first six characters of a password must contain at least one numeric or special
character, and at least two alphabets.
A good password is a tradeoff between two opposing requirements: the password
should be easy enough for the user to remember but hard enough to keep a hacker
Do not use the word “password” as your password, as it is too trivial to crack even if
you replace the character “s” with the symbol $.
Avoid the use of proper nouns, login names, the names of a spouse or pet, or anything
related to the user that can be easily guessed.
Avoid using car license numbers, telephone numbers, employee numbers, and Social
Security numbers.
Avoid using words related to a hobby or interest.
Avoid using any word in the dictionary.
Avoid using any of the preceding choices spelled backwards.
Words with numbers or special characters embedded in them make good passwords—
for example, goofyboys is a bad password but g00fyboy$ is a good one.
Each user account has a user ID, and each group of users has a group ID, both of
which we explore next.
User ID and Group ID
User Id’s are defined as follows:
Uid Description
0 – 99 System accounts such as root, sys, daemon, and bin.
100 – 60,000 General-purpose accounts for regular users.
60,000 –
2,147,483,647
Accounts that do not have full functionality such as anonymous
users.
The user ID (UID) is a unique integer associated with a user and is used by the system
to keep track of the user account. Theoretically speaking, a UID is any positive integer that
you can make out of a signed 32-bit (i.e., 231 − 1 = 2147483647). However, some of these
numbers are reserved.
The numbers from 0 to 99 are reserved for system accounts such as root, daemon, sys,
and bin: 0 for root, 1 for daemon, 2 for bin. The accounts with UID number greater than
60,000 do not have full functionality—for example, 60,001 for the anonymous user nobody,
65,534 for the anonymous user nobody4, and 60,002 for the non-trusted user noaccess. A
general-purpose user account should be assigned a UID number within the range from 100 to
60,000.
Just like a user, a group has an ID too, called the group ID (GID). The rules for the
GID numbers are the same as for the UID numbers; a GID on a system should be unique and
should not be greater than 60,000.
A user account is created to let the user use the system resources including the fi le
system. The user enters the fi le system through the home directory, which we explore next.
Home Directory:
Users have their own subtrees, which are parts of the whole directory tree on the
system. The home directory for a user makes the root of this subtree. The user can access the
home directory locally or remotely. The naming convention for the home directory is:
/export/home/<username>; thus, a user jkerry on a system will have the home directory
/export/home/jkerry.
A user should access the home directory through a mount point /home/ <username>.
Furthermore, because /export/home/<username> is machine specifi c, the home directories
should always be referred to by the environment variable $HOME in order to use them
anywhere on the network. The symbolic links created in the user home directory should use
relative paths and not absolute paths to make them independent of the home directory’s
mount point. In this case, changing the mount point will not invalidate the links.
If you have a large number of user accounts on a server, distribute them over different
file systems and use a different name /export/<homen> for each file system for the home
directories—for example, /export/home1 on one fi le system, /export/home2 on another file
system, and so on. This facilitates tasks such as backing up and restoring the home
directories.
The maximum value of a UID can be 231 − 1. A regular user account has a UID
number within the range of 100 to 60,000, and the UID numbers in the range from 0 to 99
belong to the system accounts—for example, the root account has a UID of 0.
Where User Accounts Live:
Once a user account has been created, the account information is saved in three files
in the /etc directory: passwd, shadow, and group. Let’s examine these files one by one.
The passwd File:
Most of the information about a user account is stored in the /etc/passwd fi le. Each
line in this file represents a user account and contains multiple fields with the following
syntax:
<username>:<password>:<uid>:<gid>:<comment>:<home directory>:<login shell>
Any two fields are separated by a colon (:). For example, an entry in the passwd fi le
is explained as follows. The fields of an entry in the passwd file are described as follows:
The default passwd file created by Solaris 10 is shown here.
root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
Entries in the /etc/passwd file contains as follows :
<username> The unique user name, also called the login name, for the account.
<password> The user password for this account.
<UID> A unique user ID number for the user account. Each account has a UID.
<GID> A unique group ID number for the group to which the user of this account
belongs.
<comment> An optional informational fi eld. You can basically type any
information here; usually it contains the user’s full name.
<home directory> Home directory for the user of this account.
<login shell> The default login shell for the user such as / bin /sh or / bin /csh.
The default passwd file contains entries for standard processes, also called daemons,
that are usually started at boot time to perform system-level tasks such as printing, network
administration, and port monitoring. Two adjacent colons (::) in the passwd file represents a
blank fi eld. This is also true for other fi les such as the shadow file and the group file.
If the password for a user is encrypted, the entry in the passwd file contains only an x.
The encrypted password along with other user information goes into the shadow file, which
we examine next.
The shadow File:
The shadow file contains detailed information about the password. The syntax for an
entry in the shadow file is similar to that of the passwd file and is shown here:
<username>:<password>:<lastchg>:<min>:<max>:<warn>:<inactive>:<expire>
As an example, an entry in the shadow file is explained. The fields in the shadow file
entries are described as follows:
Remember that the shadow file can be viewed only by a superuser (e.g., the root account).
Entry in the /etc/shadow
The fields in shadow file as follows:
siri:86K G/MNT /DGU.:9675: 0: 90: 7: 10: 5905
By seeing the above example the fields are separates by colons:
<username> The unique user name, also called the login name, for the account.
<password> The user password. May contain one of the following: an encrypted user
password 13 characters long, the string *LK* indicating that the account is locked and
hence not accessible, or the string NP indicating that this account has no password.
<lastchg> The number of days between January 1, 1970, and the date when the
password was modifi ed last.
<min> The minimum number of days required between two consecutive password
changes.
<warn> The number of days before the password expiration date when the user is
warned.
<inactive> The number of days for which a user account can be inactive before being
locked.
<expire> The user account expiration date, after which the user will be unable to log
into the system using this account.
The /etc/passwd file contains most of the user account information, including a place
holder for the password, whereas the detailed password information is contained in the
/etc/shadow file. The passwd file and the shadow file contain the user account information,
and the group file contains the information about user groups.
The group File:
Multiple users can be organized into a group for ease of administration. Entries in the
group file contain information about groups. The syntax of an entry in the /etc/group file is
similar to an entry in the passwd file and is shown here:
<group name>:<group password>:<gid>:<user-list>
As an example, an entry in the group file. The fields in a group file entry are
described as follows. The group password field is generally not used—that is, it is left empty.
It is a legacy from the earlier days of UNIX. If a group does have a group password, the
newgrp command will prompt the user to enter the password. However, note that there is no
utility to set the group password. The default group file created by the Solaris 10 system is
shown here.
root::0:
other::1:
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
smmsp::25:
sysadmin::14:
gdm::50:
webservd::80:
nobody::60001:
noaccess::60002:
nogroup::65534:
Fields in the /etc/group
<group name> The name assigned to the group: maximum length eight characters.
<group password> Optional fi eld, usually contains an asterisk or is left empty.
<GID> The group ID number.
<user list> The list of users who are members of this group; any two members are
separated by a comma.
The default group file contains the system groups that support some system level
tasks—printing, network administration, and email. Note that many of these groups have
corresponding entries in the passwd file.
Now that you have explored the structure of a user account and you know where the
user account information is stored, it is time to get more practical, that is, to learn how to
create, modify, and delete user accounts.
CERTIFICATION OBJECTIVE 6.02
Managing User and Group Accounts with the Shell Command Line
Solaris offers several shell commands to manage user and group accounts. In this
section we explore these commands to create, modify, and delete user and group accounts.
Adding a Group A group account is created by using the groupadd command which has the
following syntax:
groupadd [-g <gid> [-o]] <group_name>
examples:
#groupadd –g 600 oracle
#groupadd –g 700 dba
#groupadd –g 800 accounts
The options supported by the groupadd are described as follows:
-g <gid>. Specifi es the group ID. If not used, the group ID will default to the next
available number greater than the one already assigned to a group.
-o. Specifi es that the GID can be duplicated—that is, more than one group can share
this GID, which is helpful in modifying the group.
The <group_name> obviously is the name of the group and is a character string that
may contain lowercase letters and numerals. You can modify an existing group account, and
this is discussed next.
Modifying a Group You modify a group by using the groupmod command, which has the
following syntax:
groupmod [-g <gid> [-o]] [-n <new_name>] <group_name>
Examples:
To modify group id:
#groupdmod –g <newid> <groupname>
#groupmod –g 1200 oracle
To modify group name
#groupmod –n <newname> <oldname>
#groupmod –m ora oracle
Deleting a Group You can delete an existing group by using the groupdel command, which
has the following trivial syntax:
groupdel <group_name>
For example, the following command will delete the group named gop:
#groupdel ora
#groupdel accounts
Note that the groupdel command deletes only the group account and not the users that
belong to the group. That means that although the group membership of the users is deleted
with the deletion of a group, the user accounts still exist.
As opposed to Windows, in UNIX you always use the command line tools for system
administration. Nevertheless, there are some GUI tools available for beginners. For example,
on the Solaris 10 system, you can use the Solaris Management Console (SMC) GUI tool for
user administration. We explore this tool next.
Managing User Accounts:
The useradd Command:
You use the useradd command to create a new user account—that is, to add a new
user to the system. The account information will automatically go to the passwd, shadow, and
group files as you create the account.
The syntax for the useradd command is shown here:
#useradd –u <uid> -g <pgid> -G <sgid> -d <homedir> -m –s <shell> -c <comment>
-e <expiry> -f <inactive> username
The options for this command are explained in the following list:
-u <uid> user id number
-g <pgid> primary group id
-G <sgid> secondary group id
-d <homedir> user’s home directory
-m <make> make directory
-s <shell> user’s shell
-c <comment> a short description of the user (e.g., full name of the user).
-e <expire>. Specifi es the expiration date for the user account.
-f <inactive>. user does not log into the account for days more than the value of
<inactive>, the account will be locked. The default for this option is 0. This
information goes into the shadow file.
Example of useradd command
#useradd –u 500 –g 501 –G 600 –d /home/siri –m –s /bin/ksh –c “siritech”
-e 09122009 –f 5 siri
The usermod Command:
You can use the usermod command to modify an account—that is, to modify the
value for an option that either was specified by you when the account was originally created
or a default value was assigned to it. Solaris lets you modify most of the options as follows:
usermod –l To modify the users login name
-u To modify the user id
-g To modify user’s primary group id
-G To modify or create the user’s secondary group id
-d To modify user’s home directory
-s To modify user’s shell
-c To modify the comment about user
-e To modify expiry date of user account
-f To modify inactive days of user login
Examples:
To modify user login name:
#usermod –l <newname> <oldname>
#usermod –l siritech siri
To modify user id
#usermod –u <newid> <username>
#usermod –u 1000 siritech
To modify user’s primary group id
#usermod –g <newid> <username>
#usermod –g 800 siritech
To modify user’s secondary group id
#usermod –G <newid> <username>
#usermod –G 850 siritech
To modify user’s home directory
#usermod –d <newdir> -m <username>
#usermod –d /home/siritech –m siritech
To modify user’s expiry date
#usermod –e <newdate> <username>
#usermod –e 10282009 siritech
To modify user’s inactive days login
#usermod –f <newdays> <username>
#usermod –f 7 siritech
The userdel Command:
You use the userdel command to delete a user account from the system. The syntax
for the userdel command is shown here:
userdel [-r] <login_name>
The option -r is used to delete the user home directory along with the account. For
example, the following command deletes the account of user jkerry along with the home
directory (and all directories underneath it recursively):
userdel -r siritech
There may be important company files in the home directory of the employee who has
just left. In that case, you can delete the user account without the -r option, and the user
account will be deleted without deleting the home directory.
A user must have a primary group. In addition to this, a user can become a member of
up to 15 (the default maximum number) secondary groups. Before a user can become a
member of a group, the group account must exist. In the next section, we discuss how to
manage group accounts.
Managing User and Group Accounts with the SMC GUI:
You can use the Solaris Management Console (SMC) to manage user and group
accounts. In this section, you will do two hands-on exercises using SMC.
EXERCISE 6-1
Creating a User Account with the SMC GUI Tool:
Perform the following steps to create a user account with the SMC GUI tool:
1. Become the superuser or assume an equivalent role (e.g., log in as root).
2. Start the SMC by issuing the following command:
/usr/sadm/bin/smc &
3. Click the This Computer icon under the Management Tools icon in the Navigation
panel. A list of categories is displayed.
4. Click the System Confi guration icon.
5. Click the User Accounts icon.
6. Type in your password.
7. Click the Users icon.
8. Select the Add User with Wizard from the Action menu. Click Next between each of
the steps that follow.
9. Type in the user login name at the User Name prompt (following the rules for
specifying the user names that you have learned in this chapter)—for example, agore.
10. Optional step. Type in the user full name at the Full Name prompt—for example, Al
Gore.
11. Optional step. Type in a further description of this user at the Description prompt.
12. Specify the user ID at the User ID Number prompt—for example, 420.
13. Select the option: User Must Use This Password at First Login, and type in a
password for the user at the password prompt. Confi rm the password at the Confi rm
Password prompt.
14. Select the primary group for the user.
15. Create the home directory for the user by accepting the defaults at the Server and Path
prompts.
16. Specify the mail server.
17. Review the information you provided and go back to correct the information, if
necessary. Otherwise, click Finish.
Congratulations! You have a added a user to the system by using the SMC GUI tool.
But before opening the champagne, attempt to log in as the user that you created to be sure
that it works.
Groups contain users. You have two choices regarding adding users to a group: you
can add the existing users to the group during the group creation, or you could add a user to
the group when you create the user account. Once a user has been created on the system, the
user can log into the system and work. Each user works in a certain work environment on the
system, which is set up when the user logs in.
Shell Initialization Files:
As a part of setting up a user account, you need to set up some initialization files that
will set up the work environment when the user logs in. These initialization files, also called
the shell initialization files, are essentially the shell scripts that set up the characteristics of
the user’s work environment, such as search path, windowing environment, and environment
variables. There are two kinds of initialization files: user initialization files, whose scope is a
specific user; and site initialization files, whose scope is the system.
User Initialization Files:
The user initialization files live in the home directory of a user. A user works in a
specific shell. Each shell has its own set of initialization files, which exist in the home
directory of the user.
A question arises: where do these files come from, and how do they end up in the
user’s home directory? Solaris 10 offers the skeletons for the user initialization fi les in the
/etc/skel directory.
When you create a user with the useradd command by using the –m option, this set of
skeleton fi les, depending upon the user’s login shell, is copied into the user’s home directory
and renamed to the names.
Including $path (C shell) and $PATH (Bourne and Korn shell) in the command that
sets the path includes the existing path value before the command is issued. This is used to
append the user’s path settings to the ones that are already set in the site initialization fi le. If
you do not use $PATH or $path, the existing path settings will be replaced with the new ones.
Login shell user initialization file
Bourne .profile
C .login
.cshrc Korn
.profile
$ENV It is the environment variable that specifi es the fi le (usually .kshrc) that will
define the user’s environment.
User initialization files for the Bourne, C, and Korn shells (the files are copied into
the user’s home directory at the time the account is created)
Login shell Default initialization files
Bourne /etc/skel/local.profile
C /etc/skel/local.login
/etc/local.cshrc
Korn /etc/skel/local.profile
Of course, you can edit the initialization files in the /etc/skel directory and edit the
initialization files in the home directory to customize them. Typically, the user will customize
the local work environment by editing the user initialization fi les, whereas you will
customize the user’s work environment by providing the systemwide site initialization files,
which we discuss next.
HOW TO CONFIGURE FILE SYSTEMS FOR QUOTAS:
Become superuser
Edit the /etc/vfstab file and add rq to the mount options field for each UFS file system that
will have quotas.
Change directory to the root of the file systemthat will have quotas.
Create a file named quotas.
# touch quotas
Change permissions to read/write for superuser access only.
# chmod 600 quotas
Configuring File Systems for Quotas
The following /etc/vfstab example shows that the /export/home directory from the
system pluto is mounted as an NFS file system on the local system. You can tell that quotas
are enabled by the rq entry under the mount options column.
# device device mount FS fsck mount mount
# to mount to fsck point type pass at boot options
# pluto:/export/home - /export/home nfs - yes rq
The following example line from the /etc/vfstab file shows that the local /work directory
is mounted with quotas enabled, signified by the rq entry under the mount options column.
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#/dev/dsk/c0t4d0s0 /dev/rdsk/c0t4d0s0 /work ufs 3 yes rq
How to Set Up Quotas for a User:
Become super user or assume an equivalent role. Use the quota editor to create a temporary
file that contains one line of quota information for each mounted UFS file system that has a
quotas file in the file system's root directory.
# edquota username where username is the user for whom you want to set up quotas.
Change the number of 1-Kbyte disk blocks, both soft and hard, and the number of
inodes, both soft and hard, from the default of 0, to the quotas that you specify for
each file system.
Verify the user's quota.
# quota -v username
-v Displays the user's quota information on all mounted file systems where quotas
exist. username Specifies the user name to view quota limits.
Setting Up Quotas for a User
The following example shows the contents of the temporary file opened by edquota
on a system where /files is the only mounted file system that contains a quotas file in the root
directory.
fs /files blocks (soft = 0, hard = 0) inodes (soft = 0, hard = 0)
The following example shows the same line in the temporary file after quotas have
been set up.
fs /files blocks (soft = 50, hard = 60) inodes (soft = 90, hard = 100)
Howto Set UpQuotas for MultipleUsers:
Become superuser
Use the quota editor to apply the quotas you already established for a prototype user
to the additional users that you specify.
# edquota -p prototype-user username ... prototype-user Is the user name of the
account for which you have set up quotas username ... Specifies one or more user
names of additional accounts.More than one user name is specified by separating each
user name with a space.
Setting Up Prototype Quotas for Multiple Users
The following example shows how to apply the quotas established for user bob to
users mary and john.
# edquota -p bob mary john
Howto CheckQuota Consistency:
The quotacheck command is run automatically when a system is rebooted. You
generally do not have to run the quotacheck command on an empty file system with
quotas.However, if you are setting up quotas on a file system with existing files, you need to
run the quotacheck command to synchronize the quota database with the files or inodes that
already exist in the file system.
Also keep in mind that running the quotacheck command on large file systems can be
time-consuming.
Note – To ensure accurate disk data, the file systems being checked should be quiescent when
you run the quotacheck command manually. Become superuser or assume an equivalent role.
Run a consistency check on UFS file systems.
# quotacheck [-va] filesystem
-v (Optional) Identifies the disk quotas for each user on a particular file system.
-a Checks all file systems with an rq entry in the /etc/vfstab file.
filesystem Specifies the file system to check.
See the quotacheck(1M) man page for more information.
Checking Quota Consistency
The following example shows how to check quotas for the /export/home file system
on the /dev/rdsk/c0t0d0s7 slice. The /export/home file system is the only file system with an
rq entry in the /etc/vfstab file.
# quotacheck -va
*** Checking quotas for /dev/rdsk/c0t0d0s7 (/export/home)
How to Turn On Quotas
Become superuser
Turn on file systemquotas.
# quotaon [-v] -a filesystem ...
-v Displays a message for each file system after quotas are turned on.
-a Turns on quotas for all file systems with an rq entry in the /etc/vfstab file. filesystem ...
Turns on quotas for one or more file systems that you specify.More than one file system is
specified by separating each file system name with a space.
Turning On Quotas
The following example shows how to turn quotas on for the file systems on the
/dev/dsk/c0t4d0s7 and /dev/dsk/c0t3d0s7 slices.
# quotaon -v /dev/dsk/c0t4d0s7 /dev/dsk/c0t3d0s7
/dev/dsk/c0t4d0s7: quotas turned on
/dev/dsk/c0t3d0s7: quotas turned on
MaintainingQuotas
CheckingQuotas
After you have set up and turned on disk quotas and inode quotas, you can check for
users who exceed their quotas. In addition, you can check quota information for entire file
systems.
The following table describes the commands that you use to check quotas.
Commands for Checking Quotas
Command Task
quota(1M) Displays user quotas and current disk use, and information about users who are
exceeding their quotas repquota(1M) Displays quotas, files, and the amount of space that is
owned for specified file systems
Howto Check for ExceededQuotas:
You can display the quotas and disk use for individual users on file systems on which
quotas have been activated by using the quota command.
Become superuser
Display user quotas for mounted file systems where quotas are enabled.
# quota [-v] username
-v Displays one or more users' quotas on all mounted file systems that have quotas.
username Is the login name or UID of a user's account.
Checking for Exceeded Quotas
The following example shows that the user account identified by UID 301 has one 1–
Kbyte quota but has not used any disk space.
# quota -v 301
Disk quotas for bob (uid 301):
Filesystem usage quota limit timeleft files quota limit timeleft
/export/home 0 1 2 0 2 3
Filesystem Is the mount point for the file system.
usage Is the current block usage.
quota Is the soft-block limit.
limit Is the hard-block limit.
timeleft Is the amount of time, in days, left on the quota timer.
files Is the current inode usage.
quota Is the soft-inode limit.
limit Is the hard-inode limit.
time left Is the amount of time, in days, left on the quota timer.
Howto CheckQuotas on a File System:
Display the quotas and disk use for all users on one or more file systems by using the
repquota command.
Become superuser
Display all quotas for one or more file systems, even if there is no usage.
# repquota [-v] -a filesystem
-v Reports on quotas for all users, even those users who do not consume resources.
-a Reports on all file systems.
filesystem Reports on the specified file system.
Checking Quotas on a File System
The following example shows output from the repquota command on a system that has
quotas enabled on only one file system (/export/home).
# repquota -va
/dev/dsk/c0t3d0s7 (/export/home):
Block limits File limits
User used soft hard timeleft used soft hard timeleft
#301 -- 0 1 2.0 days 0 2 3
#341 -- 57 50 60 7.0 days 2 90 100
Block limits Definition
used Is the current block usage.
soft Is the soft-block limit.
hard Is the hard-block limit.
timeleft Is the amount of time, in days, left on the quota timer.
File limits Definition
used Is the current inode usage.
soft Is the soft-inode limit.
hard Is the hard-inode limit.
timeleft Is the amount of time, in days, left on the quota timer.
Changing and Removing Quotas:
You can change quotas to adjust the amount of disk space or the number of inodes
that users can consume. You can also remove quotas, for individual users or from entire file
systems, as needed.
edquota edquota(1M) Changes the hard limits and soft limits on the number
of inodes or amount of disk space for each user. Also,
changes the soft limit for each file system with a quota.
quotaoff quotaon(1M) Turns off quotas for specified file systems.
Howto Change the Soft Limit Default:
By default, users can exceed the soft time limits for their quotas for one week. So,
after a week of repeated violations of the soft time limits of either disk space quotas or inode
quotas, the system prevents users from using any more inodes or disk blocks.
You can change the length of time that users can exceed their disk space quotas or
inode quotas by using the edquota command.
Become superuser
Use the quota editor to create a temporary file that contains soft time limits.
# edquota -t
where the -t option specifies the editing of the soft time limits for each file system.
Change the time limits from0 (the default) to the time limits that you specify. So, use
numbers and the keywords month, week, day, hour, min, or sec.
Note – This procedure does not affect current quota violators.
Changing the Soft Limit Default
The following example shows the contents of the temporary file opened by the
edquota command on a system where /export/home is the only mounted file system with
quotas. The default value, 0, means that the default time limit of one week is used.
fs /export/home blocks time limit = 0 (default), files time limit = 0 (default)
The following example shows the same temporary file after the time limit for
exceeding the blocks quota has been changed to 2 weeks. Also, the time limit for exceeding
the number of files has been changed to 16 days.
fs /export/home blocks time limit = 2 weeks, files time limit = 16 days
Howto ChangeQuotas for aUser
Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see
“Configuring RBAC (TaskMap)” in System Administration Guide: Security Services.
Use the quota editor to open a temporary file that contains one line for each mounted file
systemthat has a quotas file in the file system's root directory.
# edquota username
where username specifies the user name whose quota you want to change.
Caution – You can specify multiple users as arguments to the edquota command.However,
the
user that this information belongs to, is not displayed. To avoid confusion, specify only one
user
name.
Specify the number of 1-Kbyte disk blocks, both soft and hard, and the number of inodes,
both
soft and hard.
Verify that a user's quota has been correctly changed.
# quota -v username
-v Displays user quota information on all mounted file systems with quotas enabled.
username Specifies the user name whose quota you want to check.
Changing Quotas for a User
The following example shows the contents of the temporary file opened by the edquota
command. This temporary file is opened on a system where /files is the only mounted file
system containing a quotas file in the file system's root directory.
fs /files blocks (soft = 0, hard = 0) inodes (soft = 0, hard = 0)
The following output shows the same temporary file after quotas have been changed.
fs /files blocks (soft = 0, hard = 500) inodes (soft = 0, hard = 100)
Verifying That Hard Quotas Have Been Changed
The following example shows how to verify that the hard quotas for user smith have been
changed to 500 1-Kbyte blocks, and 100 inodes.
# quota -v smith
Disk quotas for smith (uid 12):
Filesystem usage quota limit timeleft files quota limit timeleft
/files 1 0 500 1 0 100
HowtoDisableQuotas for aUser
Become superuser
Use the quota editor to create a temporary file containing one line for each mounted file
system
that has a quotas file in its top-level directory.
# edquota username
Where username specifies the user name whose quota you want to disable.
Caution – You can specify multiple users as arguments to the edquota command.However,
the
user that this information belongs to, is not displayed. To avoid confusion, specify only one
user
name.
Change the number of 1-Kbyte disk blocks, both soft and hard, and the number of inodes,
both
soft and hard, to 0.
Note – Ensure that you change the values to zero.Do not delete the line from the text file.
Verify that you have disabled a user's quota.
# quota -v username
-v Displays user quota information on all mounted file systems with quotas enabled.
username Specifies the user name (UID) whose quota you want to check.
Disabling Quotas for a User
The following example shows the contents of the temporary file opened by the edquota
command on a system where /files is the only mounted file system that contains a quotas file
in the file system's root directory.
fs /files blocks (soft = 50, hard = 60) inodes (soft = 90, hard = 100)
The following example shows the same temporary file after quotas have been disabled.
fs /files blocks (soft = 0, hard = 0) inodes (soft = 0, hard = 0)
HowtoTurnOffQuotas
Become superuser
# quotaoff [-v] -a filesystem ...
-v Displays a message from each file system when quotas are turned off.
-a Turns off quotas for all file systems.
filesystem Turns off quotas for one or more file systems that you specify.More than one file
system is specified by separating each file system name with a space.
Turning Off Quotas
The following example shows how to turn off the quotas for the /export/home file system.
# quotaoff -v /export/home
/export/home: quotas turned off
Howto Check if a File Has an ACL
Check if a file has an ACL.
% ls -l filename where filename specifies the file or directory.
In the output, a plus sign (+) to the right of the mode field indicates that the file has an
ACL.
Note – Unless you have added ACL entries that extend UNIX file permissions, a file is
considered to have a “trivial” ACL and the plus sign (+) does not display.
Checking if a File Has an ACL
In the following example, the ch1.sgm file has an ACL. The ACL is indicated by the
plus sign (+) to the right of the mode field.
% ls -l ch1.sgm
-rwxr-----+ 1 stacey techpubs 167 Nov 11 11:13 ch1.sgm
Howto Add ACL Entries to a File:
Set an ACL on a file by using the setfacl command.
% setfacl -s user::perms,group::perms,other:perms,mask:perms,acl-entry-list filename ...
-s Sets an ACL on the file. If a file already has an ACL, it is replaced. This option requires at
least the user::, group::, and other:: entries.
user::perms Specifies the file owner permissions.
group::perms Specifies the group ownership permissions.
other:perms Specifies the permissions for users other than the file owner or members of the
group.
mask:perms Specifies the permissions for the ACL mask. The mask indicates the maximum
permissions that are allowed for users (other than the owner) and for groups.
acl-entry-list Specifies the list of one or more ACL entries to set for specific users and groups
on the file or directory. You can also set default ACL entries on a directory.
filename ... Specifies one or more files or directories on which to set the ACL.Multiple
filenames are separated by spaces.
Caution – If an ACL already exists on the file, the -s option replaces the entire ACL with the
new ACL.
Verify that the ACL entrieswere set on the file.
% getfacl filename
Setting an ACL on a File
In the following example, the file owner permissions are set to read and write, file
group permissions are set to read only, and other permissions are set to none on the ch1.sgm
file. In addition, the user anusha is given read and write permissions on the file. The ACL
mask permissions are set to read and write, which means that no user or group can have
execute permissions.
# setfacl -s user::rw-,group::r--,other:---,mask:rw-,user:anusha:rw- ch1.sgm
# ls -l
total 124
-rw-r-----+ 1 stacey techpubs 34816 Nov 11 14:16 ch1.sgm
-rw-r--r-- 1 stacey techpubs 20167 Nov 11 14:16 ch2.sgm
-rw-r--r-- 1 stacey techpubs 8192 Nov 11 14:16 notes
% getfacl ch1.sgm
# file: ch1.sgm
# owner: stacey
# group: techpubs
user::rwuser:
anusha:rw- #effective:rwgroup::
r-- #effective:r--
mask:rwother:---
In the following example, the file owner permissions are set to read, write, and
execute, file group permissions are set to read only, other permissions are set to none. In
addition, the ACL mask permissions are set to read on the ch2.sgm file. Finally, the user
anusha is given read and write permissions.However, due to the ACL mask, the permissions
for anusha are read only.
% setfacl -s u::7,g::4,o:0,m:4,u:anusha:7 ch2.sgm
% getfacl ch2.sgm
# file: ch2.sgm
# owner: stacey
# group: techpubs
user::rwx
user:anusha:rwx #effective:r--
group::r-- #effective:r--
mask:r--
other:---
How to Copy an ACL:
Copy a file's ACL to another file by redirecting the getfacl output.
% getfacl filename1 | setfacl -f - filename2
filename1 Specifies the file from which to copy the ACL.
filename2 Specifies the file on which to set the copied ACL.
Copying an ACL
In the following example, the ACL on ch2.sgm is copied to ch3.sgm.
% getfacl ch2.sgm | setfacl -f - ch3.sgm
Howto Change ACL Entries on a File:
Modify ACL entries on a file by using the setfacl command.
% setfacl -m acl-entry-list filename ...
-m Modifies the existing ACL entry.
acl-entry-list Specifies the list of one or more ACL entries to modify on the file or directory.
You can also modify default ACL entries on a directory.
filename ... Specifies one or more files or directories, separated by a space.
Verify that the ACL entrieswere modified on the file.
% getfacl filename
Modifying ACL Entries on a File
In the following example, the permissions for the user anusha are modified to read and write.
% setfacl -m user:anusha:6 ch3.sgm
% getfacl ch3.sgm
# file: ch3.sgm
# owner: stacey
# group: techpubs
user::rwuser::
anusha:rw- #effective:r--
group::r- #effective:r--
mask:r--
other:r-
In the following example, the default permissions for the group staff are modified to
read on the book directory. In addition, the default ACL mask permissions are modified to
read and write.
% setfacl -m default: group: staff:4, default:mask:6 book
Howto Delete ACL Entries Froma File
Delete ACL entries froma file.
% setfacl -d acl-entry-list filename ...
-d Deletes the specified ACL entries.
acl-entry-list Specifies the list of ACL entries (without specifying the permissions) to delete
from the file or directory. You can only delete ACL entries and default ACL entries for
specific users and groups. Table 6–7 and Table 6–8 show the valid ACL entries.
filename ... Specifies one or more files or directories, separated by a space.
Alternatively, you can use the setfacl -s command to delete all the ACL entries on a file and
replace them with the new ACL entries that are specified.
Verify that the ACL entrieswere deleted fromthe file.
% getfacl filename
Deleting ACL Entries on a File
In the following example, the user anusha is deleted from the ch4.sgm file.
% setfacl -d user: anusha ch4.sgm
How to Display ACL Entries for a File:
Display ACL entries for a file by using the getfacl command.
% getfacl [-a | -d] filename ...
-a Displays the file name, file owner, file group, and ACL entries for the specified
file or directory.
-d Displays the file name, file owner, file group, and the default ACL entries, if they
exist, for the specified directory.
filename ... Specifies one or more files or directories, separated by a space.
If you specify multiple file names on the command line, the ACL entries are displayed with a
blank line between each entry.
Displaying ACL Entries for a File
In the following example, all the ACL entries for the ch1.sgm file are displayed. The
#effective: note beside the user and group entries indicates what the permissions are after
being modified by the ACL mask.
% getfacl ch1.sgm
# file: ch1.sgm
# owner: stacey
# group: techpubs
user::rwuser:
anusha:r- #effective:r--
group::rw- #effective:rwmask:
rwother:---
In the following example, the default ACL entries for the book directory are displayed.
% getfacl -d book
# file: book
# owner: stacey
# group: techpubs
user::rwx
user:anusha:r-x #effective:r-x
group::rwx #effective:rwx
mask:rwx
other:---
default:user::rwdefault:
user:anusha:r--
default:group::rwdefault:
mask:rwdefault:
other:---
ABOUT SWAP SPACE
You should understand the features of the SunOSTM swap mechanism to determine the
following:
Swap space requirements
The relationship between swap space and the TMPFS file system
How to recover from error messages related to swap space
Swap Space and Virtual Memory:
Solaris software uses some disk slices for temporary storage rather than for file
systems. These slices are called swap slices. Swap slices are used as virtual memory storage
areas when the system does not have enough physical memory to handle current processes.
The virtual memory system maps physical copies of files on disk to virtual addresses
in memory. Physical memory pages that contain the data for these mappings can be backed
by regular files in the file system, or by swap space. If the memory is backed by swap space it
is referred to as anonymous memory because no identity is assigned to the disk space that is
backing the memory.
The Solaris OS uses the concept of virtual swap space, a layer between anonymous
memory pages and the physical storage (or disk-backed swap space) that actually back these
pages. A system's virtual swap space is equal to the sum of all its physical (disk-backed)
swap space plus a portion of the currently available physical memory.
Virtual swap space has these advantages:
The need for large amounts of physical swap space is reduced because virtual swap
space does not necessarily correspond to physical (disk) storage.
A pseudo file system called SWAPFS provides addresses for anonymous memory
pages.
Because SWAPFS controls the allocation of memory pages, it has greater flexibility
in deciding what happens to a page. For example, SWAPFS might change the page's
requirements for disk-backed swap storage.
How Do YOU Know If YOU Need More Swap Space?
Use the swap -l command to determine if your system needs more swap space. For
example, the following swap -l output shows that this system's swap space is almost entirely
consumed or at 100% allocation.
% swap -l
swapfile dev swaplo blocks free
/dev/dsk/c0t0d0s1 136,1 16 1638608 88
When a system's swap space is at 100% allocation, an application's memory pages
become temporarily locked. Application errors might not occur, but system performance will
likely suffer.
Swap-Related Error Messages:
These messages indicate that an application was trying to get more anonymous
memory. However, no swap space was left to back it.
application is out of memory
malloc error O
messages.1:Sep 21 20:52:11 mars genunix: [ID 470503 kern.warning]
WARNING: Sorry, no swap space to grow stack for pid 100295 (myprog)
TMPFS-Related Error Messages:
The following message is displayed if a page could not be allocated when a file was
being written. This problem can occur when TMPFS tries to write more than it is allowed or
if currently executed programs are using a lot of memory.
directory: File system full, swap space limit exceeded
The following message means that TMPFS ran out of physical memory while attempting to
create a new file or directory:
directory: File system full, memory allocation failed
How Swap Space Is Allocated:
Initially, swap space is allocated as part of the Solaris installation process. If you use
the installation program's automatic layout of disk slices and do not manually change the size
of the swap slice, the Solaris installation program allocates a default swap area of 512
Mbytes.
Starting in the Solaris 9 release, the installation program allocates swap space starting
at the first available disk cylinder (typically cylinder 0). This placement provides maximum
space for the root (/) file system during the default disk layout and enables the growth of the
root (/) file system during an upgrade.
Swap Areas and the /etc/vfstab File
After the system is installed, swap slices and swap files are listed in the /etc/vfstab
file. They are activated by the /sbin/swapadd script when the system is booted.
An entry for a swap device in the /etc/vfstab file contains the following:
The full path name of the swap slice or swap file
File system type of the swap slice or swap file
The file system that contains a swap file must be mounted before the swap file is
activated. So, in the /etc/vfstab file, ensure that the entry that mounts the file system comes
before the entry that activates the swap file.
Planning for Swap Space:
The most important factors in determining swap space size are the requirements of the
system's software applications. For example, large applications such as computer-aided
design simulators, database management products, transaction monitors, and geologic
analysis systems can consume as much as 200–1000 Mbytes of swap space.
Consult your application vendors for swap space requirements for their applications.
If you are unable to determine swap space requirements from your application vendors, use
the following general guidelines based on your system type to allocate swap space.
System type swap size
Workstation with about 4 Gbytes of physical memory
1 Gbyte
Mid-range server with about 8Gbytes of physical memory
2 Gbytes
High-end server with about 16 to128 Gbytes of physical memory
4 Gbytes
In addition to these general guidelines, consider allocating swap space or disk space
for the following:
A dedicated dump device.
Determine whether large applications (such as compilers) will be using the /tmp
directory.
Then, allocate additional swap space to be used by TMPFS. For information about
TMPFS, The /usr/sbin/swap command is used to manage swap areas. Two options, -l and -s,
display information about swap resources.
Use the swap -l command to identify a system's swap areas. Activated swap devices
or files are listed under the swapfile column.
# swap -l
swapfile dev swaplo blocks free
/dev/dsk/c0t0d0s1 136,1 16 1638608 1600528
Use the swap -s command to monitor swap resources.
# swap -s
total: 57416k bytes allocated + 10480k reserved = 67896k used,
833128k available
The used value plus the available value equals the total swap space on the system,
which includes a portion of physical memory and swap devices (or files).
You can use the amount of available and used swap space (in the swap -s output) as a
way to monitor swap space usage over time. If a system's performance is good, use swap -s to
determine how much swap space is available.
When the performance of a system slows down,check the amount of available swap
space to determine if it has decreased. Then you can identify what changes to the system
might have caused swap space usage to increase. When using this command, keep in mind
that the amount of physical memory available for swap usage changes dynamically as the
kernel and user processes lock down and release physical memory.
Note – The swap -l command displays swap space in 512-byte blocks. The swap -s
command displays swap space in 1024-byte blocks. If you add up the blocks from swap -l
and convert them to Kbytes, the result is less than used + available (in the swap -s output).
The reason is that swap -l does not include physical memory in its calculation of swap space.
The output from the swap -s command is summarized in the following table.
Output of the swap -s Command
Adding More Swap Space:
As system configurations change and new software packages are installed, you might
need to add more swap space. The easiest way to add more swap space is to use the mkfile
and swap commands to designate a part of an existing UFS or NFS file system as a
supplementary swap area. These commands, described in the following sections, enable you
to add more swap space without repartitioning a disk.
Alternative ways to add more swap space are to repartition an existing disk or to add
another disk.
Creating a Swap File:
You can create a swap file to be used in a UFS root file system. Swap files are
currently not supported in a ZFS root environment. The following general steps are involved
in creating a swap file:
Creating a swap file by using the mkfile command.
Activating the swap file by using the swap command.
Adding an entry for the swap file in the /etc/vfstab file so that the swap file is
activated automatically when the system is booted.
mkfile Command
The mkfile command creates a file that is suitable for use as either an NFS-mounted
swap area or a local swap area. The sticky bit is set, and the file is filled with zeros. You can
specify the size of the swap file in bytes (the default) or in Kbytes, blocks, or Mbytes by
using the k, b, or m suffixes, respectively.
The following table shows the mkfile command options.
Options to the mkfileCommand
Option Description
-n Creates an empty file. The size is noted.However, the disk blocks are not
allocated until data is written to them.
-v Reports the names and sizes of created files.
Note – Use the -n option only when you create an NFS swap file.
Howto Create a Swap File and Make It Available:
Become superuser.
You can create a swap file without root permissions.However, to avoid accidental
overwriting, root should be the owner of the swap file. Create a directory for the swap file, if
needed.
Create the swap file.
# mkfile nnn[k|b|m] filename
The swap file of the size nnn (in Kbytes, bytes, or Mbytes) with the filename you specify is
created.
Activate the swap file.
# /usr/sbin/swap -a /path/filename
You must use the absolute path name to specify the swap file. The swap file is added
and available until the file system is unmounted, the system is rebooted, or the swap file is
removed.
Keep in mind that you cannot unmount a file system while some process or program
is swapping to the swap file.
Add an entry for the swap file to the /etc/vfstab file that specifies the full path name of
the file, and designates swap as the file systemtype.
/path/filename - - swap - no -
Verify that the swap file is added.
$ /usr/sbin/swap -l
Note – If a swap file does not get activated, make sure that the following service is running:
# svcs nfs/client
STATE STIME FMRI
enabled 14:14:34 svc:/network/nfs/client:default
Creating a Swap File and Making It Available
The following examples shows how to create a 100-Mbyte swap file called /files/swapfile.
# mkdir /files
# mkfile 100m /files/swapfile
# swap -a /files/swapfile
# vi /etc/vfstab
(An entry is added for the swap file):
/files/swapfile - - swap - no -
# swap -l
swapfile dev swaplo blocks free
/dev/dsk/c0t0d0s1 136,1 16 1638608 1600528
/files/swapfile - 16 204784 204784
Removing a Swap File From Use:
If you have unneeded swap space, you can remove it.
Howto Remove Unneeded Swap Space:
Become superuser.
Remove the swap space.
# /usr/sbin/swap -d /path/filename
The swap file name is removed so that it is no longer available for swapping. The file itself is
not deleted.
Edit the /etc/vfstab file and delete the entry for the swap file.
Recover the disk space so that you can use it for something else.
# rm /path/filename
If the swap space is a file, remove it. Or, if the swap space is on a separate slice and you are
sure you will not need it again, make a new file system and mount the file system. Verify that
the swap file is no longer available.
# swap –l
Removing Unneeded Swap Space
The following examples shows how to delete the /files/swapfile swap file.
# swap -d /files/swapfile
# (Remove the swap entry from the /etc/vfstab file)
# rm /files/swapfile
# swap -l
swapfile dev swaplo blocks free
/dev/dsk/c0t0d0s1 136,1 16 1638608 1600528
MANAGING REMOVABLE MEDIA
Formatting Diskettes:
You can use the rmformat command to format and protect rewritable diskettes. This
utility does not require superuser privilege unless vold is not running. File systems are
mounted automatically. So, you might have to unmount media before you can format it, if the
media contains an existing file system.
The rmformat command has three formatting options:
quick – This option formats diskettes without certification or with limited certification
of certain tracks on the media.
long – This option completely formats diskettes. For some devices, the use of this
option might include the certification of the whole media by the drive. force – This
option formats completely without user confirmation. For diskettes with a password-
protection mechanism, this option clears the password before formatting. This feature
is useful when a password is forgotten. On diskettes without password protection, this
option forces a long format.
Removable Media Hardware Considerations:
Keep the following restrictions in mind when working with diskettes:
SPARC and x86 UFS formats are different. SPARC uses little-endian bit coding, x86
uses big-endian.Media formatted for UFS is restricted to the hardware platform on
which they were formatted. So, a diskette formatted for UFS on a SPARC based
platform cannot be used for UFS on an x86 platform. Likewise, a diskette formatted
for UFS on an x86 platform cannot be used on a SPARC platform.
A complete format for SunOS file systems consists of the basic “bit” formatting in
addition the structure to support a SunOS file system. A complete format for a DOS
file system consists of the basic “bit” formatting in addition the structure to support
either an MS-DOS or an NEC-DOS file system. The procedures required to prepare a
media for each type of file system are different. Therefore, before you format a
diskette, consider which procedure to follow.
Keep the following in mind when formatting diskettes:
Diskettes that are not named (that is, they have no “label”) are assigned the default
name of unnamed_floppy.
Diskettes that are not named (that is, they have no “label”) are assigned the default
name of floppy.
A Solaris system can format the following diskette types:
UFS
MS-DOS or NEC-DOS (PCFS)
UDFS
On a Solaris system (either SPARC or x86), you can format diskettes with the following
densities.
Diskette Size Diskette Density Capacity
3.5” High density (HD) 1.44 Mbytes
3.5” Double density (DD) 720 Kbytes
By default, the diskette drive formats a diskette to a like density. This default means
that a 1.44 Mbyte drive attempts to format a diskette for 1.44 Mbytes, regardless of whether
the diskette is, in fact, a 1.44 Mbyte diskette, unless you instruct it otherwise. In other words,
a diskette can be formatted to its capacity or lower, and a drive can format to its capacity or
lower.
How to Format a Diskette (rmformat)
You can use the rmformat command to format a diskette. By default, this command
creates two partitions on the media: partition 0 and partition 2 (the whole media). Verify that
removable media service is running. If so, you can use the shorter nickname for the device
name.
$ svcs volfs
STATE STIME FMRI
online 10:39:12 svc:/system/filesystem/volfs:default
Format the diskette.
$ rmformat -F [ quick | long | force ] device-name
(Optional) Label the diskette with an 8-character label.
$ rmformat -b label device-name
This example shows how to format a diskette.
$ rmformat -F quick /dev/rdiskette
Formatting will erase all the data on disk.
Do you want to continue? (y/n) y
Howto Create a File System on Removable Media:
Format the diskette.
$ rmformat -F quick device-name
Create an alternate Solaris partition table.
$ rmformat -s slice-file device-name
A sample slice file appears similar to the following:
slices: 0 = 0, 30MB, "wm", "home":
1 = 30MB, 51MB:
2 = 0, 94MB, "wm", "backup":
6 = 81MB, 13MB
Become superuser.
Determine the appropriate file systemtype and select one of the following:
Create a UFS file system. For example:
# newfs /vol/dev/aliases/floppy0
Create a PCFS file system. For example:
# mkfs -F pcfs /dev/rdsk/c0t4d0s2:c
Create aUDFS file system. For example:
# mkfs -F udfs /dev/rdsk/c0t1d0s1
Formatting a Diskette for a UFS File System
The following example shows how to format a diskette and create a UFS file system
on the diskette.
#rmformat -F quick /vol/dev/aliases/floppy 0
Formatting will erase all the data on disk.
Do you want to continue? (y/n) y
# /usr/sbin/newfs /vol/dev/aliases/floppy0
newfs: construct a new file system /dev/rdiskette: (y/n)? y
/dev/rdiskette: 2880 sectors in 80 cylinders of 2 tracks, 18 sectors
1.4MB in 5 cyl groups (16 c/g, 0.28MB/g, 128 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 640, 1184, 1792, 2336,
#
# rmformat -F quick /dev/rdiskette
Formatting will erase all the data on disk.
Do you want to continue? (y/n)y
# /usr/sbin/newfs /dev/rdiskette
newfs: construct a new file system /dev/rdiskette: (y/n)? y
/dev/rdiskette: 2880 sectors in 80 cylinders of 2 tracks, 18 sectors
1.4MB in 5 cyl groups (16 c/g, 0.28MB/g, 128 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 640, 1184, 1792, 2336,
Formatting a Diskette for a PCFS File System
This example shows how to create a PCFS file system with an alternate fdisk partition. In
these examples, vold is not running.
# rmformat -F quick /dev/rdsk/c0t4d0s2:c
Formatting will erase all the data on disk.
Do you want to continue? (y/n) y
# fdisk /dev/rdsk/c0t4d0s2:c
# mkfs -F pcfs /dev/rdsk/c0t4d0s2:c
Construct a new FAT file system on /dev/rdsk/c0t4d0s2:c: (y/n)? y
#
This example shows how to create a PCFS file system without an fdisk partition.
# rmformat -F quick /dev/rdiskette
Formatting will erase all the data on disk.
Do you want to continue? (y/n) y
# mkfs -F pcfs -o nofdisk,size=2 /dev/rdiskette
Construct a new FAT file system on /dev/rdiskette: (y/n)? y
#
How to Create a File System on a DVD-RAM:
Currently, vold doesn't support DVD-RAM devices. So, if you disable vold to use
aDVD-RAM device, you cannot use CD-R, CD-RW, DVD-R,DVD-RW,DVD+R,DVD+RW
devices because vold is not available during the time that it is disabled.
Become superuser.
Stop vold.
# svcadm disable volfs
Create a file systemon the DVD-RAMdevice.
Create a UFS file system. For example:
# newfs /dev/rdsk/c0t0d0s2
Create aUDFS file system. For example:
# mkfs -F udfs /dev/rdsk/c0t0d0s2
Mount the file system.
Mount a UFS file system. For example:
# mount -F ufs /dev/dsk/c0t0d0s2 /mnt
Mount aUDFS file system. For example:
# mount -F udfs /dev/dsk/c0t0d0s2 /mnt
Verify that you can read or write to the file system.
When finished, eject the DVD-RAM.
Restart vold.
# svcadm enable volfs
How to Check a File Systemon Removable Media:
Become superuser.
Identify the file systemtype and select one of the following:
Check a UFS file system.
# fsck -F ufs device-name
Check aUDFS file system.
# fsck -F udfs device-name
Check a PCFS file system.
# fsck -F pcfs device-name
Checking a PCFS File System on Removable Media
The following example shows how check the consistency of a PCFS file system on
media. In this example, vold is not running.
# fsck -F pcfs /dev/rdsk/c0t4d0s2
** /dev/rdsk/c0t4d0s2
** Scanning file system meta-data
** Correcting any meta-data discrepancies
1457664 bytes.
0 bytes in bad sectors.
0 bytes in 0 directories.
0 bytes in 0 files.
1457664 bytes free.
512 bytes per allocation unit.
2847 total allocation units.
2847 available allocation units.
How to Repair Bad Blocks on Removable Media:
You can only use the rmformat command to verify, analyze, and repair bad sectors
that are found during verification if the drive supports bad block management.Most diskettes
and USB memory sticks do not support bad block management.
If the drive supports bad block management, a best effort is made to rectify the bad
block. If the bad block cannot be rectified despite the best effort mechanism, a message
indicates the failure to repair the media.
Repair bad blocks on removable media.
$ rmformat -c block-numbers device-name
Supply the block number in decimal, octal, or hexadecimal format from a previous rmformat
session.
Verify the media.
$ rmformat -V read device-name
Accessing Removable Media
This chapter describes how to access removable media from the command line in the Solaris
OS.
Accessing Removable Media:
You can access information on removable media with or without using volume
management. For information on accessing information on removable media withGNOME's
FileManager, see theGNOME desktop documentation.
Volume management (vold) actively manages all removable media devices. So, any
attempt to access removable media with device names such as /dev/rdsk/cntndnsn or
/dev/dsk/cntndnsn will be unsuccessful.
Using Removable Media Names:
You can access all removable media with different names. The following table
describes the different media names that can be accessed with or without volume
management.
Guidelines for Accessing Removable Media Data:
Most CDs andDVDs are formatted to the ISO 9660 standard, which is portable. So,
most CDs andDVDs can be mounted by volume management.However, CDs orDVDs with
UFS file systems are not portable between architectures. So, they must be used on the
architecture for which they were designed.
Howto Add aNewRemovable Media Drive:
Generally, most modern bus types support hot-plugging. If your system's bus type
supports hot-plugging, you might only need to do step 5 below. If your system's bus type
does not support hot-plugging, you might have to do the following tasks,
Reboot the system so that volume management recognizes the new media drive.
For more information about hot-plugging devices, see Chapter 6, “Dynamically Configuring
Devices (Tasks).”
Become superuser.
Create the /reconfigure file.
# touch /reconfigure
Bring the systemto run level 0.
# init 0
Turn off power to the system.
Connect the new media drive.
See your hardware handbook for specific instructions.
Turn on power to the system.
The system automatically comes up to multiuser mode.
How to Disable or Enable Removable Media Services:
Occasionally, you might want to manage media without using removable media
services. This section describes how to disable and enable removable media services.
Disabling these services means that you would have to mount all media manually by
using the mount command.
Ensure that the media is not being used.
If you are not sure whether you have found all users of the media, use the fuser command, see
Become superuser.
Select one of the following:
Disable removable media services.
# svcadm disable volfs
Enable removable media services.
# svcadm enable volfs
volume management starting.
Howto Access Information on Removable Media
Insert the media.
The media is mounted after a few seconds.
List the contents of the media.
% ls /media
Use the appropriate device name to access information by using the command-line interface.
# ls /floppy
My file
This example shows how to access information on a USB memory stick.
# ls /rmdisk
rmdisk0/ rmdisk1/
This example shows how to access information on aDVD or CD.
# ls /cdrom
cdrom0 sol_10_1008_sparc
This example shows how to view the symbolic links on aDVD or CD.
# ls -lL /cdrom/cdrom0
total 929
-r--r--r-- 1 root root 6557 Jul 31 2008 Copyright
-r--r--r-- 1 root root 460262 Jul 31 2008 JDS-THIRDPARTYLICENSEREADME
drwxr-xr-x 2 root bin 2048 Oct 27 13:20 License
drwxr-xr-x 7 root root 2048 Oct 27 13:21 Solaris_10
drwxr-xr-x 2 root root 2048 Oct 27 13:21 boot
-rwxr-xr-x 1 root root 257 Oct 27 12:57 installer
drwxr-xr-x 5 root root 2048 Oct 27 13:21 platform
Howto Copy Information From Removable Media:
You can access files and directories on removable media as with any other file
system. The only significant restrictions are related to ownership and permissions.
For instance, if you copy a file from a CD into your file system, you are the owner.
However, you won't have write permissions because the file on the CD never had them. You
must change the permissions yourself.
Ensure that the media is mounted.
$ ls /media
The ls command displays the contents of a mounted media. Copy the files or directories.
For example, for aDVD, you would do the following:
# cp /cdrom/sol_10_1008_sparc/Solaris_10/Tools/add_install_client .
# ls -l
-rwxr-xr-x 1 pmorph gelfs 64065 Jul 25 2008 add_install_client
How to Determine If Removable Media Is Still inUse:
Become superuser.
Identify the processes that are accessing the media.
# fuser -u /media
The -u displays the user of the media.
For more information, see fuser(1M).
kill the process accessing the media.
# fuser -u -k /media
The -k kills the processes accessing the media.
Caution – Killing the processes that are accessing the media should only be used in
emergency situations.
Verify that the process is gone.
# pgrep process-ID
Determining If the Media Is Still in Use
The following example shows that the user siritech, is accessing the
/cdrom/sol_10_1008_sparc/Solaris_10/Tools directory.
# fuser -u /cdrom/sol_10_1008_sparc/Solaris_10/Tools
/cdrom/sol_10_1008_sparc/Solaris_10/Tools: 902c(pmorph) 339c(pmorph)
Howto Eject Removable Media:
Ensure that the media is not being used.
Remember, media is “being used” if a shell or an application is accessing any of its
files or directories. If you are not sure whether you have found all users of a CD(for example,
a shell hidden behind a desktop tool might be accessing it), use the fuser command.
Eject the media.
# eject media
For example, for a CD, you would do the following:
# eject cdrom
For example, for a USB memory stick, you would do the following:
# eject rmdisk0
Tip – You can view the removable device name with the eject -l command.
Accessing Removable Media on a Remote System
How to Make Local Media Available to Other Systems
You can configure your system to share its media drives to make any media in those
drives available to other systems. One exception is musical CDs. Once your media drives are
shared, other systems can access the media they contain simply by mounting them. For
instructions, see Become superuser.
Confirm that the media is loaded.
Add the following entry to the /etc/dfs/dfstab file.
For example:
share -F nfs -o ro /cdrom/sol_10_1008_sparc
Determine whether the NFS server service is running.
# svcs *nfs*
The following output is returned from the svcs command if NFS server service is running:
online 14:28:43 svc:/network/nfs/server:default
Identify the NFS server status, and select one of the following:
If the NFS server service is running, go to Step 7.
If the NFS server service is not running, go to the next step.
Start the NFS server service.
# svcadm enable network/nfs/server
Verify that the NFS daemons are running.
For example:
# svcs -p svc:/network/nfs/server:default
Verify that the media is indeed available to other systems.
If the media is available, its share configuration is displayed.
# share
/cdrom/sol_10_1008_sparc ro ""
Making Local DVDs or CDs Available to Other Systems
The following example shows how to make any localDVDor CDavailable to other systems
on the network.
# vi /etc/dfs/dfstab
(Add the following line:)
# share -F nfs -o ro /media
# svcs *nfs*
# svcadm enable network/nfs/server
# svcs -p svc:/network/nfs/server:default
# share
-/cdrom/sol_10_1008_sparc ro ""
Making Local Diskettes Available to Other Systems
The following example shows how to make any local diskette available to other
systems on the network.
# vi /etc/dfs/dfstab
(Add the following line, for example)
share -F nfs -o ro /floppy/myfiles
# svcs *nfs*
# svcadm enable network/nfs/server
# svcs -p svc:/network/nfs/server:default
# volcheck –v
media was found
# share
- /floppy/myfiles rw ""
Howto Access Removable Media on Remote Systems:
You can access media on a remote system by manually mounting the media into your
file system. Also, the remote system must have shared its media according to the instructions
in Select an existing directory to serve as the mount point. Or create a mount point.
$ mkdir /directory where /directory is the name of the directory that you create to serve as a
mount point for the remote system's CD.
Find the name of the media you want to mount.
$ showmount -e system-name
As superuser, mount the media.
# mount -F nfs -o ro system-name:/media/media-name local-mount-point
system-name: Is the name of the system whose media you will mount.
media-name Is the name of the media you want to mount.
local-mount-point Is the local directory onto which you will mount the remote media.
Verify that the media has been mounted.
# ls /media
Accessing DVDs or CDs on Remote Systems
The following example shows how to automatically access the remoteDVDnamed
sol_10_1008_sparc from the remote system starbug using AutoFS.
#showmount -e siri2
export list for siri2:
/cdrom/sol_10_1008_sparc (everyone)
#/net/starbug/cdrom/sol_10_1008_sparc
Accessing Diskettes on Other Systems
The following example shows how to automatically access myfiles from the remote system
mars using AutoFS.
#showmount -e siri2
#cd /net/siri
#ls /floppy
Floppy 0 myfiles
Howto RestrictUser Access to Removable Media With RBAC
Become superuser or assume an equivalent role.
Start the Solaris Management Console.
$ /usr/sadm/bin/smc &
For more information on starting the console, see “Starting the SolarisManagement Console”
in System Administration Guide: Basic Administration.
Set up a role that includes the Device Management rights.
Add users who need to use the cdrw command to the newly created role.
Comment the following line in the /etc/security/policy.conf file:
AUTHS_GRANTED=solaris.device.cdrw
If you do not do this step, all users still have access to the cdrw command, not just the
members of the device management role.
After this file is modified, the device management role members are the only users who can
use the cdrw command. Everyone else is denied access with the following message:
Authorization failed, Cannot access disks.
How to Create an ISO 9660 File Systemfor a Data CDor DVD:
Insert a blank CD or DVD into the drive.
Create the ISO 9660 file system on the new CD OR DVD
$ mkisofs -r /pathname > cd-file-system
-r Creates Rock Ridge information and resets file ownerships to zero.
/pathname Identifies the path name used to create the ISO 9660 file system.
> cd-file-system Identifies the name of the file system to be put on the CD orDVD.
Copy the file systemonto the CD or DVD.
$ cdrw -i cd-file-system
The -i cd-file-system specifies the image file for creating a data CD orDVD.
Creating an ISO 9660 File System for a Data CD or DVD
The following example shows how to create an ISO 9660 file system for a data CD orDVD.
$ mkisofs -r /home/dubs/ufs_dir > ufs_cd
Total extents actually written = 56
Total translation table size: 0
Total rockridge attributes bytes: 329
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 8000
56 extents written (0 Mb)
Then, copy the file system onto the CD orDVD.
$ cdrw -i ufs_cd
Initializing device...done.
Writing track 1...done.
Finalizing (Can take several minutes)...done.
COMMANDS FOR MANAGING SYSTEM PROCESSES
The following table describes the commands for managing system processes.
Command Description
ps, pgrep,
prstat, pkill
Checks the status of active processes on a system, as well as displays
detailed information about the processes
pkill Functions identically to pgrep but finds or signals processes by name or
other attribute and terminates the process. Each matching process is
signaled as if by the kill command, instead of having its process ID
printed.
pargs, preap Assists with processes debugging
dispadmin Lists default process scheduling policies
priocntl Assigns processes to a priority class and manages process priortities
nice Changes the priority of a timesharing process
psrset Binds specific process groups to a group of processors rather than to just a
single processor
Using the ps Command:
The ps command enables you to check the status of active processes on a system, as
well as display technical information about the processes. This data is useful for
administrative tasks such as determining how to set process priorities.
Depending on which options you use, the ps command reports the following
information:
Current status of the process
Process ID
Parent process ID
User ID
Scheduling class
Priority
Address of the process
Memory used
CPU time used
Summary of Fields in ps Reports
Field Description
UID The effective user ID of the process's owner.
PID The process ID.
PPID The parent process ID.
C The processor xutilization for scheduling. This field is not displayed when the -c
option is used.
CLS The scheduling class to which the process belongs such as real-time, system, or
timesharing. This field is included only with the -c option.
PRI The kernel thread's scheduling priority.Higher numbers indicate a higher priority.
NI The process's nice number, which contributes to its scheduling priority. Making a
process “nicer” means lowering its priority.
ADDR The address of the proc structure.
SZ The virtual address size of the process.
WCHAN The address of an event or lock for which the process is sleeping.
STIME The starting time of the process in hours, minutes, and seconds.
TTY The terminal from which the process, or its parent, was started. A question mark
indicates that there is no controlling terminal.
TIME The total amount of CPU time used by the process since it began.
CMD The command that generated the process.
UID The effective user ID of the process's owner
PID The process ID
PPID The parent process ID.
C The processor xutilization for scheduling. This field is not displayed when the -
c option is used.
CLS The scheduling class to which the process belongs such as real-time, system, or
timesharing. This field is included only with the -c option
PRI The kernel thread's scheduling priority.Higher numbers indicate a higher
priority
NI The process's nice number, which contributes to its scheduling priority.
SZ The virtual address size of the process
WCHA
N
The address of an event or lock for which the process is sleeping.
STIME The starting time of the process in hours, minutes, and seconds
TTY The terminal from which the process, or its parent, was started. A question
mark indicates that there is no controlling terminal
TIME The total amount of CPU time used by the process since it began
CMD The command that generated the process
Using the /proc File Systemand Commands:
You can display detailed information about the processes that are listed in the /proc
directory by using process commands. The following table lists the /proc process commands.
The /proc directory is also known as the process file system (PROCFS). Images of active
processes are stored here by their process ID number.
TABLE 12–3 ProcessCommands (/proc)
Process Command Description
pcred Displays process credential information
pfiles Reports fstat and fcntl information for open files in a process
pflags Prints /proc tracing flags, pending signals and held signals, and
other status information
pldd Lists the dynamic libraries that are linked into a process
pmap Prints the address space map of each process
psig Lists the signal actions and handlers of each process
prun Starts each process
pstack Prints a hex+symbolic stack trace for each lwp in each process
pstop Stops each process
ptime Times a process by using microstate accounting
ptree Displays the process trees that contain the process
pwait Displays status information after a process terminates
pwdx Displays the current working directory for a process
The process tools are similar to some options of the ps command, except that the output that
is provided by these commands is more detailed.
In general, the process commands do the following:
Display more information about processes, such as fstat and fcntl, working
directories, and trees of parent and child processes Provide control over processes by
allowing users to stop or resume them
Howto List Processes:
Use the ps command to list all the processes on a system.
$ ps [-efc]
ps Displays only the processes that are associated with your login session.
-ef Displays full information about all the processes that are being executed on the system.
-c Displays process scheduler information.
Listing Processes
The following example shows output from the ps command when no options are used.
$ ps
PID TTY TIME COMD
1664 pts/4 0:06 csh
2081 pts/4 0:00 ps
The following example shows output from the ps -ef command. This output shows
that the first process that is executed when the system boots is sched (the swapper) followed
by the init process, pageout, and so on.
$ ps -ef
UID PID PPID C STIME TTY TIME CMD
root 0 0 0 Dec 20 ? 0:17 sched
root 1 0 0 Dec 20 ? 0:00 /etc/init -
root 2 0 0 Dec 20 ? 0:00 pageout
root 3 0 0 Dec 20 ? 4:20 fsflush
root 374 367 0 Dec 20 ? 0:00 /usr/lib/saf/ttymon
root 367 1 0 Dec 20 ? 0:00 /usr/lib/saf/sac -t 300
root 126 1 0 Dec 20 ? 0:00 /usr/sbin/rpcbind
root 54 1 0 Dec 20 ? 0:00 /usr/lib/sysevent/syseventd
root 59 1 0 Dec 20 ? 0:00 /usr/lib/picl/picld
root 178 1 0 Dec 20 ? 0:03 /usr/lib/autofs/automountd
root 129 1 0 Dec 20 ? 0:00 /usr/sbin/keyserv
root 213 1 0 Dec 20 ? 0:00 /usr/lib/lpsched
root 154 1 0 Dec 20 ? 0:00 /usr/sbin/inetd -s
root 139 1 0 Dec 20 ? 0:00 /usr/lib/netsvc/yp/ypbind ...
root 191 1 0 Dec 20 ? 0:00 /usr/sbin/syslogd
root 208 1 0 Dec 20 ? 0:02 /usr/sbin/nscd
root 193 1 0 Dec 20 ? 0:00 /usr/sbin/cron
root 174 1 0 Dec 20 ? 0:00 /usr/lib/nfs/lockd
daemon 175 1 0 Dec 20 ? 0:00 /usr/lib/nfs/statd
root 376 1 0 Dec 20 ? 0:00 /usr/lib/ssh/sshd
root 226 1 0 Dec 20 ? 0:00 /usr/lib/power/powerd
root 315 1 0 Dec 20 ? 0:00 /usr/lib/nfs/mountd
root 237 1 0 Dec 20 ? 0:00 /usr/lib/utmpd
HowtoDisplay Information About Processes
Obtain the process ID of the process that youwant to display more information about.
# pgrep process
where process is the name of the process you want to display more information about.
The process ID is displayed in the first column of the output.
Display the process information that you need.
# /usr/bin/pcommand pid
pcommand Is the (/proc) command that you want to run. Table 12–3 lists and describes
these commands.
pid Identifies the process ID.
Displaying Information About Processes
The following example shows how to use process commands to display more information
about a cron process.
# pgrep cron
4780
# pwdx 4780
4780: /var/spool/cron/atjobs
# ptree 4780
4780 /usr/sbin/cron
# pfiles 4780
4780: /usr/sbin/cron
Current rlimit: 256 file descriptors
0: S_IFCHR mode:0666 dev:290,0 ino:6815752 uid:0 gid:3 rdev:13,2
O_RDONLY|O_LARGEFILE
/devices/pseudo/mm@0:null
1: S_IFREG mode:0600 dev:32,128 ino:42054 uid:0 gid:0 size:9771
O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE
/var/cron/log
2: S_IFREG mode:0600 dev:32,128 ino:42054 uid:0 gid:0 size:9771
O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE
/var/cron/log
3: S_IFIFO mode:0600 dev:32,128 ino:42049 uid:0 gid:0 size:0
O_RDWR|O_LARGEFILE
/etc/cron.d/FIFO
4: S_IFIFO mode:0000 dev:293,0 ino:4630 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK
5: S_IFIFO mode:0000 dev:293,0 ino:4630 uid:0 gid:0 size:0
O_RDWR
Howto Control Processes
Obtain the process ID of the process that youwant to control.
# pgrep process
where process is the name of the process you want to control.
The process ID displayed in the first column of the output.
Use the appropriate process command to control the process.
# /usr/bin/pcommand pid
pcommand Is the process (/proc) command that you want to run.
pid Identifies the process ID.
Verify the process status.
# ps -ef | grep pid
Controlling Processes
The following example shows how to use process command to stop and restart the dtpad
process.
# pgrep dtpad
2921
# pstop 2921
# prun 2921
Terminating a Process (pkill, kill)
Sometimes, you might need to stop (kill) a process. The process might be in an
endless loop. Or, you might have started a large job that you want to stop before it is
completed. You can kill any process that you own. Superuser can kill any process in the
system except for those processes with process IDs of 0, 1, 2, 3, and 4. Killing these
processes most likely will crash the system.
HowtoTerminate a Process (pkill)
(Optional) Become superuser or assume an equivalent role to terminate the process of another
user.
Obtain the process ID for the process that youwant to terminate.
$ pgrep process
where process is the name of the process that you want to terminate.
For example:
$ pgrep netscape
587
566
The process ID is displayed in the output.
Note – To obtain process information on a Sun RayTM, use the following commands:
# ps -fu user
This command lists all user processes.
# ps -fu user | grep process
This command locates a specific process for a user.
Terminate the process.
$ pkill [signal] process
signal When no signal is included in the pkill command-line syntax, the default signal that is
used is –15 (SIGKILL). Using the –9 signal (SIGTERM) with the pkill command ensures
that the process terminates promptly. However, the –9 signal should not be used to kill
certain processes, such as a database process, or an LDAP server process. The result is that
data might be lost.
process Is the name of the process to stop.
Tip – When using the pkill command to terminate a process, first try using the command by
itself, without including a signal option. Wait a few minutes to see if the process terminates
before using the pkill command with the -9 signal. Verify that the process has been
terminated.
$ pgrep process
The process you terminated should no longer be listed in the output of the pgrep command.
HowtoTerminate a Process (kill)
(Optional) Become superuser or assume an equivalent role to terminate the process of another
user.
Obtain the process ID of the process that youwant to terminate.
$ ps -fu user
where user is the user that you want to display processes for.
For example:
$ ps -fu userabc
userabc 328 323 2 Mar 12 ? 10:18 /usr/openwin/bin/Xsun
:0 -nobanner -auth /var/dt/A:0-WmayOa
userabc 366 349 0 Mar 12 ? 0:00 /usr/openwin/bin/fbconsole
userabc 496 485 0 Mar 12 ? 0:09 /usr/dt/bin/sdtperfmeter
-f -H -t cpu -t disk -s 1 -name fpperfmeter
userabc 349 332 0 Mar 12 ? 0:00 /bin/ksh /usr/dt/bin/Xsession
userabc 440 438 0 Mar 12 pts/3 0:00 -csh -c unsetenv _ PWD;
unsetenv DT; setenv DISPLAY :0;
userabc 372 1 0 Mar 12 ? 0:00 /usr/openwin/bin/speckeysd
userabc 438 349 0 Mar 12 pts/3 0:00 /usr/dt/bin/sdt_shell -c
unset
The process ID is displayed in the first column of the output.
Terminate the process.
$ kill [signal-number] pid
signal When no signal is included in the kill command-line syntax, the default signal that
is used is –15 (SIGKILL). Using the –9 signal (SIGTERM) with the kill command
ensures that the process terminates promptly.However, the –9 signal should not be
used to kill certain processes, such as a database process, or an LDAP server process.
The result is that data might be lost.
pid Is the process ID of the process that you want to terminate.
Tip – When using the kill command to stop a process, first try using the command by itself,
without including a signal option. Wait a few minutes to see if the process terminates before
using the kill command with the -9 signal.
Verify that the process has been terminated.
$ pgrep pid
The process you terminated should no longer be listed in the output of the pgrep command.
Debugging a Process (pargs, preap)
The pargs command and the preap command improve process debugging. The pargs
command prints the arguments and environment variables associated with a live process or
core file. The preap command removes defunct (zombie) processes. A zombie process has
not yet had its exit status claimed by its parent. These processes are generally harmless but
can consume system resources if they are numerous. You can use the pargs and preap
commands to examine any process that you have the privileges to examine. As superuser, you
can examine any process.
The pargs command solves a long-standing problem of being unable to display with
the ps command all the arguments that are passed to a process. The following example shows
how to use the pargs command in combination with the pgrep command to display the
arguments that are passed to a process.
# pargs ‘pgrep ttymon‘
579: /usr/lib/saf/ttymon -g -h -p system-name console login:
-T sun -d /dev/console -l
argv[0]: /usr/lib/saf/ttymon
)
argv[1]: -g
argv[2]: -h
argv[3]: -p
argv[4]: system-name console login:
argv[5]: -T
argv[6]: sun
argv[7]: -d
argv[8]: /dev/console
argv[9]: -l
argv[10]: console
argv[11]: -m
argv[12]: ldterm,ttcompat
548: /usr/lib/saf/ttymon
argv[0]: /usr/lib/saf/ttymon
The following example shows how to use the pargs -e command to display the environment
variables that are associated with a process.
$ pargs -e 6763
6763: tcsh
envp[0]: DISPLAY=:0.0
Managing Process Class Information:
The following list identifies the process scheduling classes that can be configured on
your system. Also included is the user priority range for the timesharing class.
The possible process scheduling classes are as follows:
Fair share (FSS)
Fixed (FX)
System (SYS)
Interactive (IA)
Real-time (RT)
Timesharing (TS)
The user-supplied priority ranges from -60 to +60.
The priority of a process is inherited from the parent process. This priority is referred
to as the user-mode priority.
The system looks up the user-mode priority in the timesharing dispatch parameter
table.
Then, the system adds in any nice or priocntl (user-supplied) priority and ensures a
0–59 range to create a global priority.
Changing the Scheduling Priority of Processes
(priocntl)
Display process scheduling classes and priority ranges with the priocntl -l command.
$ priocntl –l
Displaying Basic Information About Process Classes (priocntl)
The following example shows output from the priocntl -l command.
# priocntl -l
CONFIGURED CLASSES
SYS (System Class)
TS (Time Sharing)
Configured TS User Priority Range: -60 through 60
FX (Fixed priority)
Configured FX User Priority Range: 0 through 60
IA (Interactive)
Configured IA User Priority Range: -60 through 60
How to Display the Global Priority of a Process:
Display the global priority of a process by using the ps command.
$ ps –ecl
The global priority is listed under the PRI column.
Displaying the Global Priority of a Process
The following example shows ps -ecl command output. The values in the PRI column show
that the pageout process has the highest priority, while the sh process has the lowest priority.
$ ps –ecl
F S UID PID PPID CLS PRI ADDR SZ WCHAN TTY TIME COMD
19 T 0 0 0 SYS 96 f00d05a8 0 ? 0:03 sched
8 S 0 1 0 TS 50 ff0f4678 185 ff0f4848 ? 36:51 init
19 S 0 2 0 SYS 98 ff0f4018 0 f00c645c ? 0:01 pageout
19 S 0 3 0 SYS 60 ff0f5998 0 f00d0c68 ? 241:01 fsflush
8 S 0 269 1 TS 58 ff0f5338 303 ff49837e ? 0:07 sac
8 S 0 204 1 TS 43 ff2f6008 50 ff2f606e console 0:02 sh
Howto Designate a Process Priority (priocntl)
Assume the Primary Administrator role, or become superuser.
The Primary Administrator role includes the Primary Administrator profile.
# priocntl -e -c class -m user-limit -p pri command-name
-e Executes the command.
-c class Specifies the class within which to run the process. The valid classes
are TS (timesharing), RT (real time), IA (interactive), FSS (fair share),
and FX (fixed priority).
-m user-limit When you use the -p option, specifies the maximum amount you
can raise or lower your priority,
-p pri command-name Lets you specify the relative priority in the RT class for a real-time
thread. For a timesharing process, the -p option lets you specify the
user-supplied priority, which ranges from -60 to +60.
Verify the process status.
# ps -ecl | grep command-name
Designating a Process Priority (priocntl)
The following example shows how to start the find command with the highest possible
user-supplied priority.
# priocntl -e -c TS -m 60 -p 60 find . -name core -print
# ps -ecl | grep find
Howto Change Scheduling Parameters of a Timesharing Process (priocntl)
(Optional) Assume the Primary Administrator role, or become superuser. The Primary
Administrator role includes the Primary Administrator profile. To create the role and assign
the role to a user, see Chapter 2, “Working With the SolarisManagement Console (Tasks),” in
System Administration Guide: Basic Administration.
Change the scheduling parameters of a running timesharing process.
# priocntl -s -m user-limit [-p user-priority] -i idtype idlist
-s Lets you set the upper limit on the user priority range and change the
current priority.
-m user-limit When you use the -p option, specifies the maximum amount you can raise
or lower the priority.
-p user-priority Allows you to designate a priority.
-i xidtype xidlist Uses a combination of xidtype and xidlist to identify the process or
processes. The xidtype specifies the type of ID, such as the process ID or
the user ID. Use xidlist to identify a list of process IDs or user IDs.
Verify the process status.
# ps -ecl | grep idlist
Changing Scheduling Parameters of a Timesharing Process (priocntl)
The following example shows how to execute a command with a 500-millisecond time slice,
a priority of 20 in the RT class, and a global priority of 120.
# priocntl -e -c RT -m 500 -p 20 myprog
# ps -ecl | grep myprog
Howto Change the Class of a Process (priocntl)
(Optional) Become superuser or assume an equivalent role.
Change the class of a process.
# priocntl -s -c class -i idtype idlist
-s Lets you set the upper limit on the user priority range and change the current
priority.
-c class Specifies the class, TS for time-sharing or RT for real-time, to which you
are changing the process.
-i idtype idlist Uses a combination of xidtype and xidlist to identify the process or processes.
The xidtype specifies the type of ID, such as the process ID or user
ID. Use xidlist to identify a list of process IDs or user IDs.
Note – You must be superuser or working in a real-time shell to change a process from, or to,
a real-time process. If, as superuser, you change a user process to the real-time class, the user
cannot subsequently change the real-time scheduling parameters by using the priocntl –s
command.
Verify the process status.
# ps -ecl | grep idlist
Changing the Class of a Process (priocntl)
The following example shows how to change all the processes that belong to user 15249 to
real-time processes.
# priocntl -s -c RT -i uid 15249
# ps -ecl | grep 15249
Changing the Priority of aTimesharing Process (nice)
The nice command is only supported for backward compatibility to previous Solaris
releases. The priocntl command provides more flexibility in managing processes. The priority
of a process is determined by the policies of its scheduling class and by its nice number. Each
timesharing process has a global priority. The global priority is calculated by adding the user-
supplied priority, which can be influenced by the nice or priocntl commands, and the system-
calculated priority.
The execution priority number of a process is assigned by the operating system. The
prioritynumber is determined by several factors, including the process's scheduling class, how
much CPU time it has used, and in the case of a timesharing process, its nice number. Each
timesharing process starts with a default nice number, which it inherits from its parent
process. The nice number is shown in the NI column of the ps report.
A user can lower the priority of a process by increasing its user-supplied priority.However,
only superuser can lower a nice number to increase the priority of a process. This restriction
prevents users from increasing the priorities of their own processes, thereby monopolizing a
greater share of the CPU.
The nice numbers range from 0 to +39, with 0 representing the highest priority. The
default nice value for each timesharing process is 20. Two versions of the command are
available: the standard version, /usr/bin/nice, and the C shell built-in command.
Howto Change the Priority of a Process (nice)
Using this procedure, a user can lower the priority of a process. However, superuser
can raise or lower the priority of a process. Note – This section describes the syntax of the
/usr/bin/nice command and not the C-shell built-in nicecommand. For information about the
C-shell nice command, see the csh (1) man page.
Determine whether youwant to change the priority of a process, either as a user or as
superuser. Then, select one of the following:
As a user, followthe examples in Step 2 to lower the priority of a command.
As a superuser, followthe examples in Step 3 to raise or lower priorities of a
command.
As a user, lower the priority of a command by increasing the nice number.
The following nice command executes command-name with a lower priority by raising the
nice number by 5 units.
$ /usr/bin/nice -5 command-name
In the preceding command, the minus sign designates that what follows is an option. This
command could also be specified as follows:
% /usr/bin/nice -n 5 command-name
The following nice command lowers the priority of command-name by raising the nice
number by the default increment of 10 units, but not beyond the maximum value of 39.
% /usr/bin/nice command-name
As superuser or assuming an equivalent role, raise or lower the priority of a command by
changing the nice number.
The following nice command raises the priority of command-name by lowering the nice
number by 10 units, but not below the minimum value of 0.
# /usr/bin/nice --10 command-name
In the preceding command, the first minus sign designates that what follows is an option. The
second minus sign indicates a negative number.
The following nice command lowers the priority of command-name by raising the nice
number by 5 units, but not beyond the maximum value of 39.
# /usr/bin/nice -5 command-name
WORKING WITH PACKAGES AND PATCHES
Solaris 10 OS package administration using command-line interface commands and
manage software patches for the Solaris OS, including preparing for patch administration and
installing and removing patches using the patchadd and patchrm commands.
Installing and removing software products, an essential part of software management,
is one of many responsibilities of a system administrator. Sun and its third-party vendors
deliver software products in the form of components called packages.
Furthermore, between the two releases of the OS, you also need to deal with patches,
which present either new features or fixes to existing problems.
Performing Package Administration:
The application software for Solaris OS is delivered in units called packages. A
package is a set of files and directories in a defined format. The package format conforms to
the application binary interface (ABI), which is a supplement to the System V Interface
Definition. An ABI describes the low-level interface between an application program and the
operating system, between an application and its libraries, or between different parts of the
application. An ABI is like an Application Programming Interface (API): an API defines the
interface between the application source code and libraries, thereby enabling the same source
code to compile on any system supporting that API. Similarly, an ABI allows compiled
object code to function without changes or the need to recompile on all systems using
compatible ABIs.
Building a software product in units of one or more packages makes it easier to
transfer it to a medium, to mass produce it, and to install and manage it. To build a package,
an application developer must provide the following package components:
Required components:
Package objects. These are the files and directories of the application software.
Control files. These are the information files and installation scripts. Only two control
files, which are the information files, are required: the pkginfo and prototype files.
Optional components:
Optional information files
Installation scripts
The Solaris OS provides a set of utilities (commands) that can interpret the package
format (ABI) to perform tasks such as installing a package, verifying a package installation,
and removing a package. The commonly used commands to manage packages are listed
below:
Making a package work on your system requires more than simply copying it to your
system; you need to install it. Installing and uninstalling packages are the two most important
tasks involved in package management.
Installing a Package:
To install a package, you can use the pkgadd command, which uncompresses the files
in the package, copies them from the installation media to a local system’s disk, and does
other necessary things. Note that the package fi les are delivered in package.
TABLE 2-6
Some commands for package management:
pkgask Used to save the responses (to the questions that will be asked by the
pkgadd command from the user) in a fi le that can later be used by a
pkgadd command instead of user needing to type the responses.
pkgadd Adds (installs) a software package.
pkgchk Checks a package installation.
pkginfo Lists the package information.
pkgparam Displays the parameter values for a software package.
pkgrm Removes a software package.
pkgtrans Translates a package from one format to another.
format and are unusable in the form they are delivered. Therefore, the pkgadd
command interprets the control files of the software package and then uncompresses
them and installs the product files onto the system’s local disk. The pkgadd
command has the following syntax:
pkgadd [-n] [-a <admin>] [-d <device>] [-G] [-r <response>]
[-R <rootPath>] [<source>] [<instances>]
The options and arguments are described here:
-a <admin>. This indicates to use the installation administration file specified by
<admin> instead of the default file. If the full path is not specified, the file is first
looked for in the current working directory; if not found there, it is then looked for in
the /var/sadm/install/admin directory.
-d <device>. This indicates that the package to be installed should be copied from the
device specifi ed by <device>, which could be a full path name to a directory or the
identifi er for a tape, fl oppy disk, or removable disk such as /var/tmp or
/floppy/<floppy_name> . The <device> can also specify a device alias or a datastream
created by the pkgtrans command.
-G. This instructs the user to add the package only to the current zone.
-n. This specifi es the installation mode to be non-interactive, and the list of the
installed fi les is not displayed. The default mode is interactive.
-r <response>. This specifies the full path to the file that contains the responses from
the previous pkgask command. These responses can be used by the pkgadd command
instead of requiring the user to type the responses.
-R <rootPath>. This specifies the full path to the directory to be used as the root for
installation.
<source>. This is an alternative to the -d <device> option; it is to specify the source
of the packages to be installed.
<instances>. This lists the package instances to be installed. By default, the command
searches for the instances on the source and presents the list for you to select the
instances for installation. Think of an instance of a package as a working copy of the
package.
An instance of a package is created by opening the package; it contains a working
copy of all the private data of the package. Opening a package allocates memory for the
instance’s data and sets the data to the initial values stored in the package. The package
instance exists until it is terminated by closing the package, which frees the memory used to
hold the package data. Multiple instances, which can exist simultaneously, can be created
from the same package.
On occasion you may just want to copy the packages to the system for a possible
installation at a later time. You can do this by using the pkgadd command with the spool
option that follows:
pkgadd -d <deviceName> -s <spoolDir> <pkgid>
This form of the command copies the packages from the device specified by
<deviceName> to the directory specified by <spoolDir>. The argument <pkgid> specifi es a
space-delimited list of packages that need to be copied; the default is to copy all the packages
from the specified device.
If the -d <device> option is not specified, the pkgadd command looks for the packages in
the spool directory /var/spool/pkg.
Once you’ve installed a package, you need to verify the accuracy of the installation.
Checking a Package:
You can use the pkgchk command to check the accuracy of installed fi les, including
the integrity of directory structures and fi les in a package. You can also use this command to
display the information about the package fi les. The detected discrepancies are written to the
standard error device along with a detailed explanation of the problem. The syntax for the
pkhchk command is as follows:
pkgchk [-a|-c] -l] [-p <pathName>[-v] <pkgid>
The options are described here:
-a|c. The -a option means check the fi le attributes only and not the file contents,
whereas the -c option means check the fi le contents only and not the file attributes.
The default is to check both the fi le attributes and the file contents.
-l. This option specifies to list the information about the fi les contained in the
package.
-p <pathName>. This option specifies to limit the check to the fi les whose path
names are given in a comma or white space-delimited list specified by <pathName>.
-v. This option specifi es the verbose mode.
<pkgid>. This option specifies the space-delimited list of packages. By default, all the
installed packages on the system are checked.
You can also use the pkgchk command with the -d <device> option to check the
content of the packages that have not yet been installed but were spooled on the device
specified by <device>, which could be a directory, tape, or floppy disk.
Now that you know how the pkgchk command works, here are some practical
scenarios and their solutions:
At times you may just want some information about packages; you can get that by
using the pkginfo command.
Retrieving Information about Packages:
You can use the pkginfo command to retrieve information about software packages
that are installed on the system or about the packages that reside on a particular device such
as a directory or a tape. Without options (that is, by default),
You want to check the content of an installed package SUNWbash.
Issue the command
pkgchk -c SUNWbash.
You want to check the file attributes of an installed package SUNWPython.
Issue the command
pkgchk -a SUNWPython.
You want to check the software packages that have not yet been installed but were spooled in
the
/var/install/packages directory.
Issue the command
pkgchk -d /var/install/packages.
the pkginfo command displays the primary category, package instance, and the names of all
completely and partially installed packages—one line per package.
The command has the following syntax:
pkginfo [-i|-p] [-l |-q|-x] [-c <category>] [<instances>]
The options are described here:
-i|-p. The -i option means display information only about the fully installed packages,
whereas the -p option means display information only about the partially installed
packages.
-l|-q|-x. The -l option specifies the long display format, the -q option specifies do not
display any information (used by programs), and the -x option specifies an extracted
listing of package information.
-c <category>. This option only displays packages whose category is included in the
list specifi ed by <category>. The category is a package attribute whose value is defi
ned in the pkginfo file of the package.
You can also use the pkginfo command with the -d <device> option to get the
information about the packages that have not yet been installed but were spooled on a device
specified by <device>, which could be a directory, tape, or fl oppy disk.
On occasion, you may want to remove a package from your system, and you can do
that by using the pkgrm command.
Removing a Package:
You can use the pkgrm command to remove a completely or partially installed
package from the system. If the command fi nds a dependency of another package on the
package under removal, an action defined in the admin fi le is taken. The default mode for the
command is interactive, which means that the prompt messages are displayed to allow you to
confi rm the actions to be taken. However, while issuing the command, you can override the
default interactive mode with the non-interactive mode by using the -n option. Also, by
default, the pkgrm command deletes all the files that compose the package except those
shared by other packages. The pkgrm command has the following syntax:
pkgrm [-a <admin>] [-A] [-n] [<pkgid>]
The operand <pkgid> specifi es the space-delimited list of packages that will be
removed. The default is to remove all the available packages. The options are described here:
-a <admin>. This option indicates to use the installation administration fi le specified
by <admin> instead of the default fi le. If the full path is not specified, the fi le is fi rst
looked for in the current working directory; if not found there, it is then looked for in
the /var/sadm/install/admin directory.
-A. This option instructs to remove all the fi les of the package including those shared
by other packages.
-n. This option specifi es the non-interactive mode; the default is the interactive mode.
You already know that you can spool (store) packages without installing them by
using the pkgadd command. Accordingly, you can remove the spooled packages by using the
pkgrm command as follows:
pkgrm -s <spoolDir>
The argument <spoolDir> specifi es the full path to the spool directory from which
the packages are to be removed. The default spool directory is /var/sadm/pkg.
The application packages are independent modules of software offering additional
functionality, and their task does not include modifying the existing fi les on the system. The
software components (special packages) that may update or replace the existing fi les are
called patches. In addition to managing the packages, you will also need to manage patches.
Performing Patch Administration:
A patch is a collection of fi les and directories that may replace or update existing
fi les and directories that are preventing proper execution of the existing software.
A patch is identifi ed by its unique patch ID, which is an alphanumeric string that
consists of a patch base code and a number that represents the patch revision
number; both separated by a hyphen (e.g., 108528-10). You can get Solaris patches
from the following web site:
http://sunsolve.sun.com
If the patches you downloaded are in a compressed format, you will need to use the
unzip or the tar command to uncompress them before installing them. You do not have to
install each available patch. The strategy for updating software (applying patches)
recommended by Sun includes these practices:
Analyze the need to apply patches (or update your software) based on risk, cost,
availability, and timing.
Minimize change to your environment whenever possible.
Address Sun Alert notifi cations and other critical issues as soon as possible.
Make other changes to your environment only to address known problems.
Keep your environment as current as appropriate for your business and application
needs.
You can install and uninstall the patches on your system by using the patchadd and patchrm
commands, respectively.
Managing Patches with the patchadd Command:
You can use the patchadd command to install patches and to find out which patches
are already installed on your system. You can use this command only on Solaris 2.x or higher
version. Remember that to apply a patch means to install it, and the fi les to be patched refer
to the already installed fi les that are being modified or replaced as a result of installing the
patch. The patchadd command used to apply (install) a patch has the following syntax:
patchadd [-d] [-G] [-u] [-B <backoutDir>] <source> [<destination>]
The options and operands are described here:
-d. Do not back up the fi les to be patched (changed or removed due to patch
installation). When this option is used, the patch cannot be removed once it has been
added. The default is to save (back up) the copy of all fi les being updated as a result
of patch installation so that the patch can be removed if necessary.
-G. Adds patches to the packages in the current zone only.
-u. Turns off fi le validation. That means that the patch is installed even if some of the
fi les to be patched have been modified since their original installation.
-B <backoutDir>. Saves the backout data to a directory whose full path is specified
by <backoutDir>. The backout data is the data created when a patch is applied to
enable the system to return to its previous state if the patch is removed—that is,
backed out.
<source>. Specifi es the source from which to retrieve the patch, such as a directory
and a patch id.
<destination>. Specifi es the destination to which the patch is to be applied. The
default destination is the current system.
The following form of the patchadd command can be used to find out which patches are
currently installed:
patchadd -p <destination>
Now that you know how to use the patchadd command to manage patches, here are some
practical scenarios and their solutions:
Obtain information about all the patches that have already been applied on your system.
Issue the command patchadd -p.
Find out if a particular patch with the base number 113029 has been applied on your system.
Use patchadd -p | grep 113029.
Install a patch with patch id 105754-03 from the /var/sadm/spool directory on the current
standalone system.
# patchadd /var/sadm/spool/105754-03.
Verify that the patch has been installed.
#patchadd -p | 105754.
SCENARIO & SOLUTION
While you install a patch, the patchadd command logs information into the following file:
/var/sadm/patch/<patch-ID>/log
Note that the patchadd command cannot apply a patch under the following conditions:
The package is not fully installed on the system.
The architecture of the patch package differs from the architecture of the system on
which it is being installed.
The version of the patch package does not match the version of the corresponding
installed package.
A patch with the same base code and a higher revision number has already been
applied.
A patch that makes this patch obsolete has already been applied.
The patch to be applied is incompatible with a patch that has already been applied to
the system. Each installed patch keeps this information in its pkginfo file.
The patch to be applied depends on another patch that has not yet been applied.
You can issue the following command to get the revision information about the patches
installed on your system:
showrev –p
In general, the showrev command is meant for displaying the machine, software
revision, and patch revision information. If issued without any argument and option, this
command displays the system revision information in general, including hardware provider,
hostname, hostid, domain, release, kernel architecture and version, and application
architecture.
Clearly, installing a patch is more involved than installing a package, because when
you install a patch you might be updating or overwriting some existing fi les. Consequently,
there are issues of saving those fi les and restoring them if you need to uninstall the patch at a
later time.
Removing Patches:
You can remove (uninstall) a patch and restore the previously saved fi les by using the
patchrm command. This command can be used only on Solaris 2.x or higher versions. The
command has the following syntax:
patchrm [-f] [-G] -B <backoutDir>] <patchID>
The operand <patchID> specifi es the patch ID such as 105754-03. The options are described
here:
-f. Forces the patch removal even if the patch was superseded by another patch.
-G. Removes the patch from the packages in the current zone only. Zones are
discussed in Chapter 15.
-B <backoutDir>. Specifi es the backout directory for a patch to be removed so that
the saved fi les could be restored. This option is needed only if the backout data has
been moved from the directory where it was saved during the execution of the
patchadd command.
For example, the following command removes a patch with patch ID 105975-03 from a
standalone system:
patchrm 105975-03
PREPARING FOR FILE SYSTEM BACKUPS
The preparation for backing up file systems begins with planning, which is described in the
following:
The file systems to back up
The type of backup (full or incremental) to perform
A backup schedule
A tape drive
This section describes two other tasks you might need to perform before you back up file
systems:
Finding the names of file systems to back up
Determining the number of tapes that are needed for a full backup
How to Find UFS File System Names:
Display the contents of the /etc/vfstab file.
$ more /etc/vfstab
Look in the mount point column for the name of the file system. Use the directory name
listed in the mount point column when you back up the file system.
Finding File System Names
In this example, the file systems to be backed up are root (/), /usr, and and /export/home.
# more /etc/vfstab
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
Fd - /dev/fd fd - no -
/proc - /proc proc - no -
/dev/dsk/c0t0d0s1 - - swap - no -
/dev/dsk/c0t0d0s0 /dev/rdsk/c0t0d0s0 / ufs 1 no -
/dev/dsk/c0t0d0s6 /dev/rdsk/c0t0d0s6 /usr ufs 1 no -
/dev/dsk/c0t0d0s7 /dev/rdsk/c0t0d0s7 /export/home ufs 2 yes -
/devices - /devices devfs - no -
sharefs - /etc/dfs/sharetab sharefs - no -
ctfs - /system/contract ctfs - no -
objfs - /system/object objfs - no -
swap - /tmp tmpfs - yes –
Howto Determine the Number of Tapes Needed for a
Full Backup
Become superuser
Estimate the size of the backup in bytes.
# ufsdump [0]S file-system
Use the S option to display the estimated number of bytes that are needed to do the
backup if this is the first backup of the file system. Use the 0S option to display the estimated
number of bytes that are needed to do the backup if this is not the first backup of the file
system.
Divide the estimated size by the capacity of the tape to determine howmany tapes you
need. Determining the Number of Tapes
In this example, the file system easily fits on a 150-Mbyte tape.
# ufsdump S /export/home
178176
Backing Up a UFS File System:
The following are general guidelines for performing backups:
Use single-user mode or unmount the file system, unless you are creating a snapshot of a file
system.
Be aware that backing up file systems when directory-level operations (such as
creating, removing, and renaming files) and file-level activity are occurring
simultaneously means that some data will not be included in the backup.
You can run the ufsdump command from a single system and remotely back up
groups of systems across the network through remote shell or remote login. In
addition, you can direct the output to the system on which the tape device is located.
Typically, the tape device is located on the system from which you run the ufsdump
command, but it does not have to be.
Another way to back up files to a remote device is to pipe the output from the
ufsdump command to the dd command.
If you are doing remote backups across the network, the system with the tape device
must have entries in its /.rhosts file for each client that will be using the device. Also,
the system that initiates the backup must be included in the /.rhosts file on each
system that it will back up.
Howto Back Up a UFS File System to Tape:
The following are general steps for backing up file systems by using the ufsdump
command. The examples show specific uses of options and arguments.
Become superuser
Bring the system to run level S (single-user mode).
For example:
# shutdown -g30 -y
Check the file system for consistency.
For example:
# fsck -m /dev/rdsk/c0t0d0s7
The fsck -m command checks for the consistency of file systems.
If you need to back up file systems to a remote tape drive, follow these steps:
(a) On the system to which the tape drive is attached (the tape server), add the following
entry to its /.rhosts file:
host root
The host entry specifies the name of the system on which you will run the ufsdump
command to perform the backup.
(b) On the tape server, verify that the host added to the /.rhosts file is accessible through
the name service.
Identify the device name of the tape drive.
The default tape drive is the /dev/rmt/0 device.
Insert a tape that is write-enabled into the tape drive.
Back up file systems.
# ufsdump options arguments filenames
You can back up file systems or directories, or files within file systems.
Performing a Full Backup of a UFS root (/) File system
The following example shows how to do a full backup of the root (/) file system. The system
in this example is brought to single-user mode before the backup. The following ufsdump
options are included:
0 specifies a 0 level dump (or a full backup).
u specifies that the /etc/dumpdates file is updated with the date of this backup.
c identifies a cartridge tape device.
f /dev/rmt/0 identifies the tape device.
/ is the file system being backed up.
For example:
# init 0
ok boot -s
# ufsdump 0ucf /dev/rmt/0 /
DUMP: Date of this level 0 dump: Wed Jul 16 13:28:02 2008
DUMP: Date of last level 0 dump: the epoch
DUMP: Dumping /dev/rdsk/c0t0d0s0 (starbug:/) to /dev/rmt/0.
DUMP: Mapping (Pass I) [regular files]
DUMP: Mapping (Pass II) [directories]
DUMP: Writing 63 Kilobyte records
DUMP: Estimated 1843276 blocks (900.04MB).
DUMP: Dumping (Pass III) [directories]
DUMP: Dumping (Pass IV) [regular files]
DUMP: 1843252 blocks (900.03MB) on 1 volume at 6602 KB/sec
DUMP: DUMP IS DONE
DUMP: Level 0 dump on Wed Jul 16 13:28:02 2008
To verify the backup is successful.
# ufsrestore tf /dev/rmt/0
./lost+found
./usr
./var
./export
./bin
./dev
# (Press Control-D to bring system to run level 3)
Performing an Incremental Backup of a UFS root (/) File System The following
example shows how to do an incremental backup of the root (/) file system in single-user
mode. The following ufsdump options are included:
9 specifies a 9 level dump (or an incremental backup).
u specifies that the /etc/dumpdates file is updated with the date of this backup.
c identifies a cartridge tape device.
f /dev/rmt/0 identifies the tape device.
/ is the file system being backed up.
# init 0
ok boot –s
# ufsdump 9ucf /dev/rmt/0 /
DUMP: Date of this level 9 dump: Wed Jul 16 13:46:39 2008
DUMP: Date of last level 0 dump: Wed Jul 16 13:28:02 2008
DUMP: Dumping /dev/rdsk/c0t0d0s0 (starbug:/) to /dev/rmt/0.
DUMP: Mapping (Pass I) [regular files]
DUMP: Mapping (Pass II) [directories]
DUMP: Mapping (Pass II) [directories]
DUMP: Mapping (Pass II) [directories]
DUMP: Writing 63 Kilobyte records
DUMP: Estimated 422 blocks (211KB).
DUMP: Dumping (Pass III) [directories]
DUMP: Dumping (Pass IV) [regular files]
DUMP: 376 blocks (188KB) on 1 volume at 1843 KB/sec
DUMP: DUMP IS DONE
DUMP: Level 9 dump on Wed Jul 16 13:46:39 2008
# ufsrestore tf /dev/rmt/0
2 .
9 ./etc
304 ./etc/dumpdates
1117 ./devices
1118 ./devices/pseudo
3381 ./devices/pseudo/pts@0:1
Performing a Full Backup of a UFS Home Directory
The following example shows how to do a full backup of the /export/home/siri home
directory. The following ufsdump options are included:
0 specifies that this is a 0 level dump (or a full backup).
u specifies that the /etc/dumpdates file is updated with the date of this backup.
c identifies a cartridge tape device.
f /dev/rmt/0 identifies the tape device.
/export/home/siri is the directory being backed up.
# ufsdump 0ucf /dev/rmt/0 /export/home/siri
DUMP: Date of this level 0 dump: Wed Jul 16 13:56:37 2008
DUMP: Date of last level 0 dump: the epoch
DUMP: Dumping /dev/rdsk/c0t0d0s7 (starbug:/export/home) to /dev/rmt/0.
DUMP: Mapping (Pass I) [regular files]
DUMP: Mapping (Pass II) [directories]
DUMP: Writing 63 Kilobyte records
DUMP: Estimated 105158 blocks (51.35MB).
DUMP: Dumping (Pass III) [directories]
DUMP: Dumping (Pass IV) [regular files]
DUMP: 105082 blocks (51.31MB) on 1 volume at 5025 KB/sec
DUMP: DUMP IS DONE
# ufsrestore tf /dev/rmt/0
232 ./siri
233 ./siri/filea
234 ./siri/fileb
235 ./siri/filec
236 ./siri/letters
237 ./siri/letters/letter1
238 ./siri/letters/letter2
239 ./siri/letters/letter3
240 ./siri/reports
241 ./siri/reports/reportA
242 ./siri/reports/reportB
243 ./siri/reports/reportC
Performing a Full Backup to a Remote System(Solaris 10 Data to Solaris 10 System)
The following example shows how to do a full backup of a local /export/home file system on
a Solaris 10 system (mars) to a tape device on a remote Solaris 10 system (siri1) in single-
user mode. The systems must be set up so that remote access is enabled. The following
ufsdump options are included:
0 specifies a 0 level dump (or a full backup).
u specifies that the /etc/dumpdates file is updated with the date of this backup.
c identifies a cartridge tape device.
f siri1:/dev/rmt/0 identifies the remote system name and tape device.
/export/home is the file system being backed up.
# ufsdump 0ucf siri1:/dev/rmt/0 /export/home
DUMP: Date of this level 0 dump: Wed Jul 16 14:25:25 2008
DUMP: Date of last level 0 dump: the epoch
DUMP: Dumping /dev/rdsk/c0t0d0s7 (mars:/export/home) to siri1:/dev/rmt/0.
DUMP: Mapping (Pass I) [regular files]
DUMP: Mapping (Pass II) [directories]
DUMP: Writing 63 Kilobyte records
DUMP: Estimated 105172 blocks (51.35MB).
DUMP: Dumping (Pass III) [directories]
DUMP: Dumping (Pass IV) [regular files]
DUMP: 105082 blocks (51.31MB) on 1 volume at 4425 KB/sec
DUMP: DUMP IS DONE
DUMP: Level 0 dump on Wed Jul 16 14:25:25 2008
# ufsrestore tf siri1:/dev/rmt/0
2 .
3 ./lost+found
4 ./siri
5 ./siri/filea
6 ./siri/fileb
7 ./siri/filec
8 ./siri/letters
9 ./siri/letters/letter1
10 ./siri/letters/letter2
11 ./siri/letters/letter3
12 ./siri/reports
Using UFS Snapshots
This chapter describes how to create and back up UFS snapshots.
Using UFS Snapshots:
1. Create a UFS snapshot. Create a read-only copy of a file system by using the fssnap
command.
2. Display UFS snapshot information. Identify UFS snapshot information such as the
raw snapshot device.
3. Delete a UFS snapshot. Delete a snapshot that is already backed up or no longer
needed.
4. (Optional) Back up a UFS snapshot.
Choose one of the following backup methods:
Create a full backup of a UFS snapshot by using the ufsdump command.
Create an incremental backup of a UFS snapshot by using the ufsdump command.
UFS SNAPSHOT BACKUP:
You can use the fssnap command to back up file systems while the file system is
mounted. This command to creates a read-only snapshot of a file system. A snapshot is a file
system's temporary image that is intended for backup operations.
When the fssnap command is run, it creates a virtual device and a backing-store file.
You can back up the virtual device, which looks and acts like a real device, with any of the
existing Solaris backup commands. The backing-store file is a bitmap file that contains copies
of pre snapshot data that has been modified since the snapshot was taken.
Keep the following key points in mind when specifying backing-store files:
The destination path of the backing store files must have enough free space to hold
the file system data. The size of the backing store files vary with the amount of activity on the
file system.
The backing store file location must be different from the file system that is being
captured in a snapshot.
The backing-store files can reside on any type of file system, including another UFS
file system or an NFS file system.
Multiple backing-store files are created when you create a snapshot of a UFS file
system that is larger than 512 Gbytes.
Backing-store files are sparse files. The logical size of a sparse file, as reported by the
ls command, is not the same as the amount of space that has been allocated to the
sparse file, as reported by the du command.
Why Use UFS Snapshots?
The UFS snapshots feature provides additional availability and convenience for
backing up a file system because the file system remains mounted and the system remains in
multiuser mode during backups. Then, you can use the tar or cpio commands to back up a
UFS snapshot to tape for more permanent storage. If you use the ufsdump command to
perform backups, the system should be in single-user mode to keep the file system inactive
when you perform backups.
The fssnap command gives administrators of non enterprise-level systems the power
of enterprise-level tools, such as Sun StorEdgeTM Instant Image, without the large storage
demands. The UFS snapshots feature is similar to the Instant Image product. Although UFS
snapshots can make copies of large file systems, Instant Image is better suited for enterprise-
level systems. UFS snapshots is better suited for smaller systems. Instant Image allocates
space equal to the size of the entire file system that is being captured.However, the backing-
store file that is created by UFS snapshots occupies only as much disk space as needed.
Creating and Deleting UFS Snapshots:
When you use the fssnap command to create a UFS snapshot, observe how much disk
space the backing-store file consumes. The backing-store file initially uses no space, and then
it grows quickly, especially on heavily used systems.Make sure that the backing-store file has
enough space to expand. Or, limit its size with the -o maxsize=n [k,m,g] option, where n
[k,m,g] is the maximum size of the backing-store file.
Caution – If the backing-store file runs out of space, the snapshot might delete itself,
which causes the backup to fail. Check the /var/adm/messages file for possible snapshot
errors. You can also specify a directory for the backing-store path, which means a backing
store file is created in the directory specified. For example, if /var/tmp is specified for the
backing-store path, the following backing-store file is created.
/var/tmp/snapshot0
If you created one large root (/) file system instead of creating separate file systems
for /export/home, /usr, and so on, you will be unable to create a snapshot of those separate
file systems. For example, this system does not have a separate file system for /usr as
indicated under the Mounted on column:
# df -k /usr
Filesystem kbytes used avail capacity Mounted on
/dev/dsk/c0t0d0s0 3618177 2190002 1391994 62% /
If you attempt to create a snapshot for the /usr file system, you will see a message similar to
the following:
# fssnap -F ufs -o bs=/snaps/usr.back.file /usr
snapshot error: Invalid backing file path
This message indicates that you cannot have the backing store file on the same file
system as the file system being snapped, which is the case for the /usr file system, in this
example.
Creating a Multiterabyte UFS Snapshot:
Creating a multiterabyte UFS snapshot is identical to creating a snapshot for a smaller
UFS file system. The only difference is that multiple backing store files are created for each
512 Gbytes of file system space.
Keep the following key points in mind when creating a snapshot for a file system that
is larger than 512 Gbytes:
Multiple backing store files are created.
If you specify a backing store file name when the snapshot is created, then the
subsequent backing store file names will be interated based on the file name that you
specify. The subsequent backing-store files will have the same name, but with the
suffixes .2, .3, and so on.
If you only specify a backing store file destination (or directory) and not a backing
store file name, then multiple backing store file names will be created and iterated
with the suffixes .2, .3, and so on.
The fssnap -i command only reports the first backing store file name even if multiple
backing store files have been created. However, the reported backing-store length is
the combined sizes of all the backing store files for the snapshot.
Note – Backing-store files are sparse files. The logical size of a sparse file, as reported
by the ls command, is not the same as the amount of space that has been allocated to
the sparse file, as reported by the du command.
After you have backed up the snapshot or you would just like to remove the snapshot,
you will have to remove the backing store files manually if you did not use the unlink
option when the snapshot was created.
Howto Create a UFS Snapshot:
Become superuser
Make sure that the file systemhas enough disk space for the backing-store file.
# df -k
Make sure that a backing-store file of the same name and location does not already exist.
# ls /backing-store-file
Create the UFS snapshot.
# fssnap -F ufs -o bs=/backing-store-file /file-system
Note – The backing-store file must reside on a different file system than the file system that is
being captured using UFS snapshots.
Verify that the snapshot has been created.
# /usr/lib/fs/ufs/fssnap -i /file-system
Creating a UFS Snapshot
The following example shows how to create a snapshot of the /usr file system. The
backing-store file is /scratch/usr.back.file. The virtual device is /dev/fssnap/1.
# fssnap -F ufs -o bs=/scratch/usr.back.file /usr
/dev/fssnap/1
The following example shows how to limit the backing-store file to 500 Mbytes.
# fssnap -F ufs -o maxsize=500m,bs=/scratch/usr.back.file /usr
/dev/fssnap/1
Creating a Multiterabyte UFS Snapshot
The following example shows how to create a snapshot of a 1.6 Tbyte UFS file
system.
# fssnap -F ufs -o bs=/var/tmp /datab
/dev/fssnap/2
# /usr/lib/fs/ufs/fssnap -i /datab
Snapshot number : 2
Block Device : /dev/fssnap/2
Raw Device : /dev/rfssnap/2
Mount point : /datab
Device state : idle
Backing store path : /var/tmp/snapshot3
Backing store size : 0 KB
Maximum backing store size : Unlimited
Snapshot create time : Wed Jul 16 14:43:32 2008
Copy-on-write granularity : 32 KB
HowtoDisplay UFS Snapshot Information:
You can display the current snapshots on the system by using the fssnap -i option. If
you specify a file system, you see detailed information about that file system snapshot. If you
don't specify a file system, you see information about all of the current UFS snapshots and
their corresponding virtual devices.
Note – Use the UFS file system-specific fssnap command to view the extended snapshot
information as shown in the following examples.
Become superuser.
List all current snapshots.
For example:
# /usr/lib/fs/ufs/fssnap -i
Snapshot number : 0
Block Device : /dev/fssnap/0
Raw Device : /dev/rfssnap/0
Mount point : /export/home
Device state : idle
Backing store path : /var/tmp/snapshot0
Backing store size : 0 KB
Maximum backing store size : Unlimited
Snapshot create time : Wed Jul 16 14:30:24 2008
Copy-on-write granularity : 32 KB
Display detailed information about a specific snapshot.
For example:
# /usr/lib/fs/ufs/fssnap -i /export
Snapshot number : 1
Block Device : /dev/fssnap/1
Raw Device : /dev/rfssnap/1
Mount point : /export
Device state : idle
Backing store path : /var/tmp/snapshot1
Backing store size : 0 KB
Maximum backing store size : Unlimited
Snapshot create time : Wed Jul 16 14:34:47 2008
Copy-on-write granularity : 32 KB
Deleting a UFS Snapshot:
When you create a UFS snapshot, you can specify that the backing-store file is
unlinked. An unlinked backing-store file is removed after the snapshot is deleted. If you don't
specify the -o unlink option when you create a UFS snapshot, you must manually delete the
backing-store file.
The backing-store file occupies disk space until the snapshot is deleted, whether you
use the -o unlink option to remove the backing-store file or you manually delete the file.
Howto Delete a UFS Snapshot:
You can delete a snapshot either by rebooting the system or by using the fssnap -d
command. When you use this command, you must specify the path of the file system that
contains the UFS snapshot.
Become superuser
Identify the snapshot to be deleted.
# /usr/lib/fs/ufs/fssnap -i
Delete the snapshot.
# fssnap -d /file-system
Deleted snapshot 1.
If you did not use the -o unlink option when you created the snapshot, manually delete
the backing-store file.
# rm /file-system/backing-store-file
Deleting a UFS Snapshot
The following example shows how to delete a snapshot and assumes that the -o unlink
option was not used.
# fssnap -i
0 /export/home
1 /export
# fssnap -d /export
Deleted snapshot 1.
# rm /var/tmp/snapshot1
Backing Up a UFS Snapshot:
You can create a full backup or an incremental backup of a UFS snapshot. You can
use the standard Solaris backup commands to back up a UFS snapshot.
The virtual device that contains the UFS snapshot acts as a standard read-only device.
So, you can back up the virtual device as if you were backing up a file system device. If you
are using the ufsdump command to back up a UFS snapshot, you can specify the snapshot
name during the backup. See the following procedure for more information.
Howto Create a Full Backup of a UFS Snapshot
(ufsdump)
Become superuser or assume an equivalent role.
Identify the UFS snapshot to be backed up.
# /usr/lib/fs/ufs/fssnap -i /file-system
For example:
# /usr/lib/fs/ufs/fssnap -i /usr
Snapshot number : 1
Block Device : /dev/fssnap/1
Raw Device : /dev/rfssnap/1
Mount point : /usr
Device state : idle
Backing store path : /var/tmp/snapshot2
Backing store size : 544 KB
Maximum backing store size : Unlimited
Snapshot create time : Wed Jul 16 14:38:29 2008
Copy-on-write granularity : 32 KB
Back up the UFS snapshot.
# ufsdump 0ucf /dev/rmt/0 /snapshot-name
For example:
# ufsdump 0ucf /dev/rmt/0 /dev/rfssnap/1
Verify that the snapshot has been backed up.
For example:
# ufsrestore tf /dev/rmt/0
Howto Create an Incremental Backup of a UFS
Snapshot (ufsdump)
Backing up a UFS snapshot incrementally means that only the files that have been
modified since the last snapshot are backed up. Use the ufsdump command with the N option.
This option specifies the file system device name to be inserted into the /etc/dumpdates file
for tracking incremental dumps.
The following ufsdump command specifies an embedded fssnap command to create
an incremental backup of a file system.
Become superuser or assume an equivalent role.
Create an incremental backup of a UFS snapshot.
For example:
# ufsdump 1ufN /dev/rmt/0 /dev/rdsk/c0t1d0s0 ‘fssnap -F ufs -o raw,bs=
/export/scratch,unlink /dev/rdsk/c0t1d0s0‘
In this example, the -o raw option is used to display the name of the raw device instead of the
block device. By using this option, you make it easier to embed the fssnap command in
commands (such as the ufsdump command) that require the raw device instead.
Verify that the snapshot has been backed up.
# ufsrestore ta /dev/rmt/0
Howto Back Up a UFS Snapshot (tar)
If you are using the tar command to back up the snapshot, mount the snapshot before backing
it up.
Become superuser or assume an equivalent role.
Create a mount point for the snapshot.
For example:
# mkdir /backups/home.bkup
Mount the snapshot.
# mount -F ufs -o ro /dev/fssnap/1 /backups/home.bkup
Change to the mounted snapshot directory.
# cd /backups/home.bkup
Back up the snapshot with the tar command.
# tar cvf /dev/rmt/0 .
Restoring Data Froma UFS Snapshot Backup
The backup created from the virtual device is essentially just a backup of what the
original file system looked like when the snapshot was taken. When you restore a file system
from the backup, restore as if you had taken the backup directly from the original file system.
Such a restore uses the ufsrestore command. For information on using the ufsrestore
command to restore a file or file system, see Chapter 26, “Restoring UFS Files and File
Systems (Tasks).”
Preparing to Restore UFS Files and File Systems:
The ufsrestore command copies files to disk, relative to the current working directory,
from backups that were created by using the ufsdump command. You can use the ufsrestore
command to reload an entire file system hierarchy from a level 0 dump and incremental
dumps that follow it. You can also use this command to restore one or more single files from
any backup tape. If you run the ufsrestore command as superuser, files are restored with their
original owner, last modification time, and mode (permissions).
Before you start to restore files or file systems, you need to know the following:
The tapes (or diskettes) you need to restore from
The raw device name on which you want to restore the file system
The type of tape device you will use
The device name (local or remote) for the tape device
Determining the UFS File System Name:
If you have properly labeled your backup tapes, you should be able to use the file
system name
(/dev/rdsk/device-name) from the tape label
Determining theType of Tape Device You Need:
You must use a tape device that is compatible with the backup media to restore the
files. The format of the backup media determines which drive you must use to restore files.
For example, if your backup media is 8-mm tape, you must use an 8-mm tape device to
restore the files.
Determining theTape Device Name:
You might have specified the tape device name (/dev/rmt/n) as part of the backup tape
label information. If you are using the same drive to restore a backup tape, you can use the
device name from the label
Restoring UFS Files and File Systems:
When you back up files and directories, you save them relative to the file system in
which they belong. When you restore files and directories, the ufsrestore command re-creates
the file hierarchy in the current working directory.
For example, files backed up from the /export/doc/books directory (where /export is
the file system) are saved relative to /export. In other words, the book1 file in the books
directory is saved as ./doc/books/book1 on the tape. Later on, if you restored the
./doc/books/book1 file to the /var/tmp directory, the file would be restored to
/var/tmp/doc/books/book1.
When you restore individual files and directories, you should restore them to a
temporary location, such as the /var/tmp directory. After you verify the files, you can move
them to their proper locations. However, you can restore individual files and directories to
their original locations. If you do so, be sure you are not overwriting newer files with older
versions from the backup tape.
To avoid conflicts with other users, you might want to create and change to a
subdirectory, such as the/var/tmp/restore file, in which to restore the files.
If you are restoring a hierarchy, you should restore the files to a temporary directory
on the same file system where the files will reside. Then, you can use the mv command to
move the entire hierarchy where it belongs after it is restored.
Note –Do not restore files in the /tmp directory even temporarily. The /tmp directory
is usually mounted as a TMPFS file system. TMPFS does not support UFS file system
attributes such as ACLs.
How to DetermineWhichTapes to Use:
Ask the user for the approximate date the files to be restored were last modified. Refer
to your backup plan to find the date of the last backup that contains the file or file system. To
retrieve the most recent version of a file, work backward through the incremental backups
from highest to lowest dump level and from most recent to least recent date, unless the user
requests otherwise.
If you have online archive files, identify the correct media.
# ufsrestore ta archive-name ./path/filename ./path/filename
t Lists each file on the tape.
a Reads the table of contents from the online archive file instead of from the tape.
archive-name Identifies the online archive file name.
./path/filename Identifies the file name or file names you are looking for on the online
archive. If successful, the ufsrestore command prints out the inode
number and file name. If unsuccessful, ufsrestore prints an error message.
For more information,
Insert the media that contains the files to be restored in the drive and verify the correct media.
# ufsrestore tf /dev/rmt/n ./path/filename ./path/filename
Be sure to use the complete path for each filename. If a file is in the backup, its name and
inode number are listed. Otherwise, a message states that the file is not on the volume.
If you have multiple backup files on the same tape, position the tape at the backup file
youwant to use.
# ufsrestore xfs /dev/rmt/n tape-number
DeterminingWhichTapes to Use
The following example shows how to check if the /etc/passwd file is in the online archive.
# ufsrestore ta /var/tmp/root.archive ./etc/passwd
The following example shows how to verify that the /etc/passwd file is on the backup tape.
# ufsrestore tf /dev/rmt/0 ./etc/passwd
Howto Restore UFS Files Interactively
Become superuser
Write-protect the tapes for safety.
Insert the volume 1 tape into the tape drive.
Change to a directory that will be used to restore the files to temporarily.
# cd /var/tmp
Start the interactive restoration.
# ufsrestore if /dev/rmt/n
Some informational messages and the ufsrestore> prompt are displayed.
Create a list of files to be restored.
(a) List the contents of a directory.
ufsrestore> ls [directory-name]
(b) Change to a directory.
ufsrestore> cd directory-name
(c) Create a list of files and directories that youwant to restore.
ufsrestore> add filenames
(d) (Optional) Remove any directory or file fromthe list of files to be restored, if
necessary.
ufsrestore> delete filename
(Optional) Display the file names as they are being restored.
ufsrestore> verbose
Restore the files.
ufsrestore> extract
The ufsrestore command asks you which volume number to use.
Type the volume number and press Return. If you have only one volume, type 1 and press
Return.
Specify next volume #: 1
The files and directories in the list are extracted and restored to the current working directory.
To maintain the mode of the current directory, enter n at the set owner/mode prompt. set
owner/mode for ‘.’? [yn] n
You must wait while the ufsrestore command performs its final cleanup.
Quit the ufsrestore program.
ufsrestore> quit
You then see the shell prompt.
Verify the restored files.
(a) List the restored files and directories.
# ls –l
A list of files and directories is displayed.
(b) Check the list to be sure that all the files and directories you specified in the list have
been restored.
Move the files to the proper directories.
Restoring UFS Files Interactively
The following example shows how to extract the /etc/passwd and /etc/shadow files from the
backup tape.
# cd /var/tmp
# ufsrestore if /dev/rmt/0
ufsrestore> ls
.:
.:
.sunw/ export/ net/ sbin/ usr/
Sources/ etools/ opt/ scde/ var/
b/ home/ ptools/ set/ vol/
bin kernel/ pkg/ share/
dev/ lib/ platform/ shared/
devices/ lost+found/ proc/ src/
etc/ mnt/ rtools/ tmp/
ufsrestore> cd etc
ufsrestore> add passwd shadow
ufsrestore> verbose
verbose mode on
ufsrestore> extract
Extract requested files
You have not read any volumes yet.
Unless you know which volume your file(s) are on you should start with the last volume and
work towards the first.
Specify next volume #: 1
extract file ./etc/shadow
extract file ./etc/passwd
Add links
Set directory mode, owner, and times.
set owner/mode for ‘.’? [yn] n
ufsrestore> quit
# cd etc
# mv passwd /etc
# mv shadow /etc
# ls -l /etc
Howto Restore Specific UFS Files Noninteractively
Become superuser
Write-protect the tape for safety.
Insert the volume 1 tape into the tape drive.
Change to a directory that will be used to restore files to temporarily.
# cd /var/tmp
Restore the file or files.
# ufsrestore xvf /dev/rmt/n filename
x Tells ufsrestore to copy specific files or directories in the filename
argument.
v Displays the file names as they are restored.
f /dev/rmt/n Identifies the tape device name.
filename Specifies one or more file names or directory names, separated by spaces. For
example: ./export/home/user1/mail ./export/home/user2/mail.
Type the volume number where files are located. Press Return.
Specify next volume #: 1
The file or files are restored to the current working directory.
To maintain the mode of the current directory, type n and press Return at the set owner/mode
prompt.
set owner/mode for ’.’? [yn] n
Verify the restored files.
(a) List the restored files and directories.
# ls –l
A list of files and directories is displayed.
(b) Check the list to be sure that all the files and directories you specified in the list have
been restored.
Move the files to the proper directories.
Restoring Specific Files Noninteractively
The following example shows how to noninteractively restore the passwd and shadow files to
the
/var/tmp directory.
# cd /var/tmp
# ufsrestore xvf /dev/rmt/0 ./etc/passwd ./etc/shadow
Verify volume and initialize maps
Media block size is 126
Dump date: Wed Jul 28 16:13:52 2004
Dumped from: the epoch
Level 0 dump of / on starbug:/dev/dsk/c0t0d0s0
Label: none
Extract directories from tape
Initialize symbol table.
Extract requested files
You have not read any volumes yet.
Unless you know which volume your file(s) are on you should start
with the last volume and work towards the first.
Specify next volume #: 1
extract file ./etc/passwd
extract file ./etc/shadow
Add links
Set directory mode, owner, and times.
Specify next volume #:1
extract file ./etc/passwd
extract file ./etc/shadow
Add links
Set directory mode, owner, and times.
set owner/mode for ‘.’? [yn] n
# cd etc
# mv passwd /etc
# mv shadow /etc
# ls -l /etc
Restoring Files Froma Remote Tape Device
You can restore files from a remote tape drive by adding remote-host: to the front of the tape
device name, when using the ufsrestore command.
The following example shows how to restore files by using a remote tape drive /dev/rmt/0 on
the system venus.
# ufsrestore xf venus:/dev/rmt/0 ./etc/hosts
Howto Restore a Complete UFS File System:
Occasionally, a file system becomes so damaged that you must completely restore it.
Typically, you need to restore a complete file system after a disk failure. You might need to
replace the hardware before you can restore the software.
Full restoration of a file system such as /export/home can take a lot of time. If you
have consistently backed up file systems, you can restore them to their state from the time of
the last incremental backup.
Note – You cannot use this procedure to restore the root (/) or /usr file systems. For
instructions on restoring these file systems
Become superuser
If necessary, unmount the file system.
# umount /dev/rdsk/device-name
Or:
# umount /file-system
Create the new file system.
# newfs /dev/rdsk/device-name
You are asked if you want to construct a new file system on the raw device. Verify
that the device-name is correct so that you don't destroy the wrong file system.
For more information,
Confirm that the new file systemshould be created.
newfs: construct a new file system /dev/rdsk/cwtxdysz:(y/n)? y
The new file system is created.
Mount the new file systemon a temporary mount point.
# mount /dev/dsk/device-name /mnt
Change to the mount point directory.
# cd /mnt
Insert the first volume of the level 0 tape into the tape drive.
Restore the files.
# ufsrestore rvf /dev/rmt/n
The dump level 0 backup is restored. If the backup required multiple tapes, you are prompted
to load each tape in numeric order.
Remove the tape and load the next level tape in the drive.
Always restore tapes starting with dump level 0 and continuing until you reach the highest
dump level.
Repeat Step 8 through Step 10 for each dump level, fromthe lowest to the highest level.
Verify that the file systemhas been restored.
# ls
Remove the restoresymtable file.
# rm restoresymtable
The restoresymtable file that is created and used by the ufsrestore command to check-point
the restore is removed.
Change to another directory.
# cd /
Unmount the newly restored file system.
# umount /mnt
Remove the last tape and insert a new tape that is not write-protected in the tape drive.
Make a level 0 backup of the newly restored file system.
# ufsdump 0ucf /dev/rmt/n /dev/rdsk/device-name
A level 0 backup is performed. Always immediately do a full backup of a newly created file
system because the ufsrestore command repositions the files and changes the inode
allocation.
Mount the restored file system.
# mount /dev/dsk/device-name mount-point
The restored file system is mounted and available for use.
Verify that the restored and mounted file systemis available.
# ls mount-point
Restoring a Complete UFS File System
The following example shows how to restore the /export/home file system.
# newfs /dev/rdsk/c0t0d0s7
newfs: /dev/rdsk/c0t0d0s7 last mounted as /export/home
newfs: construct a new file system /dev/rdsk/c0t0d0s7: (y/n)? y
819314 sectors in 867 cylinders of 15 tracks, 63 sectors
400.1MB in 55 cyl groups (16 c/g, 7.38MB/g, 3584 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 15216, 30400, 45584, 60768, 75952, 91136, 106320, 121504, 136688,
681264, 696448, 711632, 725792, 740976, 756160, 771344, 786528, 801712,
816896,
# mount /dev/dsk/c0t0d0s7 /mnt
# cd /mnt
# ufsrestore rvf /dev/rmt/0
Verify volume and initialize maps
Media block size is 126
Dump date: Thu Jul 29 10:14:00 2004
Dumped from: the epoch
Level 0 dump of /export/home on starbug:/dev/dsk/c0t0d0s7
Label: none
Begin level 0 restore
Initialize symbol table.
Extract directories from tape
Calculate extraction list.
Warning: ./lost+found: File exists
Make node ./siri
Make node ./siri/wdir
Make node ./lister
Make node ./pmorph
Make node ./inquisitor
Make node ./siri
Make node ./siri/letters
Make node ./siri/reports
Extract new leaves.
Check pointing the restore
extract file ./siri/words
extract file ./siri/words1
extract file ./siri/words2
extract file ./siri/words3
extract file ./siri/wdir/words
extract file ./siri/wdir/words1
extract file ./siri/wdir/words2
extract file ./siri/wdir/words3
Add links
Set directory mode, owner, and times.
Check the symbol table.
Check pointing the restore
# rm restoresymtable
# cd /
# umount /mnt
# ufsdump 0ucf /dev/rmt/0 /export/home
# mount /dev/dsk/c0t0d0s7 /export/home
# ls /export/home
How to Restore a UFS root (/) and /usr File System:
Become superuser or assume an equivalent role.
Add a new systemdisk to the systemwhere the root (/) and /usr file systems will be restored.
Mount the new file systemon a temporary mount point.
# mount /dev/dsk/device-name /mnt
Change to the /mnt directory.
# cd /mnt
Create the links for the tape device.
# tapes
Restore the root (/) file system.
# ufsrestore rvf /dev/rmt/n
The dump level 0 tape is restored.
Remove the tape and load the next level tape in the drive.
Always restore tapes starting with dump level 0 and continuing from the lowest to highest
dump level.
Continue restoring as needed.
# ufsrestore rvf /dev/rmt/n
The next level tape is restored.
Repeat Step 8 and Step 9 for each additional tape.
Verify that the file systemhas been restored.
# ls
Remove the restoresymtable file.
# rm restoresymtable
The restoresymtable file that is created and used by the ufsrestore command to check-point
the restore is removed.
Change to the root (/) directory.
# cd /
Unmount the newly created file system.
# umount /mnt
Check the new file system.
# fsck /dev/rdsk/device-name
The restored file system is checked for consistency.
Create the boot blocks on the root partition.
On a SPARC system:
# installboot /usr/platform/‘uname-i‘/lib/fs/ufs/bootblk /dev/rdsk/device-name
On an x86 system:
# /sbin/installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/cwtxdysz
Back up the new file system.
# ufsdump 0uf /dev/rmt/n /dev/rdsk/device-name
A dump level 0 backup is performed. Always immediately do a full backup of a
newly created file system because the ufsrestore command repositions the files and changes
the inode allocation.
The system is rebooted.
SPARC: Restoring a UFS root (/) File System
This example shows how to restore the root (/) file system on a SPARC system. This example
assumes that the system is booted from a local CD or from the network.
# mount /dev/dsk/c0t3d0s0 /mnt
# cd /mnt
# tapes
# ufsrestore rvf /dev/rmt/0
# ls
# rm restoresymtable
# cd /
# umount /mnt
# fsck /dev/rdsk/c0t3d0s0
# installboot /usr/platform/sun4u/lib/fs/ufs/bootblk
/dev/rdsk/c0t3d0s0
# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t3d0s0
# init 6
x86: Restoring a UFS root (/) File System
This example shows how to restore the root (/) file system on an x86 system. This
example assumes that the system is booted from a GRUB failsafe boot session, local CD, or
from the network.
# mount /dev/dsk/c0t3d0s0 /mnt
# cd /mnt
# tapes
# ufsrestore rvf /dev/rmt/0
# ls
# rm restoresymtable
# cd /
# umount /mnt
# fsck /dev/rdsk/c0t3d0s0
# /sbin/installgrub /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c0t3d0s0
stage1 written to partition 0 sector 0 (abs 2016)
stage2 written to to partition 0, 227 sectors starting 50 (abs 2066)
# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t3d0s0
# init 6
If you run the ufsdump command without any options, use this syntax:
# ufsdump filenames
The ufsdump command uses these options and arguments, by default:
ufsdump 9uf /dev/rmt/0 filenames
These options do a level 9 incremental backup to the default tape drive at its preferred
density.
For a description of the ufsdump options, see ufsdump (1M).
The ufsdump Commandand Security Issues
If you are concerned about security, you should do the following:
Require superuser access for the ufsdump command.
Ensure superuser access entries are removed from /.rhosts files on clients and servers
if you are doing centralized backups.
For general information on security, see System Administration Guide: Security Services.
Specifying ufsdump Command Options and Arguments
System Administration Guide: Devices and File Systems • 496 April 2009
Specifying ufsrestore Options and Arguments
The syntax of the ufsrestore command is as follows:
/usr/sbin/ufsrestore options arguments filenames
options Is a single string of one-letter option names. You must choose one and only one of
these options: i, r, R, t, or x. For a description of the ufsrestore options, see
ufsrestore(1M).
arguments Follows the option string with the arguments that match the options. The option
letters and their associated arguments must be in the same order.
filenames Specifies the file or files to be restored as arguments to the x or t options. These
arguments must always come last, separated by spaces.
Specifying ufsrestore Options and Arguments
Chapter 27 UFS Backup and Restore Commands (Reference) 497
498
Copying UFS Files and File Systems (Tasks)
This chapter describes how to copy UFS files and file systems to disk, tape, and diskettes by
using various backup commands.
This is a list of the step-by-step instructions in this chapter.
“How to Copy a Disk (dd)” on page 502
“How to Copy Directories Between File Systems (cpio)” on page 506
“How to Copy Files to a Tape (tar)” on page 508
“How to List the Files on a Tape (tar)” on page 509
“How to Retrieve Files From a Tape (tar)” on page 509
“Copying Files to a Tape With the pax Command” on page 510
“How to Copy All Files in a Directory to a Tape (cpio)” on page 511
“How to List the Files on a Tape (cpio)” on page 512
“How to Retrieve All Files From a Tape (cpio)” on page 513
“How to Retrieve Specific Files From a Tape (cpio)” on page 514
“How to Copy Files to a Remote TapeDevice (tar and dd)” on page 515
“How to Extract Files From a Remote TapeDevice” on page 516
“How to Copy Files to a Single Formatted Diskette (tar)” on page 517
“How to List the Files on a Diskette (tar)” on page 518
“How to Retrieve Files From a Diskette (tar)” on page 519
Commands for Copying File Systems:
When you need to back up and restore complete UFS file systems, use the ufsdump
and ufsrestore commands described in Chapter 27, “UFS Backup and Restore Commands
(Reference).” When you want to copy or move individual files, portions of file systems, or
complete file systems, you can use the procedures described in this chapter instead of the
ufsdump and ufsrestore commands.
The following table describes when to use the various backup commands.
28 C H A P T E R 2 8
499
TABLE 28–1 When to Use Various BackupCommands
Task Command ForMore Information
Back up UFS file systems to tape. ufsdump “How to Back Up a UFS File System to
Tape” on page 458
Create a file system snapshot. fssnap Chapter 25, “Using UFS Snapshots
(Tasks)”
Restore UFS file systems from tape. ufsrestore “How to Restore a Complete UFS File
System” on page 483
Transport files to other systems. pax, tar, or cpio “Copying Files and File Systems to
Tape” on page 507
Copy files or file systems between
disks.
dd “How to Copy a Disk (dd)” on
page 502
Copy files to diskette. tar “How to Copy Files to a Single
Formatted Diskette (tar)” on page 517
The following table describes various backup and restore commands.
TABLE 28–2 Summary of Various BackupCommands
Command Name
Aware of File System
Boundaries?
Supports MultipleVolume
Backups? Physical or Logical Copy?
volcopy Yes Yes Physical
tar No No Logical
cpio No Yes Logical
pax Yes Yes Logical
dd Yes No Physical
ufsdump/ufsrestore Yes Yes Logical
fssnap N/A N/A Logical
The following table describes the advantages and disadvantages of some of these commands.
Commands for Copying File Systems
System Administration Guide: Devices and File Systems 500 April 2009
TABLE 28–3 Advantages and Disadvantages of tar, pax, and cpio Commands
Command Function Advantages Disadvantages
tar Use to copy files and
directory subtrees to a single
tape.
Available on most UNIX operating systems
Public domain versions are readily available
Is not aware of file system boundaries
Length of full path name cannot exceed 255 characters
Cannot be used to create multiple tape volumes pax Use to copy files, special files, or
file systems that require multiple tape volumes. Or, use when you want to copy files
to and from POSIX-compliant systems.
Better portability than the tar or cpio commands for POSIX-compliant systems
Multiple vendor support Same disadvantages as the tar command, except that the pax
command can create multiple tape volumes.
cpio Use to copy files, special files, or file systems that require multiple tape volumes.
Or, use when you want to copy files from systems running current Solaris releases
systems to systems running SunOS 4.0/4.1 releases.
Packs data onto tape more efficiently than the tar command
Skips over any bad spots in a tape when restoring
Provides options for writing files with different header formats, such as ( tar, ustar,
crc, odc, bar), for portability between different system types
Creates multiple tape volumes
The command syntax is more difficult than the tar or pax commands. The following
sections describes step-by-step instructions and examples of how to use these commands.
Commands for Copying File Systems
Chapter 28 • Copying UFS Files and File Systems (Tasks) 501
Copying File Systems Between Disks:
Two commands are used to copy file systems between disks:
Volcopy
dd
Making a Literal File System Copy:
The dd command makes a literal (block-level) copy of a complete UFS file system to
another file system or to a tape. By default, the dd command copies standard input to standard
output.
Note –Do not use the dd command with variable-length tape drives without first specifying
an appropriate block size.
You can specify a device name in place of standard input or standard output, or both.
In this example, the contents of the diskette are copied to a file in the /tmp directory:
$ dd < /floppy/floppy0 > /tmp/output.file
2400+0 records in
2400+0 records out
The dd command reports on the number of blocks it reads and writes. The number after the +
is a count of the partial blocks that were copied. The default block size is 512 bytes. The dd
command syntax is different from most other commands. Options are specified as
keyword=value pairs, where keyword is the option you want to set and value is the argument
for that option. For example, you can replace standard input and standard output with this
syntax:
$ dd if=input-file of=output-file
To use the keyword=value pairs instead of the redirect symbols, you would type the
following:
$ dd if=/floppy/floppy0 of=/tmp/output.file
How to Copy a Disk (dd)
Keep the following key points in mind when you consider copying a disk:
Do not use this procedure to copy a disk that is under the control of a volume
manager.
The primary methods for copying UFS file system data from one disk or system to
another disk or system is by using the ufsdump and ufsrestore commands.
You can clone systems by creating a flash archive and copying it to destination
systems. For more information about creating a flash archive.
Make sure that the source disk and destination disk have the same disk geometry.
Check the UFS file systems on the disk to be copied with the fsck utility.
Make sure the system is in single-user mode when copying a disk with the dd
command.
Become superuser or assume an equivalent role.
(Optional) Create the /reconfigure file so that the systemwill recognize the destination disk to
be added when it reboots, if necessary.
# touch /reconfigure
Shut downthe system.
# init 0
Attach the destination disk to the system.
Boot the system.
ok boot –s
Copy the source disk to the destination disk.
# dd if=/dev/rdsk/device-name of=/dev/rdsk/device-name bs=block-size
if=/dev/rdsk/device-name Represents the overlap slice of the master disk device, usually
slice 2.
of=/dev/rdsk/device-name Represents the overlap slice of the destination disk device,
usually slice 2.
bs=blocksize Identifies the block size, such as 128 Kbytes or 256 Kbytes. A
large block size decreases the time it takes to copy the disk.
For more information, see dd(1M).
Check the new file system.
# fsck /dev/rdsk/device-name
Mount the destination disk's root (/) file system.
# mount /dev/dsk/device-name /mnt
Change to the directory where the /etc/vfstab file is located.
# cd /mnt/etc
Using a text editor, edit the destination disk's /etc/vfstab file to reference the correct device
names.
For example, change all instances of c0t3d0 to c0t1d0.
Change to the destination disk's root (/) directory.
# cd /
Unmount the destination disk's root (/) file system.
# umount /mnt
Shut downthe system.
# init 0
Boot fromthe destination disk to single-user mode.
# boot diskn –s
Note – The installboot command is not needed for the destination disk because the boot
blocks are copied as part of the overlap slice.
Unconfigure the destination disk.
# sys-unconfig
The system is shut down after it is unconfigured.
Boot fromthe destination disk again and provide its systeminformation, such as host name,
time zone, and so forth.
# boot diskn
After the systemis booted, log in as superuser to verify the systeminformation. hostname
console login:
Copying a DiskWith aVTOC Label (dd)
This example shows how to copy the master disk (with a VTOC label) /dev/rdsk/c0t0d0s2 to
the destination disk /dev/rdsk/c0t2d0s2.
# touch /reconfigure
# init 0
ok boot
# dd if=/dev/rdsk/c0t0d0s2 of=/dev/rdsk/c0t2d0s2 bs=128k
# fsck /dev/rdsk/c0t2d0s2
# mount /dev/dsk/c0t2d0s2 /mnt
# cd /mnt/etc
# vi vfstab
(Modify entries for the new disk)
# cd /
# umount /mnt
# init 0
# boot disk2 -s
# sys-unconfig
# boot disk2
Copying Directories Between File Systems (cpio Command):
You can use the cpio (copy in and out) command to copy individual files, groups of
files, or complete file systems. This section describes how to use the cpio command to copy
complete file systems.
The cpio command is an archiving program that copies a list of files into a single,
large output file. This command inserts headers between the individual files to facilitate
recovery. You can use the cpio command to copy complete file systems to another slice,
another system, or to a media device, such as a tape or diskette.
Because the cpio command recognizes end-of-media and prompts you to insert
another volume, it is the most effective command, other than ufsdump, to use to create
archives that require multiple tapes or diskettes.
With the cpio command, you frequently use the ls and find commands to list and
select the files you want to copy, and then to pipe the output to the cpio command.
Howto Copy Directories Between File Systems (cpio):
Become superuser
Change to the appropriate directory.
# cd filesystem1
Copy the directory tree fromfilesystem1 to filesystem2 by using a combination of the find
and cpio commands.
# find . -print -depth | cpio -pdm filesystem2
. Starts in the current working directory.
-print Prints the file names.
-depth Descends the directory hierarchy and prints file names from the bottom up.
-p Creates a list of files.
-d Creates directories as needed.
-m Sets the correct modification times on directories.
You might also specify the -u option. This option forces an unconditional copy.
Otherwise, older files do not replace newer files. This option might be useful if you want an
exact copy of a directory, and some of the files being copied might already exist in the target
directory. Verify that the copywas successful by displaying the contents of the destination
directory.
# cd filesystem2
# ls
If appropriate, remove the source directory.
# rm -rf filesystem1
Copying Directories Between File Systems (cpio)
# cd /data1
# find . -print -depth | cpio -pdm /data2
19013 blocks
# cd /data2
# ls
# rm -rf /data1
Copying Files and File Systems toTape:
You can use the tar, pax, and cpio commands to copy files and file systems to tape.
The command that you choose depends on how much flexibility and precision you require for
the copy. Because all three commands use the raw device, you do not need to format or make
a file system on tapes before you use them.
Copying Files to Tape (tar Command):
Here is information that you should know before you copy files to tape with the tar
command:
Copying files to a tape with the -c option to the tar command destroys any files
already on the tape at or beyond the current tape position.
You can use file name substitution wildcards (? and *) as part of the file names that
you specify when copying files. For example, to copy all documents with a .doc
suffix, type .doc as the file name argument.
You cannot use file name substitution wildcards when you extract files from a tar
archive.
Howto Copy Files to aTape (tar)
Change to the directory that contains the files youwant to copy.
Insert a write-enabled tape into the tape drive.
Copy the files to tape.
$ tar cvf /dev/rmt/n filenames
c Indicates that you want to create an archive.
v Displays the name of each file as it is archived.
f /dev/rmt/n Indicates that the archive should be written to the specified device or file.
filenames Indicates the files and directories that you want to copy. Separate multiple files
with spaces.
The file names that you specify are copied to the tape, overwriting any existing files on the
tape.
Remove the tape fromthe drive.Write the names of the files on the tape label.
Verify that the files you copied are on the tape.
$ tar tvf /dev/rmt/n
For more information on listing files on a tar tape, see “How to List the Files on a Tape (tar)”
on page 509.
Copying Files to a Tape (tar)
The following example shows how to copy three files to the tape in tape drive 0.
$ cd /export/home/siri
$ ls reports
reportA reportB reportC
$ tar cvf /dev/rmt/0 reports
a reports/ 0 tape blocks
a reports/reportA 59 tape blocks
a reports/reportB 61 tape blocks
a reports/reportC 63 tape blocks
$ tar tvf /dev/rmt/0
How to List the Files on aTape (tar)
Insert a tape into the tape drive.
Display the tape contents.
$ tar tvf /dev/rmt/n
t Lists the table of contents for the files on the tape.
v Used with the t option, and provides detailed information about the files on the tape.
f /dev/rmt/n Indicates the tape device.
Listing the Files on a Tape (tar)
The following example shows a listing of files on the tape in drive 0.
$ tar tvf /dev/rmt/0
drwxr-xr-x 0/1 0 Jul 28 15:00 2004 reports/
-r--r--r-- 0/1 206663 Jul 28 15:00 2004 reports/reportA
-r--r--r-- 0/1 206663 Jul 28 15:00 2004 reports/reportB
-r--r--r-- 0/1 206663 Jul 28 15:00 2004 reports/reportC
Howto Retrieve Files FromaTape (tar)
Change to the directory where youwant to put the files.
Insert the tape into the tape drive.
Retrieve the files fromthe tape.
$ tar xvf /dev/rmt/n [filenames]
x Indicates that the files should be extracted from the specified archive file. All
files on the tape in the specified drive are copied to the current directory.
v Displays the name of each file as it is retrieved.
f /dev/rmt/n Indicates the tape device that contains the archive.
File names Specifies a file to retrieve. Separate multiple files with spaces.
Verify that the files have been copied.
$ ls –l
Retrieving Files on a Tape (tar)
The following example shows how to retrieve all the files from the tape in drive 0.
$ cd /var/tmp
$ tar xvf /dev/rmt/0
x reports/, 0 bytes, 0 tape blocks
x reports/reportA, 0 bytes, 0 tape blocks
x reports/reportB, 0 bytes, 0 tape blocks
x reports/reportC, 0 bytes, 0 tape blocks
x reports/reportD, 0 bytes, 0 tape blocks
$ ls -l
The names of the files extracted from the tape must exactly match the names of the files that
are stored on the archive. If you have any doubts about the names or paths of the files, first
list the files on the tape.
Copying Files to a Tape With the pax Command
Howto Copy Files to aTape (pax)
Change to the directory that contains the files youwant to copy.
Insert a write-enabled tape into the tape drive.
Copy the files to tape.
$ pax -w -f /dev/rmt/n filenames
-w Enables the write mode.
-f /dev/rmt/n Identifies the tape drive.
filenames Indicates the files and directories that you want to copy. Separate multiple files
with spaces.
Verify that the files have been copied to tape.
$ pax -f /dev/rmt/n
Remove the tape fromthe drive.Write the names of the files on the tape label.
Copying Files to a Tape (pax)
The following example shows how to use the pax command to copy all the files in the current
directory.
$ pax -w -f /dev/rmt/0 .
$ pax -f /dev/rmt/0
filea fileb filec
Copying Files to Tape With the cpio Command
Howto Copy All Files in a Directory to a Tape (cpio)
Change to the directory that contains the files you want to copy.
Insert a write-enabled tape into the tape drive.
Copy the files to tape.
$ ls | cpio -oc > /dev/rmt/n
ls Provides the cpio command with a list of file names.
cpio -oc Specifies that the cpio command should operate in copy-out mode (-o) and
write header information in ASCII character format (-c). These options
ensure portability to other vendors' systems.
> /dev/rmt/n Specifies the output file.
All files in the directory are copied to the tape in the drive you specify, overwriting any
existing files on the tape. The total number of blocks that are copied is shown.
Verify that the files have been copied to tape.
$ cpio -civt < /dev/rmt/n
-c Specifies that the cpio command should read files in ASCII character
format.
-i Specifies that the cpio command should operate in copy-in mode, even
though the command is only listing files at this point.
-v Displays the output in a format that is similar to the output from the ls -l
command.
-t Lists the table of contents for the files on the tape in the tape drive that you
specify.
< /dev/rmt/n Specifies the input file of an existing cpio archive.
Remove the tape fromthe drive.Write the names of the files on the tape label.
Copying All Files in a Directory to a Tape (cpio)
The following example shows how to copy all of the files in the /export/home/siri directory to
the tape in tape drive 0.
$ cd /export/home/siri
$ ls | cpio -oc > /dev/rmt/0
16 blocks
$ cpio -civt < /dev/rmt/0
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, filea
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, fileb
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, filec
drwxr-xr-x 2 root other 0 Jul 28 14:59 2004, letters
drwxr-xr-x 2 root other 0 Jul 28 15:00 2004, reports
16 blocks
Howto List the Files on aTape (cpio)
Note – Listing the table of contents on a tape takes a long time because the cpio command
must process the entire archive.
Insert an archive tape into the tape drive.
List the files on the tape.
$ cpio -civt < /dev/rmt/n
Listing the Files on a Tape (cpio)
The following example shows how to list the files on the tape in drive 0.
$ cpio -civt < /dev/rmt/0
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, filea
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, fileb
-rw-r--r-- 1 root other 0 Jul 28 14:59 2004, filec
drwxr-xr-x 2 root other 0 Jul 28 14:59 2004, letters
drwxr-xr-x 2 root other 0 Jul 28 15:00 2004, reports
16 blocks
$
Howto Retrieve All Files From a Tape (cpio)
If the archive was created using relative path names, the input files are built as a
directory within the current directory when you retrieve the files. If, however, the archive was
created with absolute path names, the same absolute paths are used to re-create the file on
your system.
Caution – The use of absolute path names can be dangerous because you might overwrite
existing files on your system.
Change to the directory where youwant to put the files.
Insert the tape into the tape drive.
Extract all files fromthe tape.
$ cpio -icvd < /dev/rmt/n
-i Extracts files from standard input.
-c Specifies that the cpio command should read files in ASCII character
format.
-v Displays the files as they are retrieved in a format that is similar to the output
from the ls command.
-d Creates directories as needed.
< /dev/rmt/n Specifies the output file.
Verify that the fileswere copied.
$ ls –l
Retrieving All Files Froma Tape (cpio)
The following example shows how to retrieve all files from the tape in drive 0.
$ cd /var/tmp
cpio -icvd < /dev/rmt/0
answers
sc.directives
tests
8 blocks
$ ls -l
How to Retrieve Specific Files FromaTape (cpio)
Change to the directory where youwant to put the files.
Insert the tape into the tape drive.
Retrieve a subset of files from the tape.
$ cpio -icv "*file" < /dev/rmt/n
-i Extracts files from standard input.
-c Specifies that the cpio command should read headers in ASCII character format.
-v Displays the files as they are retrieved in a format that is similar to the output from the ls
command.
"*file" Specifies that all files that match the pattern are copied to the current directory. You
can specify multiple patterns, but each pattern must be enclosed in double quotation marks.
< /dev/rmt/n Specifies the input file.
For more information, see the cpio(1) man page.
Verify that the fileswere copied.
$ ls -l
Retrieving Specific Files Froma Tape (cpio)
The following example shows how to retrieve all files with the chapter suffix from the tape in
drive 0.
$ cd /home/smith/Book
$ cpio -icv "*chapter" < /dev/rmt/0
Boot.chapter
Directory.chapter
Install.chapter
Intro.chapter
31 blocks
$ ls -l
Copying Files to a RemoteTape Device
How to Copy Files to a RemoteTape Device (tar anddd)
The following prerequisites must be met to use a remote tape drive:
(a) The local host name and optionally, the user name of the user doing the copy, must
appear in the remote system's /etc/hosts.equiv file.Or, the user doing the copy must
have his or her home directory accessible on the remote machine, and have the local
machine name in
$HOME/.rhosts.
For more information, see the hosts.equiv(4) man page.
(b) An entry for the remote systemmust be in the local system's /etc/inet/hosts file or in
the name service hosts file.
To test whether you have the appropriate permission to execute a remote command, try the
following:
$ rsh remotehost echo test
If test is echoed back to you, you have permission to execute remote commands. If
Permission denied is echoed back to you, check your setup as described in Step 1.
Change to the directory where youwant to put the files.
Insert the tape into the tape drive.
Copy the files to a remote tape drive.
$ tar cvf - filenames | rsh remote-host dd of=/dev/rmt/n obs=block-size
tar cf Creates a tape archive, lists the files as they are archived, and specifies the
tape device.
v Provides additional information about the tar file entries.
- (Hyphen) Represents a placeholder for the tape device.
filenames Identifies the files to be copied. Separate multiple files with spaces.
rsh | remote-host Pipes the tar command's output to a remote shell.
dd of= /dev/rmt/n Represents the output device.
obs=block-size Represents the blocking factor.
Remove the tape fromthe drive.Write the names of the files on the tape label.
Copying Files to a Remote Tape Drive (tar and dd)
# tar cvf - * | rsh mercury dd of=/dev/rmt/0 obs=126b
a answers/ 0 tape blocks
a answers/test129 1 tape blocks
a sc.directives/ 0 tape blocks
a sc.directives/sc.190089 1 tape blocks
a tests/ 0 tape blocks
a tests/test131 1 tape blocks
6+9 records in
0+1 records out
How to Extract Files Froma RemoteTape Device:
Insert the tape into the tape drive.
Change to a temporary directory.
$ cd /var/tmp
Extract the files froma remote tape device.
$ rsh remote-host dd if=/dev/rmt/n | tar xvBpf -
rsh remote-host Indicates a remote shell that is started to extract the files from the tape
device by using the dd command.
dd if=/dev/rmt/n Indicates the input device.
| tar xvBpf - Pipes the output of the dd command to the tar command, which is used
to restore the files.
Verify that the files have been extracted.
$ ls -l
Extracting Files Froma Remote Tape Drive
$ cd /var/tmp
$ rsh mercury dd if=/dev/rmt/0 | tar xvBpf -
x answers/, 0 bytes, 0 tape blocks
x answers/test129, 48 bytes, 1 tape blocks
20+0 records in
20+0 records out
x sc.directives/, 0 bytes, 0 tape blocks
x sc.directives/sc.190089, 77 bytes, 1 tape blocks
x tests/, 0 bytes, 0 tape blocks
x tests/test131, 84 bytes, 1 tape blocks
$ ls -l
ManagingTape Drives
This chapter describes how to manage tape drives in the Solaris Operating System (Solaris
OS).
Choosing Which Media to Use:
You typically back up Solaris systems by using the following tape media:
1/2-inch reel tape
1/4-inch streaming cartridge tape
8-mm cartridge tape
4-mm cartridge tape (DAT)
You can perform backups with diskettes, but doing so is time-consuming and
cumbersome. The media that you choose depends on the availability of the equipment that
supports it and of the media (usually tape) that you use to store the files. Although you must
do the backup from a local system, you can write the files to a remote device.
The following table shows typical tape devices that are used for backing up file
systems. The storage capacity for each device depends on the type of drive and the data being
written to the tape.
Media StorageCapacities
Backup Media Storage Capacity1/2-inch reel tape 140 Mbytes (6250 bpi)2.5-Gbyte 1/4-inch cartridge (QIC) tape 2.5 GbytesDDS3 4-mm cartridge tape (DAT) 12–24 Gbytes14-Gbyte 8-mm cartridge tape 14 GbytesDLT 7000 1/2-inch cartridge tape 35–70 Gbytes
Backup Device Names:
You specify a tape or diskette to use for backup by supplying a logical device name.
This name points to the subdirectory that contains the “raw” device file and includes the
logical unit number of the drive. Tape drive naming conventions use a logical, not a physical,
device name.
The following table shows this naming convention.
Basic DeviceNames for Backup Devices
Device Type Name
Tape /dev/rmt/n
Diskette /vol/dev/rdiskette0/unlabeled
If you don't specify the density, a tape drive typically writes at its “preferred” density.
The preferred density usually means the highest density the tape drive supports.Most SCSI
drives can automatically detect the density or format on the tape and read it accordingly. To
determine the different densities that are supported for a drive, look at the /dev/rmt
subdirectory. This subdirectory includes the set of tape device files that support different
output densities for each tape.
Also, a SCSI controller can have a maximum of seven SCSI tape drives.
DisplayingTape Drive Status:
You can use the status option with the mt command to get status information about
tape drives. The mt command reports information about any tape drives that are described in
the
/kernel/drv/st.conf file.
How to Display Tape Drive Status:
Load a tape into the drive youwant information about.
Display the tape drive status.
# mt -f /dev/rmt/n status
Displaying Tape Drive Status
The following example shows the status for aQIC-150 tape drive (/dev/rmt/0):
$ mt -f /dev/rmt/0 status
Archive QIC-150 tape drive:
sense key(0x0)= No Additional Sense residual= 0 retries= 0
file no= 0 block no= 0
The following example shows the status for an Exabyte tape drive (/dev/rmt/1):
$ mt -f /dev/rmt/1 status
Exabyte EXB-8200 8mm tape drive:
sense key(0x0)= NO Additional Sense residual= 0 retries= 0
file no= 0 block no= 0
The following example shows a quick way to poll a system and locate all of its tape drives:
$ for drive in 0 1 2 3 4 5 6 7
> do
> mt -f /dev/rmt/$drive status
> done
Archive QIC-150 tape drive:
sense key(0x0)= No Additional Sense residual= 0 retries= 0
file no= 0 block no= 0
/dev/rmt/1: No such file or directory
/dev/rmt/2: No such file or directory
/dev/rmt/3: No such file or directory
/dev/rmt/4: No such file or directory
/dev/rmt/5: No such file or directory
/dev/rmt/6: No such file or directory
/dev/rmt/7: No such file or directory
$
Handling MagneticTape Cartridges:
If errors occur when a tape is being read, you can retension the tape, clean the tape
drive, and then try again.
Retensioning aMagneticTape Cartridge
Retension a magnetic tape cartridge with the mt command.
For example:
$ mt -f /dev/rmt/1 retension
$
Note –Do not retension non-QIC tape drives.
Rewinding aMagneticTape Cartridge
To rewind a magnetic tape cartridge, use the mt command.
For example:
$ mt -f /dev/rmt/1 rewind
$
SCHEDULE JOBS
You can set up many system tasks to execute automatically. Some of these tasks
should occur at regular intervals. Other tasks need to run only once, perhaps during off hours
such as evenings or weekends.
We have two commands, those are crontab and at, which enable you to schedule
routine tasks to execute automatically. The crontab command schedules repetitive commands.
The at command schedules tasks that execute once.
For Scheduling Repetitive Jobs: crontab:
You can schedule routine system administration tasks to execute daily, weekly, or
monthly by using the crontab command.
Daily crontab system administration tasks might include the following:
Removing files more than a few days old from temporary directories
Executing accounting summary commands
Taking snapshots of the system by using the df and ps commands
Performing daily security monitoring
Running system backups
Weekly crontab system administration tasks might include the following:
Running the fsck -n command to list any disk problems
Monthly crontab system administration tasks might include the following:
Listing files not used during a specific month
Producing monthly accounting reports
Additionally, users can schedule crontab commands to execute other routine system
tasks, such as sending reminders and removing backup files.
For Scheduling a Single Job: at
The at command allows you to schedule a job for execution at a later time. The job
can consist of a single command or a script.
Similar to crontab, the at command allows you to schedule the automatic execution of
routine tasks.However, unlike crontab files, at files execute their tasks once. Then, they are
removed from their directory. Therefore, the at command is most useful for running simple
commands or scripts that direct output into separate files for later examination.
The at command stores the command or script you ran, along with a copy of your
current environment variable, in the /var/spool/cron/atjobs directory. Your at job file name is
given a long number that specifies its location in the at queue, followed by the .a extension,
such as 793962000.a.
The cron daemon checks for at jobs at startup and listens for new jobs that are
submitted. After the cron daemon executes an at job, the at job's file is removed from the
atjobs directory.
Scheduling a Repetitive SystemTask (cron):
The following sections describe how to create, edit, display, and remove crontab files,
as well as how to control access to them.
Inside a crontab File:
The cron daemon schedules system tasks according to commands found within each
crontab file. A crontab file consists of commands, one command per line, that will be
executed at regular intervals. The beginning of each line contains date and time information
that tells the cron daemon when to execute the command.
For example, a crontab file named root is supplied during SunOS software installation. The
file's contents include these command lines:
10 3 * * * /usr/sbin/logadm
15 3 * * 0 /usr/lib/fs/nfs/nfsfind
1 2 * * * [ -x /usr/sbin/rtc ] && /usr/sbin/rtc -c > /dev/null 2>&1
30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean
The following describes the output for each of these command lines:
The first line runs the logadm command at 3:10 a.m. every day.
The second line executes the nfsfind script every Sunday at 3:15 a.m.
The third line runs a script that checks for daylight savings time (and make
corrections, if necessary) at 2:10 a.m. daily.
If there is no RTC time zone, nor an /etc/rtc_config file, this entry does nothing.
X 86 only – The /usr/sbin/rtc script can only be run on an x86 based system.
The fourth line checks for (and removes) duplicate entries in the Generic Security
Service table, /etc/gss/gsscred_db, at 3:30 a.m. daily.
The crontab files are stored in the /var/spool/cron/crontabs directory. Several crontab
files besides root are provided during SunOS software installation.
Besides the default crontab files, users can create crontab files to schedule their own
system tasks. Other crontab files are named after the user accounts in which they are created,
such as bob, mary, smith, or jones.
To access crontab files that belong to root or other users, superuser privileges are
required. Procedures explaining how to create, edit, display, and remove crontab files are
described in subsequent sections.
How the cron Daemon Handles Scheduling:
The cron daemon manages the automatic scheduling of crontab commands. The role
of the cron daemon is to check the /var/spool/cron/crontab directory for the presence of
crontab files.
The cron daemon performs the following tasks at startup:
Checks for new crontab files.
Reads the execution times that are listed within the files.
Submits the commands for execution at the proper times.
Listens for notifications from the crontab commands regarding updated crontab files.
In much the same way, the cron daemon controls the scheduling of at files. These files
are stored in the /var/spool/cron/atjobs directory. The cron daemon also listens for
notifications from the crontab commands regarding submitted at jobs.
Syntax of crontab File Entries:
A crontab file consists of commands, one command per line, that execute automatically at the
time specified by the first five fields of each command line. These five fields, described as
follows
Time Field Values
Minute 0-59
Hour 0-23
Day of month 1-31
Month 1-12
Day of week 0-6 (0 = Sunday)
Follow these guidelines for using special characters in crontab time fields:
Use a space to separate each field.
Use a comma to separate multiple values.
Use a hyphen to designate a range of values.
Use an asterisk as a wildcard to include all possible values.
Use a comment mark (#) at the beginning of a line to indicate a comment or a blank
line.
For example, the following crontab command entry displays a reminder in the user's console
window at 4 p.m. on the first and fifteenth days of every month.
0 16 1, 15 * * echo Timesheets Due > /dev/console
Each command within a crontab file must consist of one line, even if that line is very long.
The crontab file does not recognize extra carriage returns.
Creating and Editing crontab Files:
The simplest way to create a crontab file is to use the crontab -e command. This
command invokes the text editor that has been set for your system environment. The default
editor for your system environment is defined in the EDITOR environment variable. If this
variable has not been set, the crontab command uses the default editor, ed. Preferably, you
should choose an editor that you know well.
The following example shows how to determine if an editor has been defined, and
how to set up vi as the default.
$ which $EDITOR
$
$ EDITOR=vi
$ export EDITOR
When you create a crontab file, it is automatically placed in the /var/spool/cron/crontabs
directory and is given your user name. You can create or edit a crontab file for another user,
or root, if you have superuser privileges.
How to Create or Edit a crontab File:
If you are creating or editing a crontab file that belongs to root or another user you
must become superuser or assume an equivalent role.
You do not need to become superuser to edit your own crontabfile.
Create a new crontab file, or edit an existing file.
$ crontab -e [username]
where username specifies the name of the user's account for which you want to create or edit
a crontab file. You can create your own crontab file without superuser privileges, but you
must have superuser privileges to creating or edit a crontab file for root or another user.
Verify your crontab file changes.
# crontab -l [username]
Creating a crontab File
The following example shows how to create a crontab file for another user.
# crontab -e jones
The following command entry added to a new crontab file automatically removes any log
files from the user's home directory at 1:00 a.m. every Sunday morning. Because the
command entry does not redirect output, redirect characters are added to the command line
after *.log.Doing so ensures that the command executes properly.
How to Verify That a crontab File Exists:
To verify that a crontab file exists for a user, use the ls -l command in the
/var/spool/cron/crontabs directory. For example, the following output shows that crontab files
exist for users jones and smith.
$ ls -l /var/spool/cron/crontabs
-rw-r--r-- 1 root sys 190 Feb 26 16:23 adm
-rw------- 1 root staff 225 Mar 1 9:19 jones
-rw-r--r-- 1 root root 1063 Feb 26 16:23 lp
-rw-r--r-- 1 root sys 441 Feb 26 16:25 root
-rw------- 1 root staff 60 Mar 1 9:15 smith
-rw-r--r-- 1 root sys 308 Feb 26 16:23 sys
Verify the contents of user's crontab file by using the crontab -l command
Displaying crontab Files:
The crontab -l command displays the contents of a crontab file much the same way
that the cat command displays the contents of other types of files. You do not have to change
the directory to /var/spool/cron/crontabs directory (where crontab files are located) to use this
command.
By default, the crontab -l command displays your own crontab file. To display
crontab files that belong to other users, you must be superuser.
HowtoDisplay a crontab File:
Become superuser or assume an equivalent role to display a crontab file that belongs
to root or another user.
You do not need to become superuser or assume an equivalent role to display your
own crontab file.
Display the crontab file.
$ crontab -l [username]
where username specifies the name of the user's account for which you want to display a
crontab file. Displaying another user's crontab file requires superuser privileges.
Caution – If you accidentally type the crontab command with no option, press the
interrupt character for your editor. This character allows you to quit without saving changes.
If you instead saved changes and exited the file, the existing crontab file would be
overwritten with an empty file.
Displaying a crontab File
This example shows how to use the crontab -l command to display the contents of the
user's default crontab file.
$ crontab -l
13 13 * * * chmod g+w /home1/documents/*.book > /dev/null 2>&1
Displaying the Default root crontab file.
This example shows how to display the default root crontab file.
# crontab -l
#ident "@ (#)root 1.19 98/07/06 SMI" /* SVr4.0 1.1.3.1 */
#
# The root crontab should be used to perform accounting data collection.
#
#
10 3 * * * /usr/sbin/logadm
15 3 * * 0 /usr/lib/fs/nfs/nfsfind
30 3 * * * [ -x /usr/lib/gss/gsscred_clean ] && /usr/lib/gss/gsscred_clean
#10 3 * * * /usr/lib/krb5/kprop_script ___slave_kdcs___
Removing crontab Files:
By default, crontab file protections are set up so that you cannot inadvertently delete a
crontab file by using the rm command. Instead, use the crontab -r command to remove
crontab files.
By default, the crontab -r command removes your own crontab file. You do not have
to change the directory to /var/spool/cron/crontabs (where crontab files are located) to use
this command.
Howto Remove a crontab File:
Become superuser or assume an equivalent role to remove a crontab file that belongs
to root or another user.
You do not need to become superuser or assume an equivalent role to remove your
own crontab file.
Remove the crontab file.
$ crontab -r [username]
where username specifies the name of the user's account for which you want to remove a
crontab file. Removing crontab files for another user requires superuser privileges.
Caution – If you accidentally type the crontab command with no option, press the interrupt
character for your editor. This character allows you to quit without saving changes. If you
instead saved changes and exited the file, the existing crontab file would be overwritten with
an empty file.
Verify that the crontab file has been removed.
# ls /var/spool/cron/crontabs
Removing a crontab File
The following example shows how user smith uses the crontab -r command to remove his
crontab file.
$ ls /var/spool/cron/crontabs
adm jones lp root smith sys uucp
$ crontab -r
$ ls /var/spool/cron/crontabs
adm jones lp root sys uucp
Controlling Access to the crontab Command:
You can control access to the crontab command by using two files in the /etc/cron.d
directory: cron.deny and cron.allow. These files permit only specified users to perform
crontab command tasks such as creating, editing, displaying, or removing their own crontab
files.
The cron.deny and cron.allow files consist of a list of user names, one user name per
line. These access control files work together as follows:
If cron.allow exists, only the users who are listed in this file can create, edit, display,
or remove crontab files.
If cron.allow does not exist, all users can submit crontab files, except for users who
are listed in cron.deny.
If neither cron.allow nor cron.deny exists, superuser privileges are required to run the
crontab command.
Superuser privileges are required to edit or create the cron.deny and cron.allow files. The
cron.deny file, which is created during SunOS software installation, contains the following
user names:
$ cat /etc/cron.d/cron.deny
daemon
bin
smtp
nuucp
listen
nobody
noaccess
None of the user names in the default cron.deny file can access the crontab command.
You can edit this file to add other user names that will be denied access to the crontab
command.
No default cron.allow file is supplied. So, after Solaris software installation, all users
(except users who are listed in the default cron.deny file) can access the crontab command. If
you create a cron.allow file, only these users can access the crontab command.
Howto Deny crontab CommandAccess:
Become superuser or assume an equivalent role.
Edit the /etc/cron.d/cron.deny file and add user names, one user per line. Include users who
will be denied access to the crontab commands.
daemon
bin
smtp
nuucp
listen
nobody
noaccess
username1
username2
username3
Verify that the /etc/cron.d/cron.deny file contains the new entries.
# cat /etc/cron.d/cron.deny
daemon
bin
nuucp
listen
nobody
noaccess
How to Limit crontab CommandAccess to Specified:
Users
Become superuser or assume an equivalent role.
Create the /etc/cron.d/cron.allow file.
Add the root user name into the cron.allow file.
If you do not add root to the file, superuser access to crontab commands will be denied.
Add the user names, one user name per line. Include users that will be allowed to use the
crontab command.
root
username1
username2
username3
Limiting crontab Command Access to Specified Users
The following example shows a cron.deny file that prevents user names jones, temp, and
visitor from accessing the crontab command.
$ cat /etc/cron.d/cron.deny
daemon
bin
smtp
nuucp
listen
nobody
noaccess
jones
temp
visitor
The following example shows a cron.allow file. The users root, jones, lp, and smith are the
only users who can access the crontab command.
$ cat /etc/cron.d/cron.allow
root
jones
lp
smith
Scheduling a Single SystemTask (at):
The following sections describe how to use the at command to perform the following tasks:
Schedule jobs (command and scripts) for execution at a later time
How to display and remove these jobs
How to control access to the at command
By default, users can create, display, and remove their own at job files. To access at
files that belong to root or other users, you must have superuser privileges.
When you submit an at job, it is assigned a job identification number along with the .a
extension. This designation becomes the job's file name, as well as its queue number.
Description of the at Command:
Submitting an at job file involves these steps:
1. Invoking the at utility and specifying a command execution time.
2. Typing a command or script to execute later.
Note – If output from this command or script is important, be sure to direct the output to a file
for later examination.
For example, the following at job removes core files from the user account smith near
midnight on the last day of July.
$ at 11:45pm July 31
at> rm /home/smith/*core*
at> Press Control-d
commands will be executed using /bin/csh
job 933486300.a at Tue Jul 31 23:45:00 2004
Controlling Access to the at Command:
You can set up a file to control access to the at command, permitting only specified
users to create, remove, or display queue information about their at jobs. The file that controls
access to the at command, /etc/cron.d/at.deny, consists of a list of user names, one user name
per line. The users who are listed in this file cannot access at commands.
The at.deny file, which is created during SunOS software installation, contains the
following
user names:
daemon
bin
smtp
nuucp
listen
nobody
noaccess
With superuser privileges, you can edit the at.deny file to add other user names whose at
command access you want to restrict.
How to Create an at Job:
Start the at utility, specifying the time you want your job executed.
$ at [-m] time [date]
-m Sends you email after the job is completed.
time Specifies the hour that you want to schedule the job. Add am or pm if you do not specify
the hours according to the 24-hour clock. Acceptable keywords are midnight, noon, and now.
Minutes are optional.
date Specifies the first three or more letters of a month, a day of the week, or the keywords
today or tomorrow.
At the at prompt, type the commands or scripts that youwant to execute, one per line.
You may type more than one command by pressing Return at the end of each line.
Exit the at utility and save the at job by pressing Control-D.
Your at job is assigned a queue number, which is also the job's file name. This number is
displayed when you exit the at utility.
Creating an at Job
The following example shows the at job that user jones created to remove her backup files at
7:30 p.m. She used the -m option so that she would receive an email message after her job
completed.
$ at -m 1930
at> rm /home/jones/*.backup
at> Press Control-D
job 897355800.a at Thu Jul 12 19:30:00 2004
She received a email message which confirmed the execution of her at job.
Your “at” job “rm /home/jones/*.backup”
completed.
The following example shows how jones scheduled a large at job for 4:00 a.m. Saturday
morning. The job output was directed to a file named big.file.
$ at 4 am Saturday
at> sort -r /usr/dict/words > /export/home/jones/big.file
How to Display the atQueue:
To check your jobs that arewaiting in the at queue, use the atq command.This
command displays status information about the at jobs that you have created.
$ atq
How toVerify an at Job:
To verify that you have created an at job, use the atq command. In the following
example, the at q command confirms that at jobs that belong to jones have been submitted to
the queue.
$ atq
Rank Execution Date Owner Job Queue Job Name
1st Jul 12, 2004 19:30 jones 897355800.a a stdin
2nd Jul 14, 2004 23:45 jones 897543900.a a stdin
3rd Jul 17, 2004 04:00 jones 897732000.a a stdin
How to Display at Jobs:
To display information about the execution times of your at jobs, use the at -l command.
$ at -l [job-id]
where the -l job-id option identifies the identification number of the job whose status you
want to display.
Displaying at Jobs
The following example shows output from the at -l command, which provides information on
the status of all jobs submitted by a user.
$ at -l
897543900.a Sat Jul 14 23:45:00 2004
897355800.a Thu Jul 12 19:30:00 2004
897732000.a Tue Jul 17 04:00:00 2004
The following example shows the output that is displayed when a single job is specified with
the at -l command.
$ at -l 897732000.a
897732000.a Tue Jul 17 04:00:00 2004
How to Remove at Jobs:
Become superuser or assume an equivalent role to remove an at job that belongs to
root or another user. Roles contain authorizations and privileged commands. For more
information about roles, see “Configuring RBAC (TaskMap)” in System Administration
Guide: Security Services.
You do not need to become superuser or assume an equivalent role to remove your
own at job.
Remove the at job fromthe queue before the job is executed.
$ at -r [job-id]
where the -r job-id option specifies the identification number of the job you want to remove.
Verify that the at job is removed by using the at -l (or the atq) command.
The at -l command displays the jobs remaining in the at queue. The job whose identification
number you specified should not appear.
$ at -l [job-id]
Removing at Jobs:
In the following example, a user wants to remove an at job that was scheduled to
execute at 4 a.m. on July 17th. First, the user displays the at queue to locate the job
identification number.
Next, the user removes this job from the at queue. Finally, the user verifies that this
job has been removed from the queue.
$ at -l
897543900.a Sat Jul 14 23:45:00 2003
897355800.a Thu Jul 12 19:30:00 2003
897732000.a Tue Jul 17 04:00:00 2003
$ at -r 897732000.a
$ at -l 897732000.a
at: 858142000.a: No such file or directory
Howto Deny Access to the at Command:
Become superuser or assume an equivalent role.
Edit the /etc/cron.d/at.deny file and add the names of users, one user name per line, that will
be prevented fromusing the at commands.
daemon
bin
smtp
nuucp
listen
nobody
noaccess
username1
username2
username3
Denying at Access
The following example shows an at.deny file that has been edited so that the users smith and
jones cannot access the at command.
$ cat at.deny
daemon
bin
smtp
nuucp
listen
nobody
noaccess
jones
smith
How toVerifyThat at CommandAccess Is Denied:
To verify that a usernamewas added correctly to the /etc/cron.d/at.deny file, use the at
–l command while logged in as the user. If the user smith cannot access the at command, the
following message is displayed.
# su smith
Password:
$ at -l
at: you are not authorized to use at. Sorry.
Likewise, if the user tries to submit an at job, the following message is displayed:
$ at 2:30pm
at: you are not authorized to use at. Sorry.
This message confirms that the user is listed in the at.deny file.
If at command access is allowed, then the at -l command returns nothing.
STARTING SOLARIS PRINTMANAGER
To start Solaris PrintManager, use either of the following methods:
Type the appropriate command from the command line.
How to Start Solaris Print Manager:
Verify that the following prerequisites are met.To use Solaris Print Manager, you
must meet the following requirements:
Have a bitmapped display monitor, such as the standard display monitor that comes
with a Sun workstation. Solaris Print Manager can be used only on a system with a
console that is a bitmapped screen.
Be running an X Window System, such as COMMON desktop Environment, or be
using the remote display feature on a system running an xhost environment.
Be logged in as superuser or an equivalent role on the print server to install an
attached or network printer, or on the print client to add access to a printer.
Have the SUNWppm package installed.
# pkginfo | grep SUNWppm
system SUNWppm Solaris Print Manager
Start Solaris PrintManager by using one of the following methods:
# /usr/sbin/printmgr &
Note – You can also start Solaris Print Manager by using the original path of the printmgr
command:
# /usr/sadm/admin/bin/printmgr &
It will open one graphical window there you can select the printer
Which you want to add.
Add a New Directly Attached Printer by Using
LP Print Commands
Printers are divided into three types:
1. Local printer
2. Remote printer
3. Network printer
1. Local printer: The printer directly attached to local system is called local printer.
2. Remore printer: The printer connected across the LAN with a shared folder is called
Remote printer.
3. Nework printer: The printer which has its own ip address and hostname and directly
to the LAN is called network printer. So every system in the network they can access
this printer.
To manage printers in solaris we have the following command:
#lpadmin
This command will configure the lp print services by defining printer names and devices.
It is used to add, change or delete a printer.
To configure a new printer in solaris you can follow the steps:
#lpadmin –p wipro –v /dev/lp1
Options:
-p printer name
-v printer device name
To make the printer as default you can use the following command
#lpadmin –d wipro (-d default printer)
To enable the printer in solaris environment
#enable wipro
To accept the print jobs of printer you have to give the following command
#accept wipro
To see the status of printer
#lpstat –v
To see the status information about all printers with accepting print requests
#lpstat –t
To see the characteristics of printer
#lpstat –p wipro
To take print out on solaris you can use the command
#lp (by using lp command we can take print outs of files)
Ex:
#lp /etc/passwd
Here you are taking the print out of password file.
To see the jobs queue:
#lpq
To stop the print services you can use the following command
#lpshut wipro
To remove a printer
#lpadmin –x wipro
How to Add a New Network-Attached Printer by Using LP Print Commands:
This procedure describes how to add a new network printer with the expanded printer
support that is available in this release. There are two examples that follow this procedure.
The first example shows you how to add a new network printer with PPD files by using lp
commands.
The second example shows you how to add a new network printer without PPD files
by using lp commands.
The following steps are necessary to set up a network printer by using the network
printer support software. The use of this software is intended for printers that do not come
with vendor-supplied software.
This step is equivalent to adding any node to the network.
1. Collect the information that is required to configure a new network printer with PPD
files.
Printer name and port device
Network printer access name
Protocol
Timeout
File content type
PPD file
To determine the PPD file, first define the printer make, model, and driver that the
printer will use.
Define the printer name, port device, file content type, and PPD file that the printer
will use. When using PPD files, the file content type is usually PostScript.
(a) Specify the printer name and the port device that the printer will use.
# lpadmin -p printer-name -v /dev/null
The device to use is /dev/null.
(b) Specify the interface script that the printer will use.
# lpadmin -p printer-name -m netstandard_foomatic
The interface script that is supplied with the support software for network printer is
/usr/lib/lp/model/netstandard_foomatic.
(c) Specify the file content type and PPD file that the printer will use.
When using PPD files, the file content type is usually PostScript.
# lpadmin -p printer-name -I content-type –n
/path/ppdfile
The PPD file that you specify is located in the /path directory.
Note – If /path is not a PPD file repository on the system, then a copy of PPD file is placed in
the user label directory in the user PPD file repository. For more information, see
(d) Specify the printer description.
# lpadmin -p printer-name -D "printer-description"
Set the printer destination, protocol, and timeout values.
# lpadmin -p printer-name -o dest=access-name:port -o protocol=protocol
-o timeout=value
-p printer-name Specifies the network printer name.
-o dest=access-name:port Sets the printer destination to the network printer access name and
a designated printer vendor port, if the port is defined in the printer vendor documentation.
-o protocol=protocol Sets the over-the-wire protocol used to communicate with the printer.
Both BSD and raw TCP are supported.
-o timeout=value Sets a retry timeout value that represents a number of seconds to wait
between attempting connections to the printer.
Add filters to the print server.
# cd /etc/lp/fd
# for filter in *.fd;do
> name=‘basename $ filter .fd‘
> lpfilter -f $name -F $ filter
> done
Enable the printer to accept print requests and to print those requests.
# accept printer-name
# enable printer-name
Verify that the printer is correctly configured.
# lpstat -p printer-name
Adding a New Network-Attached Printer With PPD Files by Using LP Print Commands
This example shows how to add a new network printer with PPD files. The -n option
to the lpadmin command enables you to add a new print queue by specifying PPD files. The
commands used in this example must be executed on the print server. The following
information is used as an example only. The information that you provide will vary.
Printer name : luna1
Device: /dev/null
Interface: /usr/lib/lp/model/netstandard_foomatic
Network printer access name: nimquat:9100
Protocol: tcp
Timeout: 5
File content type: postscript
PPD file: /path/ppdfile
# lpadmin -p luna1 -v /dev/null (1)
# lpadmin -p luna1 -m netstandard_foomatic (2)
# lpadmin -p luna1 -o dest=nimquat:9100 -o protocol=tcp
-o timeout=5 (3)
# lpadmin -p luna1 -I postscript (4)
# lpadmin -p luna1 -n /path/ppdfile (5)
# lpadmin -p luna1 -D "Second floor color printer" (6)
# cd /etc/lp/fd
# for filterin *.fd;do
> name =‘basename $ filter .fd‘
> lpfilter -f $ name -F $ filter
> done (7)
# accept luna1
destination "luna1" now accepting requests
# enable luna1 (8)
printer "luna1" now enabled
# lpstat -p luna1 (9)
printer luna1 is idle. enabled since Mon Apr 19 15:31:15 2004. available.
1. Defines printer name and sets the device to /dev/null
2. Defines the interface script for network printers
3. Sets the destination, protocol, and timeout
4. Specifies the file content types to which the printer can print to directly
5. Specifies the PPD file to use
6. Adds a description for the printer
7. Adds print filters to the print server
8. Accepts print requests for the printer and enables the printer
9. Verifies that the printer is ready for printing
Adding a New Network-Attached Printer Without PPD Files by Using LP Print Commands
This example shows how to add a new network printer without PPD files. Thse commands
must be executed on the print server.
The following information is used as an example:
Printer name: luna1
Device: /dev/null
Interface: /usr/lib/lp/model/netstandard
Network printer access name: nimquat:9100
Protocol: tcp
Timeout: 5
File content type: postscript
Printer type: PS
# lpadmin -p luna1 -v /dev/null (1)
# lpadmin -p luna1 -m netstandard (2)
# lpadmin -p luna1 -o dest=nimquat:9100 -o protocol=tcp
-o timeout=5 (3)
# lpadmin -p luna1 -I postscript -T PS (4)
# lpadmin -p luna1 -D "Room 1954 ps" (5)
# cd /etc/lp/fd
# for filter in *.fd;do
> name =‘basename $ filter .fd‘
> lpfilter -f $ name -F $ filter
> done (6)
# accept luna1
destination "luna1" now accepting requests
# enable luna1 (7)
printer "luna1" now enabled
# lpstat -p luna1 (8)
printer luna1 is idle.enabled since Feb 28 11:21 2003.available.
1. Defines printer name and sets the device to /dev/null
2. Defines the interface script for network printers
3. Sets the destination, protocol, and timeout
4. Specifies the file content type to which the printer can print directly, and the printer
type
5. Adds a description for the printer
6. Adds print filters to the print server
7. Accepts print requests for the printer and enables the printer
8. Verifies that the printer is ready for printing
How to Delete a Printer and Remove Printer Access by Using LP Print Commands:
Use this procedure when you remove a printer from service, and you want to remove
the printer access from the print clients. Then, remove the printer information from the print
server.
Log in as superuser, lp, or assume an equivalent role on a print client that has access
to the printer youwant to delete. On the systemthat is the print client, delete information about
the printer.
# lpadmin -x printer-name
-x Deletes the specified printer.
printer-name Specifies the name of the printer you want to delete.
Log in as superuser, lp, or assume an equivalent role on the print server.
On the systemthat is the printer server, stop accepting print requests for the printer.
# reject printer-name
reject printer-name rejects print requests for the specified printer.
On the systemthat is the print server, stop the printer.
# disable printer-name
On the systemthat is the print server, delete the printer.
# lpadmin -x printer-name
Verify that the printer information has been deleted:
(a) Confirm that the printer information has been deleted on the print client.
$ lpstat -p printer-name -l
In the command output, you should receive an error indicating that the printer does not
exist.
(a) Confirm that the printer information has been deleted on the print server.
$ lpstat -p printer-name –l
In the command output, you should receive an error indicating that the printer does not exist.
Deleting a Printer and Remote Printer Access
The following example shows how to delete the printer luna from the print client terra
and from the print server jupiter. This example also shows how to delete the print client terra
from the print server.
terra# lpadmin -x luna
Removed “luna”.
terra# lpstat -p luna -l
jupiter# lpadmin -x luna
Removed “terra”.
jupiter# lpstat -p luna –l
How to Check the Status of Printers:
Log in to any system on the network.
Check the status of printers.
Only the most commonly used options are shown here. For other options, see thelpstat(1)
man page.
$ lpstat [-d] [-p] printer-name [-D] [-l] [-t]
-d Shows the system's default printer.
-p printer-name Shows if a printer is active or idle, when the printer was enabled or disabled,
and whether the printer is accepting print requests.
You can specify multiple printer names with this command. Use a space or a comma to
separate printer names. If you use spaces, enclose the list of printer names in quotation marks.
If you don't specify printer-name, the status of all printers is displayed.
-D Shows the description of the specified printer-name.
-l Shows the characteristics of the specified printer-name.
-t Shows status information about the LP print service, including the status of all printers,
such as whether they are active and whether they are accepting print requests.
Checking the Status of Printers
The following example shows how to display the system's default printer.
$ lpstat -d
system default destination: luna
The following example shows how to display the status of the printer luna.
$ lpstat -p luna
printer luna is idle. enabled since Jul 12 11:17 2001. available.
$ lpstat -p "asteroid luna" –D
printer asteroid faulted. enabled since Jan 5 11:35 2004. available.
unable to print: paper misfeed jam
Description: Printer by break room
printer luna is idle. enabled since Jan 5 11:36 2004. available.
Description: Printer by server room.
The following example shows how to display the characteristics of the printer luna.
$ lpstat -p luna –l
printer luna is idle. enabled since Thu Jul 12 15:02:32 PM PDT
Form mounted:
Content types: postscript
Printer types: PS
Description:
Connection: direct
Interface: /usr/lib/lp/model/standard
PPD: none
After fault: continue
Users allowed:
(all)
Forms allowed:
(none)
Banner not required
Character sets:
(none)
Default pitch:
Default page size: 80 wide 66 long
Default port settings:
Stopping and Restarting the Print Scheduler
The print scheduler, lpsched, handles print requests on print servers.However, the
print scheduler might sometimes stop running on a system, so print requests stop being
accepted or printed. The lpadmin command automatically enables the lpsched service when
local printers are added to the system and disables it when the last local printer is removed.
How to Stop the Print Scheduler:
Log in as superuser, lp, or assume an equivalent role on the print server.
Determine if the print scheduler is running.
# svcs application/print/server
You can also use the lpstat -r command to determine if the print scheduler is running.
If the print scheduler is not running, the message scheduler is not running is displayed.
If the print scheduler is running, stop it.
# svcadm disable application/print/server
You can also use the lpshut command to stop the print scheduler.
How to Restart the Print Scheduler:
Log in as superuser, lp, or assume an equivalent role on the print server.
Determine if the print scheduler is running.
# svcs application/print/server
You can also use the lpstat -r command to determine if the print scheduler is running.
If the print scheduler is not running, the message scheduler is not running is displayed.
If the print scheduler is not running, start it.
# svcadm enable application/print/server
You can also use the /usr/lib/lpsched command to start the print scheduler. For more
information about the difference between starting the print scheduler by using the
/usr/lib/lpsched command or by using the svcadm enable application/print server command,
see “Starting the Print Scheduler With Options” on page 117.
Starting the Print Scheduler With Options:
There are two ways to pass options to the print scheduler by using SMF:
By modifying option values only for the duration of a call.
Use the /usr/lib/lpsched command with the appropriate options when you only want to
pass options to the print scheduler for the duration of a call.
By maintaining option values over a system reboot, or if the print scheduler is
restarted.
The SMF manifest for the print server contains properties that are utilized by the print
server start-up script. These property values are passed on to the print scheduler and represent
the options, which are set by using the svccfg command.
The properties are as follows:
lpsched/num_filters
lpsched/num_notifiers
lpsched/fd_limit
lpsched/reserved_fds
Any options that are not set with the svccfg command will use the default values that
are in the print scheduler
How to Set Printer Option Values That Remain Over a System Reboot:
Become superuser, lp,
# svccfg
svc:> select svc:/application/print/server
svc:/application/print/server> setprop property = value
svc:/application/print/server> quit
For each option that you want to set, repeat the setprop property = value command on
a separate line.
Verify that the option has been correctly set by displaying the current values of the print
server properties.
# svcprop svc:/application/print/server
Restart the print scheduler.
If the print scheduler is not running, use the following commands:
# svcadm refresh svc:/application/print/server
# svcadm enable svc:/application/print/server
If the print scheduler is running, use the following commands:
# svcadm refresh svc:/application/print/server
# svcadm restart svc:/application/print/server
To determine if the print scheduler is running, run the svcs application/print/server command.
Setting Printer Option Values That Remain Over a System Reboot
This example shows how to set the number of filters to 1. This option will remain set over a
system reboot, or if you restart the print scheduler.
# svccfg
svc:> select svc:/application/print/server
svc:/application/print/server> setprop lpsched/num_filters = count: 1
svc:/application/print/server> quit
This example shows how to set all options.
# svccfg
svc:> select svc:/application/print/server
svc:/application/print/server> setprop lpsched/num_filters = count: 1
svc:/application/print/server> setprop lpsched/num_notifiers = count: 1
svc:/application/print/server> setprop lpsched/fd_limit = count: 4096
svc:/application/print/server> setprop lpsched/reserved_fds = count: 2
svc:/application/print/server> quit
The following is a sample script that sets all options.
#!/bin/ksh
svccfg <<-EOF
select svc:/application/print/server
setprop lpsched/num_filters = count: 1
setprop lpsched/num_notifiers = count: 1
setprop lpsched/fd_limit = count: 4096
setprop lpsched/reserved_fds = count: 2
EOF
How to Add a Printer Description byUsing LP Print Commands:
Log in as superuser, lp, or assume an equivalent role on the print server.
Add a printer description.
# lpadmin -p printer-name -D "comment"
-p printer-name Specifies the name of the printer for which you are adding a description.
-D "comment" Specifies the characteristics of the printer, such as the location or
administrative contact. Enclose characters that the shell might interpret, such as *, ?, \, !, ^, in
single quotation marks.
Verify that the Description information is correct.
# lpstat -p printer-name -l
Adding a Printer Description
The following example shows how to add a printer description for the printer luna.
# lpadmin -p luna -D "Nathans office"
Setting Up a Default Printer Destination byUsing LP:
Print Commands:
You can specify a default printer destination for a user so that the user does not need
to type the printer name when using the print commands. Before you can designate a printer
as the default, the printer must be known to the print service on the system.
Set a user's default printer destination by setting any of the following:
LPDEST environment variable
PRINTER environment variable
The _default variable in the user's .PRINTERS file
The system's default printer by using the lpadmin -d command or Solaris
PrintManager
When an application provides a printer destination, that destination is used by the
print service, regardless of whether you have set a system's default printer destination. If an
application doesn't provide a printer destination or if you don't provide a printer name when
using a print command, the print command searches for the default printer in a specific order.
The following table shows the search order for a system's default printer destination.
How to Set a System's Default Printer Destination by Using LP Print Commands:
Log in as superuser, lp, or assume an equivalent role on the systemwhere youwant to set a
default printer.
Set the system's default printer.
# lpadmin -d [printer-name]
-d printer-name specifies the name of the printer you are assigning as the system's default
printer. If you don't specify printer-name, the system is set up with no default printer.
Check the system's default printer.
# lpstat –d
Setting a System's Default Printer Destination
The following example shows how to set the printer luna as the system's default
printer. The printer luna is used as the system's default printer if the LPDEST or the
PRINTER environment variables are not set.
# lpadmin -d luna
# lpstat -d
system default destination: luna
How to Limit User Access to a Printer by Using LP Print Commands:
Log in as superuser, lp, or assume an equivalent role on the print server.
Allowor deny users access to a printer.
# lpadmin -p printer-name -u allow:user-list [deny:user-list]
-p printer-name Specifies the name of the printer to which the allow or deny access list
applies.
-u allow:user-list Specifies the user names to be added to the allow access list. You can
specify multiple user names with this command. Use a space or a comma to separate names.
If you use spaces, enclose the list of names in quotation marks.
-u deny:user-list Specifies user names to be added to the deny user access list. You can
specify multiple user names with this command. Use a space or a comma to separate names.
If you use spaces, enclose the list of names in quotation marks.
The specified users are added to the allow or deny list for the printer in one of the following
files on the print server:
Note – If you specify none as the value for user-list in the allow list, the following files are
not created on the print server:
Verify that information is correct under the Users allowed or the Users denied heading in the
following command output:
# lpstat -p printer-name –l
Limiting User Access to a Printer
The following example shows how to allow only the users nathan and george access to the
printer luna.
# lpadmin -p luna -u allow:nathan,george
The following example shows how to deny the users nathan and george access to the printer
asteroid.
# lpadmin -p asteroid -u deny:"nathan george"
How to Check the Status of Print Requests:
Log in on any system on the network.
Check the status of printers and print requests.
Only the most commonly used options are shown here.
$ lpstat -o [list] | -u [user-list]
-o list Shows the status of print requests on a specific printer. list can be one or more printer
names, printer class names, or print request IDs.
To specify multiple printer names, class names, and IDs for list, use a space or a comma to
separate values. If you use spaces, enclose the list of values in quotation marks.
If you don't specify list, the status of print requests sent to all printers is displayed.
-u user-list Shows the status of print requests for a specific user. user-list can be one or more
user names.
To specify multiple users with this command, use a space or a comma to separate user
names. If you use spaces, enclose the list of names in quotation marks.
If you don't specify user-list, the status of print requests for all users is displayed.
When used to check the status of print requests, the lpstat command displays one line for
each print request.
From left to right, the line shows the following information:
Request ID
User
Output size in bytes
Date and time of the request,
Information about the request, such as “being filtered.”
Checking the Status of Print Requests
The following example shows that user fred has one print request queued on the printer luna.
$ lpstat
luna-1 fred 1261 Jul 12 17:34
The following example shows that the user paul currently has no print requests in queue.
$ lpstat -u paul
The following example shows that two print requests are queued on the printer moon.
$ lpstat -o moon
moon-78 root 1024 Jul 14 09:07
moon-79 root 1024 Jul 14 09:08
How to Enable or Disable a Printer:
Log in as superuser, lp, or assume an equivalent role on the print server.
Stop printing print requests.
# disable [-c | -W] [-r "reason"] printer-name
disable Cancels the current job, then disables the printer. The current job is saved to reprint
when the printer is enabled.
-c Cancels the current job, then disables the printer. The current job is not
printed later.
-W Waits until the current job is finished before disabling the printer.
-r "reason" Provides users with a reason why the printer is disabled. The reason is stored and
displayed whenever a user checks on the status of the printer by using the lpstat -p command.
printer-name Specifies the name of the printer that will stop printing print requests.
Note – You cannot enable or disable classes of printers. Only individual printers can be
enabled or disabled.
Start printing print requests.
# enable printer-name
Verify that the printer is enabled.
# lpstat -p printer-name
Enabling or Disabling a Printer
The following example shows how to stop the current job on the printer luna, save the job to
print later, and provide a reason why the printer has stopped printing print requests.
# disable -r "changing the form" luna
The following example shows how to start printing print requests on the printer luna.
# enable luna
printer "luna" enabled
How to Accept or Reject Print Requests for a Printer:
Log in as superuser, lp, or assume an equivalent role on the print server.
Stop accepting print requests for the printer.
# reject [-r "reason"] printer-name
-r "reason" Provides users with a reason why the printer is rejecting print requests. The reason
is stored and displayed whenever a user checks on the status of the printer by using the lpstat
-p command.
Start accepting print requests for the printer.
# accept printer-name
Check that the status of the printer to see whether it is accepting or rejecting print requests.
$ lpstat -p printer-name
Accepting or Rejecting Print Requests for a Printer
The following example shows how to stop the printer luna from accepting print requests.
# reject -r "luna is down for repairs" luna
destination "luna" will no longer accept requests
The following example shows how to set the printer luna to accept print requests.
# accept luna
destination "luna" now accepting requests
How to Cancel a Print Request:
If you are going to cancel the print requests of other users, then become superuser, lp,
or assume an equivalent role.
Determine the request IDs of the print requests to cancel.
# lpstat
# cancel request-id | printer-name
request-id Specifies the request ID of a print request to be canceled. You can specify multiple
request IDs with this command. Use a space or a comma to separate request IDs. If you use
spaces, enclose the list of request IDs in quotation marks.
printer-name Specifies the printer for which you want to cancel the currently printing print
request.
You can specify multiple printer names with this command. Use a space or a comma to
separate printer names. If you use spaces, enclose the list of printer names in quotation marks.
Verify that the print requests are canceled.
$ lpstat -o printer-name
The following example shows how to cancel the luna-3 and luna-4 print requests.
$ cancel luna-3 luna-4
request "luna-3" cancelled
request "luna-4" cancelled
The following example shows how to cancel the print request that is currently printing on the
printer luna.
# cancel luna
request "luna-9" cancelled
How to Cancel a Print Request Froma Specific User:
(Optional) Become superuser, lp, or assume an equivalent role if you are going to cancel the
print requests of other users.
Cancel a print request froma specific user.
$ cancel -u user-list [printer-name]
-u user-list Cancels the print request for a specified user.
user-list can be one or more user names. Use a space or a comma to separate user names. If
you use spaces, enclose the list of names in quotation marks
printer-name Specifies the printer for which you want to cancel the print requests for a
specified user.
printer-name can be one or more printer names. Use a space or a comma to separate printer
names. If you use spaces, enclose the list of printer names in quotation marks.
If you don't specify the printer-name, the print requests for the specified user is canceled on
all printers.
Canceling a Print Request From a Specific User
The following example shows how to cancel all the print requests submitted by the user
George on the printer luna.
# cancel -u george luna
request "luna-23" cancelled
The following example shows how to cancel all the print requests submitted by the user
George on all printers.
# cancel -u george
request "asteroid-3" cancelled
request "luna-8" cancelled
HowtoMove Print Requests to Another Printer:
To move all print requests from one printer to another printer, you do not need to
know the request IDs.However, first determine how many print requests are affected before
you move them.
Log in as superuser, lp, or assume an equivalent role on the print server.
(Optional) Determine if the request IDs of the print requests on the original printer.
# lpstat -o printer-name1
(Optional) Check to see if the destination printer is accepting print requests.
# lpstat -a printer-name2
-a printer-name2 reports whether print destinations are accepting requests.
Move all the print requests fromthe original printer to the destination printer.
# lpmove printer-name1 printer-name2
printer-name1 Specifies the name of the printer from which all print requests will be moved.
printer-name2 Specifies the name of the printer to which all print requests will be moved.
If some requests cannot be printed on the destination printer, the requests are left in
the original printer's queue. By using request IDs, you can also move specific print requests
to another printer by using the lpmove command.
Start accepting print requests on the original printer.
If you move all the print requests to another printer, the lpmove command
automatically stops accepting print requests for the printer. This step is necessary if you want
to begin accepting new print requests for the printer.
# accept printer-name1
Check for any remaining print requests in the original printer's queue.
# lpstat -o printer-name1
Ensure that all specified print requests were moved to the destination printer's queue.
# lpstat -o printer-name2
Moving Print Requests to Another Printer
The following example shows how to move print requests from the printer luna to the printer
terra. Then, the original printer, luna, is instructed to resume accepting print requests.
# lpmove luna terra
# accept luna
How to Change the Priority of a Print Request:
Log in as superuser, lp, or assume an equivalent role on the print server that is holding the
print request.
Determine the request IDs of the print requests whose priority youwant to change.
# lpstat
# lp -i request-id -H change-priority
-i request-id Specifies the request ID of a print request you want to change.
You can specify multiple request IDs with this command. Use a space or a comma to separate
request IDs. If you use spaces, enclose the list of request IDs in quotation marks.
-H change-priority Specifies one of the three ways to change the priority of a print request:
hold, resume, immediate.
The following example shows how to change a print request with the request ID asteroid-79,
to priority level 1.
# lp -i asteroid-79 -q 1