of 135

    A Step by Step Guide to Installing Solaris 10 by Dennis Clarke

    This is a very simple step by step set of instructions that will take you from boot through to runninga browser. Everything you need to get started is here complete with easy to follow picture based

    instructions. So please just dive in and if you feel something needs to be explained then just send

    feedback to [email protected].

    Section 1 : Hardware Selection

    If This Is All New to You Looking at the Hardware

    o You Will Need a Computer

    o Lets take a look Inside

    o A Brief Look at BIOS and CMOS

    o Verify You Can Boot

    Is that Real or VMware?

    Section 2 : Boot the Installation CDROM or DVD

    See GRUB Run. Run GRUB Run Just Select Solaris Interactive kdmconfig - setup graphics

    Eventually You Get Graphics

    Section 3 : Basic Configuration Data

    Select Networked Just Say No to DHCP

    Enter the hostname

    Enter the Network Config Select TimeZone

    Set Date & Time

    Enter the root password Open or Closed Security Profile?

    Review and Continue

    Section 4 : Finally You Are Welcome to Install

    At This Point You are Welcome? Eject : Yes & Reboot : Yes

    Select the installation media Select Custom Install Select Locale(s)

    Select Give Me Everything

    Select the Boot Disk

    o Partition the Boot Disk

    o Slice the Boot Disko Review the Boot Disk

    Review Filesystem Allocation

    Section 5 : After First Reboot

    CDROM 1 of 5

    CDROM 1 done! Reboot! NFS version 4 Domain Name Question

    X-Windows starts

    Feed More CDROMs

    Section 6 : Reboot again ...

    Please click Reboot See GRUB Boot. Boot GRUB boot!

    sendmail error message. Ignore it.

    Do NOT login as root! Select Command Line Login

    Fix the backspace key Some Network Commands Read our first manual page

    Create a UNIX Group Create a UNIX user

    Section 7 : Login to the Desktop

    Login as a regular user

    Select JDS

    Start Mozilla Edit resolv.conf with vi

    Make a symbolic link

    Edit /etc/nsswitch.conf Browser should work now

    Get a support contract

    Click and Play!

    If This Is All New to You

    One of the clear obstacles to trying something new is that it happens to be new to you. I knowthat sounds overly simple but just think back to the first time you tried to ride a bicycle. If you areanything like me then you probably fell over and hurt your knee. Repeatedly. You're experiencewith walking was probably just as difficult and extended over months of your life. The great problemwith getting older is that we have a terribly small amount of patience for our own failure. In fact,most adults will try something exactly zero times before giving up in order to avoid failure entirely.Worse, we may dismiss this new thing entirely and simply say I can ride a bike and drive a car andplay the piano, I don't need this and who wants it anyways. This is something I see quite often andthe more educated among us are often worse than those that experiment and fail with an openmind. There is an ancient proverb that says it does not matter how many times you fall down but it

    does matter that you stand up. Its a bit weak, I know, but hopefully you can see my point.

    If someone were to drop the CDROM set for Solaris 10 Update 3 on your desk and say installthis, figure it out and good luck then you may be wandering into deep murky waters. Mostespecially if you have spent a long chunk of your life with Microsoft Windows or an Apple Macintosh.This document will get you started to a point where you can at least login and push a mouse around.If you have some network route to the internet then your browser will work. This is a major leapfrom nothing but CDROMs in your hand to a working full blown UNIX system. Be fearless and justfollow the steps I lay out and all will work fine. At least I will certainly try to get you there.

    It is my hope that I can help you with this little task before you. If I were to walk along with you

    through this process then you can rest assured that you are not alone. I have installed Solaris moretimes than I can possibly remember. I started long ago with Solaris 2.5.1 Intel Edition on a dualPentium P90 AST Premmia GX machine that is still running today. That installation process took allnight long back in 1996. The installation process for Solaris 10 will go much faster. So then let'sbegin and just go nice and slow, step by step.

    You Will Need a Computer

    You should probably have a look at theHardware Compatibility Listin order to be certain that yourhardware will support Solaris 10. I could have used a tier 1 top of the line fancy machine but insteadI grabbed any old thing that I had hanging around. Generally the tier 1 top of the line server is the

    right policy however I really wanted you, my kind reader, to know that I don't expect you to go outand spend a pile of money for this. What I hope is that you can grab the nearest machine and justgo forward with that. There are no promises but just about anything reasonable will work fine.

    AMD Athlon based HP machine

    If you have some real top of the line hardware to work with then please be patient with me.

    Everything that I am going to do here will work for you also but I will be no where near as fast.

    Lets take a look

    Closer inspection reveals that this machine has two hard disks in it. It has some very old 2.4GB IDE

    Primary disk as well as a secondary that looks to be an 80GB Maxtor disk. You should check your

    machine to verify that you have at least one hard disk in it. To install Solaris 10 with enough space

    left over to do anything fun or useful ( often the same thing ) then you should have at least a 12GB

    disk of some sort. My primary disk is very old and slow not to mention very small. In fact, it is

    useless and I will remove it. You will most likely have only one disk and if it is anything larger than

    12GB then you should be fine.

    Here you can see my two disks :

    Two Hard Disks, Floppy and CDROM

    A Brief Look at BIOS and CMOS

    Igenerally need to verify that the disks and CDROM are seen by the BIOS at power up for no otherreason than to confirm functionality. With this machine we simply hook up some standard PC style

    keyboard and any old two button mouse. It is even better to have a three button mouse and I havea Labtec mouse here which cost nine dollars I think. For a monitor I had an old NEC MultiSync XV17

    unit that will probably never die. When I turn on the power this is what I see :

    System BIOS Report

    Pressing the F1 key results in the system CMOS Setup Utility being run for me. This machine will nothave much for me to configure from the perspective of hardware. Really, a discussion about CMOSconfiguration of PC hardware is beyond the scope of this document. That is a nice way of saying that

    I cannot begin to cover off the myrid possibilities that you will run into with your system. I want toshow you what I have here regardless.

    CMOS Setup Utility - Main Page

    It is good policy to at least set the time and date correctly here. I also strongly suggest that youverify that your hard disk is listed as a Primary Master. My machine here has two hard disks andthus you can see that the Maxtor disk is listed as a Primary Slave. Again, I think that talking

    about the nuances of IDE controllers and the setup of master and slave disks is a little beyond thescope here but you should at least know that the old Western Digital 2.5GB disk is useless and being

    removed. If I set the maxtor to be the master disk on the IDE bus then we should be fine.

    Have a close look at that CMOS Setup Utility picture above. See that device listed as a SecondarySlave? That is my CDROM drive and it is really critical to this process. This entire installation will bebased on the five Solaris 10 Update 3 CDROMs and not a DVD or network based installation. If youhave a DVD drive then life will be really easy. This installation document is for the lowest commondenominator user however and most people have at least a CDROM. Network based installs andthings like PXE boot are just too involved at this stage of the game for most people. Those topics willbe covered off in another document. For now you merely need to ensure that your system can detectyour hard disk and that you have a CDROM and some other very basic features in your machine. Likememory for instance.

    This machine has 512MB of RAM and while you can probably run with less than that I stronglysuggest that you have at least 512MB of RAM. Solaris is a big freight train powerful operating systemand not to be underestimated in its abilities. So please ensure that you have the basic resources for

    it to work. Having said that please forgive me but 512MB is too low by my standards. I will pop inanother 256MB DIMM and then have 768MB memory total.

    CMOS Setup Utility - Advanced Page

    There are pitfalls to messing with the advanced CMOS configuration options. I was primarily

    interested in seeing that my onboard LAN Network card was enabled as well as some recognition

    paid to the installed AGP graphics adapter. I have the Plug and Play OS option left at the default

    and I also disabled the USB Legacy Mode support option. Primarily because I don't have any USB

    devices to connect legacy or otherwise so why bother to support some special feature for something

    that I don't have? Seems to be common sense. With that in mind I change nothing else and simply

    hit the F10 key to Save and exit from the CMOS Setup Utility.

    Verify You Can Boot

    A simple way to test that the machine can boot from either the floppy drive, CDROM drive orprimary hard disk is to simply turn it on and see what happens. There may already be a operatingsystem on this machine and in my case this is what I saw :

    Microsoft Windows 98 booting up

    So there I see that this machine has Microsoft Windows 98 already installed on the primary boot disk

    and then I hit the power switch to stop the boot process. I also insert a bootable floppy into the

    machine and then power up again. I won't bore you with the fact that indeed, yes, the machine can

    boot from the floppy and thus we know that it works. The last and final test, of critical importance to

    this process, is the CDROM.

    Power down the machine. Always wait about thirty seconds before powering up again. Then turn on

    the power and when we are presented with the BIOS Summary screen simply insert the Solaris 10

    Update 3 CDROM 1 of 5 into the CDROM drive.

    Is that real or VMware?

    It took a lot of work on my part to try to get decent screenshots for this document. No matter howhard I tried I just could not get a decent quality image with my hand held camera and a monitor. Inorder for this document to be readable, legible, and reasonable I wanted to ensure that I did thisinstall with realhardware. In order to get decent pictures I needed to use VMware. Let me show you

    what I mean.

    This is a typical picture that I can take with a handheld camera :

    X-Windows Monitor Test Pattern

    This is the exact same image when I use a VMware based virtual machine :

    X-Windows Monitor Test Pattern via VMware

    Do you see what is going on here? I can't stop the lies! Even that picture above is not the realpicture and if you click on the link there then you will see the real thingand this time I promise. Letme show you some other pictures okay?

    Here we can see what the Video Device Selection stage looks like :

    Video Device Selection

    This is the exact same task when I use VMware :

    Video Device Selection via VMware

    One further example of the situation :

    Window System Configuration

    Here we see that VMware allows me to take a perfect sharp screenshot :

    Window System Configuration via VMware

    Iwas faced with a slight ethical delimma; should I proceed with my realhardware or simply work

    within VMware ? I decided that the best thing to do for everyone involved was to do both. I want to

    provide you with the best quality images and information while also show that this really works on

    real hardware. So at any given point in this process you need to know that I took pictures of the

    actual monitor when I was forced to ( like the BIOS and CMOS info screens ) and used VMware when

    I wanted a crisp image. We need to remember that the objective here is to install Solaris 10 and not

    to create some report based on experimental data. We have some latitude with respect to illustration

    purposes I think.

    The last thing that I want to say here before we plow forwards is that I am typing this all out via a

    seven year old HP Kayak PC running Solaris 10 right now. It has 512MB of memory and two 9GB

    internal SCSI disks. I really do run just about any old hardware and Solaris 10 runs fine for me. I

    also have some very slick hardware too but we can get to that some other day. Let's proceed with

    actually booting the first CDROM from the Solaris 10 Update 3 media. Let's just get started and from

    here on in you will not hear much from me other than do this and do that and from time to time I

    may even tell you why. So grab that first CDROM and let's get the job done.

    : Action to Take : Select Solaris and hit enter.

    If your machine actually does find the bootable CDROM that you inserted then you had better seesomething like so :

    What you are looking at is something lovingly referred to as GRUB. Like everything in thecomputer world it is an acronym for something else; specifically the GRand Unified Bootloader. Whichsounds all very important and it really is something amazing in terms of what it does to boot an

    operating system but it will not change our perspective on quantum physics the way a grand unifiedtheory of everything would. Nope, it is just the bootloader in much the same way that a Swiss ArmyKnife is just a knife that everyone uses because its so damned perfect at what it does.

    Please feel free to read all about GRUB and the boot process at the following sites :

    GNU GRUB Homepage GRUB and the Solaris 10 1/06 OS: The New Bootloader for x86 Platforms GRUB 2

    Some people may wonder why the first thing you see from Solaris 10 is so ugly. Most people like to

    stuff in afancy background splash graphic imageso it looks cool. The cute image does nothing for

    functionality and if you know anything about Solaris then you know that it runs on really massive

    computers. No one has fancy graphics on big computers and often times you have none at all. So

    sticking a background splash image may sound like a nice idea but it really annoys those of us that

    have to setup 8-way multi-core AMD Opteron servers via nothing but a serial console. Far more

    ironic is that the first three letters on the screen are GNU and that is a recursive acronym for

    GNU's Not Unix even though we are booting Solaris which is UNIX. That's my version of funny,

    sort of.

    : Action to Take : Nothing, just sit there and watch.

    This is GRUB doing its thing loading in the Solaris 10 miniroot. All you need to know is that theminiroot is like a small boiled down version of Solaris and it will allow us to install everything else. Ifyou are familiar with Solaris then you will know why I personally want to change this little sequenceof dots to a spinner. That's an inside joke.

    : Action to Take : Enter the numerical digit 1 and hit enter or just sit and watch

    W A R N I N G :The WARNING about my BIOS microcode is due to my old hardware that I amusing here. It will not affect you. If you see the same warning message then you will most likelyneed to upgrade the BIOS ( firmware ) on your machine.

    Iwould love to explain what those options are all for but its just way beyond the scope of what we

    are trying to do. Suffice it to say that you can install a few different ways and you can even just bootto a single user prompt in the case of an emergency. Someday I will cover these all off and provide

    links for each separate path but for now ...

    : Action to Take : Nothing ... just keep moving forwards.

    : Action to Take : Just sit there sipping your coffee. Have you called your mother?

    : Action to Take : Use your arrow keys and select Change Video Device/Monitor

    N O T E: You need to use the F2 function key to continue forwards.

    That beautiful looking picture above is clearly from VMware and not a real machine. The realmachine hardware looks like this :

    What you are looking at is the report from a very old tool called kdmconfig. The kdm means

    keyboard - display - monitor. One of the clues that you somehow fell into some old software is that

    you don't use the enter key to continue forwards but now you need the F2 function key on your

    keyboard. This kdmconfig software has been around nearly forever in the Solaris x86 world and it

    does seem out of place in the year 2007. For the moment this is what you need to deal with. Just be

    happy that you are not stuck using aDEC VT220 terminalfrom 1977. I still own one and you can still

    use it just fine with Solaris if you choose to. That may explain why the GRUB screen is so simple.

    Provided that you picked a graphics adapter that is on theSolaris 10 Hardware Compatibility Listand

    is halfway decent then you should be okay here. If you are like me then you will set the machine to

    use the highest number of colors and highest resolution that you can handle on your monitor. For the

    purposes of this document I will most likely go with 1024x768 pixel because I want to show you lots

    of screen shots.

    : Action to Take : Select your graphics adapter hardware or change nothing.

    N O T E: You need to use the F2 function key to continue forwards.

    : Action to Take : Select a screen resolution that you know will work fine.

    : Action to Take : Select your monitor size. Press F2 to continue.

    : Action to Take : Select a colour depth. Lots of colors 16M if you can.

    This is where kdmconfig shows its age again. I can not recall the last time that I set a machine to be

    8-bits per pixel. If you have a graphics adapter from this millenium then you should be fine with

    16777216 ( 16M or 24-bit ) colors.

    : Action to Take : Just hit F2 to continue.

    : Action to Take : Read this screen then hit F2 and pray everything works.

    : Action to Take : If this is what you see then simply click on Yes.

    : Action to Take : Sit and watch .. more on the way.

    : Action to Take : Please wait ...

    : Action to Take : click the Next button.

    : Action to Take : select Networked and click Next.

    Iguess you could install Solaris onto a non-networked machine. I think that I have done it once.

    Maybe. I have no idea what the point would be since Solaris comes from Sun Microsystems Inc. and

    their motto has always been The Network is the Computer. Hopefully you have a network option

    that is fully supported.

    : Action to Take : Select No and click Next. This install is for a fixed ip machine.

    : Action to Take : Enter a nice simple name for this machine. One word. Keep it simple.

    W A R N I N G :Do not get fancy here. A hostname of -0 is both geeky and wrong.

    : Action to Take : Enter a unique ip address that your network admin gives you.

    : Action to Take : Enter the network mask that your network admin gives you.

    : Action to Take : Select No here. This is an IPv4 machine we are building.

    : Action to Take : Get the default network router ip address. Select "Specify One" here.

    : Action to Take : Enter the ip address of your network router.

    : Action to Take : Kerberos security is beyond the scope of our install. Select No.

    : Action to Take : We will config Name Services later. For now just select None.

    : Action to Take : Pick the region of the world you are in.

    : Action to Take : Select the timezone you are in.

    : Action to Take : Enter the correct time accurate to the nearest minute.

    : Action to Take : Enter a nice simple root password. Nothing fancy nor obvious.

    Ihave seen really bad things happen to people that get fancy here. Just stay away from the numerickeypad on your keyboard and stick with basic characters, uppercase and lowercase as well as digits.You can change this root password later after the whole operating system is installed. There isnothing worse than going through a full install and then once you boot you are locked out becauseyou accidentally entered a control character or some other mistake here, twice. No joke, it happens.

    : Action to Take : Do you want this machine locked down secure? Do you?

  • 8/11/2019 A Step by Step Guide to Installing Solaris 10.pdf


    : Action to Take : Review your selections and then proceed.

    : Action to Take : Something is happening. Just wait some more.

    : Action to Take : Welcome ? At this point you get a welcome ? Confused ? Don't be.

    From the first moment that you booted the CDROM you should get the feeling that you are movingalong an assembly line. It just happens to be a really big corporate assembly line and some of thestages have been around a long time, like kdmconfig. Some have been recently added and some arejust outright borrowed from somewhere else like the GRUB boot loader. If you want to listen to asingular beautiful masterpiece of music then you need one composer, one artist, one maestro.Simply listen to Beethoven, Mozart or Bach's Brandenburg Concertos and you will firmly feel that onemind orchestrated these masterpieces. The Solaris installation process was designed by departmentsof people and it looks like they were not all talking to one another. I have no other way to explainwhy I am getting the big Welcome at this point.

    : Action to Take : Accept the defaults here.

    : Action to Take : Just click OK

    : Action to Take : We will install from CDROM today.

    : Action to Take : More activity and we can do nothing but wait.

    : Action to Take : Select the Custom Install option here

    : Action to Take : Select the area(s) of the world that you need to support.

    This may look like you are being asked for the area of the world that you are in again. It is not. This

    is about language support and not timezones. So here you can pick multiple languages that you may

    need to support.

    : Action to Take : Select the language options that you want installed.

    : Action to Take : Default language when the system boots? POSIX C is a good choice here.

    : Action to Take : Select nothing here. If we need something later we can install it later.

    : Action to Take : I have no idea what this does. Select nothing and lets move forwards.

    : Action to Take : Ignore the term Cluster here. Let'sjust watch and wait.

    : Action to Take : Select the top level Entire Group Plus OEM. It means Give Me Everything.

    : Action to Take : make sure you pick default and not custom.

    : Action to Take : Select your primary boot disk and then click next.

    : Action to Take : This is getting ready to partition the disk. Just select the boot disk.

    : Action to Take : Allocate all disk space capacity to a single Solaris partition. Click Next.

    : Action to Take : Highlight your disk and click Modify.

    Do not be confused by this strange screen. With a graphical environment we could get something

    much better but this is what we have to deal with. We are about to set the sizes of our critical

    filesystems. Not just critical but all of them in fact and that means swap space also. What you see

    here are some default suggested values from the Solaris installer. We are going to change them in

    the next few steps.

    : Action to Take : Allocate disk space carefully.

    We need to give plenty of space to the root filesystem as well as a few other places. If you have a

    specific purpose for this machine then you may want to create mountpoints for things like Oracle

    databases or DB2 or Lotus Domino. That sort of thing is beyond the scope of what we are trying to

    do here, sorry. I just want to get you up and running. So I will explain my thinking in the next few


    : Action to Take : Allocate disk space for filesystems.

    This will take some explanation and it's never easy for a beginner. I will do my best to make this



    Set everything other than the / ( root ) filesystem to 0 and clear the little name tag fields where itsays /export/home and swap. Do not touch the root file system name which is just a forward


    Now give the root filesystem plenty of room. Like well over the suggested dosage there. I thinkthat 6 GB is a good number but if you are swimming in disk space then make it 10 GB. You just

    need to know that the /var filesystem is contained in there also and a lot of software patches andlogging happens there. Do not get left with a root filesystem that fills up! Think bigger is betterhere.


    Do not bother trying to figure out what a slice is and just take my word for it that it is a diskregion bounded by physical cylinders on the disk. Now go to the slice 1 area and type in swapthere just like the picture below.


    Fill in a nice healthy size for swap of about twice your memory. Do not exceed 4GB of swap asthat serves little purpose. There are more arguments over this than can be imagined and I hope

    that your machine has enough memory ( 512MB or more ) and that you can allocate twice asmuch for swap. If you have more than 2GB of memory then allocate 4GB of swap. If you havemore than 2GB of memory then allocate 4GB of swap. Its not a perfect world and I'd love to

    discuss it on some other day.5.

    Go to slice 5 and fill in the name /opt there. Give it 2GB of disk if you can. This is where a lot ofoptional software gets installed. At the very least there are 1600+ titles of software packages at

    Blastwave.org and they all go in there. Make plenty of room.6.

    If this machine will have development software for programmers ( like me ) then you need tocreate a place for Sun Studio 11 tools as well as other revisions like Sun ONE Studio 10. I

    recommended a separate filesystem entirely but you don't have to do this. Either create a newfilesystem in slice 6 called /opt/studio or add more disk space to /opt. This one is up to you!


    Create a place for users. Their home directories will go into someplace and /export/home is a

    good location. Take a look at the picture below and allocate space accordingly.8.

    Lastly, and this will be a leap of faith for you, set aside a small 32MB area in slice 4. If you decidethat you want to make your filesystems mirrored and thus somewhat redundant someday, then

    you will need an area for something called metadevice databases. Does that sound mysteriousor what? Just allocate the space there and someday you may thank me for it.

    Afew things that you need to know before you plow forwards here. Firstly, if you are an advanceduser, you can allocate a massive slice at slice 3 that is large enough to hold ALL of your root slice. Soif you created a 6GB root slice ( that is slice 0 in the picture ) then you mayallocate at least 6GB inslice 3 also. Don't bother to name it anything special because we are not going to use it as an active

    mounted file system. Just create it for something super special called live update. If you have thedisk space to spare then I highly recommend that you set aside a place for live update which canallow you to upgrade the whole operating system in the future and it will happen live while you areup and running. That, my friend, is cool enough to prepare for.

    : Action to Take : Review the filesystem choices.

    : Action to Take : Ready to Install ! Just click Install Now

    : Action to Take : Now you can start throwing sharp pencils at the ceiling.

    From here you don't do much except feed CDROMs to the computer. You can literally get up and

    walk away for a while also but once all of CDROM 1 is complete the machine will reboot. You don't

    have to do anything but watch. So I suggest that you watch the process, touch nothing, and wait for

    the machine to reboot and be sure to eject the CDROM when that reboot happens. If you forget and

    leave that CDROM in the machine then your reboot will happen but the machine will just boot the

    CDROM again. So be carefull and then watch for the boot to happen.

    : Action to Take : Let the machine boot on its own.

    Well done! You clearly ejected the CDROM and the machine has booted to the new fancy lookingGRUB bootloader. Now just sit there and let it boot.

    : Action to Take : This BIOS Error may not happen for you !

    This may happen on old hardware like mine. I hope that you do not get this but if you do, then don'tpanic. You simply need to update the BIOS on your motherboard.

    : Action to Take :joining multicasts failed ! You may get this message.

    You may get this error message if you are somewhat security paranoid, like me, and you performthe whole install with no ethernet cable plugged in. You can ignore this message. You should notethat the Service Manifest Facility ( smf ) is beginning to load up the new services on your computer.Just sit back and watch .. this could take some time.

    : Action to Take : Watch the Service Manifest Facility finish. That can take time.

    : Action to Take : Watch the Secure Shell Daemon get its new crypto keys generated.

    : Action to Take : NFS version 4 Domain Name Question. Just say no.

    : Action to Take : Get the CDROM 2 of 5 because the machine will ask for it shortly.

    Iactually took screenshots of the next hour of feeding CDROMs to the machine. It takes a long timeand it is very boring. There is not much to say here other than it will take a long time and I will skippast about twenty pictures of prompts for CDROMs all the way to the last CDROM.

    : Action to Take : This is CDROM 5 of 5 being read. The last CDROM !

    : Action to Take : Another Summary or Status screen. Just hit continue.

    : Action to Take : This may be confusing ... just watch this.

    : Action to Take : Always hit Continue and/or hit Next.

    : Action to Take : Please click Reboot

    : Action to Take : Another GRUB Screen and boot process again. Just watch.

    : Action to Take : The system will now probe for all devices. Just watch.

    : Action to Take : Then we have more Service Manifest Facility things happening.

    : Action to Take : Eventually you will get a sendmail error message. Ignore it. Wait ...

    : Action to Take : Eventually the server will begin to load a graphical frontend. Just wait.

    : Action to Take : Select Command Line Login from Options

    : Action to Take : When you see this hit ENTER ! If you don't, then it will just timeout.

    : Action to Take : Now login as root with the password that you set during install

    : Action to Take : This is what happens when I get the password wrong. :-)

    : Action to Take : Now fix the backspace key. Its annoying and easy to remedy.

    : Action to Take : type in stty erase and then hit backspace and enter

    : Action to Take : Check that your backspace key works.

    Take the interface down or off-line thus :

    ifconfig pcn0 down


    Set a new address and the same netmask thus :

    ifconfig pcn0 netmask


    Bring the interface back on-line :

    ifconfig pcn0 up

    Here is how you flush the network routing table and then apply the exact same default route again. Iwant to point out that this is completely unrequired but educational :


    Flush out the network route table :

    route -f


    Add a new ( same old thing actually ) default network route :

    route add default

    When I tried my little ping test again and saw no response there was a little bird in the window thatsaid, with the clearest New York Jewish Mother accent, check tha network cable ya schmuck!

    : Action to Take : continued from the previous page where I decide to insert the network cable.

    : Action to Take : these are simple commands that show some system config

    : Action to Take : Let's read our first manpage. That's the online manual.

    n.b.:Never ever just ask for help. O, that way madness lies;

    : Action to Take : groupadd is the command that allows us to create a new user group

    : Action to Take : Solaris allows us to create a little over 2 billion groups.

    : Action to Take : I create a group called users with a group id number of 16000

    : Action to Take : Let's now figure out how to create our first user

    : Action to Take : This will require some explanation. Please read below.

    Creating your first user account is an important step. You can not live your life playing as the rootuser and no one should. Do not take the power of root lightly as a simple and honest mistake can

    ruin your system. Create user accounts instead and never give them the root account passwordunless you have really good reasons too. No ordinary user will ever have valid reasons so don't give

    out the root password. Am I being clear here? Let me explain what that nice long command up theremeans.

    You issue the command useraddwith the following options :

    -c User Person

    This should be a real name here. With first name and last namejust like how you expect normal people to have. Not Prince withsome silly symbol.

    -d /export/home/loginname

    The defacto standard way to do things is to take the first letterof the persons first name and then seven letters of their last name

    and make a login name. Arguments break out all the time over thisand people just seem to want user login names that are 32 characterslong as well as mixed with spaces and special characters. If I mayquote the Bard here O, that way madness lies; let me shun that;No more of that. Keep it simple!

    -e ""

    The user account expiry date after which thou shalt not login at all.This is where I do things my way and you may choose to be differentif you wish. I give the useraddcommand a parameter here that iscommonly called the null string. That means the account will neverexpire. If you look on your system ( with the ls command ) then you should seea file called /etc/datemsk. That file has a whole stack of fairly unreadabledate format specifications which dictate how your system may interpret a dateprovided in some parameter to some command somewhere. Take note of the factthat the filename could have just been /etc/datetypes or /etc/datemask but no,this is UNIX, and things are often obfuscated or spelled wrong just 'cause.I don't know why and I often wax on for hours about this but don't get mestarted now. Suffice it to say that you can look in that file of date and timestring formats and see gobblydy gook like %m/%d/%y %H:%M:%S. So feelfree to come back and create accounts that expire in 30 secs from now ifyou choose just to play with this feature. Playing is learning and I think

    that you should give it a whirl. Try a date like "04/08/2007 15:55:54"which is right now for me but the past for you. Experiment. Have fun.

    -f 0

    This is another parameter that controls access to the account. This is thenumber of days that this account may be idle, unused, not accessed beforethe system declares the account invalid. Stick with positive integers andkeep it simple. There is nothing wrong with a zero here because that justmeans the account will neverbe written off simply because no one everlogs in anymore. For those of you that are pedantic I want to point out

    that this does not mean the same thing as idle time in which the user mayactually be logged in and doing nothing. That is not what this means.

    -g user

    Remember when we created a thing called a group?Well this is one ofthose places where we use it. This user is a member of the group user.Not very fascinating but it does allow you to assign users to various groupsand then you can grant access to resources based on groups and not justindividual users. This account may be a member of multiple groups also.You may also use the group id number here in place of the character name. Sothat means we could have typed g 16000here to get the same result.Without getting really verbose here I want to point out that this group isconsidered to be the primary groupfor this account. You may have manyother groups down the road but this is the primary one. Remember that.


    This seems to be a really silly thing to specify. It means that you wantto actually make the home directory if it does not already exist. Theremay be some reason why you want to dump a pile of users that are allmembers of the same primary group into one place. If that directory fora given group already exists and the security is setup correctly forthat primary group then hey, why specify the silly -m here? I don't needto make anything in that case. This makes little sense often times andI am probably missing something after using UNIX since the mid-80's. Ido know that if you do not specify the -m here then you can not be assuredthat the users directory will be created. Go figure. Just specify the -mand then move along.

    -u 32000

    This is critical. This is what is called the users id number and you need

    to be sure that you do not create an account for a user all over the placeon various servers with varying user id numbers. Stay consistent and ifyou know that the user has an account elsewhere then please try to use thesame user id number. In the case of a new server and a new user then justgo incrementally upwards from the highest numbered user. You can achievethis result by simply dropping this parameter entirelyand then the systemwill automagically create the next user id number for you. Word of warninghere :

    Never use user id numbers lower than 100.

    Unless you are a guru and master of the realm then do not mess with lowuid numbers.

    -s /bin/bash

    This is called the users shell and it determines how the user will dealwith entering commands, issue jobs and control jobs, deal with prompts

    and generally it's about as personal and critical as breathing air.There are a number of different shells and some have been around sincewhat seems like the dawn of time for UNIX. Like the C Shell which isselected as /bin/csh or /usr/bin/csh. I prefer the simple Bourne Shellwhich is /sbin/sh or possibly /bin/sh or even /usr/bin/sh. Seem confused?Good. That seems to be the point often times. Suffice it to say thatthe shell is important to the user and they can do nothing without it.Every user has their own preference and often times a pile of softwarewritten with that shell. These are called shell scripts and users likethem to actually work as expected. Think of the users shell preferenceas their chosen country and language of origin. This is how they workand what they are accustomed to. Never draw the wrath of the users onyourself by swithing their shells around on them. Give them what theywant. Please take a look in the file /etc/shells to see a list of allthe supported options. There are a pile of them most likely.

    I chose the Bash shell for this user only because its popular these daysand for no other reason. It is a good place to start if you are wanderingin from the Linux world.


    This last parameter is not really a parameter at all. Good luck doing

    anything without it however. This is the actual login name that theuser will use. It is a nice simple string and you should stick with thedefacto standard that I mentioned above : eight characters with afirst initial and then seven letters from the last name. Whatever makesthe most sense. Keep it simple.

    The last thing to do is set the password for this user. Again you should keep it simple. Just like Iadvised for the root user you need to stick with basic letters and numbers. A mixture of uppercaseand lowercase is a good idea and please do not use trivial easy to hack junk like password. Once

    we start using a secure shell with dual key public encryption as well as authentication via keyexchange then our concerns are essentially eliminated unless you wear a tin foil hat and peer outyour window for those black helicopters. Oh, and yes, both the NSA and the FBI are runningcarnivore to track all your traffic and they can decrypt in real time. There, now I'll bet you feel realsecure :-)

    : Action to Take :just type exit and let's move on with a graphical world :-)

    : Action to Take :just watch ...

    : Action to Take : look at the beauty. better yet .. login. So type the user account name

    : Action to Take : now enter the password

    : Action to Take : Select Java Desktop System Release 3 please !

    : Action to Take : sit and watch the GNOME or JDS team names go by .. for a while

    : Action to Take : click the right mouse button on the clock applet, select 24 HR display

    : Action to Take : start the built in Mozilla Browser

    : Action to Take : watch the browser fail to load www.sun.com .. let's fix that next

    : Action to Take : right mouse click on any empty desktop area and start a GNOME terminal

    : Action to Take : sorry but we need to use vi as the root user to fix this. Read below

    An Apology for vi :

    Idon't have a soft and gentle way to introduce you to vi. It is not user friendly. It may actually bethe most user hostile editor in the world with the exception of front panel binary toggle switches,which I hope you have never had to experience. The vi editor, if you know it, you generally love it.In the UNIX world the vi editor is a rite of passage and you will needto know it with a reasonable

    degree of fluency in order to function. What I will do here is give you the absolute minimal that youneed to get the job done and then hope that you survive. If you come from the Microsoft Windowsworld then I suggest you brace yourself for a terrible shock to the senses. There is no other way to

    put it. I'm sorry.

    vi gets the job done - every time

    Regardless of the fancy looking graphical user environment you need to know that you are in UNIXland now and you will do things in a UNIX way. That means you will edit files with the vi editor andyou will discover that it gets the job done every time without fail. When you really need to edit a fileand you have nothing but an old DEC VT220 terminal ( the best ever! ) hooked to the serial consoleof a server then vi will work. If you have to telnet or ssh into a server half way around the world withnothing but a 9600 baud modem link then vi will work. So welcome to UNIX and let's get the job

    done. Let me walk you through the steps simply and then I will explain more below.

    The issue on the table right now is name resolution. Every server and web site on the internet has aspecific ( and hopefully unique ) network address. We call that the ip ( internet protocol ) address

    and you generally see it described as a sequence of four decimal numbers separated by dots. Like192.168.35.44 for example. Every server and every website has at least one of these addresses butno one really uses them much unless forced to. If we want to go to a website we simply give thebrowser an address of www.sun.com or maybe just sun.com. Somehow your browser needs toconvert that name over to an address like That process is called name resolution inthat the URL ( uniform resource locator address ) www.sun.com must be resolvedto the address72.5.124.61 without the user doing anything special. There are special purpose network servicescalled name serversor Domain Name Servers that do the hard work for us. The internet is always

    in a state of change so we need some special servers to track those changes and provide nameresolution for us. We call these servers our DNSservers and you need at least one of them.

    You need to ask your network admin for the ip addresses of your DNS servers. Hopefully you have afew of them. Once you have these ip addresses you then put that information into a specialconfiguration file called /etc/inet/resolv.confwhich is located in a special area where nearly allnetwork config information resides. That file needs to be created with the vi editor. Even moreimportant is the fact that no one can simply do this without special security clearance. You will needto be the root user in order to get the job done.

    Follow these instructions carefully.

    You will need to become the superuser or root level user with the commandsu. Generally it is wise to type this command in as su followed by a singlespace and a dash. That means that you want to become the root user as wellas have the correct environment variables in place as if you actually loggedin just like the root user from the very beginning. You will need to thenenter the root user password.

    bash-3.00$ su -Password:Sun Microsystems Inc. SunOS 5.10 Generic January 2005#

    We now need to start the vi editor and create our new file called /etc/inet/resolv.conf thus :

    # vi /etc/inet/resolv.conf

    Your terminal window should instantly change into the editor window for thisnew file. You will see a series of squiggly tilde characters ( ~ ) along theleft margin as well as the status line at the bottom. The status line willtell you that this is a New File like so :



    "/etc/inet/resolv.conf" [New file]If you see that on your terminal window then all is perfect.

    Do not just start typing or banging away at the keyboard !

    The vi editor is now waiting for you to tell it what to do with some really simple commands. The onlyone that you need to know right now is the insert modecommand. The vi editor may look like it is

    ready to receive the contents of the file from your keyboard but don't be fooled. Its just waiting for acommand actually. So press the letter i ( lowercase i as in india ) and then you will see nothinghappen. That's right. Nothing. The vi editor shows you that it is ready to receive input with noindication at all. User friendly eh?

    Suffice it to say that you may now type in the following strings precisely as described below. Where Ishow you I mean that you press the tab key. Where I show you I mean that you pressthe enter key. Where I show you then you press the ESC ( escape ) key. Got that? Now dothis exactly as I show you :


    Everything that you type will go straight into the file up until you hit . When you press the key you are telling the vi editor to stop with the input of data and to switch back intocommand mode. By command mode I mean that vi will not enter data anymore but will sit there

    waiting for a command. Like the letter i that tells it we are going to insert text into the file. The vieditor is really simple when it comes to input. Just press the letter i and it starts taking in data andshoving it into where the cursor happens to be. Hit and it stops. Moving the cursor aroundafteryou hit should be dead easy. Just use the arrow keys on your keyboard. If you don'thave those arrow keys ( and who doesn't these days ? ) then there happens to be the ultimate ingeeky cursor navigation commands for vi. These are the trademark geek squad little things thatseparate the UNIX people from the get-a-real-computer types. For your further edification here theyare :

    the vi navigation keys are h j k l



    h l|down|


    Most people, with enough experience in UNIX, will never touch the arrow keys at all. This page waswritten entirely with vi as were all the rest. It simply becomes second nature. For now we will

    concentrate on getting your name resolution information set correctly and leave further vigymnastics for some other day. I do need you to know that there is a fantastic vi tutorial at thePurdue University website. You will be able to read it from your new Solaris 10 machine when we getyour DNS data entered! Here is the tutorial address :

    Vi Text Editor: Tutorial

    If you followed my instructions carefully then you most likely have a file with two nameserver linesin it and they are both wrong for you. That is fine. I just wanted you to edit a file. Now I want you toenter the correct data and you will do that by going into insert mode again. Just hit the letter i andthen the enter key. Type in the keyword nameserverfollowed by a as well as the ip address

    of your first DNS server. At the end of the line you hit the key to stop data entry.

    Since we know that both of the top lines are wrong we can just delete them. How? Well you pressthe k key a few times to move up the file to the top line. Then press the d key twice ( dd ) to deletethe entire line. That line will vanish and the rest of the file will move upwards. These are little things

    that we take for granted with modern big bloated word processing software. Remember that vi waswritten such that it will run in the smallest of systems with little or no graphics, bandwidth, ormemory.

    At some point you may wonder if we will ever actually write this file out to the disk. Thus fareverything that you have done is in memory and thus you have done no damage and no change tothe system. That is good to know. If you want to write out this data as a file onto the filesystem thenyou do the following :

    To write out the file just hit once in order to ensure we arenot in input mode or edit mode. Then press the colon key : followed by aletter w ( w as in write ) and then hit enter.

    What you will see on the terminal screen will look like so :



    and then after you hit enter you see this


    ~~~~~~~~~"/etc/inet/resolv.conf" [New file] 1 line, 26 characters

    You may have written two lines of data to that new file or just one. It really depends on if you haveone or two DNS Servers. I only entered one for this example.

    Note that vi is still running and that just because you wrote the file out to disk does not mean thatyou can not keep making changes. The file that you are working with within vi is really just a bufferin memory and thus the file on disk will not change until you actually issue a write command to vi.Therefore I want you to now modify this such that we have your domain name as well as one more

    DNS server if you have it. I want you to open up a new blank line above the uppermost line of thisfile. You do that by simply hitting the k key to position your cursor on the top line and then hit thecapital letter O ( O as in Open ) to open up a new line. Then type in the keyword domain followedby and then the name of your internet domain if you know it. If your new system is inside anetwork with the domain name sun.com then you may enter sun.com. If the name is wikipedia.orgthen please enter that after the . If you ever make a mistake then just hit and thenuse the letter x to delete characters one at a time. Or use dw to delete a word. Or use dd to deletethe whole line. Use the capital letter O to open up a new line above the current cursor location. Hit

    the key anytime you think you are in the wrong place and then navigate around with those hj k l keys. Or the arrow keys if you need to. What I am saying here is just get your domain name andnameserver data into that file just like what you will see on the next page. :-)

    : Action to Take : let's finish off /etc/inet/resolv.conf completely. Read below.

    Given what little you may know about vi I hope that you can hack about within it and get yourdomain name and DNS server information into /etc/inet/resolv.conf like the example in the picture.Then to save the file and quit vi just simply hit colon : and w ( for write ) and q ( for quit ). Yourterminal will display the number of lines and characters. You should also be back at the prompt forthe root user.

    To verify the contents of that file simply issue the command cat /etc/inet/resolv.conf and hitreturn. If you do not see exactly what you expect then you need to edit that file and fix it.

    : Action to Take : read about files and symbolic link magic before we move on

    We have a few more little steps to take before name resolution will work for you. We need tocorrectly place a symbolic link for our file /etc/inet/resolv.conf into the directory /etc. If you have no

    idea what a symbolic link is then let me explain briefly. Think of a symbolic link ( symlink ) like asignpost that says this way to your file. Like a street sign may be placed somewhere neara streetand pointing towards the destination. Its not really the actual file that you need but it will act just

    like it. That is the simplest way I can describe it.

    You need to change directories into /etc with cd /etcand then fix up the permissions ( securityrights ) on the file /etc/inet/resolv.conf. Then we create the symlink. Like so :

    # cd /etc## chown root:sys ./inet/resolv.conf#

    The command chownwill change the ownership of that file such that the user root and the groupsys own that file. The word own isn't really accurate. Really we are granting rights to that specific file

    and with the command lswe can see the details :

    # ls -lap ./inet/resolv.conf-rw-r--r-- 1 root sys 94 Apr 9 00:40 ./inet/resolv.conf#

    There you see that I used the parameters -lapwith the command lsto dig out details about the file.The pile of characters at the beginning of the output are really important. What you are seeing there

    are the rights or permissions that various accounts or groups have. Think of it as seven letterswhere a dash means nothing here. So there you see a leading dash followed by rw-r--r--. Forgetthat leading dash for now as it would take a while to explain. Just focus on those six right mostcharacters there. They are actually arranged in groups of three letters at a time and you can readthem like this : rw- and then r-- and finally r--. Each of those three characters specificallydetermines the security or access rights of a given user or a specific group. The first set theredetermines what the owner of the file can do. In this case the owner is shown to be the root userand the rights are read plus write. That is what rw-means. It means read plus write access isgranted to the user account associated with this file. The next three letters determines access for agiven group and then the last three letters specifies everyone and anyone. So in both cases we seethat read access is granted. Not write access. That means that only the root user can both read andwrite the file while everyone else can simply read.

    Afew examples never hurt anyone and so therefore consider the following :

    Some file exists that was created by a user phil. He also set the group access

    of the file to some group called dvd. He then granted read access to the groupand no one else. The file looks like so :

    $ ls -lap foo----rw---- 1 phil dvd 9 Apr 9 00:55 foo

    Some user, not phil, may be a member of the group dvd and then read what isin that file :

    $ cat foosecurity

    Any user that is not a member of the group dvd will see this :

    $ cat foocat: cannot open foo

    Furthermore, if the user phil is removed from the group dvd then he toowill lose access to the file because it specifically denies access tohim. Only members of the group dvd may access that file for read andwrite and no one else.

    Guess what? There is one user that can always read that file. The user known as root is thesuperuser. All seeing and all powerful the root user can even open files that look like this :

    # ls -lap foo---------- 1 phil dvd 9 Apr 9 00:55 foo# cat foosecurity

    Pretty silly looking file security there on that example. It should be illegal to grant no access to a filebut there you see the absurd on display. Almost anything is possible it seems. Even when it shouldbe impossible. Regardless, I have strayed from the intent and purpose while spilling out education.Let's get back on track.

    Asymbolic link is like a little pointer that sits on a disk and points to some file somewhere else. Letme give you an example :

    # echo "bar" > foo# ln -s ./foo ./bar# cat bar

    bar# ln -s ./bar ./foobar# ls -lap foo bar foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 bar -> ./foo-rw-r--r-- 1 root root 4 Apr 9 01:13 foolrwxrwxrwx 1 root root 5 Apr 9 01:14 foobar -> ./bar

    Now here is the play by play for the above. First I use the echocommand to toss the word barinto a file named foo. The echo command does not do much more than what it sounds like; it just

    echoes out whatever input it receives. The greater than sign there > says to take the output andstuff it into a file called foo. So the file foo exists and it contains the three characters bar. Plus aspecial character called a carriage return. ( Hence 4 bytes as you will see later. ) Next I use the lnlink command to create a symlink from the real file foo to an imaginary file called bar. The leadingdot and slash are simply pedantic ways of saying that I want these files in this current directory.Next I use the cat command to dump that new imaginary file called bar onto the terminal. Sureenough the result is just bar. To add another level of complexity I then create a symlink fromfoobar to bar. Neither of which are real files! More absurdity really but it allows us to create symlinksthat point to symlinks that point to files. At least we hope that the file exists. The final commandthere shows us a detailed list ( via ls ) which reveals that foo is a real file with permissions and size.There exists two symlinks that each have radical looking permissions as well as a leading letter l (lower case l as in link ).

    For the sake of being complete I will show you that we can get into trouble by destroying the filethat is real and then we are left with nothing but symlinks that point, ultimately, nowhere. Thus :

    # echo "foo" >> foo# ls -lap foo bar foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 bar -> ./foo-rw-r--r-- 1 root root 8 Apr 9 01:29 foolrwxrwxrwx 1 root root 5 Apr 9 01:14 foobar -> ./bar# rm foo# ls -lap foo bar foobarfoo: No such file or directorylrwxrwxrwx 1 root root 5 Apr 9 01:14 bar -> ./foolrwxrwxrwx 1 root root 5 Apr 9 01:14 foobar -> ./bar

    There you see that I used echoagain but this time I threw a double greater than sign after it. Thedouble > indicates that the output from the echo command is to be appended to the end of the file

    foo. Thus you now see that foo becomes eight bytes in size. The next thing that you see is that I

    actually remove the file foo from existence with the rmcommand. The file is gone but the symlinksthat once point to it are still there. This is where a symlink is not very useful.

    One final atrocity and abuse of symbolic links is the circular linkthus :

    # ln -s ./foobar ./foo# ls -lap foo bar foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 bar -> ./foolrwxrwxrwx 1 root root 8 Apr 9 01:33 foo -> ./foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 foobar -> ./bar#

    If that looks insane then you are correct to feel that way. No file called foo even exists anymore butwe have a symlink foobar that points to bar which points to foo which is in turn a symlink that pointsto foobar. Madness. Now you will see a file that even the root user can not access because it doesnot exist :

    # cat foocat: cannot open foo# ls -l foo bar foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 bar -> ./foolrwxrwxrwx 1 root root 8 Apr 9 01:33 foo -> ./foobarlrwxrwxrwx 1 root root 5 Apr 9 01:14 foobar -> ./bar# unlink foobar# unlink bar# ls -l foo bar foobar

    bar: No such file or directoryfoobar: No such file or directorylrwxrwxrwx 1 root root 8 Apr 9 01:33 foo -> ./foobar#

    The thing called foo still says that it is 8 bytes in size but it is a symlink that points to nowhere. Thenormal symbolic links needed just five bytes on the disk but this thing that we are left with needs 8

    bytes. I don't know what it is but I think I had better delete it.

    The lesson here is that you need to be careful with symbolic links and with file permissions. Yes you

    can access just about anything as root so long as the thing in question is sane. You can do damage

    through a sequence of perfectly logical steps and render an illogical result. Simply be careful is all I

    am saying here. Have a look at the picture above and let's edit the /etc/nsswitch.conf configuration


    : Action to Take : edit /etc/nsswitch.conf and add dns to the hosts line

    : Action to Take : verify your work and verify your defaultrouter setting

    : Action to Take : let's look into both the hosts file and ipnodes file

    : Action to Take : not much to do here. Just enter :n into vi to move onwards

    : Action to Take :again .. not much to do here. Just verify the ip looks correct

    : Action to Take : with name resolution in place your browser should now work

    : Action to Take : Experiment with GNOME Themes and windows styles. Play. Work.