Archive for the solaris Category

Such a pity (and no wonder they disbanded), I was working with opensolaris sendmail trying to configure it to work with a smarthost that required authentication. I found out there is no SASL auth support on the default sendmail binary. Looks like you have to compile it yourself… I didn’t do so, but this guy seems to have made it work.

I was annoyed that my solaris system was not registering the hostname I set in /etc/nodename when getting a DHCP address. Turns out nodename is only used locally and not for DHCP (which really doesn’t make sense to me). You have to enable DHCP to register the hostname and set the hostname in a different file. I would expect this task to be an easy thing to find on google, but it took me a while to find it! Maybe my search engine skills aren’t as good as they used to be, but I’ll post this here so others can find it more easily.

Registering a Hostname through DHCP from Solaris

Quick howto to setup ntp service on solaris 10:

vi /etc/inet/ntp.client

remove the server line and add pool.ntp.org servers (or your own):

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

:wq /etc/inet/ntp.conf

svcadm enable ntp

svcs

If your system says maintenance, check /var/svc/log/network-ntp* to see what went wrong and fix it. After that, run:

svcadm clear ntp

and that should make you up and running…

After 10-15 minutes, run

ntpq -p

and make sure that one of the entries has a * in front of it. If so, your clock is being synchronized to that server and you’re all set.

OpenSolaris Disbanded

| September 2nd, 2010

Grrr… Just when I spent a good deal of time developing and working with OpenSolaris, it decides to disband….

http://jaxenter.com/opensolaris-governing-board-symbolically-disband-30610.html

Oracle isn’t going to support OpenSolaris as Sun did so the OpenSolaris Governing Body disbanded and gave control of OpenSolaris back to the parent company. Good news though is that is isn’t all over, some developers forked the project and started Illumos. I am not going to keep my hopes too high – remember BeOS? I’ve been waiting 8 or so years for Haiku and at this point, it’s a little too late… We’re not in 1999 anymore…or 2005 for that matter… or 2006… or 2007… you get the idea…

The future of Solaris/ZFS is pretty unclear now… Will we see Solaris go back to being a closed source unix? Will Illumos take off? All these factors have me watching for further development. ZFS’s license prohibits it from being ported natively to linux (non-compliant  with GPL I believe), so if Solaris goes down, I think ZFS is also dead. On the other hand, linux is getting it’s own ZFS type file system called Btrfs. Looks like it will have many, if not more features as ZFS, and early benchmarks show that is may be faster than ZFS… I’ll keep watching…

Here is how I got zfs to share files on smb with no passwords (Note: I am on opensolaris snv_134)

Install the zfs cifs kernel package:

pfexec pkg install SUNWsmbs
pfexec pkg install SUNWsmbskr # this was already installed by default on my system

Reboot the system after this…

pfexec reboot

The service is disabled, let’s enable it.

$ svcs smb/server
STATE          STIME    FMRI
disabled       21:28:39 svc:/network/smb/server:default

$ svcadm enable -r smb/server # the -r recursively enables dependent services
# the following error message is fine.
svcadm: svc:/milestone/network depends on svc:/network/physical, which has multiple instances.

If you wish to join a certain workgroup (default is WORKGROUP):

smbadm join -w MyHome

Now let’s create the zfs file system:

pfexec zfs create -o casesensitivity=mixed -o nbmand=on rpool/storage

Let’s fix the permissions so that anyone and everyone could use access the file share:

pfexec chmod 777 /rpool/storage/
# must specify solaris chmod as GNU chmod does not know about solaris extended permissions

zfs set aclinherit=passthrough rpool/storage
zfs set aclmode=passthrough rpool/storage

pfexec /usr/bin/chmod -R A=everyone@:full_set:fd:allow /rpool/storage/

And let us make the share:

pfexec zfs set sharesmb=name=storage,guestok=true rpool/storage

Verify setup:

$ sharemgr show -v

Last step, map the windows guest user to a valid solaris account (if not, it’ll generate random UIDs):

pfexec idmap add winname:Guest unixuser:nobody

and the group too:

pfexec idmap add "wingroup:Domain Users" unixgroup:staff

Test the connection from another computer. Done! Thank you James, Simon, and Afshin for your help.

bashusr@solaris:~/backuppc/install$ cat install.sh

#!/bin/bash
# Installation Guide for OpenSolaris version:
# SunOS 5.11 snv_134 i86pc i386 i86pc Solaris
#
# Written by Jonathan Chan <jonmchan@gmail.com>
#
# We will be using most of the packages from CSW instead of the SunW versions.
# If you have already installed CSW or have SUNWApache, you will have to make
# adjustments to the installation. Especially if you already have CSW perl
# installed.
#
# NOTE: This guide/script must be run by a user with pfexec root priviledges.
#
# You can also run this as a bash script and hope the whole thing works :-P
set -u
set -e
DIRPREFIX=/rpool/BackupPC
PKGADD_FLAGS=""
#PKGADD_FLAGS="-n" # uncomment this for silent non-interactive install
PKGGET_FLAGS=""
#PKGGET_FLAGS="-f" # and this too.
PKGUTIL_FLAGS=""
#PKGUTIL_FLAGS="-y" # and one last one.
#### Prerequisites ####
# install pkg-get to get packages from the CSW repository
wget -O /tmp/pkg-get http://www.opencsw.org/pkg-get
pfexec pkgadd $PKGADD_FLAGS -d /tmp/pkg-get
# Install pkgutil (we don't really this util), you can use either/or pkg-get
# I'm a solaris newbie, so I'm trying both.
wget -O /tmp/pkgutil.pkg http://ftp.math.purdue.edu/mirrors/opencsw.org/pkgutil-i386.pkg
pfexec pkgadd $PKGADD_FLAGS -d /tmp/pkgutil.pkg
# if you want to keep this path, better set it in your ~/.profile
export PATH=$PATH:/opt/csw/bin
# install packages from CSW
pfexec pkgutil $PKGUTIL_FLAGS --install gnupg lynx # dependencies for cpan
gpg --keyserver pgp.mit.edu --recv-keys E12E9D2F
gpg --keyserver pgp.mit.edu --recv-keys A1999E90
pfexec pkg-get $PKGGET_FLAGS -i samba_client par2cmdline apache2 apache2_manual
pfexec pkg-get $PKGGET_FLAGS -i ap2_modphp5 ap2_modperl # not used, but good modules to have for apache
# we need a compiler to compile some of the perl modules...
pfexec pkg install sunstudioexpress
# hack to make cpan work... (they hardcoded to an old version of sun studio express)
pfexec mkdir -p /opt/studio/SOS11/SUNWspro/
pfexec ln -s /opt/SunStudioExpress/bin /opt/studio/SOS11/SUNWspro/
# install perl modules from CPAN
PERL_MM_USE_DEFAULT=1 /opt/csw/bin/cpan -a
PERL_MM_USE_DEFAULT=1 pfexec /opt/csw/bin/cpan Compress::Zlib Archive::Zip File::RsyncP
#### Actual BackupPC Install ####
# Create filesystems and username
pfexec zfs create ${DIRPREFIX:1}
pfexec useradd -d $DIRPREFIX -c "BackupPC User" backuppc
# change to latest version - 3.2.0 was the latest at the time of this writing.
wget --no-check-certificate https://sourceforge.net/projects/backuppc/files/backuppc/3.2.0/BackupPC-3.2.0.tar.gz/download
tar zxvf BackupPC-3.2.0.tar.gz
cd BackupPC-3.2.0
# fix applications to use the correct CSW version of perl
find bin/ -type f -exec sed -i 's|/usr/bin/perl|/opt/csw/bin/perl|g' {} \;
sed -i 's|/usr/bin/perl|/opt/csw/bin/perl|g' cgi-bin/BackupPC_Admin
# fix for stop executing kill instead of running stop block.
sed -i '25s/stop/stopBackupPC/g' init.d/src/solaris-backuppc
sed -i '30s/stop/stopBackupPC/g' init.d/src/solaris-backuppc
sed -i '43s/stop/stopBackupPC/g' init.d/src/solaris-backuppc
# Correct apache configuration file since CONFDIR is chmod 750 and apache runs as nobody
sed -i "s|__CONFDIR__|${DIRPREFIX}/files/conf|g" httpd/src/BackupPC.conf
# Allow from all instead of limiting to 127.0.0.1 (critical because the new versions
# of solaris use ::1 ipv6 so 127.0.0.1 is not used either)
sed -i '17s/deny,allow/allow,deny/g' httpd/src/BackupPC.conf
sed -i '18s/deny/allow/g' httpd/src/BackupPC.conf
sed -i '19s/^/##/g' httpd/src/BackupPC.conf
pfexec bash -c "cat << EOF >> httpd/src/BackupPC.conf
<Directory $DIRPREFIX/files/images >
order allow,deny
allow from all
</Directory>
EOF"
pfexec /opt/csw/bin/perl configure.pl --batch \
--cgi-dir $DIRPREFIX/files/cgi-bin            \
--data-dir $DIRPREFIX/data                    \
--hostname `hostname`                         \
--html-dir $DIRPREFIX/files/images            \
--html-dir-url /BPCImages                     \
--install-dir $DIRPREFIX/files                \
--config-dir $DIRPREFIX/files/etc             \
--log-dir $DIRPREFIX/files/log
# install BackupPC Service
pfexec cp init.d/solaris-backuppc /etc/init.d/backuppc
pfexec chmod 755 /etc/init.d/backuppc
pfexec ln -s ../init.d/backuppc /etc/rc0.d/K40backuppc
pfexec ln -s ../init.d/backuppc /etc/rc2.d/S99backuppc
# Install httpd config file
pfexec mkdir $DIRPREFIX/files/conf
pfexec cp httpd/BackupPC.conf $DIRPREFIX/files/conf/BackupPC.conf
# Workaround since apache is run as nobody.
# ##WARNING## BackupPC documentation EXPLICITLY states not to do this - all
# users will be able to have access to your backup files. Please note the
# security risk of this step.
pfexec chmod a+x $DIRPREFIX/files/cgi-bin/BackupPC_Admin
export DIRPREFIX
pfexec bash -c 'echo "Include $DIRPREFIX/files/conf/BackupPC.conf" >> /opt/csw/apache2/etc/httpd.conf'
echo Please insert password for admin user:
pfexec /opt/csw/apache2/sbin/htpasswd -c $DIRPREFIX/files/conf/BackupPC.users admin
# start BackupPC daemon
pfexec /etc/init.d/backuppc start
# start apache
pfexec svcadm enable svc:/network/cswapache2
pfexec svcadm refresh svc:/network/cswapache2
cd ..
# delete installation files that we don't need anymore...
##rm BackupPC-3.2.0*
#firefox http://localhost/BackupPC_Admin
Also posted here: http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=FAQ_installation