`setfont t` is the internet’s next rickroll.Posted at 6:33pm on Sun 26 Aug 2012
Just lost a 24-port switch, NIC, and video card to lightning because Time Warner told me twice to stop surge protecting my coax cable.Posted at 4:04pm on Sun 26 Aug 2012
“Contributors are awesome. If you're thinking about contributing, that means you're thinking about being awesome.” (http://t.co/56XCgXZV)Posted at 9:19pm on Sun 19 Aug 2012
Right out of the box, OpenSolaris is ready to use as a desktop system. This is great, but that’s not what I’m using it for. It’ll be used as a hefty server at home, so there’s a lot of fat I can trim to keep it running with as little overhead as possible. I’ll also need to install and configure a few Sun-provided services like OpenSSH, iSCSI, SMB/CIFS, and NFS.
Since X takes a good amount of memory to run, and I won’t be using it, this is a great place to start. I’d really also prefer to configure everything else from a command line rather than the GNOME-based GUI tools. I run the following command after logging into X as my unprivileged account and starting the terminal app:
brian@hal:~$ pfexec svcadm disable gdm
Immediately, I am logged out and X shuts off; I now see a blank, black screen. I had to hit enter before I could see a login prompt. I’ll log back in. OpenSSH is already installed and running, so I’ll log in to the console to find the IP address I’ve been assigned:
brian@hal:~$ ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 e1000g0: flags=201004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4,CoS> mtu 1500 index 2 inet 10.0.0.72 netmask ffffff00 broadcast 10.0.0.255 lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1 inet6 ::1/128 e1000g0: flags=202004841<UP,RUNNING,MULTICAST,DHCP,IPv6,CoS> mtu 1500 index 2 inet6 fe80::20c:29ff:fe4d:1405/10
Looks like my NIC interface is e1000g0. To make the rest of my experience easier for me, I’ll now SSH to 10.0.0.72 to perform everything else, then assume the root role so I don’t have to keep prefixing all my privileged commands with
brian@shuttle:~$ ssh firstname.lastname@example.org The authenticity of host '10.0.0.72 (10.0.0.72)' can't be established. RSA key fingerprint is 79:fb:b6:d9:b6:1a:c9:8f:dd:e4:f7:df:97:23:e8:d2. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.72' (RSA) to the list of known hosts. Password: Last login: Sat May 2 14:35:46 2009 Sun Microsystems Inc. SunOS 5.11 snv_101b November 2008 brian@hal:~$ su - Password: Sun Microsystems Inc. SunOS 5.11 snv_101b November 2008 root@hal:~#
Unfortunately, disabling gdm is not enough if you want a GUI-less console. Due to a bug in OpenSolaris (at least in the 2008.11 release), the blue boot screen will never turn off after a successful, gdm-less boot. As a result there is no way to log in to the console. We’ll need to tell GRUB to boot into text mode by default instead.
You could edit the
/rpool/boot/grub/menu.lst file yourself, but there’s a handy
bootadm utility to save you a step or two. I’ll also set the boot selection timeout to 2 seconds rather than 30 seconds, as it will drastically reduce my server’s boot time.
root@hal:~# bootadm list-menu The location for the active GRUB menu is: /rpool/boot/grub/menu.lst default 0 timeout 30 0 OpenSolaris 2008.11 snv_101b_rc2 X86 1 OpenSolaris 2008.11 snv_101b_rc2 X86 text boot root@hal:~# bootadm set-menu default=1 root@hal:~# bootadm set-menu timeout=2
That’s it. It will boot into text mode by default next time, and nearly half a minute sooner.
Before setting the static address on the NIC itself, I also need to prepare a few other things for statically-set DNS resolution. I’ll start by editing my
/etc/resolv.conf file to look like the following:
domain systempoint.us nameserver 10.0.0.5
Now I need to change the resolution search order so that DNS is preferred. This requires me to restart the DNS client service:
root@hal:~# cd /etc root@hal:/etc# cp nsswitch.conf nsswitch.original root@hal:/etc# cp nsswitch.dns nsswitch.conf root@hal:/etc# svcadm restart svc:/network/dns/client:default
Finally I’ll edit the
/etc/nwam/llp file to change my NIC from dhcp to static configuration. My new llp file looks like the following:
e1000g0 static 10.0.0.4/24
To specify the default gateway, I’ll create and edit the
Now I’ll disable the DHCP service, enable the network/physical:default service, and restart NWAM. Note that the ssh session will be disconnected at this point, but a new one can be started at the static address I just set up.
root@hal:/etc/# svcadm enable svc:/network/physical:default root@hal:/etc/# svcadm restart svc:/network/physical:nwam
I recommend rebooting at this point to make sure the system will initialize correctly on a fresh boot with the new configuration, and to make sure the boot menu options worked fine.
Keep in mind that, provided you have decent hardware, this is the most you’ll ever need to reboot a Solaris server.
Next I need to install a few packages for file sharing. While they are Sun-provided, they are not automatically installed. OpenSolaris makes it easy to do so with the
I’ll need packages for the CIFS/SMB service and iSCSI target service. These can be installed with the following. Note: I’ve omitted output from
pkg because it is very verbose, is much the same for all instances below, and all attempts were successful.
root@hal:~# pkg install SUNWsmbs SUNWsmbskr root@hal:~# pkg install SUNWiscsitgt
Now we’ll enable all our file sharing services and the services they depend upon.
root@hal:~# svcadm enable -r nfs/server root@hal:~# svcadm enable -r system/iscsitgt root@hal:~# svcadm enable -r smb/server svcadm: svc:/milestone/network depends on svc:/network/physical, which has multiple instances.
It’s safe to ignore the svcadm warning shown above.
By default, the SMB server resides in WORKGROUP. I’ll join my existing workgroup, using all-caps as the lower-case variation caused the machine not to appear in Windows’ machine list:
root@hal:~# smbadm join -w SYSTEMPOINT Successfully joined workgroup 'SYSTEMPOINT'
Usernames and passwords for existing users will not work via SMB on remote machines yet. To make this happen, I’ll need to add a PAM module and re-set existing passwords for accounts on the machine.
Add the following line to
other password required pam_smb_passwd.so.1 nowarn
Now I’ll have to reset any passwords for users whose accounts need to be used via SMB. Any new users created from now on will not require any special changes just for SMB access. Using the
passwd command will set their SMB passwords automatically:
root@hal:~# passwd brian New Password: Re-enter new Password: passwd: password successfully changed for brian
With everything set up, the next step is to configure ZFS and the appropriate share points. I’ll save that for the next entry.