Course

UNIX Solaris System &

Network Administrator

Instructor: Khajorn Sinaphiromsaran

Training Professional Center 1

Introduction
 Course Introduction
 Instructor & Trainer Assistance
 Attendees / Trainees
 Expectations
 Course Goals and Contents

Training Professional Center 2

Instructor & Trainer Assistance
 Khajorn Sinphiromsaran
 Unix System and Network Administration
(Solaris, Linux, FreeBSD)
 Microsoft Windows 2003
System Environment, Active Directory, Network
Infrastructure
 Cisco Network Fundamental
 Information Security Consultant
 Trainer Assistance - ผู ้ชว่ ยวิทยากร

Training Professional Center 3

Attendees / Trainees
 First-Last Name
 Responsibilities
 Expectations

Training Professional Center 4

Expectations
 Upgrade Linux  Solaris
 Unix System Security
 Solaris Administration
 Gain Knowledge in Unix
 Customer Services

Training Professional Center 5

จุดประสงค์ และความรูพ ื้ ฐาน
้ น
 หลักสูตรนีเ้ หมาะสาหรับ
 Unix System Administrator (Solaris)
 ผู ้ทีส
่ นใจเกีย ิ ซ์
่ วกับระบบยูนก

 ความรู ้พืน
้ ฐาน
 Course: Fundamentals of Unix Solaris
 Course: Intermediate System Administration for Solaris OE
 Perform basic Unix tasks
 Understand basic Unix commands
 Use vi text editor
 Interact with a windowing system

Training Professional Center 6

 ้ หาของหล ักสูตร
เนือ
Day 1 – Installation
 Introduction to Solaris 10
 System Concepts and Choosing Hardware

 Solaris 10 Installation
 Initialization, OpenBoot PROM, and Run Levels

Training Professional Center 7

 ้ หาของหล ักสูตร (ต่อ)
เนือ
Day 2 – System Essentials
 Introducing the Solaris OE Directory Hierarchy
 Managing Local Disk Devices
 Managing the Solaris OE File System
 Performing Mounts and Unmounts

 Installing Software, Live Upgrade, and Patching

 Text Processing and Editing
 Shells, Scripts, and Scheduling
 Process Management
Training Professional Center 8
 ้ หาของหล ักสูตร (ต่อ)
เนือ
Day 3 – Security
 System Security
 File System Access Control
 Role-Based Access Control
 Users, Groups, and the Sun Management Console
 Kerberos and Pluggable Authentication

Training Professional Center 9

 ้ หาของหล ักสูตร (ต่อ)
เนือ
Day 3,4 – Managing Devices
 Device and Resource Management
 Installing Disks and File Systems
 File System and Volume Management
 Backup and Recovery

 Printer Management
 Pseudo File Systems and Virtual Memory
 System Logging, Accounting, and Tuning

Training Professional Center 10

 ้ หาของหล ักสูตร (ต่อ)
เนือ
Day 4 – Networking
 Basic Networking
 DHCP and NTP
 Routing and Firewalls
 Remote Access
 Internet Layer (IPv6)

Training Professional Center 11

 ้ หาของหล ักสูตร (ต่อ)
เนือ
Day 5 – Services, Directories, and Applications
 Network File System and Caching File System
 Sendmail
 Domain Name Service
 Network Information Service (NIS/NIS+)
 Lightweight Directory Access Protocol (LDAP)
 Samba
 Application Development and Debugging
 Web Applications and Services

Training Professional Center 12

Training Professional Center 13
Day1 - Installation
 Introduction to Solaris 10
 System Concepts and Choosing Hardware

 Solaris 10 Installation
 Initialization, OpenBoot PROM, and Run Levels

Training Professional Center 14

History
 AT&T  Develop from Game Application
 AT&T  Microsoft, Sun, IBM, HP
 The same core OS
 Sun – Free source code

 Manual page  $> man

 Editor  vi (Visual Editor)

Training Professional Center 15

Introduction to Solaris
 UNIX Operating System
 Multiuser
 Multitasking Operating Environment
 Multithreading

 Developed by Sun Microsystem

 System V (AT&T)
 Berkeley (BSD)
Training Professional Center 16
Introduction to Solaris
 Solaris (Operating Environment)
 SunOS (Operating System)

 Solaris 10 = SunOS 5.10

 Solaris 9 = SunOS 5.9
 Solaris 8 = SunOS 5.8

Training Professional Center 17

Introduction to Solaris
Solaris 10 is to support:
 Database servers
 Message Queues
 XML Web Services
 J2EE application servers

Sun’s hardware solution based on UltraSPARC

Support for SMP more than 100 processors in
single server
Training Professional Center 18
Introduction to Solaris
Sun’s innovations move from server to desktop
 Develop Java – Cross Platform support JVM
 Write Once – Run Anywhere
 Promote free version of Solaris
 SPARC and Intel

Training Professional Center 19

Solaris Innovations
 Server Tools
 scalability, availability, security, integrity and manageability
 Clustering
 Grids, Zones, and Resource Management
 Volume Management
 RAID 0,1,5 and Mirror, Strip
 Live Upgrade
 System Management
 SMC – System Management Console Tool
 Security Innovations
 Kerberos Version 5
 IPv6 and IPSec
Training Professional Center 20
SPARC and IA System Admin Difference

Category SPARC IA
System operation before OpenBoot PROM BIOS
kernel load Solaris Device Config
Assistant
MDB (Multiple Device
Boot)
Booting system Command Option at PROM Command Option at
MDB

Training Professional Center 21

SPARC and IA System Admin Difference

Category SPARC IA
Boot Program bootblk (Pri. boot program) mboot (MBR)
ufsboot (Sec. boot program) pboot (Solaris Partition boot
load kernel program)
Bootblk (Pri. boot
program)
ufsboot (Sec. boot
program)
load kernel

Training Professional Center 22

SPARC and IA System Admin Difference

Category SPARC IA
System Shutdown shutdown,init w/o shutdown,init w/ intervention
intervention

Disk Controller SCSI, IDE SCSI and IDE

Disk slice and partition Max. 8 slices (0-7) DiskMax. 4 fdisk partition
Sol fdisk  10 slices (0-9) but
0-7 store data

Diskette drive 3.5-inch diskette drive 3.5, 5.25-inch

Training Professional Center 23

 Solaris System Software Evolution
Release Feature
Solaris 1.0 (SunOS 4.x) Berkeley (BSD) Unix

Solaris 2.0 (SunOS 5.0) SVR4 (AT&T) and BSD

Solaris 2.1 (SunOS 5.1) Admin ToolsGUI, Print/Accout Manager,

Solaris 2.2 (SunOS 5.2) Vol ManagerCDROM

Solaris 2.3 (SunOS 5.3) VFS,Online Backup, PAM, PPP, CacheFS (NFS), NIS+

Solaris 2.4 (SunOS 5.4) Motif GUI (Installation)

Solaris 2.5 (SunOS 5.5) PAX,Soltice Admin Suite, Process Tool (/proc), Telnet client (4.4 BSD version),
Improve rlogind, telnetd
Solaris 2.5.1 (SunOS 5.5.1) UserID,GroupID extend to max. sign integer

Solaris 2.6 (SunOS 5.6) Printing Software (NIS,NIS+), Large file support (UFS,NFS, CacheFS), NFS
Kerberos use DES, RPC (GSS-API), Y2K compliance, WebNFS, JVM 1.1

Training Professional Center 24

 Solaris System Software Evolution
Release
Solaris 7 (SunOS 5.7)
Solaris 8 (SunOS 5.8)
Solaris 8 (SunOS 5.8) (6/00)
Solaris 8 (SunOS 5.8) (10/00)
Solaris 8 (SunOS 5.8) (1/01)
Solaris 8 (SunOS 5.8) (4/01)
Solaris 8 (SunOS 5.8) (7/01)
Solaris 8 (SunOS 5.8) (10/01)
Solaris 8 (SunOS 5.8) (2/02)
Training Professional Center
Feature
64bits (SPARC only), LDAP, Dynamic reconfiguration, AnswerBook2, Unicode,
RPC security, CDE (new tools)
IPv6, Naming LDAP, Java2, Wizard (Installation), UDF (Universal Disk Format),
DVD, Smart card, PDA, Multilanguage (90 locals,37 langs), XServer (X11R6.4),
RBAC (Role-Based Access Control)
Mobile IP, Removable Media (DVD,Zip,Jaz,CDROM,diskette)
IP Multipathing with NICs, WBEM (Web-Based Enterprise Management, Print USB
LDAP+iPlanet WebServer, SMC 2.0 (RBAC), WBEB (init.wbem, update security,
SMC Log viewer), USB (Sun Blade 100, 1000 and Sun Ray system)
New BIND, sendmail 8.10, IP multipathing with dynamic reconfiguration (DR),
Mobile IP (reverse tunnel)
PPP 4.0 (async,sync comm., PAP, CHAP), NCA (Solaris Network Cache
Accelerator), IP Multipathing (IPMP reboot safe)
DR 3.0 (Automated DR), USB (KB,Mouse,Printer,Audio)
RPC (Sun ONC+ async protocol)
25
 Solaris System Software Evolution
Release
Solaris 9 (SunOS 5.9)
Solaris 10 (SunOS 5.10)
Training Professional Center
Feature
Resource Manager (allocate resource), Fixed-priority (FX), Web Start Flash
Install (master,clone), Live Upgrade, New option (df, du, ls, 1K unit), pargs
and preap (process debugging), NIS+  LDAP, Sun Internet FTP Server,
sendmail 8.12, Improve NCA, IPMP (link-up-down), Mobile IP (advertise
dynamic if), BIND 8.2.4, Solaris volume manager, SMC 2.1 (6 new tools),
smpatch, Solaris Secure Shell, cdrw (Write CD)
X86/X64, SPARC
Solaris Container – Grid Container (Isolate App, Service, Allocate resource,
Increase resource utilization)
Solaris Secure Execution (File Integrity and Secure Execution, User&Process
Right Management, IP Filter Firewall, Cyptographic Service/Secure,
Enterprise Authentication – LDAP,PW,MD5,Kerberos,Smartcard)
Solaris Dynamic Tracing (easy to analyze, debug, optimize system, App in
Realtime, Patch Management)
Solaris Predictive Self Healing (Auto diagnostic, isolate recovery from H/W,
App fault)
26
Training Professional Center 27
Server Preparation
Enable 2 Solaris systems (By VMWare)
 Copy 2 VMs
 Introduce VMWare with Solaris
 Introduce to Windows System on Solaris
CDE – Common Desktop Environment
JDS – Java Desktop System

Training Professional Center 28

Desktop Resolution Setting

1. Command Login prompt

2. Login as root
3. # kdmconfig
4. Follow step
- Xsun/Xorg server
- XF86 VMWare
- MutipleFrequency 56kHz
- 800x600 @16777777

Training Professional Center 29

Server Preparation
Define IP address and Hostname
 Open Text Editor  # gedit
 vi command  # vi
 Command Mode
 ESC (Default)
 Key -> :r /etc/filename -> Open file
 Edit Mode
 Key  ESC+i  Insert after cursor
 Key  ESC+a  Append after cursor
 Exit vi
 ESC  :q! , ZZ
 Save text
 ESC  :wq!
Training Professional Center 30
Network Interface Card
 การ ์ดบน Intel จะเป็ น pcnx

 การ ์ดบน Sparc จะเป็ น hmex

Training Professional Center 31

Server Preparation

File /etc/hosts (Map IP – Hostname)

Type  192.168.1.73 suwit001
File /etc/hostname.pcn0 (กำหนด IP ให้ NIC)
Type  suwit001 (กำหนดให้ตรงกับไฟล ์ /etc/hosts)
File /etc/nodename (hostname – login screen)
Type  suwit001 (กำหนดให้ตรงกับไฟล ์ /etc/hosts)
Restart Machine
# init 6 (reboot)
Or
# shutdown –y –i6 –g0

Training Professional Center 32

Solve warning ‘loghost’
 File /etc/inet/ipnodes
 File /etc/inet/hosts  /etc/hosts
 127.0.0.1 localhost loghost
 xxx.yyy.zzz.aaa hostname

Training Professional Center 33

Solve warning ‘sendmail’
‘sendmail’ try to determine FQHN
(Fully-Qualified Host Name)
# /usr/sbin/check-hostname
 File /etc/inet/hosts  /etc/hosts
 127.0.0.1 localhost
 xxx.yyy.zzz.aaa hostname host.domain
 File /etc/nsswitch.conf
hosts: file dns
ipnodes: file dns
Training Professional Center 34
Solve warning ‘sendmail’
 File /etc/defaultdomain
 mydomain.domain.domain

Training Professional Center 35

System Concepts and Choosing Hardware
Key Concepts
 UNIX and the Kernel
 Kernel
 Hierarchical file system, begins with root (/)
 System hardware devices  logically on file system
The special file (/dev/pty, for pseudoterminals)
 Process based (Process ID = PID)
 Set of command-line utilities for text and numeric processing (cat, head,
tail, troff, col, tbl etc.)
 User processes are created (spawned) from shell
(Bourne Shell - sh)
 Multiple processes can be executed with & in background
 Multiple users can execute commands from pseudoterminals

Training Professional Center 36

System Concepts and Choosing Hardware

Training Professional Center 37

System Concepts and Choosing Hardware
Key Concepts
 The Shell
 Bourne shell (sh) The original UNIX shell used to write all
system scripts
 Korn shell (ksh) Provides enhanced input/output features,
including the print and read commands
 C shell (csh) Offers a command syntax similar to the C
programming language
 Bourne Again shell (bash) An open source, much improved
version of the Bourne shell
 Z shell (zsh) A freely available Bourne-like shell with a focus
on sophisticated scripting features

Training Professional Center 38

System Concepts and Choosing Hardware
Key Concepts
 The File System
 Multiuser, Multitasking, and Zoning
 Client/Server Networks
 Processes
 Naming Services
 Java 2 Enterprise Edition (J2EE)
 SPARC Hardware
 Supported Platforms
 Intel Hardware
 Devices Supported Under Solaris Intel
Training Professional Center 39
System Concepts and Choosing Hardware
Key Concepts
 The File System
 cachefs The CacheFS cached file system
 hsfs The High Sierra file system
 nfs The Network File System (NFS)
 pcfs The MS-DOS file system
 tmpfs A file system that uses memory
 ufs The standard UNIX File System (UFS)

The default local file system type  /etc/default/fs

The default remote file system type 
/etc/default/fstypes
Training Professional Center 40
System Concepts and Choosing Hardware
Key Concepts
 Multiuser, Multitasking, and Zoning
 Multiple users execute multiple application concurrently
 Multiple threads in single process
 SMP – Symmetric Multiprocessing
 Zone – Virtual instance work in resource management
framework

 Client/Server Networks
 Remote Procedure Call (RPC) technology, NFS
 Remote Method Invocation (RMI) technology, Java
Networking and Distributed computing

Training Professional Center 41

System Concepts and Choosing Hardware
Key Concepts
 Processes
 (PID with UID and GID)
 Signal

 Naming Services (DNS, NIS, NIS+, LDAP)

 Java 2 Enterprise Edition (J2EE)

 JVM
 Java Web Application

Training Professional Center 42

System Concepts and Choosing Hardware

Key Concepts
 SPARC Hardware
 Scalable Processor ARChitecture (SPARC)
 High-speed buses, Fast I/O performance
 UltraSPARC (workstation, server)
 PCI local bus, USB, SVGA

Training Professional Center 43

System Concepts and Choosing Hardware

Key Concepts
 Supported Platforms

Training Professional Center 44

System Concepts and Choosing Hardware

Key Concepts
 Intel Hardware
 Devices Supported Under Solaris Intel

Training Professional Center 45

System Concepts and Choosing Hardware
Examples
 System Components
 Base unit (aka “pizza box”), which contains the motherboard, SCSI
controller, and SBUS cards
 Frame buffer or graphics card
 SCSI or IDE units connected by SCSI or IDE cables to the SCSI or IDE
controller in the pizza box
 CD-ROM drive, internal or external (SCSI or IDE)
 DVD-ROM drive, internal on newer systems
 Speaker box and microphone, external
 Two serial ports (A and B)
 A parallel port
 A tape drive, internal or external (DDAT/DDS/QIC and so on)
 Mouse (mmechanical or infrared) and keyboard (type 4 or type 5)

Training Professional Center 46

System Concepts and Choosing Hardware
Examples
 Example Systems
 Workstation
 Server

Training Professional Center 47

System Concepts and Choosing Hardware
Procedures
 System Configuration
# prtconf

Basic Networking Terminology

 /etc/hostname.hmen

where n is the interface number and

hme is the interface type

Training Professional Center 48

System Concepts and Choosing Hardware
Basic Networking Terminology
 Define multiple network interfaces
 /etc/hostname.hmeN
where N = interface number and
hme = interface type
 Assign different IP addresses to the same network interface.
Hosting “virtual” interfaces.
 /etc/hostname.hmeX:Y
where X = physical device interface
Y = virtual interface number
 Define subnet mask for each of interfaces
 /etc/netmasks
Training Professional Center 49
Solaris 10 Installation
 Preinstallation Planning
 Disk Space Planning
 Device Names
 SPARC Preinstallation
 Intel Preinstallation

Training Professional Center 50

Pre-Installation
1. Host name
(# uname –n, # hostname)
2. Protocol (IP) address
(# ifconfig)
3. Name service type
(LDAP, NIS, NIS+, DNS or non)
4. Subnet mask
(/etc/netmasks file)
5. Geographic location and time zone
(GMT+7)
6. Root password
7. Language

Training Professional Center 51

Method: Solaris 10 Installation
 Web Start Wizard
 JumpStart
 suninstall
 Live Upgrade

Training Professional Center 52

Solaris 10 Installation
 Disk Partitions
 Disk Formatting and Virtual Memory
 The Boot Manager
 Web Start Wizard Installation

Training Professional Center 53

Solaris 10 Installation
 Web Start Wizard Installation
 Configuration
 Network Support
 DHCP Server
 Hostname
 IP Address
 Netmask
 IPv6 Support
 Kerberos Server
 Name Services
 DNS Server
 NIS/NIS+ Server
 LDAP Server

Training Professional Center 54

Solaris 10 Installation
 Web Start Wizard Installation
 Router
 Time Zone and Locale
 Power Management
 Proxy Server
 64-Bit Support
 Disk Selection and Layout
 Root Password
 Software Selection

Training Professional Center 55

Solaris 10 Installation
 Server Preparation
 Add new 3 HDDs
 Enable BIOS to boot from CDROM first
 Insert Solaris 10 x86 Installation CD
 Power On
 Installation
 Option: 1. Solaris Interactive
 Language: 0
 Network  DHCP
 Name Service  DNS
 IPv6: No
 Kerbeos: No
 Domain Name: Yourname.com
 Server IP: 192.168.1.1

Training Professional Center 56

Solaris OE Software Groups

Training Professional Center 57

Create Virtual Machine via VMWare

Training Professional Center 58

Solaris 10 Installation
 Web Start Wizard Installation
 Network Installation
 suninstall Installation
 JumpStart

Training Professional Center 59

Solaris 10 Installation
 JumpStart
 Boot Servers
 Installing Servers
 Boot Clients
 sysidcfg

Training Professional Center 60

Solaris 10 Installation
 sysidcfg

Training Professional Center 61

Solaris 10 Installation
 sysidcfg

Training Professional Center 62

Post-Check after Installation
Software Package after installation
File /var/sadm/install/contents

View file contents

# grep “showrev” /var/sadm/install/contents
# more /var/sadm/install/contents
# cat /var/sadm/install/contents

Patches & Update

http://www.sun.com  Download Patch & Update
http://sunsolve.sun.com

Training Professional Center 63

Training Professional Center 64
Initialization, OpenBoot PROM, and Run Levels
 OpenBoot (Stop-A)
 Boot the system, by using the boot command
 ok> boot [cdrom|net]
 Perform diagnostics on hardware devices by using the diag
command
 ok> diag
 ok> probe-scsi-all
 ok> probe-ide
 Test network connectivity by using the watch-net command
 Help
 ok> help

Training Professional Center 65

Executing Boot PROM Commands

Training Professional Center 66

OpenBoot Architecture Standard
 Test and initialize system h/w
 Determine the system h/w configuration
 Boot the operating environment
 Provide an interactive interface for configuration
testing and debugging
 Enable the use of 3rd device

# /usr/platform/’uname –m’/sbin/prtdiag –v
check version of OpenBoot
Training Professional Center 67
OpenBoot Architecture Standard
1.X SPARC system
2.X The first Openboot PROM
3.X UltraSPARC
4.X 64-bits UltraSPARC
5.X Sun Enterprise 3500-3800 etc.

Training Professional Center 68

Introducing Boot PROM Fundamentals

Training Professional Center 69

POST = Power On Self Test
 Probes the memory and then the CPU
 Probes bus device, interprets their devices, and build a device tree
 Install console

* After boot PROM initialize the system, the banner displays on the
console

Controlling the POST Phase

Stop+D = switch to diagnostic mode (diag-switch? Is set to true)
Stop+N = Clear to the default values
Stop+A =

Training Professional Center 70

Initialization, OpenBoot PROM, and Run Levels
 /sbin/init

Training Professional Center 71

Initialization, OpenBoot PROM, and Run Levels
 /sbin/init

Training Professional Center 72

The init phase

Training Professional Center 73

The /etc/inittab file
id:rstate:action:process

Training Professional Center 74

The init process

Training Professional Center 75

Training Professional Center 76
Solaris OE Run Level
# who -r

Training Professional Center 77

Solaris OE Run Level
0 = System is running the PROM monitor
S,s = Single-user mode with critical file system mounted and
accessible
1 = Single-user administrative state with access to all available
file system
2 = The system is support multi-user,Multiple users can access
the system, All system daemon are running except for
the NFS server
3 = The default run level in the /etc/inittab file (multi-user
operation) and has NFS resource sharing)
4 = Not implemented
5 = The Solaris is shutdown and sytem (h/w) is power-off
6 = The Solaris is shutdown and reboot

Training Professional Center 78

Identifying the Phases of the Boot Process
 Boot PROM phase
 PROM runs POST
 boot Locates boot-device
 boot Reads bootblk
 boot Loads bootblk

 Boot Program Phase

 bootblk Loads Secondary Boot Program (ufsboot)
 ufsboot Loads kernel 32-bit or 64-bit kernel
 kernel = genunix / unix

 The kernel Initialization Phase

 kernel Reads Configuration File /etc/system
 kernel Initializes itself and Load Modules

Training Professional Center 79

The kernel initialization Phase
Module subdirectories in /kernel
 drv = device drivers
 exec = Executable file formats
 fs = File system types, for example, ufs, nfs and proc
 misc = Miscellaneous modules (virtual swap)
 sched = scheduling classes (process execution scheduling)
 strmod = Stream modules (generalized connection between users
and device driver)
 sys = System calls (defined interfaces for application to use)

/kernel/drv  contains all of the device drivers that are use system
boot
/usr/kernel/drv  used for all other device drivers

Training Professional Center 80

Kernel and Modules Loaded In Memory

Training Professional Center 81

The /etc/system file can explicitly control
 The search path for default kernel modules to be
loaded at boot time
 The root file system type and device
 The modules that are excluded from loading
automatically at boot time
 The modules to be forcibly loaded a boot time,
rather than a first access
 The new values to override the default

Training Professional Center 82

Starting Up Systems
 Run Control Scripts
 /sbin/rc0
 /sbin/rc1
 /sbin/rc2
 /sbin/rc3
 /sbin/rc5 and /sbin/rc6
 /sbin/rcS
 Finding Run Level for System
 who -r
Training Professional Center 83
Starting Up Systems
 Run Control Script
 Form
 S,K[0-9][a-z][A-Z]
 S = Start script
 K = Stop script
 S10webserver
 S20dbserver
 /etc/rc3.d
 S10webserver
 S20dbserver

Training Professional Center 84

Writing Run Control Script

Training Professional Center 85

Run Control Script
 /etc/init.d
 script1
 script2
 script3
 /etc/rc1.d
 K10xxxx  /etc/init.d/script1
 K20yyyy  /etc/init.d/script2
 /etc/rc3.d
 S10xxxx  /etc/init.d/script1
 S20yyyy  /etc/init.d/script2

Run RC script
$> /etc/init.d/script1 [start | stop]
$> /etc/rc#.d/S10xxxx [start | stop]
$> /etc/rc#.d/K10xxxx [start | stop]

Training Professional Center 86

Check hard links between 2 files

Inode # Inode #

Training Professional Center 87

Run Control Script
Initialize, Booting
# /sbin/rc# /etc/rc#.d/* start

# /sbin/rc3 /etc/rc3.d/K##xxxx start

# /sbin/rc3 /etc/rc3.d/K##yyyy start
# /sbin/rc3 /etc/rc3.d/K##zzzz start
# /sbin/rc3 /etc/rc3.d/S##xxxx start
# /sbin/rc3 /etc/rc3.d/S##yyyy start
# /sbin/rc3 /etc/rc3.d/S##zzzz start
Training Professional Center 88
 ้
ต ัวอย่ำง เนื อหำใน Service ไฟล ์
#! /bin/sh
#
# description: myservice daemon
# processname: myservice

# Show service text

echo “This is my service”
$1 แทน พารามิเตอร ์ตัวแรก
case - เริม่ # service myservice start
esac - จบ # Switch case syntax
# service myservice stop
case “$1” in
start)
echo “This is starting service…”
;;
stop) ่
อาจจะใส่คาสังในการ start
echo “This is stopping service…” service
;;
่
อาจจะใส่คาสังในการ stop
*)
case - เริม่
service
echo “usage: myservice [start | stop]”
esac - จบ ;;
กรณี อนๆื่ ทีไม่
่ อยู่ใน
esac
case
Training Professional Center 89
Step of starting up system
 Boot PROM check hardware (SPARC)
 Intel x86 (BIOS)
 Bootblk  Kernel  initialize system  init
 Init  /sbin/rc#  /etc/rc#.d
่ นมาตรฐานในการใช ้
Start script /etc/init.d เก็บ Scripts ทีเป็
งาน
 /sbin/rc# จะร ัน Scripts ใน /etc/rc#.d/

Training Professional Center 90

Starting Up Systems
 Change Run Level
 Become root / superuser
 # telinit [run level] (Recommend)
 # init [run level]
 Shutdown
 shutdown –y –g [period] –i [run level] [message]
 # shutdown –y –g 30 –i 6 “System will shutdown in
30 secs”

Training Professional Center 91

Starting Up Systems
 Booting Protocols
 SPARC Platform (OpenBoot PROM)
 bootblk
 ufsboot
 kernel
 init
 IA Platform (PC BIOS)
 mboot (Master Boot Record)
 pboot (Partition boot program)
 bootblk
 ufsboot
 kernel
 init

Training Professional Center 92

Starting Up Systems
 Booting System
 Turn off system power because of power outage
 Change kernel parameters in /etc/system
 Perform system maintenance, backup or restore
system data
 Repair system configuration file /etc/system
 Changing pseudo device parameters in /etc/system
 Add or remove hardware from system
 Boot kernel debugger to track down system problem

Training Professional Center 93

Starting Up Systems
 View Boot Message
 /var/adm/messages
 Crash Dump & Reboot system
 halt –d (save in swap file system)  /tmp
 dumpadm (configure crash dump)
 savecore (/var/crash/hostname)
 Boot System for Recovery Purpose
 SPARC
 IA
Training Professional Center 94
Starting Up Systems
 Boot System for Recovery Purpose
 Boot from Solaris 10 Installation CD
 SPARC
 Press Stop-A
 ok> boot cdrom
 IA
 Screen selection mode
 b –s
 # mount /dev/dsk/c0d0s0 /a
 # cd /a/etc
 # vi passwd (in case of user recorvery)
 # vi shadow (in case of password recovery)

Training Professional Center 95

Starting Up Systems
 Search text in file
 grep “search string” filename
 # grep “Aug 22 13:56” /var/adm/messages
 # grep –i “Aug 22 13:56” /var/adm/messages
 egrep
 Create file with zero byte
 # cat > filename
 Type content
 Ctrl-C
 # touch filename
 # vi filename (save and exit)
 # file filename
Training Professional Center 96
Check boot configuration

# cd /usr/platform/i86pc/sbin
# eeprom

# prtconf

Training Professional Center 97

Shutting down System
 Recommendation
 /usr/sbin/shutdown
 /etc/telinit and /sbin/init
 Not recommendation
 /usr/sbin/halt
 /usr/sbin/reboot
 /usr/sbin/uadmin 2 0

Training Professional Center 98

Training Professional Center 99
Review Day1
 Introduction to Solaris 10
 System Concepts and Choosing Hardware

 Solaris 10 Installation
 Initialization, OpenBoot PROM, and Run Levels

Training Professional Center 100

Training Professional Center 101
Day 2 – System Essentials
 Introducing the Solaris OE Directory Hierarchy
 Managing Local Disk Devices
 Managing the Solaris OE File System
 Performing Mounts and Unmounts

 Installing Software, Live Upgrade, and Patching

 Text Processing and Editing
 Shells, Scripts, and Scheduling
 Process Management
Training Professional Center 102
Introducing the Solaris OE Directory Hierarchy
 Introducing / (root) Subdirectories

Training Professional Center 103

Important System Directories
 /bin – Symbolic link to /usr/bin (binary files of standard
system command)
 /dev – Primary directory for logical device names - soft link
point to device files in /devices
 /cua – Dialup device - modem
 /dsk – Block disk device
 /fbs – Frame buffer device
 /fd – File descriptors (fd0=stdin, fd1=stdout, fd2=stderr)
 /md – Logical volumn management metadisk devices
 /pts – Pseudo disk devices
 /rdsk – Raw disk devices
 /mnt – Tape device
 /sound – Audio device
 /term – Serial devices
 /devices – Primary directory for physical device name

Training Professional Center 104

Important System Directories
 /etc – Host specific configuration file, database file
 /acct – Configuration info accounting
 /cron.d – Configuration cron utility
 /default– Default info for various program
 /inet – Network services
 /init.d – Script for changing between run levels
 /lib – Dynamic linking libraries
 /lp – Printer subsystem
 /mail – mail subsystem (sendmail – free)
 /nfs – NFS server logging
 /opt – Optional packages
 /rc#.d – Script enter/leave specific run level number
 /skel – Default shell initialization files for new user accounts
Training Professional Center 105
Important System Directories
 /export – Default community shared file user account
 /home – Default directory or mount point for
user’s home directory when AutoFS is running
 /kernel – Platform-independent loadable kernel modules
 /mnt – Temporary mount point for file systems
(mount /dev/dsk/cdrom /a)
 /opt – Add-on application packages
 /platform – Platform-dependent loadable kernel modules
 /sbin – Essential executable files
 /tmp – Temporary directory, cleaned when boot
 /usr – Programs, applications, scripts

Training Professional Center 106

Important System Directories
 /usr – Contain program, scripts and libraries used by users
usr = UNIX System Resources
 /bin – Standard system commands
 /ccs – Compilation programs and libs
 /demo – Demo program and data
 /dt – Common Desktop Environment (CDE) software
 /includes– Header files C program
 /java – Java program and lib
 /kernel – Platform-independent loadable kernel module that are not
generally required
 /lib – Various program lib, bin
 /opt – Configuration file for program
 /sbin – System command
 /spool – Symbolic link to /var/spool directory
 /var – Temporary, Logging, Status Files

Training Professional Center 107

Introducing File Components
 File Name - Name of file
 Inode Number - Owner, permission, size
 Data Blocks - Data

Training Professional Center 108

Identify File Types
 Regular files
 Directories
 Symbolic links – Soft links
 Device files
 Block-special device file
 Character-special device file

Training Professional Center 109

Regular Files / Directories

Training Professional Center 110

Symbolic Links

Training Professional Center 111

Device files – Block/Character-special device files

Training Professional Center 112

Regular Files
 File1
 Inode 1282
 Data Block

Training Professional Center 113

Regular Files

Training Professional Center 114

Directories
 dir1
 Inode 4221
 Data Block
 File1 = Inode 1282

Training Professional Center 115

Directories

Training Professional Center 116

Symbolic Links

Training Professional Center 117

Device Files

Training Professional Center 118

Device Files Example

Training Professional Center 119

Introducing Hard Links

Training Professional Center 120

Creating new Hard Links

Training Professional Center 121

Create and Remove - Soft and Hard Links
Character-special devices = raw devices
Block-special devices = block device

 # ln –s file1 link1  soft link

 # ln file1 file2  hard link
 # ls –l
 # ls –li  inum = 1282
 # find . –inum 1282
 # rm file1
Training Professional Center 122
Comparison Soft – Hard Link
Soft Link
 Differ inode
 # ln –s file1 link1
 rm file1, link2 can’t use
 Files, Directories
Hard Link
Same inode
# ln file1 file2
rm file1, file2 exists
File only, same FS

** Size link1 = No of char path name number of link

Training Professional Center 123

Training Professional Center 124
Managing Local Disk Devices
 Physical disk structure
Components of a Disk

 Data organization on disk platters

 Disk Platter Component
 Sector = 512 bytes (Disk Block)
 Track = Sector + Sector
 Cylinder = Track + Track

Training Professional Center 125

Data organization on disk platters - Sector

Training Professional Center 126

Data organization on disk platters - Track

Training Professional Center 127

Data organization on disk platters - Cylinder

Training Professional Center 128

Manage Disk Device
 Disk Slices
 Disk Division
 Disk Slices
 Partitions on a disk
 Grouping of cylinders

 Slice0 – Root system file (/ [root])

 Slice1 – Swap
 Slice2 – Entire disk, Don’t Touch
 Slice5 – Optional software (/opt)
 Slice6 - /usr file system
 Slice7 – User data files (/export/home)

Training Professional Center 129

Disk Division/Slices

Training Professional Center 130

Disk Slices

Training Professional Center 131

Disk Slice Naming Conventions

Training Professional Center 132

Disk Slice Name SCSI Configuration
 Small Computer System Interface = SCSI

Disk Number = Logical Unit Name (LUN)

Training Professional Center 133

Disk Slice Name IDE Configuration
 Integrated Drive Electronics (IDE)

Training Professional Center 134

Check Solaris Release
# cat /etc/release

Training Professional Center 135

Introducing Solaris OE Device Naming Convent.
 Logical device names

Training Professional Center 136

Introducing Solaris OE Device Naming Convent.
 Physical device names - The /devices Directory structure

Training Professional Center 137

Introducing Solaris OE Device Naming Convent.
 Instance names
dadn (direct access device)
Where n = 0 or 1,2,3…
sdn (scsi disk)
where n = 0 or 1,2,3…
st (tape device)

Training Professional Center 138

Listing a System's Devices
 Listing a System's Devices
 The /etc/path_to_inst file
 The prtconf command
 The format command

 Check instance name

prtconf = print configuration
# prtconf | more
# prtconf | grep –v ‘not’ | more

Training Professional Center 139

Reconfiguring Devices
 Reconfiguring Devices
 Performing a reconfiguration boot
 Using the devfsadm command
 # devfsadm

Performing a reconfiguration boot

 Create file /reconfigure (0 byte)
 # touch /reconfigure
 # init 5
Cleanup that remove unreferenced
# devfsadm –C
Training Professional Center 140
Partitioning the Hard Disk

Training Professional Center 141

Partitioning the Hard Disk – Wasted Space

Training Professional Center 142

Partitioning the Hard Disk – Overlapping

Training Professional Center 143

Introducing disk partition table

Training Professional Center 144

Using the format command Partitioning a disk

Training Professional Center 145

Using the format command Partitioning a disk

Training Professional Center 146

Using the format command Partitioning a disk

Training Professional Center 147

Using the format command Partitioning a disk

Training Professional Center 148

Using the format command Partitioning a disk

Training Professional Center 149

Using the format command Partitioning a disk

Training Professional Center 150

Using the format command Partitioning a disk

Training Professional Center 151

Using the format command Partitioning a disk

Training Professional Center 152

Using the format command Partitioning a disk

Training Professional Center 153

Using the format command Partitioning a disk

Training Professional Center 154

Saving a partition table to the /etc/format.dat file

Training Professional Center 155

Using the customized partition table

Training Professional Center 156

Using the customized partition table
format > verify

Training Professional Center 157

Setting up Disk Slices

Slice File system Description Client/Server

0 root Hold files and directories that make OS Both

1 swap Provide virtual memory or swap space Both

2 backup Refer to the entire disk, by format command Both

3 - Up to design Both

4 - Up to design Both
5 /opt Hold App software added to the system Both
Hold OS command, run by users, document, system
6 /usr Both
program
7 /export/home Hold home folder from remote system Both
Contain the boot slice info at the beginning of Solaris
8 - Both
partition – enable boot from HDD
Provide area reserved for alternative disk block.
9 - Both
Alternative sector slice.

Training Professional Center 158

Partitioning the Hard Disk
VTOC = Volume table of content

Reading a disk VTOC

# prtvtoc /dev/rdsk/c1t0d0s2
# prtvtoc /dev/rdsk/c1t0d0s2 > /vtoc/c1t0d0

Populate / Update VTOC to harddisk

# fmthard –s /vtoc/c1t0d0 /dev/rdsk/c#t#d#s2

Caution:
The fmthard command cannot write a disk label on the unlabeled disk.
Use the format utility for this purpose

Training Professional Center 159

Format Partition Table
# newfs /dev/rdsk/c2t0d0s7

Automatic mount at boot

# mkdir /export/software
# gedit /etc/vfstab
/dev/dsk/c2t0d0s7 /dev/rdsk/c2t0d0s7 /export/software ufs yes 1 -
# init 6

Check auto-mounting
# df –h
# cd /export/software

Training Professional Center 160

Automatic mount at boot

Field ‘fsck pass’ = 1  Ensure sequential fsck checking

= 2  Do not ensure sequential fsck checking

Training Professional Center 161

Adding new Harddisk
 Mount on booting
 Edit in file /etc/vfstab

Training Professional Center 162

Training Professional Center 163
Managing the Solaris OE File System
 Disk-based file systems
 ufs = unix file system (Berkeley fast file system)
 hsfs = high sierra file system (CD-ROM)
 pcfs = PC file system (DOS, FAT32)
 udfs = universal disk format file system (Optical
storage DVD, CD-ROM)

Training Professional Center 164

Managing the Solaris OE File System
 Distributed file systems
 nfs = network file system, allows users to share file
 Pseudo file systems
 tmpfs = temporary file system (/tmp), created and
destroyed every time the system is reboot
 swapfs = swap file system is used by kernel to
manage swap space on disk
 fdfs = file descriptor file system /dev/fd/0, /dev/fd/1
#/dev/fd/0 = stdin = <  0<
#/dev/fd/1 = stdout = >  1>
#/dev/fd/2 = stderr  2>
#/dev/fd/3 = file name
 procfs = process file system contains a list of active processes in
/proc such as #ps
 mntfs = mount file system provides read-only info from kernel

Training Professional Center 165

Managing the Solaris OE File System

Training Professional Center 166

Managing the Solaris OE File System

Training Professional Center 167

Create a New UFS file system
Disk label
 VTOC
Boot Block
 The bootstrap program (bootblk) resides in the 15 disk sector
(Sector 1-15), Only the / (root) file system has an active boot
block.
Primary Superblock (Sector 16-31)
 The number of data blocks
 The number of cylinder groups
 The size of a data block and fragment
 A description of the h/w, derived from the label
 The name of the mount point
 File system state flag: clean, stable, active, logging or unknown
Training Professional Center 168
Create a New UFS file system
Backup Superblock (Sector 32)
 The replication protects the critical data in the superblock
Cylinder group blocks
 The number of Inodes
 The number of data blocks in the cylinder group
 The number of directories
 Free blocks, free inodes, and free fragments in the cylinder
group
 The free block map
 The used inode map

Training Professional Center 169

Create a New UFS file system
The ufs inode
 The type of file and the access mode
 The UID and GID
 The size of the file
 The link count
 The time the file was last accessed and modified and the inode
change
 The total number of data block used by or allocated to the file
 Two types of pointer direct pointers and indirect pointers

Training Professional Center 170

Inodes
 Twelve-8 bytes = 96 bytes

Training Professional Center 171

Data Block and fragmentation
 1kbyte * 8 = 8196 bytes

Training Professional Center 172

Using the newfs command
# newfs /dev/rdsk/c1t3d0s0

Newfs: construct a new file system

/dev/rdsk/c1t3d0s0 : (y/n)? Y

This process also creates a lost+found directory for ufs file system,
which is directory that is used by the file system check and
repair (fsck command) utility (1-10% of disk space)

# newfs –m %free /dev/rdsk/c1t3d0s0

# newfs –m 20 /dev/rdsk/c1t3d0s0

# fstype –v /dev/rdsk/c0t0d0s0 | head -10  check % of lost+found dir.

# tunefs –m 1 /dev/rdsk/c1t3d0s0
Minimum percentage of free space change from 10% to 1%

Training Professional Center 173

Checking the File system by Using fsck command

Training Professional Center 174

Checking the File system by using fsck command
 Data Inconsistencies checked by fsck command

Training Professional Center 175

Checking the File system by Using fsck command
Checking the File system
# fsck –y /dev/rdsk/c0t0d0s0
# fsck –y /export/home  mount point
# fsck –o f,p /dev/rdsk/c0t0d0s5
where f = forces a file system check state of
regardless mark clean flag
p = Check and fix file system
Caution: Never run the fsck command on a mounted file system,
/ (root), /usr and /var  if need run on single mode (# init 0)

Training Professional Center 176

Checking the data consistency of File system
# fsck /dev/rdsk/c0d1s0

Finding whether need to checking

 /dev/rdsk/c0d1s0  /export/data
 # umount /export/data
 # fsck –m /dev/rdsk/c0d1s0
 If need, init S or s
 # fsck /dev/rdsk/c0d1s0
 # man fsck
Training Professional Center 177
Become single user mode – To use fsck command

Training Professional Center 178

Resolve File System Inconsistencies
 Reconnecting an allocated unreferenced file
 Adjusting a link counter
 Salvaging the free list
 Using backup superblocks
Error Message:
- Cannot mount file system name
- Device name is not the fstype
- Cannot mount /dev/dsk/c0t0d0s7

# fsck –o b=32 /dev/rdsk/c1t3d0s0

# newfs –N /dev/rdsk/c0t0d0s7
where N = To view the file system parameter that you use to create a new file system
without

Training Professional Center 179

Resolve File System Inconsistencies

Training Professional Center 180

Resolve File System Inconsistencies

Training Professional Center 181

Monitoring File System Use
 Using the df command
 Using the du command
 Using the quot command
 Using the SMC usage tool

Training Professional Center 182

Monitoring File System Use - df
df
display the number of free disk block
-a = report on all file system
-b = print the total number of Kbytes free
-e = print only the number of file
-k = display disk allocation in Kbytes
-h = acts like –k (14K, 234M etc)
-l = report on local file system only
# df –k
# df –h

Training Professional Center 183

Monitoring File System Use - du
du
display the number of disk block used by directory and
file, each disk block consist of 512 bytes
-k display disk use in Kbytes
-s display only the summary in 512 bytes block
-a display the number of block used all files
# du –k
# du –ak /opt
# du –sk /opt

Training Professional Center 184

Monitoring File System Use - quot
quot
display how much disk space in Kbytes, is being
use by users
-a = report on all mountd file system
-f = includes the number of files
# quot –af
# quot –f /dev/dsk/c1t0d0s5

Training Professional Center 185

Monitoring File System Use - quot

Training Professional Center 186

Working with Mounting Fundamentals
Virtual file system table: /etc/vfstab
The /etc/vfstab file lists all the file system to be
automatically mounted at system boot time, with
the exception of the /etc/mnttab and /var/run file
system
# more /etc/vfstab
# more /etc/mnttab

Training Professional Center 187

Clear passwd
 # sync sync command
 # init 0 ทาการเขียนข ้อมูลจาก NVRAM  HDD
Unix boot from NVRAM
 Insert Solaris Installation CD
 ok> boot cdrom –s
 # EDITOR=vi
 # TERM=sun
 # export EDITOR TERM Export Global Assigned Variable
# echo $TERM
 # mount /dev/dsk/c0t0d0s0 /a
 # vi /a/etc/passwd
 # vi /a/etc/shadow
 # pwconv

Stop+A = OK prompt

Training Professional Center 188

Performing Mounts - options
# mount /dev/dsk/c0t0d0s7 /export/home

read/write = r/w are allowed on the file system

setuid = Permit the execution of setuid program in the file system
intr/nointr = Allow and forbid keyboard interupts to kill a process that is
waiting for an operation on locked file system
nologging = indicate that logging is not enabled for the ufs file system
largefile = allow for the creation of file larger than 2GB
xattr = supports extended attributes not found in std unix
noatime = Suppress the time-last-access modification on inodes
onerror = action (panic, lock, mount)
- panic = causes a forced system shutdown, this is the default
- lock = applies a file system lock to the file system
- umount = forcibly unmount the file system

Training Professional Center 189

Performing Mounts
Automatic read from /etc/vfstab
# mount /export/home

# mount –o ro /dev/dsk/c0t0d0s6 /usr

# mount –o ro,nosuid /dev/dsk/c0t0d0s7 /export/home
# mount –o noatime /dev/dsk/c0t0d0s7 /export/home
# mount –o nolargefile /dev/dsk/c0t0d0s7 /export/home
# mount –o logging /dev/dsk/c0t0d0s7 /export/home
# mountall  mount at /etc/vfstab file
# mountall -l
Training Professional Center 190
Performing Mounts
Mounting a new file system
# mkdir /database
# mount /dev/dsk/c1t4d0s0 /database
# mount
check to determine if the file system is mounted
# vi /etc/vfstab
add line entry for the new file system
/dev/dsk/c1t4d0s0 /dev/rdsk/c1t4d0s0 /database ufs 1 yes logging

Training Professional Center 191

File System Type
# cat /etc/default/fs (LOCAL=ufs)
# cat /etc/dfs/fstypes  the first line entry in fstypes determines the
default remote file system type

Using the fstyp command

# fstyp /dev/rdsk/c0t0d0s7

Specifying a hsfs file system type

# mount –F hsfs –o ro /dev/dsk/c0t6d0s0 /cdrom

Specifying a pcfs file system type

# mkdir /pcfs
# mount –F pcfs /dev/diskette /pcfs

Training Professional Center 192

Performing Unmount
# umount /export/home  /etc/vfstab
# umount /dev/dsk/c0t0d0s7

# umountall
# umountall –l

Error Message
Umount: file system name busy
- A program is accessing a file or dir in file system
- A user is accessing a file or dir
- A program has a file open
- The file is being share

Training Professional Center 193

Fuser Command
List all of the process that are accessing and kill them if necessary
# umount –f command
 Force the umount of a file system

# fuser –cu mount_point

# fuser –ck mount_point
 Send SIGKILL to each process
# fuser –c mount_point
# umount mount_point

Using the umount –f command

# umount –f mount_point
Training Professional Center 194
Repairing Important file if boot Fails
1. Insert Solaris Installation CD
2. Press Stop-A
3. ok boot cdrom –s
4. # fsck /dev/rdsk/c0t0d0s0
5. # mount /dev/dsk/c0t0d0s0 /a
6. # TERM=sun
7. # EDITOR=vi
8. # export TERM EDITOR
9. # vi /a/etc/vfstab
:wq!
10. # cd /
11. # umount /a
12. # init 6 (reboot)

Training Professional Center 195

Access Devices
Accessing file system on a diskette
 /floppy/floppy0
If the vold daemon detects that the diskette contains a
file system the vold daemon mount the device to the
# volcheck /floppy mount point

If the vold daemon detects that the diskette does not

contains a file system the vold daemon mount the device
to the /vol/dev/aliases mount point

Training Professional Center 196

Directory Location
 First diskette drive
 /floppy/floppy0
 First CD-ROM or DVD
 /cdrom/cdrom0
 First Jazz Drive
 /rmdisk/jaz0
 First Zip Drive
 /rmdrive/zip0
 First PCMCIA
 /pcmem0
 First USB/FlashDrive == /dev/???/uhci0
Training Professional Center 197
Directory Location
 List the path for mounted device that do not contain file
system
 /vol/dev/aliases/floppy0, cdrom0, jaz0, zip0, pcmem0
 Volume Configuration file
 /etc/vold.conf
 /etc/rmmount.conf
 removable media mounter that is executed by the volume manager
daemon
 Stopping Volume Management
 # /etc/init.d/volmgt stop
 Starting Volume Management
 # /etc/init.d/volmgt start

Training Professional Center 198

Troubleshooting vold problem
If a CDROM fails to eject from the drive, as the root
user attempt to stop volume management. If this
is unsuccessful kill the vold daemon
# /etc/init.d/volmgt stop
# pkill -9 vold
# /etc/init.d/volmgt start
# eject cdrom

Training Professional Center 199

Review - Day 2
 Introducing the Solaris OE Directory Hierarchy
 Managing Local Disk Devices
 Managing the Solaris OE File System
 Performing Mounts and Unmounts

Training Professional Center 200

Training Professional Center 201
Day 3
 Installing Software, Live Upgrade, and Patching
 Text Processing and Editing
 Shells, Scripts, and Scheduling
 Process Management

 System Security
 File System Access Control
 Role-Based Access Control
 Users, Groups, and the Sun Management Console
 Kerberos and Pluggable Authentication
Training Professional Center 202
Training Professional Center 203
Performing Solaris OE Package Administration
 Introducing the Fundamentals of Package
Administration
 Software packages
 The /var/sadm/install/contents file

 Freeware URL
 http://sunfreeware.com

Training Professional Center 204

Performing Solaris OE Package Administration
 Administering Packages From the Command Line
 Displaying information about installed software
packages
 Displaying information for all packages
 Displaying information for a specific package
 Displaying information for software packages
 Adding a software package
 Checking a package installation
 Removing a software package
 Adding packages by using a spool directory
 Reviewing package administration

Training Professional Center 205

Package Installation
Web Start Wizard
 Insert CDROM package
 # cd /cdrom/cdrom0
 # ./installer
 Select desire to install

Command Line
 # pkginfo [Package Name]  check if exist.
 # pkgrm [Package Name]  remove package
 # pkgadd –d [datastream, Path] [Package Name] 
install package

Training Professional Center 206

Package Installation
 Core  Firewall
Hacker

Scanport
APP - FW

OS
Core

H/W

Training Professional Center 207

Package Installation
View the name of the cluster configuration
# grep METACLUSTER /var/sadm/system/admin/.clustertoc

Determine which cluster configuration

has been installed on the system
# cat /var/sadm/system/admin/CLUSTER

Training Professional Center 208

Solaris Product Registry
# prodreg  GUI

- View software package installed in system

- Add/Remove software package

Training Professional Center 209

The pkginfo Command
# pkginfo | more
# pkginfo –l | more
# pkginfo –l SUNWman
# pkginfo | wc –l  How many packages are installed
# pkginfo –d /cdrom/cdrom0/Solaris_10/Packages | more

# cd /cdrom/cdrom0/Solaris_10/Packages
# ls –l  Check package name
# pkgadd –d . SUNWns6m  add packages

Training Professional Center 210

The pkginfo Command

Training Professional Center 211

Check Package Installation Accuracy
# pkgchk SUNWns6m  check packages
# pkgchk –v SUNWns6m
# pkgchk –p /etc/shadow
To determine if the contents and attributes of a
file have change since it was installed with its s/w
package
# pkgchk –l –p /usr/bin/showrev
-l option list information about selected file that
make up a package

Training Professional Center 212

Check Package Installation Accuracy

Training Professional Center 213

Check Package Installation Accuracy

Training Professional Center 214

The pkgadd / pkgrm Command
# cd /cdrom/cdrom0/Solaris_10/Packages
# ls –l  Check package name

# pkgadd –d [path] [packageName]

# pkgadd –d . SUNWns6m  add packages

# pkginfo –l | more
# pkgrm SUNWns6m  remove a s/w package
Training Professional Center 215
Spooling Packages and Remove Packages
Adding Package by using a Spool Directory
/var/spool/pkg

# pkgadd –d /cdrom/cdrom0/Solaris_10/Packages –s spool SUNWns6m

Transferring <SUNWns6m> package instance

# ls -al /var/spool/pkg

# pkgrm –s spool SUNWns6m  remove from spool

# pkgadd –d /cdrom/cdrom0/Solaris_10/Packages –s /export/pkg SUNWns6m

# pkgrm –s /export/pkg SUNWns6m

Training Professional Center 216

Workshop: Package Installation
 Enable FTP server
 Enable root access FTP server
 Edit /etc/ftpd/ftpusers
 #root  comment out

Training Professional Center 217

กำรโอนถ่ำยไฟล ์
 Transfer file
 Open browser: ftp://192.168.9.57
 Login FTP user/password
 ่
การกาหนดเปลียน
 Bin
 Hash
 Prompt
 Mget *.*
 Copy files to local host

Training Professional Center 218

Workshop: Package Installation
 Uncompress packages
 # gunzip [package]
 # gunzip top-3.6-xxxx

 Install package
 # file filename  check file type
 # pkgadd –d [datastream, package]
 # pkgadd –d top-3.6-xxxx
 Following the steps of package installation

Training Professional Center 219

Workshop: Package Installation
Top – Process Monitor Utility

Training Professional Center 220

Workshop: Package Installation
Top – Process Monitor Utility

Training Professional Center 221

กำรดำวน์โหลดไฟล ์ด้วย pkg-get
 ดาวน์โหลดไฟล ์ BOLTpget.pkg จากเว็บไซต ์
www.sunfreeware.com
 Pkgadd –d BOLTpget.pkg
 การเปรียบเทียบกับค่าเดิม
 Pkg-get compare
 ี่ าน Proxy ต ้องติดตัง้ wget
กรณี ทผ่
 แก ้ไขไฟล ์ที่ /etc/pkg-get.conf
 ่ path ที่ http://www.sunfreeware.com/ftp.html
เปลียน
 กรณี ทต ี่ ้องการเรียกจากทีอื
่ นใช
่ ้ pkg-get –s
Training Professional Center
ftp://tmp.site/path/url -U 222
Enable ‘root’ to remote login
# gedit /etc/default/login
 #CONSOLE=/dev/console  Comment out

Enable / Change Language – localization – locale

# gedit /etc/default/init
LANG=C  Default English POSIX©
** Comment out others #LC_*

Training Professional Center 223

Transfer file from FTP server

Training Professional Center 224

Remote login via Xwindow
 Logout to login-screen
 Click ‘Option’
 Select ‘Remote Login’
 Select ‘Host Name/IP address’
 Select ‘Choose from List’

Training Professional Center 225

Training Professional Center 226
Managing Software Patches on the Solaris OE
Preparing for Patch Administration
 Introducing Solaris OE patches
 Type of Patches
 Signed / Unsigned – Digital Signature
 Accessing patch documents
 Checking patch levels
 Obtaining patches
 Preparing patches for installation
 Patch contents

Training Professional Center 227

Managing Software Patches on the Solaris OE
 Installing and Removing Patches
 Installing a patch
 Removing a patch
 Installing patch clusters

Training Professional Center 228

Managing Software Patches on Solaris OE
 http://sunsolve.sun.com
 Recommend Cluster Patch

Checking Patch Levels

# showrev –p
# patchadd –p

# ls /var/sadm/patch

Training Professional Center 229

Managing Software Patches on Solaris OE
Preparing Patches for installation
# cd /var/tmp
# /usr/bin/unzip 10500-01.zip

Installing patches one by one

# cd /var/tmp
# patchadd 10500-01

Removing patches
# patchrm 10500-01

Installing cluster patches

# mkdir /tmp/cluster
# cd /tmp/cluster
# gunzip 10_x86_Recommended.zip
# ./install_cluster

Training Professional Center 230

Training Professional Center 231
Live Upgrade
 Separate boot environment (BE)
 Install new OE files to alternative location
 System need to be rebooted only once
 If new boot environment fails, the old will take
action
 System layout and configuration can be different
from existing
 Allow to fine-tune the existing configuration

Training Professional Center 232

Live Upgrade

Training Professional Center 233

Live Update
1. Update patch of LiveUpgrade **
From Installation CD/DVD
2. Add HDD for new BE
3. Become to runlevel 1 (Single User Mode)
# init 1
or
# /etc/telinit 1

# lu  Live Upgrade Application

Training Professional Center 234
Training Professional Center 235
Visual Display Editor (vi)
3 Modes
Command a,i,o,A,I,O
 Command Mode Mode

 Edit Mode :

 Last line Mode Esc Esc

หรือ Auto Edit
Last line switch Mode
Mode

:q = quit from vi
:w = save to file
:r = read to file
:q! = force to quit (save?)
:w! = force write (read only?)

Training Professional Center 236

Text-Processing Utilities
 Operation
 > Redirects standard output to file
 >> Appends standard output to file
 < Redirects file contents to standard input
 << Appends file contents to standard input
 # echo “This is Redirection 1” > /tmp/output.txt
 # echo “This is Redirection 2” >> /tmp/output.txt
 # more < /tmp/output.txt
 # more << /tmp/output.txt

 Man
 # man man
 Cat / More / less
 # cat filename.txt
 Head
 # head filename.txt
 Tail
 # tail filename.txt

Training Professional Center 237

Text-Processing Utilities
 Grep
 # grep “keyword” filename.txt
 Echo
 # echo “Text” > filename.txt
 # echo $PATH
 Sort
 # sort filename.txt
 # sort filename.txt > filename-sort.txt
 Diff
 # diff file1.txt file2.txt

Training Professional Center 238

Training Professional Center 239
 Understanding Shells

Training Professional Center 240

Tasks Common to All Shells
 Aliases
 Command-line editing
 Enhanceed cd.
 History list
 Ignore CTRL-D
 .profile
 .cshrc
 Job control
 Logout file
 Protection of file from overwriting (noclobber)
Training Professional Center 241
Changing Shells from command line
# sh  Bourne Shell
# csh  C Shell
# ksh  Korn Shell
# bash  Bourne Again Shell
# zsh  Z Shell

Exit from Shells

# exit
Training Professional Center 242
Unix Shell
 Bourne Shell (/bin/sh - Default shell)
 เป็ นมาตรฐานของระบบ Unix ทุกตัว

 C Shell (/bin/csh)
 มีขด ี ความสามารถสูงกว่า Bourne Shell
 ใช ้ไวยากรณ์ของภาษาซี C-Programming

 Korn Shell (/bin/ksh)

 ดึงเอาความสามารถของ Bourne และ C Shell มาใช ้
 มีขนาดใหญ่ ประสิทธิภาพมากขีน้

 Bourne-Again Shell (/usr/bin/bash)

 Incorporate both C and Korn Shell

Training Professional Center 243

Prompt Shell
 Bourne Shell ($)
 C Shell (%)
 Korn Shell ($)

 Admin (#) ไม่วา่ จะใช ้ Shell อะไร

การเรียกใช ้ Shell
# /bin/sh หรือ /usr/bin/sh
# /usr/bin/bash
# /bin/csh หรือ /usr/bin/csh
# /bin/ksh หรือ /usr/bin/ksh

การออกจาก Shell
# exit

Training Professional Center 244

Shell Variables
Bourne/Korn C Shell ควำมหมำย
 HOME home Home Direcoty
 LOGNAME user Userid/name
 PS1 prompt แสดง Prompt
 PATH path Search Path
 PWD pwd Current Direcoty

ขอดูรายการของ Shell Variables

# set
# env

# echo $variablename
# echo $HOME
# echo $PATH

Training Professional Center 245

กำรกำหนดค่ำ Shell Variable
Bourne/Korn
# PS1=“MyPrompt> ”
# PS1=MyPrompt>
# PATH=$PATH:/usr/bin:/usr/java/bin

การกาหนดค่าตัวแปรแบบ Public
# Variable=Value
# export Variable
มีคา่ เท่ากับ
# Variable=Value; export Variable

# PS1=“MyPrompt>”; export PS1

# PATH =$PATH:/usr/bin:/usr/java/bin; export PATH

C Shell
%> set prompt=“MyPrompt> ”
%> set path=($path /usr/bin /usr/java/bin)

Training Professional Center 246

Bash Shell
การกาหนด Prompt
PS1=‘\s-\v\$ ’
bash-3.00# __
PS1=‘\u@\h<\w>$ ’
root@host</tmp>$ __

\s = Shell name
\v = Version
\u = User id
\h = Hostname
\w = Working Directory
Training Professional Center 247
Bash Shell - Completion
Key – Tab

# bash
bash# cd /e [tab]
etc/ export/

bash# cd /ex [tab]

bash# cd /export

bash# pr [tab]
pr prxxx pryyy przzz
Training Professional Center 248
Bash Shell – Session History
Key – Up / Down
# history [enter] (List history command)
# !หมายเลข [enter]
# !4 [enter]

Training Professional Center 249

Korn Shell - Completion
# set –o emacs
# cd /ex [esc][esc]
# cd /export

# cd /t [esc][esc]
# cd /tmp

Training Professional Center 250

Korn Shell – Session History
่
ต ้องการเลือนดู ่ า
คาสังเก่
Key Ctrl+P = Previous command
Key Ctrl+N = Next command

ดูรายการ
# history

ต ้องการร ันคาสัง่
# r [No of command]
# r 38
Training Professional Center 251
C Shell – Session History
เรียกใช ้งาน
# csh
%

ดูรายการ
% set history=10
% history

ต ้องการร ันคาสัง่
% ![No of command]
% !11
Training Professional Center 252
Introducing to Solaris Management Console
# smc &

SMC Service
# /etc/init.d/init.wbem status
# /etc/init.d/init.wbem stop
# /etc/init.d/init.wbem start

** Console / Terminal
** Slow loading…
Training Professional Center 253
Introducing to Solaris Management Console

Training Professional Center 254

Introducing to Solaris Management Console

Training Professional Center 255

Solaris Management Console (SMC)
# smc & (background running)
# smc (forground running)
 Key ‘Ctrl-Z’
 Key ‘bg’
 Key ‘fg’

Find Disk space

# df –k (1K block)
# df –h (1K unit – KB, MB,GB)

Find Disk Usage

# du –k [pathname] (1k block)
# du –h [pathname] (1K unit – KB, MB,GB)

Training Professional Center 256

Finding User Information
# who –r
# finger
#w

Training Professional Center 257

Training Professional Center 258
 User Accounts and Groups

Training Professional Center 259

Tools for adding and admin user accounts
# smc &
# useradd
# userdel
# usermod

Creating password for user

# passwd username

Training Professional Center 260

Setting Up & Admin Groups
# groupadd mygroup
# groupadd mysale
# groupadd mygroup2
 Group Name <= 8 Chars
 Groupid automatic generate (gid=100)
 File /etc/group เก็บข ้อมูลของ Group

 Modify group information

# groupmod –g [gid] –n [newname] oldgroup
Training Professional Center 261
Adding User Accounts
# useradd –d /export/home/user1 –m –g mygroup user1
# useradd –d /export/home/user2 –m –g mysale user2
# useradd –d /export/home/user3 –m –g mygroup2 user3

Check Home directory

# cd /export/home
# ls –l

่ ยวข
Check File ทีเกี ่ ้อง
 File /etc/passwd
 File /etc/shadow

Change Password
Login as root
# passwd userid

Training Professional Center 262

หลักกำรตง้ั Password ทีถู
่ กต้อง

 Password ต ้องยาวอย่างน้อย 8 ตัวอักขระ

 Password ต ้องประกอบด ้วย อักษร ตัวเลข ตัวอักขระ
พิเศษ
 p@ssw0rd
 ่
Password ต ้องเปลียนบ่ ้ั
อยๆ (เดือนละครง)
 ้ น
Password ต ้องไม่ซากั
 Password ต ้องจาได ้ด ้วย

Training Professional Center 263

Modify user information
# usermod –u [uid] –s [default shell] –g [gid] user1

หา PATH ของ Bash Shell

# which bash
# whereis bash
 /usr/bin/bash

# usermod –s /usr/bin/bash user1

Training Professional Center 264

Login user by ‘su’ command
su – Substitution User
Log File of SU
# su userid/username /var/adm/sulog
 จะไม่ได ้ ค่า Environment/Profile ของ User
Configuration File of SU
# su - userid/username /etc/default/su
 จะได ้ ค่า Environment/Profile ของ User ด ้วย

Environment/Profile user
 Home directory
 .profile (Bourne)
 .bashrc (Bash Shell)
 .cshrc (C Shell)
 .kshrc (Korn Shell)

List / View Profile

 $> ls –la /export/home/user1
 $> more /export/home/user1/.profile

Training Professional Center 265

Login by using Login Screen (CDE/JDS)
 Start machine
 Popup Login screen
 Type
 username:
 password:

Training Professional Center 266

Link Profile
Create Soft / Symbolic Link
# ln –s [source file] [destination file]
# ln –s [source dir] [destination dir]

Link Files
# ln –s .profile .bashrc
# ln –s .profile myprofile

Link Directory
# ln –s /usr/bin /bin

Remove Link
# rm linkname

Training Professional Center 267

Link Profile
# ls -l
 .bashrc  .profile
 myprofile  .profile

Training Professional Center 268

Password Policy
 /etc/default/passwd
 ควบคุมความยาว
 ความยาก
 ขนาดรหัสผ่าน
 ข ้อห ้ามกับการใช ้คาในพจนานุ
กรม

Training Professional Center 269

Account Policy
 /etc/default/login
 Timezone
 Ulimit
 Passreq
 Altshell
 Path, SUPath
 Timeout
 Umask
 Retries
 Syslog
Training Professional Center 270
SU policy
 /etc/default/su
 SULOG
 PATH
 SUPATH
 SYSLOG

Training Professional Center 271

Training Professional Center 272
 Rights and Roles

Training Professional Center 273

RBAC Databases
Key concepts:
sudo
allow privileged role to be assigned to various
users (has some limitation)

RBAC – Role-Based Access Control

To define role for managing special tasks or set of
tasks.

Training Professional Center 274

Roles
Primary Administrator – PA
Assigns rights to other users and is responsible
for security
System Administrator – SA
Is responsible for day-to-day administration that
is not security-related
Operator
Performs backups and device maintenance

Training Professional Center 275

Roles

Training Professional Center 276

Roles

Training Professional Center 277

Roles

Training Professional Center 278

Command to Manage RBAC

Training Professional Center 279

Command to Manage RBAC

Training Professional Center 280

Command to Manage RBAC

Training Professional Center 281

ค่ำไฟล ์ใน RBAC
 /etc/security/exec_attr
 Date
Management:suser:cmd:::/usr/bin/date:euid=0
 ่
คาสังในการเพิ ่ Role
ม
 Roleadd –m –d /export/home/datuser –c “RBAC Lab
example” \ -s /usr/bin/pfksh –P “Date Management”,
All datuser
 Passwd datuser

Training Professional Center 282

Training Professional Center 283
 Administering Systems

Training Professional Center 284

Determine Hostid
Check HostId = HEX 8 Bytes
# hostid
# sysdef –h
04990A1A

# sysdef > /tmp/sysdef.txt

Host Information
# uname –a
# more /etc/release

Display System Information

# prtconf

Training Professional Center 285

How long a system has been up
Invoke by command
# uptime

Find system was booted

# who –b

View system date / time

# date

Set system date / time

# date mmddHHMMyy
mm = Month (1-12)
dd = Day of Month (1-31)
HH = Hour (0-23)
MM = Minute (0-59)
yy = Year

Training Professional Center 286

Changing Timezone
 Edit in file /etc/TIMEZONE
 TZ=“Asia/Bangkok”

The complete list of time zone variables

 /usr/share/lib/zoneinfo

Training Professional Center 287

Training Professional Center 288
 Printing Service

Training Professional Center 289

Introducing Network Printing Fundamentals

Training Professional Center 290

Locating the destination printer
lp / lpr
1. Option command line
2. PRINTER, LPDEST
3. $HOME/.printers
4. /etc/printers.conf
5. Name service
(NIS,NIS+,LDAP)
6. No printer

Training Professional Center 291

Introducing the local print process

Training Professional Center 292

Introducing the remote print process

Training Professional Center 293

Printer Manager
# /usr/sadm/admin/bin/printmgr &
 Name service = File Attached Printer

 Click Menu Printer

 Add Attached Printer
 Add Network Printer

# lpadmin
# lpq Network Printer

Training Professional Center 294

Setting Print Server
 Printer Name
 Server Name
 Network printer access name
 IP address for the printer
 Protocol (TCP)

Training Professional Center 295

 ่
คำสังในกำรติ ้
ดตังเครื ่
องพิมพ ์
 Local Printer

 Network Printer

Training Professional Center 296

Remote Printer
 Remote Printer

Training Professional Center 297

Setting Print Server
Login as root
# lpadmin –p HPLJ4050 –v /dev/null
# enable HPLJ4050
# accept HPLJ4050
# lpstat –p HPLJ4050
# lpstat –p HPLJ4050 –l  For more Infomation

Printing
# lp –d HPLJ4050 –n 1 filename

Cancelling Printing
# lpstat –p HPLJ4050  Find request-id
# cancel [request-id]

Training Professional Center 298

Training Professional Center 299
 File Systems, Backup and Recovery

Training Professional Center 300

Backup & Restore File System
 Tape Device
 /dev/rmt/0  Tape 1
 /dev/rmt/1  Tape 2
 Backup file system
# ufsdump 0cuf /dev/rmt/0 /dev/dsk/c0d0s0
# man ufsdump

 Restore file system

# ufsrestore
# man ufsrestore

Training Professional Center 301

ค่ำกำหนดของ Default
 /etc/default/tar

Training Professional Center 302

Backup & Restore File System
 Backup Strategy
 Full Backup
 Differential Backup
 Incremental Backup
MON TUE WED THU FRI

NORM Full Full Full Full Full

DIFF Full D D D D

INC Full I I I I

Training Professional Center 303

Incremental Backup Strategy

Training Professional Center 304

Using the ufsdump command

Training Professional Center 305

Backup & Restore File System
 /dev/dsk/c0d0s0  /dbasefile
 /dev/dsk/c0d1s0  /backup

# ufsdump 0a /backup/full.dat /dev/dsk/c0d0s0

 /backup/full.dat

# ufsdump 0c /dev/rmt/0 /dev/dsk/c0d0s0

Training Professional Center 306

Backup & Restore File System
List table of content
# ufsrestore ta /backup/full.dat
Extract data from backup device
# ufsrestore xvf /backup/full.dat
Interactive data from backup device
# ufsrestore ia /backup/full.dat
ufsrestore> help
ufsrestore> ls
ufsrestore> add [filename]
ufsrestore>
Training Professional extract
Center 307
Backup & Restore File System
Disk Duplicate - backup full disk space
# dd if=/dev/dsk/c0d0s2 of=/dev/dsk/c0d1s2

Create tar file

# cd /
# tar cvf /export/data/full.tar ./etc

Extract tar file

# cd /export/extract
# tar xvf /export/data/full.tar [.]

# compress –f full.tar
 full.tar.Z  $> uncompress full.tar.Z  tar xvf full.tar

Training Professional Center 308

Backup & Restore File System
Creating tar/gzip format
 # tar cvf - ./etc | gzip - > /export/data/full.tgz

Extracting tar/gzip format

 # gunzip full.tgz  tar xvf full.tar
OR
 # gzcat /export/data/full.tgz | tar xvf -

Training Professional Center 309

Quota Manager
 กาหนดขนาดใน Partition
 /quotas
 กาหนดค่าโดย edquota

Training Professional Center 310

ตัวอย่ำงกำรกำหนด Quota
 ่ ใ้ ช ้
Edquota ชือผู
 ระบุคา่ ในไฟล ์

Training Professional Center 311

Webmin and Quota Manager

Training Professional Center 312

Review – Day 3
 Installing Software, Live Upgrade, and Patching
 Text Processing and Editing
 Shells, Scripts, and Scheduling

Training Professional Center 313

Training Professional Center 314
Day 4
 Process Management
 File System Access Control
 Role-Based Access Control
 Users, Groups, and the Sun Management Console
 Backup and Recovery
 Printer Management
 Basic Networking

Training Professional Center 315

Start / Stop process
 # processname [&]
 [&] is for running as background process
 # processname
 CTRL-Z  # bg
 # fg (For running as forground process

 # find / -name init –print

 CTRL-Z  # bg
 # find / -name init –print &

 # ps –ef | grep processname

 # kill [process id]
 # pkill [processname]

Training Professional Center 316

Start / Stop process
Show all SIGNALs
# kill –l

Send SIGNAL to process

# kill [-signal_name] pid
# kill [-signal_number] pid

# kill -1 728  Send SIGHUP to PID=728

# kill -HUP 728  Send SIGHUP to PID=728
Training Professional Center 317
Scheduler with at & Crontab
 ่
คาสังในการตั ้
งเวลามี
 At
 crontab

Training Professional Center 318

คำสัง่ at และ batch
 At –c|-k|-s
เป็ นการระบุ sh

Training Professional Center 319

กำรใช้คำสัง่ at
 at –f /export/myservice.sh 9:51
 at –l ดูรายการพบว่ายังไม่มี
 at –f /root/count.sh 9:52
 at –l ตรวจสอบว่าทางานหรือยัง
 date
 at –l พบว่าทางานไปแล ้ว

320
กำรใช้คำสัง่ batch
 Batch [-p project]

321
กำรอนุ ญำตให้ใช้ at และ batch
 กาหนดได ้ทีไฟล ่ ์
 /usr/lib/cron/at.allow
 /usr/lib/cron/at.deny
 การพิจารณาจะตรวจสอบที่ at.allow เป็ นหลักถ ้ามี
รายการผูใ้ ช ้อยู่ก็จะอนุ ญาตให ้ใช ้
 ่ งสองนี
ซึงทั ้ ้ าหนดเพือให
ก ่ ้อนุ ญาต หรือไม่อนุ ญาตให ้ใช ้
 หมายเหตุ การใช ้ allow กับ deny ไม่สามารถกาหนด
่ น root
ให ้กับผูใ้ ช ้ทีเป็

322
รู ้จักกับ Crontab
# man cron
 /usr/sbin/cron
# man crontab
# cd /var/spool/cron/crontabs
 root
 username
# cd /etc/cron.d
 File cron.allow
 File cron.deny

Training Professional Center 323

ค่ำควบคุม Crontab
 ค่าตรวจสอบอนุ ญาตจะดูที่
 /usr/lib/cron/cron.allow
 /usr/lib/cron/cron.deny
 Root สามารถใช ้ crontab ได ้

Training Professional Center 324

คำสัง่ Crontab

Crontab {-l|-r|-e} user

user กาหนดพิจารณาไฟล ์ cron ของผูใ้ ช ้ที่
่ ้อยู่
ต ้องการ ถ ้าไม่ระบุคอื User ทีใช
-l แสดงรายละเอียดภายในไฟล ์ cron
-r ่ ้าง
ลบไฟล ์ cron ทีสร
-e เข ้าไปแก ้ไขโดยโหลด vi อัตโนมัติ
-v ่ ้ไข
แสดงค่าสุดท ้ายทีแก

Crontab –e เข ้าไปแก ้ไข

325
 ่ ำหนดในตำรำง crontab
ค่ำทีก

“Minutes” “Hours” “Day of month” “month” “Day of week” job

Minutes ่ าหนด 0-59
ค่าทีก
Hours ่ าหนด 0-23
ค่าทีก
Day of month กาหนดได ้ 1-31
Month กาหนดได ้ 1-12
Day of week กาหนดได ้ 0-6 ค่า 0 คือวันอาทิตย ์
job โปรแกรมหรือสคริปต ์ 326
 ่ ยวข้
ค่ำตัวแปรทีเกี ่ องกับ Crontab
 ่ ใช
คาสังที ่ ้ Crontab สามารถทีเรี ่ ยกใช ้ได ้จาก Home
directory ของผูใ้ ช ้ (/usr/bin/sh)
 ่ บอยู่ที่
ตาแหน่ งทีเก็
 HOME=user's-home-directory
LOGNAME=user's-login-id
PATH=/usr/bin:/usr/sbin:.
SHELL=/usr/bin/sh

Training Professional Center 327

Crontab กับ e-mail
 ่
โดยทัวไป ่
Crontab จะส่งข่าวสารให ้กับ e-mail เพือแจ ้ง
 ่ ดได ้โดยไปที่
เราสามารถทีจะปิ
 >/dev/null 2>&1

Training Professional Center 328

Crontab กับกำรเก็บ Log
 การเก็บล็อกของ Crontab ทาได ้โดย
 30 18 * * * rm /home/someuser/tmp/* >
/home/someuser/cronlogs/clean_tmp_dir.log

Training Professional Center 329

ตัวอย่ำงกำรพิมพ ์ และกำรตรวจสอบ
 พิมพ ์ crontab –e
 * * * * * /bin/echo "Do every 1 minute:” `date`
 30 * * * * /bin/echo "Do every half hour:” `date`
 * 19 * * * /bin/echo "Do 1 hour since 19:00-19:59: ”
`date`
 * * 22 * * /bin/echo "Do everytime in date 22: ”
`date`
 * * * 3 * /bin/echo "Do everytime in March: ” `date`
 * * * * 5 /bin/echo "Do everytime in Friday: ” `date`
 0 19 22 3 5 /bin/echo "Do once on Friday 22 March
19:00: ” `date`
 พิมพ ์ crontab –l 330
ตัวอย่ำงกำรสร ้ำงค่ำใน Crontab

Training Professional Center 331

LAB: Cron vs At command
Edit file crontab
 # crontab -e
 OR
 # vi /var/spool/cron/crontab/root
 30 11 * * * /tmp/echo.sh
 $> chmod +x /tmp/echo.sh
 # ps –ef | grep cron
 # kill [cron pid]
  restart cron to read new crontab
 # date  check time/date
 Execute /tmp/echo.sh

 /var/spool/cron/atjobs/[jobid]
 # at –m 1141
 at> /tmp/echo.sh
 CTRL-D

Training Professional Center 332

LAB: Crontab
 10:10 25 Jan 2007
 /tmp/echo.sh

 10 10 25 01 04 /tmp/echo.sh
 10 10 25 1 4 /tmp/echo.sh
 10 10 25 1 * /tmp/echo.sh

Run command every 3 hours

 * 0 * * * command
 * 3 * * * command
 * 6 * * * command
 * 9 * * * command
 * 12 * * * command
 * 15 * * * command
 * 18 * * * command
 * 21 * * * command
Training Professional Center 333
Mail client - mailbox
# mail
? [enter]  Show command for mail client

Mailbox of sendmail
# more /var/mail/[username]

Training Professional Center 334

Training Professional Center 335
Syslog
 /etc/syslog.conf
 ่
แก ้ไขและเปลียนแปลงค่
า
 /etc/default/syslogd
 ่
กาหนดอนุ ญาตให ้บันทึกข ้ามเครืองได ้

Training Professional Center 336

ตัวอย่ำงไฟล ์ /etc/syslog.conf

Training Professional Center 337

แนวคิด Syslog
Security Log server
-Detection
-Analysis (centralized log)
syslogd
Web server

log
Content
log
F/W
Syslog.conf

Syslog.conf

Training Professional Center 338

Webmin and Syslog

Training Professional Center 339

Training Professional Center 340
Training Professional Center 341
 Network Services & Remote Access

Training Professional Center 342

 Internet

Training Professional Center 343

Internet คืออะไร
 ่ าโฮสต ์ต่างๆทัวโลกมาเชื
เครือข่ายทีน ่ ่
อมต่อกัน
 ปัจจุบน
ั มีมากกว่า 60 ล ้านโฮสต ์

Training Professional Center 344

ใครเป็ นคนดู แล Internet
 องค ์กรดูแลมาตรฐาน
 องค ์กรดูแลเครือข่าย
 ่ ใช
องค ์กรดูแลชือที ่ ้

Training Professional Center 345

องค ์กรดู แลมำตรฐำน
http://www.iab.org Internet Activity Board

IAB RFC
Research Task Force Engineering Task Force
ร่างมาตรฐาน สนับสนุ น
IRTF IETF

IRSGIRSGIRSG IRSG IESGIESGIESG IESG

Research Steering Group Engineer Steering Group
Training Professional Center 346
องค ์กรดู แลเครือข่ำย
www.iana.org Internet Assign Name Authority
Whois > IP address
Name space IANA

AfriNIC APNIC ARIN RIPE LACNIC

199.xx 201.xx
JP TH SG
202.xx 203.xx
Training Professional Center 347
 ่ ใช้
องค ์กรดู แลชือที ่
www.icann.org
Whois : Name space ICANN
www.internic.net
Internic
CCTLD
GTLD

Registrar .th .jp

www.thnic.net

.com .net .gov

Training Professional Center 348
Root Server (.)

IANA

AFNIC APNIC ARIN RIPE LACNIC

a. b. c. d. f. g. i. j. l. m.
e. h. k.

DNS ถูกดูแลโดย ICANN

Root hint > a.root,b.root,c…
้ ใ่ นโซนใด
a.root หมายเลข นาไปตรวจสอบว่าตังอยู
Training Professional Center 349
 ้
Root Server (ตังเอง)
“.”
S1 S2
DNS Server
“.com”
กาหนดเอง S3 Delegated DNS

“abc.com” “xyz.com”
Root hint Forwarder
S1 S4 Delegated DNS Delegated DNS S5
S2

Training Professional Center 350

Training Professional Center 351
Simple Network

Training Professional Center 352

Class of IP Addresses

Training Professional Center 353

OSI vs TCP/IP Model

Training Professional Center 354

The banner command

Training Professional Center 355

Solaris 10 Network Installation
 Multiple IP address in One NIC
 Interface name (pcn0,pcn1,…)
 Sub interface (pcn0:0, pcn0:1, pcn0:2)
 Create file
 hostname.pcn0:0
 hostname.pcn0:1
 hostname.pcn0:2
 Multi-Home (NICs)
 Create file
 /etc/hostname.pcn0
 /etc/hostname.pcn1
 /etc/hostname.pcn2
 /etc/hosts
 192.168.1.1 hostname0
 192.168.1.2 hostname1
 192.168.1.3 hsotname2

Training Professional Center 356

Install NICs and Drivers
 ติดตัง้ NIC และ pkg ของการ ์ดทีใช
่ ้
 รีสตาร ์ทพบว่าจะมีอป
ุ กรณ์ /dev/อุปกรณ์ และ
/devices/pci@0,0/pci1022,2000@xx:การ ์ด

Training Professional Center 357

Configure Host and IP address w/ Multi-IP
 # cd /etc
 # vi hosts
 IP address1  hostname1
 IP address2  hostname2
 IP address3  hostname3
 /etc/hostname.[interface]:[1-99]
 hostname.pcn0:1  hostname1
 hostname.pcn0:2  hostname2
 hostname.pcn0:3  hostname3
Training Professional Center 358
Configure Host and IP address w/ Multi-NICs
 # touch /reconfigure
 # init 5
 Install Network Cards
 Power On
 # cd /etc
 # vi hosts
 IP address0  hostname0
 IP address1  hostname1
 IP address2  hostname2
 /etc/hostname.[interface]
 hostname.pcn0  hostname0
 hostname.pcn1  hostname1
 hostname.pcn2  hostname2

Training Professional Center 359

Network Setting Up
 Define IP address [Static IP]
 Edit /etc/hosts
192.168.1.200 suwit001
 Edit /etc/hostname.pcn0
suwit001
 Edit /etc/nodename
suwit001
 DHCP Client
# /sbin/dhcpagent
 Request Network Information from DHCP Server

Training Professional Center 360

Checking Network Setup
# ifconfig –a
 Check ip address
# netstat –rn  netstat –r –n
 Check routing table (Look for line default)
# more /etc/resolv.conf
 nameserver 202.xx.yy.zz
 Check nameserver (DNS)
# more /etc/defaultrouter [Static ip]

Manually add routing table

# route add default [gateway ip]
# route add default 192.168.1.1
Training Professional Center 361
Network Setting with Multiple NICs
File /etc/rc3.d/S69staticroute
route add [networkid] [gateway ip]

192.168.9.0 / 24

203.151.100.1

pcn0 .10 pcn1 .10 192.168.1.1

203.151.100.0 / 24 192.168.1.0 / 24
Route add [NetworkID] [Gateway IP] Route add [NetworkID] [Gateway IP]
# route add 0.0.0.0 203.151.100.1 # route add 192.168.9.0 192.168.1.1
# route add default 203.151.100.1 # route add 192.168.9.9 192.168.1.1

Training Professional Center 362

Checking Packet from Network
# snoop
# snoop –o /tmp/packet.txt  Capture to file
# snoop –d pcn1
# snoop | grep hostname1[192.168.1.190]

Other tools
# ethereal &
# nmap

Read from captured file

# snoop –i /tmp/packet.txt
Training Professional Center 363
Check which Port binding by Process
http://www.sunfreeware.com
# /usr/local/bin/lsof –l | grep TCP | more
 Process name  Binding Port

Package Installation
Get file  lsof.4.74*local.gz
# gunzip lsof4.74.gz
# lsof4.74*local
# pkgadd –d lsof*local
 /usr/local/bin
 /usr/local/man
# man –M /usr/local/man lsof

Training Professional Center 364

 สถำนะกำรณ์ในกำรตัง้ Solaris เป็ น Router
 ดีฟอลท ์เป็ น Static Route
Internet
192.168.1.3 192.168.1.1
Routing table
Route add 0.0.0.0 gw 192.168.1.1
Route add 192.168.2.0 gw 192.168.1.2

192.168.9.1

Computer

Route ดู Routing table

192.168.1.2
192.168.2.0
365
Training Professional Center 366
บริกำร NFS

Data share
NFS Server
/mnt/data
/mnt/public

/data
/public
/home /mnt/data
/mnt/public
367
NFS (Network File System)
Server
 Login as root
 $> ps –ef | grep nfsd
 $> mkdir /export/share
 $> share –F nfs –o rw /export/share
 /etc/init.d/nfs.server start
 $> share  Check sharing
 $> dfshares  Check sharing

Client
 $> mkdir /export/share
 $> mount –F nfs hostname:/export/share /export/share
 $> mount  Check mounting
 $> df  Check mounting

Training Professional Center 368

NFS (Network File System) - /etc/dfs/dfstab

Training Professional Center 369

NFS (Network File System)
Client
# umount /export/share/xxx

Server
# unshare /export/share
# /etc/init.d/nfs.server stop

Training Professional Center 370

Authentication Service
 Unix
 Microsoft
 NIS
 Kerberos
 LDAP
 RADIUS

Training Professional Center 371

Unix
 /etc/passwd, /etc/shadow
 Default Authentication

/etc/passwd, /etc/shadow
Root
User1
/etc/passwd, /etc/shadow user3
root
User1
user2

Su username

Training Professional Center 372

Microsoft
 Domain & Active Directory
 LDAP
 Kerberos
 RADIUS

Training Professional Center 373

Novell
 NDS
 LDAP
 RADIUS

Training Professional Center 374

UNIX (Solaris)
 NIS >> Domain

/etc/passwd, /etc/shadow
root
User1
user2

Su username

Training Professional Center 375

LDAP
 Standard: 389

/etc/passwd, /etc/shadow
root
User1
user2

Su username

Training Professional Center 376

Kerberos
 Trusted User & Trusted Computer
Port: 88 User + password

Token-usera

token:-usera
srv Token:-computera

Session time (Timeout)

OK
Computer

Token-computera
Nfs – support kerberos

Training Professional Center 377

RADIUS
 ่ ้คือ FreeRadius
ซอฟต ์แวร ์ทีใช
Proxy
User1 client
User2 Proxy
User3 Proxy
RADIUS Server client
- Set RADIUS for AP, Router, Firewall,
VPN VPN, Proxy, etc.

Router
Firewall
AP
Support RADIUS Client

Wifi

Training Professional Center 378

Finally
 /etc/pam.conf

Training Professional Center 379

DNS History
 ่ ้วพบว่ามีเครืองโฮสต
30 ปี ทีแล ่ ์ใช ้ Internet อยู่ประมาณ
500 โฮสต ์
 ่ 192.168.1.55 local.domain
ซึงการใช ้หมาย IP ไม่สะดวก
192.168.1.56 r1.domain
 SRI-NIC >> ไฟล ์ Hosts

Change

192.168.1.55 local.domain 380

192.168.1.56 r1.domain
BIND
Root
>> Delegate

202.44.33.11 www.abc.com
202.44.33.11 s1.abc.com
Change

Computer
Computer Computer
192.168.1.55 local.domain
192.168.1.56 r1.domain

Computer 381
Computer Computer
Webmin and DNS

Training Professional Center 382

SSH

Training Professional Center 383

Webmin and SSH

Training Professional Center 384

Training Professional Center 385
Review – Day 4
 Process Management
 File System Access Control
 Role-Based Access Control
 Users, Groups, and the Solaris Management Console
 Backup and Recovery
 Printer Management
 Basic Networking
 Network File System and Caching File System

Training Professional Center 386

Training Professional Center 387
Day 5
 Basic Networking
 Webmin Administrator Tools (Solaris, Linux)
 Network Information Service (NIS/NIS+)
 Domain Name Service
 Lightweight Directory Access Protocol (LDAP)
 Sendmail
 Samba
 Application Development and Debugging
 Web Applications and Services
 DHCP and NTP
 Routing and Firewalls
 Remote Access
 Internet Layer (IPv6)

Training Professional Center 388

Webmin Installation
Components
 Webmin Server
 web server: bind port 10000
 Webmin Client
 Web browser  IE, Netscape,Firefox,Opera

Installation
Get package from http://www.webmin.com
File webmin-1.310.tar.gz
# cd /usr/local
# gzcat /xxx/webmin-1.310.tar.gz | tar xvf –
# cd /usr/local/webmin-1.310
# ./setup.sh

Training Professional Center 389

Webmin Installation
* Default answer  Enter
* User: admin
* Password: xxxx
* Start webmin at boot: y/n

Start & Stop Webmin Server

# /etc/init.d/webmin [start | stop]

Client Access
- Windows XP: Open IE
- Solaris: Open Browser
http://192.168.9.130:10000

Training Professional Center 390

Webmin Installation
Client Access
http  10000
http://webminserver1:10000
https  Install Perl SSLeay package
https://webminserver1:10443

Training Professional Center 391

กำรเลือกระบบ Authentication
Authentication Server

File Server File Server File Server RADIUS

NAS Active Directory
LDAP
TACACS
Single Sign On (SSO)

NAS

NAS

Computer
Computer

392
Name Services - Solaris
 NIS / NIS+
 Network Information Service (Server)
 DNS
 Domain Name Service (Server)
 LDAP
 Lightweight Directory Access Protocol (X.500)
vs MS ActiveDirectory (X.500)

Training Professional Center 393

NIS Setting up
NIS Server
# svcadm enable network/nis/server
# svcs network/nis/server
# domainname training.net
File /etc/defaultdomain  training.net
# ypinit –m
# ypstart

Training Professional Center 394

Service Administration

Training Professional Center 395

Service Administration
Output

Training Professional Center 396

Service Administration
NIS Slave NIS Master

passwd user1
group
hosts 192.168.9.1 w1
YP DB YP DB
ipnode 192.168.9.2 w2
192.168.9.3 w3
192.168.9.4 w4
192.168.9.5 w5
192.168.9.6 s1

user1 NIS Client

Training Professional Center 397

NIS Setting up
NIS Client
# domainname training.net
# ypinit –c
# /usr/lib/netsvc/yp/ypstart

Edit file /etc/nsswitch.conf

 passwd: nis file
 hosts: nis dns file

Training Professional Center 398

Training Professional Center 399
Service Ports (TCP / UDP)
 Service: 1-65535
 Server Service: 1-1023
 Client/App Service: 1024 – 65535

Check current service ports

# netstat –an | more

Training Professional Center 400

R* command

Telnet

Rlogin

SSH

Training Professional Center 401

Remote Login
Desktop Manager
Click Remote Login
Click Choose from list…
Terminal Remote Login
# rlogin hostname [ip address of remote system]
# telnet hostname [ip address]
service port = 23
# exit  logout from remote host
Root for remote login
Edit file /etc/default/login
Comment line “#CONSOLE=….”

Training Professional Center 402

Remote Login
Remote host must be configured
# /etc/hosts.equiv
# $HOME/.rhosts
hostname username
192.168.9.196 root,user1,user2
+  All hosts, users

Training Professional Center 403

Remote command
# rlogin –l user1 192.168.9.130

# rup 192.168.9.130

# rsh –l user1 192.168.9.130 prstat

# rcp [email protected]:/etc/passwd /tmp/passwd

# rcp /tmp/passwd [email protected]:/etc/passwd

Training Professional Center 404

Check remote system how long be up
# rup hostname [ip address]

Check remote system alive

# ping hostname [ip address]
# ping –s hostname (infinity loop - Solaris)

# ping –t hostname (infinity loop - Windows)

Training Professional Center 405

FTP Server (ftpd)

FTP Server FTP Client

20 Data
21 Control

/var/ftp/pub

Training Professional Center 406

FTP – File Transfer Protocol
# cd /etc/ftpd
# ftp hostname [ip address]
Login / password

ftp> help
ftp> get [filename]  download
ftp> mget [filename *.*]  multiple get
ftp> put [filename]  upload
ftp> mput [filename *.*]  multiple put
ftp> binary  Binary file (exe, jpg, gif)
ftp> ascii  Text file (txt)
ftp> prompt  Toggle interactive mode
ftp> hash  Show Progress print ‘#’
ftp> quit / bye

Training Professional Center 407

Webmin and ftpd

Training Professional Center 408

Training Professional Center 409
What is apache?
 Apache เป็ นแอพพลิเคชนที่ ั ให
่ ้บริการ Web Server บน
Internet
 ระบบปฏิบตั ก ่ อ่ apache
ิ าร Solaris รองร ับเว็บทีชื

Training Professional Center 410

What is HTTP?

.php
.asp
.idc .htm, .html
.etc
httpServer httpClient
- Apache IE, Netscape, Opera
url
Firefox, Mozilla
Tcp 80

411
Solaris Web Server (Apache)
 Start script file
 /etc/rc3.d/S50apache [start|stop]
 Configuration file
# cp /etc/apache/httpd.conf-example httpd.conf
# /etc/rc3.d/S50apache start
 Check http running
# ps –ef | grep httpd
 Web Browser
 IE, Webbrowser
 http://[hostname, ip address][:80]

Training Professional Center 412

Configuration file - /etc/apache/httpd.conf
Web page location

Training Professional Center 413

Webmin and apache configuration

Training Professional Center 414

Webmin and apache configuration

Training Professional Center 415

Training Professional Center 416
Solaris IP Filter Firewall
http://www.muine.org/~hoang/solnat.html
 Lock down the box
 Setup network interfaces in the Solaris box
 Enable packet forwarding, dhcp, firewall and
network address translation
 Configure machines behind NAT
 Familiarize with IPFilter
 IPsec
 Reference

Training Professional Center 417

Training Professional Center 418
What is SAMBA?
 ่ั ท
คือแอพพลิเคชนที ่ าให ้ระบบปฏิบต
ั ก
ิ าร UNIX ติดต่อ
กับ Microsoft Networking

Training Professional Center 419

Samba

137-139

Linux Windows NT/XP/2000/2003

My Network Places
SAMBA Configuration
SMB – Server Message Box (Microsoft)

 Script file location

# /etc/rc3.d/S90samba [start|stop]

 Create configuration file

# cp /etc/sfw/smb.conf-example smb.conf
# /etc/rc3.d/S90samba start

Training Professional Center 421

Creating SAMBA user
 Convert Unix user to SAMBA user
 Webmin Interface
 # /usr/sfw/bin/smbpasswd

 This form allows you to synchronize the Unix and Samba user list.
When Samba is using encrypted passwords, a separate list of users
and passwords is used instead of the system user list. The list of
users not to convert can contain usernames, UIDs, group names
prefixed with an @, or UID ranges like 500-1000 or 500-

Change UID greater than 1000

# usermod –u 1001 user1

Training Professional Center 422

Webmin and Samba

Training Professional Center 423

Training Professional Center 424
DNS Setting
 Map DomainName  IP address

Components
 DNS Server
 Zone – Domain name
 Record (MX – Mail Server, NS – Name Server, A – ServerIP)
 Configuration file /etc/named.conf

 DNS Client
 # nslookup www.webmin.com
 66.35.250.210

Training Professional Center 425

 DNS Operation
www.google.com
www.google.com
66.xxx.xxx.xx
66.xxx.xxx.xx

66.xxx.xxx.xx

http://www.google.com

Training Professional Center 426

Create Master Zone
Create master zone: training.net  /etc/training.net.hosts
 NS – Record
 192.168.9.130
 A – Record
 serverA – 192.168.9.149

DNS Client
# nslookup
> server 192.168.9.130
> serverA.training.net
> 192.168.9.149

Training Professional Center 427

DHCP Setting – Automatic IP setting
DHCP – Dynamic Host Configuration Protocol
 DHCP Server Port: 67 and 68

 DHCP Client IP Range – 192.168.9.10-200

# ifconfig –a
ethers: 00:00:00:00:00:00

IP: 192.168.9.10
MAC: MAC1
IP: ? Lease Time
MAC: MAC1

MAC1 MAC2 MAC3 MAC4

Training Professional Center 428

DHCP Setting – Automatic IP setting
DHCP Server
# /usr/sbin/dhcpd
Configuration file /etc/dhcpd.conf
Location /etc/dhcp/*.*

DHCP Client
# dhcpagent  DHCP Client
# /etc/dhcp.[interfaceName]
# /etc/dhcp.pcn0
Training Professional Center 429
 Tuning & Recognizing File Access Problems

Training Professional Center 430

 DNS: MX
E-mail 3

2
[email protected]

SMTP lumplang.com
4

5
SMTP
POP3/IMAP4

1 [email protected]
khajorn

MIME
wichai

[email protected] >> [email protected]

Recognize Problem with Search Paths
Problem: Command not found / No such file or directory

# echo $PATH

Borne/Korn Shell
 PATH=$PATH:/sbin:/opt/sfw/bin:.
 export PATH
 # . [.profile]  Full Path of profile

C Shell
 setenv path ( $path /sbin /opt/sfw/bin . )
 %> source [.cshrc]  Full Path of profile

# which [command]
# whereis [command]
 Show fullpath of command

Training Professional Center 432

Recognize Problem with Permission, Ownership
 Change permission of file for execution
 Create Shell script
# chmod [nnn] [shell script]
 nnn = 755  rwxr-xr-x
# chmod +x [shell script]
 Change ownership of file/directory
# chown [userid]:[groupid] [file, directory]
# chown –R [userid]:[groupid] [file, directory]
-R = Recursive changes

Training Professional Center 433

Training Professional Center 434
 New Features Enhancement in Solaris 10

Training Professional Center 435

Solaris Zone Partitioning Technology
 Create virtual OE (Operating Environment)
 Zone
 Separate file system, device, network, resource,
security

Training Professional Center 436

Zone configuration

Training Professional Center 437

Zone configuration

Training Professional Center 438

Training Professional Center 439
Wrapping up Session
 Further information
 www.sun.com  Main web site
 www.bigadmin.com  Discussions/Forums
 www.sunfreeware.com  Free Software
 sunsolve.sun.com  Updates & Patches
 docs.sun.com  Documents

Training Professional Center 440

Thank You

Training Professional Center 441