Info about Fysikdatorn's Solaris 2.5 Install server.
What is Fysikdatorn's Solaris 2.5 Install server?
Fysikdatorn's Solaris 2.5 Install server is prepatched with a number
of SunSoft patches JumpStart installation
directory tree. I mean if you install Solaris 2.4 from this server it comes up
with all those patches already applied. Moreover I took liberty to apply some
local patches and bells-n-whistles which I believe
you'll find very handy. Presumably all this shall save you a lot of time! The
server tree resides at uni10.unicc:/export/Install_2.5.
In order to bootstrap a Solaris 2.5 workstation you have to provide following
services from one of computers in your LAN (note that it doesn't have to be
Solaris 2.x workstation, SunOS 4.x or IRIX 5.x should do as well!):
- RARP service is usually provided by in.rarpd system daemon,
see corresponding manual page (HINT! you'll probably have to edit
/etc/hosts and /etc/ethers files and "push" them into NIS);
- TFTP bootstrap service usually have to be explicitely enabled
through /etc/inetd.conf config file, see corresponding manual
pages. When you get TFTP working, you have to install
uni10.unicc:/export/Install_2.5/export/exec/sparc.Solaris_2.5/platform/<sun4x>/lib/fs/nfs/inetboot
file as <client's IP-number in hex representation>.<client's kernel
architecture> (e.g.:
uni10.unicc:/export/Install_2.5/export/exec/sparc.Solaris_2.5/platform/sun4m/lib/fs/nfs/inetboot
is copied to 811001F0.SUN4M)in the directory you've
picked for TFTP server tree (usually /tftpboot).
- BOOTPARAMS RPC service is usually provided by rpc.bootparamd
system daemon, see corresponding manual pages (HINT! you'll probably have to
edit /etc/boorparams file and "push" it into NIS). Boot parameter entry
for the client being installed should look something like following:
yourhost: root=uni10.unicc:/export/Install_2.5/export/exec/kvm/sparc.Solaris_2.5 install=uni10.unicc:/export/Install_2.5 boottype=:in
When you get all the components working, you should be able to boot the
client from the network by issuing boot net command from PROM prompt and
perform manual SunOS installation procedure. If you don't want to have
windowing system started during installation procedure (for performance reasons
or you're short in memory), issue boot net - w command at PROM prompt.
Note that you may perform automatic installation as well! Just append extra
parameter to the boot parameter entry, namely
install_config=yourinstallserver:/some/where. What to put into
/some/where goes beyond the scope of this memo, refer to Solaris 2.5
installation manual instead!
Applied patches.
Refer to
uni10.unicc:/export/Install_2.5/Patches/Applied
for the list of patches applied to the install server tree.
Note that you won't be able to see these patches with showrev -p
after you've performed the installation from this install server. This is
something you have to "trade" for the convenience! Though you can find
corresponding README files on install client as
/var/sadm/patches/<PATCH-ID>. Needless to mention that you can't
back them out either :-)
Local patches and bells-n-whistles.
Security tidbits.
- Problem
- files transferred over FTP get universal write permissions as well as some
system log files;
- Workaround
- set system wide umask through /etc/init.d/umask.sh (btw, same trick
is applied during installation time);
- Problem
- NFS is inherently insecure;
- Workaround
- make it slightly more secure by enable NFS portmon feature in
/etc/system:
set nfssrv:nfs_portmon = 1
Performance enhancements.
- Problem
- TCP layer is not tuned for slow links;
- Workaround
- tune it up at boot time through /etc/init.d/inetinit:
ndd -set /dev/tcp tcp_rexmit_interval_initial 1000
ndd -set /dev/tcp tcp_close_wait_interval 30000
- Problem
- '
nice --20 <command>' freezes machine;
- Workaround
- prevent niced programs from hogging CPU by limiting ts_maxupri
parameter in /etc/system:
set TS:ts_maxupri = 20
- Problem
- nscd has too short memory for negative DNS lookups;
- Workaround
- tune /etc/nscd.conf.
Administrativia.
- Problem
- tcsh users can't FTP;
- Workaround
- install /etc/shells and /etc/ftpusers;
- Problem
- /var/lp/logs/*, /var/mail/lp grow without bounds, every
single client contributes E-mail messages;
- Workaround
- install lp log files with appropriate access permissions;
- Problem
- external MIME codecs don't work;
- Workaround
- modify /etc/mail/mailx.rc to let MIME related headers passed to
external filters;
- Problem
- /var/cron/log grows without bounds and eventually fills /;
- Workaround
- disable cron activity log in /etc/default/cron, log doesn't worth
anything anyway;
- Problem
- /var/mail/uucp grows without bounds, every single client contributes
E-mail messages;
- Workaround
- comment out everything from /var/spool/cron/crontabs/uucp by
default, uncomment those lines manually if really needed;
- Problem
- every OpenWindows session leaves huge file in /tmp thus reduces
amount of virtual memory available;
- Workaround
- comment out helpviewer from /usr/openwin/lib/openwin-init;
- Problem
- some 3rd party Motif and X11 (e.g. Mathematica frontend) programs complain
about key bindings;
- Workaround
- provide compatibility links from /usr/lib:
/usr/lib/Xm -> ../dt/lib
/usr/lib/X11 -> ../openwin/lib/X11
- Problem
- xterm screen content is not restored after for example vi exits like
it used to;
- Workaround
- update xterm terminfo entry (note that SVR4 behaviour is not to restore
the screen!);
- Problem
- $HOME/.ab_library is not rebuilt when new AnswerBooks are registered
in $AB_CARDCATALOG;
- Workaround
- patch answerbook script and make it check if $AB_CARDCATALOG
file is newer than $HOME/.ab_library;
Optional programs.
Mail me...