Archive for June, 2009

Setup DHCP and tftp servers

Ensure TFTP & DHCP packages are available:

  • On OpenSolaris 2008.11 the TFTP package is installed by default, but DHCP is not. Install the DHCP packages:
pkg install SUNWdhcs SUNWdhcsb SUNWdhcm
  • If you observe an error during the pkg install above: there is a known bug
Bug Ref: http://defect.opensolaris.org/bz/show_bug.cgi?id=4788

If TFTP is missing, install it:
pkg install SUNWtftp

Enable TFTP: Follow the instructions under
http://default-information.blogspot.com/2007/12/opensolaris-tftp-server.html

» Continue reading “Setup DHCP and tftp servers”

Comments (102)

Solaris Home Server: Static IP (disable NWAM)

UPDATE 9-11-2010: This procedure doesn’t work in fresh install of b134 – used this (http://www.parolski.com/2010/02/16/static-ips-with-nwam/) to make IP static instead.

What happened when I tried to follow this recipe in b134 was a failure to get a route established despite trying everything. The symptoms looked a lot like this bug report (http://bugs.opensolaris.org/view_bug.do?bug_id=6913780) but I couldn’t get the work around to fix the problem so I’ve gone back to nwam with a static Ip hoping that will work with sunray server!

ORIGINAL POST……

This is cribbed wholesale from the sun ray users wiki

Background

Use of Open Solaris NWAM causes some problems w/ the Sun Ray utadm command. This set of procedures shows how to turn NWAM off & a few other SRSS work-arounds so utadm will work correctly.

Turn off NWAM SMF Service

svcadm disable nwam

Turn on Physical Network Service

svcadm enable network/physical:default

Setup Network Files

For this example, I used network device pcn0. Substitute yours as appropriate.

Automate NIC start up:

cp /etc/nodename /etc/hostname.pcn0

Adjust /etc/hosts with following edits:

vi /etc/hosts:
  1 BEFORE: ::1 myhost myhost.local localhost loghost
    AFTER:  ::1 myhost.local localhost loghost
  2 BEFORE: 127.0.0.1 myhost myhost.local localhost loghost
    AFTER:  127.0.0.1 myhost.local localhost loghost
  3 ADD:    192.168.1.6 myhost

Note: myhost & IP address 192.168.1.6 are examples. Substitute yours as appropriate.

Edit /etc/netmasks with appropriate netmask. For example:

192.168.1.0 255.255.255.0

Set your default route (192.168.1.1 is an example, substitute yours as appropriate):

echo 192.168.1.1 > /etc/defaultrouter

A reboot will activate all of this…

init 6

… or you can activate on the fly:

ifconfig pcn0 plumb 192.168.1.24/24 up
route -f add default 192.168.1.1 1
svcadm restart name-service-cache

ADDED BY ME...
Ensure DNS is configured (if applicable). Setup /etc/resolv.conf, here's an example:
domain     example.acme.com
nameserver 192.168.1.1

Activate:

cp /etc/nsswitch.dns /etc/nsswitch.conf
svcadm enable dns/client
svcadm restart dns/client

Comments (143)

New toy….Sun Ray

Whoa – things not complicated enough in the household – I’ve bought a sunray – I’ve begun to hate sitting next to a PC with half a dozen fans whizzing and hot air blowing out the back so I’ve decided to fight back!!

Update to follow

Comments (2)

Solaris Home Server: SMB setup

What is needed is obviously a simple windows filesharing setup – but opensolaris doesn’t come with this out of the box so it needs to be installed then configured.

It should be noted there are two ways to add windows (CIFS aka SMB) file sharing…one is to add the solaris port of SAMBA – the other way which promises to be more lightweight if a bit less feature rich is SUN’s in kernel CIFS server package.  It’s important to note that both are not available together!

Install CIFS server components;

In openSolaris 2009.06 there are two packages needed I installed then from the command line…
host:#pfexec pkg install SUNWsmbskr SUNWsmbs

then reboot

host:#pfexec reboot

(You can also install them using the package manager GUI).

Make the SMB service start automatically at boot

host:#pfexec svcadm enable -r smb/server
svcadm: svc:/milestone/network depends on svc:/network/physical, which has multiple instances.

(apparently the error message doesn't matter!)

Setup the PAM authentication needed

To give SMB access to OpenSolaris users, edit the /etc/pam.conf file to contain the following line:

other password required pam_smb_passwd.so.1 nowarn

Then the password must be re-created for each user that want’s access to the smb service.

host:#passwd john

Join the appropriate workgroup

host:#pfexec smbadm join -w OTB
OTB is the household smb workgroup

Say these magic words…

Apparently this will prevent problems later in defining access permissions and using java web console tools.
host:#pfexec zfs set aclinherit=passthrough rpool

Create the ZFS shares

Create a zfs filesystem within the rpool mirror for sharing pictures…..
host:#pfexec zfs create -o casesensitivity=mixed -o nbmand=on -o sharesmb=name=pictures rpool/pictures
and one for the kids videos..
host:#pfexec zfs create -o casesensitivity=mixed -o nbmand=on -o sharesmb=name=kids_videos rpool/kids_videos

Check the staus of smb shares with…
host:# sharemgr show -vp
default nfs=()
zfs
zfs/rpool/pictures smb=()
pictures=/rpool/pictures

Set File Permissions

At the end of this I ended up with a /rpool/pictures/ directory and a pictures share which can be read but with only the root user has permission to write to. To control access to the directory/share I’ve setup two levels of access.

First I took over ownership of the shares (in this case pictures).
host:#pfexec chown john pictures

I want two layers of access read only for unpriviledges users (like the kids) and read/write access for the grownups.
User       Groups
media    other,media
joseph   other,media
sarah      staff,grownups,media
john       staff,grownups,media

I know that I should work out the correct ACL but I just went into the opensolaris filemanager right-clicked on the folder and went to the permissions tab. I set staff to have full access and ‘others’ (e.g. those in the media group) only read access. I I’m struck by a flamingo I’ll sort out the correct ACL setup.

So I can restrict write permissions for the shares that contain anything valuable (like the family photos) and also restrict read access to the film that I have ripped that are 12 certificate and over.

For the future???

1. Automount home directories
Apparently you just create a file /etc/smbautohome and add the line… *   /export/home/&
and magically the home directory of the unix user will be mounted.

2. Proper ACL for different levels of access to files being server

Reference sources

There’s a good guide here – http://wiki.genunix.org/wiki/index.php/Getting_Started_With_the_Solaris_CIFS which includes details of actually installing the service!. There are a few gotchas like not trying to run SAMBA at the same time as the smb-kernel service. NOTE: no SMB/CIFS server is installed by default.
The other definitive source of information in the guide produced by SUN –http://docs.sun.com/app/docs/doc/820-2429

Other sources of information:

This description of setting up an opensolaris file server http://www.h-online.com/open/OpenSolaris-as-a-file-server–/features/112212

This description of howto install the smb packages from the open solaris express DVD – by looping back the iso image as a filesystem – usefull reference! http://osdir.com/ml/os.solaris.opensolaris.storage.general/2008-03/msg00112.html

Comments (164)