Basic Tasks On OpenSolaris 2008.05 For Many A Sun Employee
At Sun there are tools which we've distributed with Solaris internally through NIS auto mount maps and other things which all depended on NIS. Now with the new OpenSolaris installer a number of us are finding we've forgotten how to get NIS setup on a machine and have never setup Real Media RealPlayer, Adobe Flash, or even OpenOffice.
Setting up NIS
On OpenSolaris, since much of the independent developer community uses the domain name system (DNS) for host resolution, etc we have that as the default and didn't implement a pretty wrapper to setup a system for NIS as has been done in the past. However, the steps aren't too onerous.
Remove All the "Helpful" Bits
Disable Network Automagic (NWAM) if it doesn't get along with your system
- Disabling NWAM
- Run svcadm disable physical:nwam; svcadm enable physical:default
- Setup /etc/hostname.<interface>
- Put the hostname of your machine in a file called /etc/hostname.<interface> where interface is your ifconfig(1) interface name (i.e. bge0, yukonx0, etc.)
- Setup /etc/defaultrouter
- Put the router's IP address in /etc/defaultrouter
- Setup your /etc/netmasks file if you have a non class-C network (non 255.255.255.0 netmask)
- Put in an entry following the form <network> <netmask> (e.g. 172.16.24.0 255.255.252.0)
Configure NIS
- Setup /etc/hosts
- Enter your:
- NIS Server's IP Address and name(s)
- Your system's IP Address and nodename (if you also disabled NWAM)
- Setup /detc/defaultdomain
- Put your domain name in the file but remember it is case sensitive (i.e. clay.Boulder.Co.US)
- Setup /etc/nsswitch.conf
- Ensure the following lines have nis in them, so NIS is used to resolve (of course some of these are site specific too, so pick as appropriate):
- passwd
- group
- hosts
- ipnodes
- ethers
- netgroup
- automount
- printers
- auth_attr
- prof_attr
- Change /etc/auto_master for the full IPS experience
- To prevent mounting certain directories through a NIS auto.master map add the following to the end of /etc/auto_master (of course changing the mountpoint as appropriate):
/usr/local -null - Now turn on NIS
- To enable and finish configuring NIS one should now only need to run ypinit -c and follow the prompts:
- Enter the domain name (as entered in /etc/defaultdomain
- Enter the NIS serverĀ“s name (as entered into /etc/hosts)
- Ensure the NIS client service is enabled
- To turn on NIS all one should need to do is run svcadm enable nis/client
- Now to check everything
- Everything should be setup and running now, but to make sure run svcs -x nis/client and if in the maintenance state there is a couple of possible reasons:
- The log file says directory /var/yp/bindings/<domainname> not setup
- Run mkdir /var/yp/bindings<domainname> and (for good measure) add /var/yp/binding/<domainname>/ypservers with the name of your NIS server (same as the entry in /etc/hosts in it
- Things don't seem to resolve correctly
- Run ypwhich(1) to see if you are binding to the correct server
- Ensure /var/yp/aliases has your domain name and the keyword ypservers in it
- The correct format for the aliases file is:
<domainname> <domainname>
ypservers ypservers
Installing OpenOffice
Installing OpenOffice demonstrates the beauty of the Image Packaging System (IPS). As long as you have a working network connection and can resolve and connect to pkg.OpenSolaris.ORG then all one needs do is enter pfexec pkg install openoffice (or omit pfexec if root), and in a few minutes OpenOffice will be installed into /usr/bin/soffice.
Installing Real Player
Real Media's RealPlayer is very easy to install. Simply go to Real.COM and at this time the option on their main page should be "Download RealPlayer" and you'll want your architecture (for 2008.05 X86). Save the file and then run chmod 755 <filename> and execute the file by typing the full path or ./<filename> to execute it. I've found (if installing as root) that trying to answer Y to "Make Symlinks?" is a bad idea on OpenSolaris. Afterwards, to start RealPlayer just run <your install locations>/realplay.
Installing Adobe Flash
Making the operating system easier to use and having a full web-browsing experience available are two goals we had in mind while creating the Indiana project (the ancestor to OpenSolaris 2008.5), however due to license restriction we could not bundle Adobe Flash. But, the Mozilla project already had an awesome answer to this: If you need to install Adobe Flash go to a website which uses Flash. That's it, click the "Download Plug-in" Option and answer the prompts. It's super simple!
Although if you need to have Flash available for the entire system (as downloading through Firefox's easy way is only for your particular user) then go to Adobe's web-site, click "Get Flash Player" and download Flash for Solaris X86. Then (after expanding the archive -- e.g. bzip2 -dc /tmp/<filename> | tar -xf ) copy the two files (one shared library -- .so -- one Firefox .xpt file) to /usr/lib/firefox/plugins/. Then, you are done; if you really want you can check if it installed correctly by putting about:plugins in your Firefox URL bar and pressing return.
Posted at 10:23PM May 08, 2008 by clayb in Sun | Comments[3]
If one has a lone OpenSolaris system surrounded by assorted Linux, is it useful to set up NIS?
Mention of "pfexec" in installing OpenOffice. Reading the man.page I gather that "pfexec" is perhaps the Solaris RBAC equivalent of "sudo" but more complicated.
Housekeeping comment: White text on light gray background is really hard to read.
Posted by Carl Lowenstein on May 12, 2008 at 11:29 AM MDT #
One can setup NIS between many Linux varieties and OpenSolaris, if one wishes to share password and group credentials (as well as printer and ethernet maps), and anything else NIS can share between the systems. However, I would recommend going forward that institutions look to L(ight) W(eight) D(irectory) A(ccess) P(rotocol) solutions such as Sun's Java System Enterprise Edition Directory Server, or the OpenD(irectory)S(erver) project backed by Sun.
Yes pfexec (aka profile execute) is a Solaris equivalent of sudo(1) in many ways. It is part of the R(oles)B(ased)A(ccess)C(controls) sub-system of Solaris. Similarly, if one creates a non-root user during install, the root account becomes a role only assumable by authorized users, as defined in the /etc/user_attr file, by default. RBAC provides many very nice ways to ensure administrative tasks are credited (or blamed) upon the proper administrator, and users can perform the tasks they need to be able to perform without compromising system security.
Thank you for the heads up on the theme. I'll look into alternatives as time permits.
Posted by Clay B on May 13, 2008 at 08:57 PM MDT #
--Update--
Instead of going through all the pain of configuring NIS by hand, use sys-unconfig(1) which many people have reported success with.
Posted by Clay B on June 04, 2008 at 05:15 PM MDT #