Solaris advanced system administrator's guide

This officially authorized tutorial for Solaris system administration is ideal for experienced administrators. Used as a hands-on guide or as a quick reference, as well as being completely updated, this task-oriented and easy-to-follow book details how to perform increasingly complex system improvement, revision, and customization. Solaris Advanced System Administrator's Guide, Second Edition is the classic tutorial that provides indispensable tips, advice, and quick-reference tables to help you add system components, improve service access, and automate routine tasks. Also take advantage of updated information on Solaris 2.6 topics-including x86 differences, patch administration, redesign of print packages, and new coverage of security, the Solaris Server Intranet Extension and more!

I. MAIL SERVICES. 1. Understanding Mail Services. Mail Services Terminology. Systems in a Mail Configuration. Relay Host. Gateway. Mailhost. Mail Client. User Agent. Mail Transport Agent. Mailers. Domains. Mail Addressing. Route-Based Addressing. Route- Independent Addressing. Mailbox. Aliases. Uses for Alias Files. Syntax of Aliases. Components of Mail Services. The Mail Service Program. The sendmail Program. The sendmail Configuration File (sendmail.cf). The sendmail Configuration Table. forward Files. An Overview of the Mail Service . The Anatomy of the Mail Service. How the Mail Service Works. How sendmail Works. Argument Processing and Address Parsing. Message Collection. Message Delivery. Queuing for Retransmission. Return to Sender. How Mail Addressing Works. 2. Planning Mail Services. Local Mail Only. Local Mail and a uucp Connection. One Domain, Two Networks, and a Router. Two Domains and a Gateway. 3. Setting Up and Administering Mail Services. Preparing to Set Up Mail Services. Setting Up a Mail Server. Setting Up a Mail Client. Setting Up a Mailhost. Setting Up a Relay Host. Setting Up a Gateway. Creating Mail Aliases. Setting Up NIS Alias Files. Setting Up DNS Alias Files. Setting up a Postmaster Alias. Testing Your Mail Configuration. Administering Your Mail Configuration. Duties of Postmaster. The Mail Queue. Printing the Mail Queue. Format of Queue Files. Forcing the Queue. Running the Old Mail Queue. The System Log. Troubleshooting Your Mail Configuration. Checking Aliases. Testing sendmail. Verifying Connections to Other Systems. Other Diagnostic Information. 4. Customizing sendmail Configuration Files. Overview of sendmail Functions. Interfaces to the Outside World. Argument Vector/Exit Status. SMTP over Pipes. SMTP over a TCP Connection. How the sendmail Program Works. Argument Processing and Address Parsing. Message Collection. Message Delivery. Retransmission Queuing. Return to Sender. Message-Header Editing. Configuration File. How sendmail Is Implemented. Mail to Files and Programs. Message Collection. Message Delivery. Queued Messages. Configuration Overview. Macros. Header Declarations. Mailer Declarations. Name-Rewriting Rules. Option Setting. Introducing Arguments to sendmail. Queue Interval. Daemon Mode. An Alternative Configuration File. Tuning Configuration Parameters. Time Values. Queue Interval. Read Timeouts. Message Timeouts. Delivery Mode. Load Limiting. Log Level. File Modes. Setuid. Temporary File Modes. Aliases Database Permissions. The Configuration File. Parts of the sendmail Configuration File. A Sample sendmail Configuration File. Configuration File Syntax. D and L (Define Macro). C, F, and G (Define Classes). O (Set Option). P (Precedence Definitions). T (Define Trusted Users). H (Define Header). Special Header Lines. S and R (Rewriting Rules). M (Define Mailer). Address Rewriting Rules. Special Macros, Conditionals. Special Classes. The Left Side. Right-Side Address Rewriting Rules. Semantics of Rewriting Ruleset. The error Mailer. Semantics of Mailer Descriptions. Building a New Configuration File. Domains and Policies. How to Proceed. Testing the Rewriting Rules-the -bt Flag. Command Line Arguments. Configuration Options. Mailer Flags. II. NIS+. 5. Introducing the NIS+ Environment. Comparison of NIS and NIS+. The NIS+ Namespace. Directory Objects. Domain Name Syntax. Table Objects. NIS+ Security. NIS+ Authentication. Access Rights. The NIS+ Updating Model. NIS and NIS+ Compatibility. The Name Service Switch. NIS+ Administration. AdminSuite. NIS+ Commands. Table Information Display. 6. Setting UP NIS+ Clients. Security Considerations. Prerequisites. Steps for Setting Up NIS+ Client Credentials. Steps for Setting Up an NIS+ Client. Verification of the Setup. Verify The Cache Manager is Running. Check the Contents of the/var/nis Directory. Verify That the NIS+ Commands Succeed. III. AUTOMOUNTER SERVICES. 7. Understanding the Automounter. NFS Terminology. Server and Client Systems. Mount Points. The Virtual File System Table. Mount and Unmount. The Mount Table (/ect/mnttab). NIS+ Terminology. Automount Terminology. Automounter. Automounter Maps. The Master Map. Indirect and Direct Maps. Automount Maps and Mount Points. The Default Automount Maps. The Master Map. The Home Directory Map. Indirect Maps. Direct Maps. Syntax and Shortcuts for Map Entries. Specifying Multiple Servers. Specifying Multiple Servers with the Same Path. Specifying Weighting Factors for Each Server. Using Map Variables. How the Automounter Works. How to Plan for Automounting. Recommended Automounting Policies. Prerequisites for Using the Automounter. Servers and the Automounter. Clients and the Automounter. NIS+ Maps. 8. Setting Up the Automounter. Setting Up Automount Server Systems. Setting Up Automount Client Systems. Displaying Information about NIS+ Automount Maps. Displaying the Format of NIS+ Automount Maps. Displaying the Contents of NIS+ Automount Maps. Setting Up NIS+ Automount Maps. Setting Up the auto_home Map. Setting Up Indirect Maps. Setting Up a Direct Map. Setting Up the Master Map. Administering NIS+ Automount Maps. Modifying NIS+ Automount Maps. Deleting Entries from NIS+ Automount Maps. IV. SERVICE ACCESS FACILITY. 9. Understanding the Service Access Facility. Benefits of the SAF. The SAF Daemons. The SAF Commands. SAF Architecture. The init Process. Service Access Controller. Port Monitors. The ttymon Port Monitor. The listen Port Monitor. Service Invocations. Port Monitor States. Operational States. Transitional States. Inactive States. The Line Control Model. The /etc/ttydefs File. The terminfo Database. The tput Utility. The stty Command. UUCP Files. The /etc/uucp/Dialers File. The/etc/uucp/Devices File. SAF Log Files. Reference to SAF Commands, Tasks, and Options. Quick Reference to SAF Variables. Quick Reference to Service Access Control (sacadm). Quick Reference to Port Monitor Administration (pmadm). Admintool: Serial Ports and SAF. Templates. Starting Admintool: Serial Ports. 10. Setting Up Modems and Character Terminals. Tools for Setting Up Modems and Character Terminals. Using Variables in SAF Commands. The Port Monitor Tag (pmtag). The Service Tag (svctag). The Device Path (dev-path). The Baud Rate and Line Discipline (ttylabel). Type of Modem. Comments. Setting Up Modems. Hardware Carrier Detect Setting. Modem Connection and Switch Settings. Hayes-compatible Modem Settings. Variables Used to Set Up Modems. SAF Configuration for Modems. Dial-Out Modem Service Configuration. Modem Connection Troubles hooting. Using Admintool: Serial Ports to Configure Modems. Setting Up the SAF for Character Terminals. Terminal Connection. SAF Configuration for Character Terminals. Terminal Connection Troubleshooting. Using Admintool: Serial Ports to Add a Character Terminal. Initializing Ports Without Configuring. Removing Port Services. 11. Setting Up Printing Services. What's New in Printing. Redesign of Print Packages. Print Protocol Adaptor. SunSoft Print Client. Enhanced Network Printer Support. Print Administration Tools in the Solaris 2.6 Environment. Choosing a Method to Manage Printers. System Requirements for a Print Server. Print Configuration Information. Print Device Name. Printer Name. Printer Port. Printer Type. File Content Type. Print Filters. Universal Address for the Print Server. Printer Description (Optional). Default Printer (Optional). Local PostScript Printer Setup. Print Server Setup. Adding the listen Service. Creating the listen Services. Specifying the Print Client Systems. Print Client Setup. Using the SunSoft Print Client. Printer Configuration Resources. Submitting Print Requests. Summary of the SunSoft Print Client Process. Setting Up a Print Client by Using Admintool. Setting Up a Local Printer by Using Admintool. Printing Problems. No Output (Nothing Prints). Check the Hardware. Check the Network. Check the L P Print Service. How to Check and Start the Scheduler. How to Enable Printers and Accept Print Requests. How to Check the Port Connection. How to Check Printer Configurations. How to Checkfor Printer Faults on the Print Server. How to Check Printing from a Solaris 2.x Client to a Solaris 2.x Print Server. How to Check Printing from a Solaris 2.x Client to a SunOS 4.x Print Server. Incorrect Output. Check the Printer Type. Check the stty Settings. Check the Baud Settings. Check the Parity Setting. Check the Tab Settings. Check the Return Setting. Humg LP Print Service Commands. Idle (Hung) Printers. Check the Print Filters. Check Printer Faults. Check Network Problems . Check for Jobs Backed Up in the Local Client Queue. Check for Jobs Backed Up in the Remote Server Queue. Conflicting Status Messages. V. APPLICATION SOFTWARE. 12. Installing and Managing Application Software. Overview of Installing and Managing Application Software. Using Package Commands. Using Admintool. Using Installation Scripts. User Access to Applications. Automating Your Application Environment. Benefits of a Standardized Application Server Set-up. Benefits of a Standardized User Environment. Using Wrapper Technology. Wrappers and Dot Files. Additional Wrapper Advantages. Wrapper Overhead and Costs. Introduction of Wrappers into an Existing Environment. Designing an Application Serve r. Server Configuration. User Capacity. Compatible Services. Disk Allocation. File System Configuration. File System Sharing. Installing and Configuring Packages. Changes to the Default Package Version. Developing Wrappers. Interpreter Choice. Wrapper Directory and Naming. Command Name Evaluation. Environment Variables. Platform Evaluation. Command Path Construction. Exec/Argument Passing. A Basic Wrapper. Using a Common Command Directory. Setting User Configurations. Mount Points. Mounts. Path. Migration Considerations. Understanding Distribution Issues. Licensing. CD-ROM Mounts. Using a Local CD-ROM Drive (Solaris 2.2 and Later System Software). Using a Local CD-ROM Drive (Solaris 2.0 and 2.1 System Software). Accessing Files from a Remote CD-ROM. How to Share CD Files from a Remote CD-ROM Drive. How to Access Shared CD-ROM Files. How to Unmount Shared CD-ROM Files. 13. Package Commands. Package Command-Line Utilities. Setting Up Package Configuration Files. Setting Up the Installation Base Directory. Installing a Package with an Alternative Admin File. Adding Packages. Checking the Installation of a Package. Listing Packages. Removing Packages. Package System Log File. 14. Admintool: Software Manager. Starting Admintool. Installing Software. Accessing Files from a Local CD-ROM Drive. Customizing Installation. Beginning Installation. Removing Software. 15. Installing and Managing System Software Patches. Patches Distribution. Requirements to Access Sun Patches. Accessing Patches from the Web. Accessing Patches by ftp. Patch Numbering. Installing a Patch. Removing Patches. VI. INTRODUCTION TO SHELL PROGRAMMING. 16. Writing Shell Scripts. Basic Concepts. Introducing Bourne, Korn, and C Shells. Bourne Shell. Korn Shell. C Shell. Understanding How Shells Process Commands. Naming Shell Scripts. Identifying the Shell. Making Scripts Executable. Storing Shell Scripts. Writing Shell Scripts: The Process. Variables. Shell Variables. Displaying Variables from a Command Line. Setting and Displaying Shell Variables. Unsetting Shell Variables. Stripping Filenames. Korn Shell Path Stripping. C Shell Path Stripping. Built-In Shell Variables. Environment Variables. Input and Output. Standard In, Standard out, and Standard Error. Command-Line Input. Shifting Command-Line Arguments. Interactive Input. Here Documents. Generating Output. The Echo and Print Commands. Quoting. Command Substitution. Testing for Conditions. if-then-else-elif. if-else-else if-endif. Nested if Constructs. Multi- Branching. Controlling the Flow. Using for/foreach Loops. Using while Loops. Using Until Loops. Breaking Loops. Exit Status. Mathematical Operations. User-Defined Functions. Debugging Shell Scripts. Using Debugging Flags. Understanding Shell Parsing Order. 17. Reference Tables and Example Scripts. Reference Tables. Environment Files. First Line of Script. Korn Shell Path Operators. C Shell Path Modifiers. Variables Initialized by Shell. Shell Built-In Commands. Bourne and Korn Shell Redirection. C Shell Redirection Metacharacters. C Shell $argv Notation. Quoting. Metacharacter Shell Syntax. Variable Shell Syntax. I/O Redirection and Piping. Printing to the Screen. Reading from the Keyboard. Math and Calculations. Command Substitution. Tilde Expansion. Alias Syntax. History Syntax. Function Syntax. Programming Statement Syntax. Test and C Shell Built-In Test. Bourne Shell Mathematical Operators. C Shell Mathematical Operators. Example Scripts. Anonymous ftp Script. arch.sh.fctn Function. array.sh.fctn Function. Hostname.sh.f ctn Function. osr.sh.fctn Function. whoami.sh.fctn Function. VII. SYSTEM SECURITY. 18. Understanding System Security. New Security Features in the Solaris 2.6 Release. Pluggable Authentication Module (PAM). Executable Stacks and Security. Disabling Programs from Using Executable Stacks. Disabling Executable Stack Message Logging. Overview of System Security. Maintaining Physical Site Security. Maintaining Login and Access Control. Restricting Access to Data in Files. Maintaining Network Controls. Monitoring System Use. Setting the Correct Path. Monitoring setuid Programs Installing a Firewall. Reporting Security Problems. File Security. User Classes. File Permissions. Directory Permissions. Octal Values for Permissions. Default umask. File Types. File Administration Commands. Displaying File Information. Changing File Ownership. Changing Group Ownership of a File. Changing File Permissions. Special File Permissions (setuid, setgid, and Sticky Bit). setuid Permission. setgid Permission. Sticky Bit. Searching for Files with Special Permissions. Access Control Lists (ACLs). ACL Commands. ACL Permissions for Files. ACL Permission for Directories. Determining If a File Has an ACL. Setting ACL File Permissions. Setting Permissions for a File from a Command-Line. Using an ACL Configuration File to Set Permissions. Adding and Modifying ACL Permissions. Deleting an ACL Entry. Copying ACL File Permissions. Network Security. Firewall Systems. Authentication and Authorization. Monitoring Login Security Information. Displaying a User's Login Status. Temporarily Disabling User Logins. Saving Failed Login Attempts. Sharing Files. Restricting Superuser (root) Access. Controlling and Monitoring Superuser Access. Restricting Superuser Logins to the Console. Monitoring Who Is Using the SU Command. Using Privileged Ports. Automated Security Enhancement Tool (ASET). 19. Using Authentication Services. DES Encrption. Diffie-Hellman Authentication. How Diffie-Hellman Authentication Works. Generating the Public and Secret Keys. Running the keylogin Command. Generating the Conversion Key. First Contact with the Server. Decrypting the Conversation Key. Storing Information on the Server. Verifier Returned to the Client. Client Authenticates the Server. Additional Transactions. Administering Diffie-Hellman Authentication. Secure RPC Commands. Restarting the Keyserver. Setting Up NIS+ Credentials for Diffie-Hellman Authentication. Setting and Monitoring Files with Diffie-Hellman Authentication. Kerberos Version 4. How Kerberos Authentication Works with NFS. Administering Kerberos Version 4 Authentication. Acquiring a Kerberos Ticket for Superuser on a Client. Sharing and Mounting Files with Kerberos Authentication. Logging In to Kerberos Service. Listing Kerberos Tickets. Accessing a Directory with Kerberos Authentication. Destroying a Kerberos Ticket. The Pluggable Authentication Module (PAM) Framework. PAM Module Types. Stacking Features. Password-Mapping Feature. How PAM Works. PAM Library and Modules. PAM Configuration File. Valid Service Names. Control Flags. The required Flag. The requisite Flag. The optional Flag. The sufficient Flag. Planning for PAM. Configuring PAM. Preventing Unauthorized Access from Remote Systems with PAM. Initiating PAM Error Reporting. Adding a PAM Module. 20. Using Automated Security Enhancement Tool (ASET). ASET Tasks. ASET Master Files. ASET Security Levels. How ASET Tasks Work. System Files Permissions Verification. System Files Checks. User/Group Checks. System Configuration Files Check. Environment Check. eeprom Check. Firewall Setup. ASET Execution Log. ASET Reports. Format of Report Files. Examining and Comparing Report Files. ASET Master Files. Tune Files. The uid_aliases File. The Checklist Files. ASET Environment File (asetenv). ASET Shell Environment Variables. PERIODIC_SCHEDULE Variable. TASKS Variable. UID_ALIASES Variable. YPCHECK Variable. CKLISTPATH_level Variable. Running ASET. Running ASET Interactively. Running ASET Periodically. Stopping Running ASET Periodically. Collecting Reports on a Server. Restoring System Files Modified by ASET. ASET Error Messages. Appendix A: Volume Management. Volume Management Files. Volume Management Mount Points. Local and Remote CD-ROMs. Mounting a Local CD-ROM. Sharing Files from a Remote CD-ROM Drive. How to Mount Shared CD-ROM Files. How to Unmount Shared CD- ROM Files. Diskettes and Volume Management. Command Line Access. Open Windows File Manager Access. CDE Front Panell Access. CDE File Manager Access. Using the tar and cpio Commands with Diskettes. Troubleshooting. Using Workman with Volume Management. Changes with Solaris 2.3 System Software. Disabling Volume Management. Appendix B: Solaris Server Intranet Extension Products. Introducing the Solaris Server Intranet Extension Products. System Management. Network Services. Remote Connectivity and Security. CD- ROM Contents. AdminSuite. AdminFiles and Directories on the CD. Installing Sostice AdminSuite. Review Disk Space Requirements. Checking Software Package Requirements. Removing Previously Installed AdminSuite Software. Verifying sysadmin Group Membership. Running the admin_install Script. Running AdminSuite. AutoClient. Advantages of an AutoClient System. How an AutoClient System Works. How an AutoClient System Cache is Updated. AutoClient Files and Directories on the CD. Installing AutoClient Software. Supported Platforms and Operating Systems. Reviewing Disk Space Requirements. Check Software Package Requirements. Removing Previously Installed AutoClient Software. Verifying sysadmin Group Membership. Installing Patches. Installing Solstice AdminSuite and AutoClient Software. Running AutoClient. DiskSuite. DiskSuite Files and Directories on the CD. Installing Solstice DiskSuite. Reviewing Disk Space Requirements. Choosing Software Packages. Installing Solstice DiskSuite. Backup Utility. Backup Files and Directories on the CD. Installing Solstice Backup. Reviewing Disk Space Requirements. Installing Solstice DiskSuite for Solaris. Installing Solstice DiskSuite for SunOS. Running Backup. TotalNET Advanced Server (TAS) TAS Files and Directories on the CD. Installing Solstice TAS. Upgrading from TAS 4.1.1. Reviewing System Requirements. Installing Acrobat Readers. Installing TAS. Connecting to TotalAdmin. Sun WebServer. Sun WebServer Files and Directories on the CD. Installing Sun WebServer. Reviewing System Requirements. Installing Sun WebServer. Running Sun WebServer. Solstice Internet Mail Server (SIMS). Supported Network Communications Protocols. Supported Mail Access Models. SIMS Features. SIMS Files and Directories on the CD. Installing SIMS 2.0. Reviewing System Requirements. Removing Installed SIMS Software. Installing SIMS Software. Licensing Information. Configuring the Mail Server. Verifying a Successful Installation. Java IDL. Java IDL Files and Directories on the CD. Installing Java IDL. Reviewing System Requirements. Installing Java IDL Software. Starting the Name Server. Solstice PPP 3.0.1 Files and Directories on the CD. Installing Solstice PPP. Reviewing System Requirements. Reviewing Licensing Requirements. Installing PPP Software. Getting Started with Solstice PPP. SunScreen SKIP. SunScreen SKIP Files and Directories on the CD. Installing SunScreen SKIP. Reviewing System Requirements. Installing SunScreen SKIP Software. Using SunScreen SKIP. Glossary. Bibliography. Index.