หลักสูตร UNIX Solaris System & Network Administrator

Training Professional Training Professional CenterCenter

11

หลั�กสู�ตรหลั�กสู�ตรUNIX Solaris System & UNIX Solaris System & Network Administrator Network Administrator

วิทยากรวิทยากร: : ขจร สูนอภิรมย�สูราญขจร สูนอภิรมย�สูราญ


22

IntroductionIntroduction

แนะน��ก�รฝึกอบรม แนะน��วิ�ทย�กร และผู้��ช่�วิยวิ�ทย�กร แนะน��ผู้��เข้��ฝึกอบรม

ควิ�มค�ดหวิ�ง จุ�ดประสงค"และเน#$อห�ข้องหล�กส�ตร


33

แนะน�าวิทยากร แลัะผู้��เร�ยน แนะน�าวิทยากร แลัะผู้��เร�ยน วิ�ทย�กร

ข้จุร ส�นอภิ�รมย"สร�ญ Unix System and Network Administration

(Solaris, Linux, FreeBSD) Microsoft Windows 2003

System Environment, Active Directory, Network Infrastructure

Cisco Network Fundamental Information Security Consultant


44

แนะน�าผู้��เข�าฝึ�กอบรมแนะน�าผู้��เข�าฝึ�กอบรม ช่#)อ-น�มสก�ล ต��แหน�ง หน��ท*)ร �บผู้�ดช่อบ ควิ�มค�ดหวิ�ง


55

จ!ดประสูงค์�จ!ดประสูงค์� หล�กส�ตรน*$เหม�ะส��หร�บ

Unix System Administrator (Solaris) น�กวิ�ช่�ก�รท*)สนใจุ

ควิ�มร� �พื้#$นฐ�น ควิรม*ประสบก�รณ์"เก*)ยวิก�บระบบคอมพื้�วิเตอร" Unix Perform basic Unix tasks Understand basic Unix commands Use vi text editor Interact with a windowing system


66

เน&'อหาของหลั�กสู�ตรเน&'อหาของหลั�กสู�ตร

Day 1 Introduction Solaris System Administration Basic OS Commands Understanding Shells User Accounts and Groups Rights and Roles File Systems, Backup and Recovery Administering Devices


77

เน&'อหาของหลั�กสู�ตรเน&'อหาของหลั�กสู�ตร ((ต(อต(อ))

Day 2 Administering Systems Printing Service Network Service & Remote access Software Packages & Patches Tuning & Recognizing File Access Problems New Feature Enhancements in Solaris 10


88

Day1Day1

1. Introduction Solaris System Admin

2. Basic OS Commands

3. Understanding Shells

4. User Accounts and Groups

5. Rights and Roles

6. File Systems


99

1. Introduction Solaris System Admin


1010

Path StructurePath Structure

data

KenJohn

/

bin dev etc Home tmp usr

datadoc

sbin

export var

mnt


1111

DemonstrationDemonstration

Login with root root Password

# pwd cd / ls –l ls –l h*


1212

LAB1-1: Server Preparation1-1: Server Preparation

1. Enable 3 Solaris systems (By VMWare) Duplicate 3 VMs Introduce VMWare with Solaris 10 Introduce Solaris 10 (CDE, Java Desktop System-Gnome)

2. Set server information vi command

Command Mode ESC

Edit Mode Key – i Insert Key –a Append

Exit vi ESC :q! , ZZ

Save text EST :wq!

Define host name /etc/hosts

suwit001, suwit002, suwit003 /etc/hostname.<Interface> /etc/nodename


1313

LAB1-1: Server Preparation1-1: Server Preparation

1. Set network properties Define IP addresses

/etc/hosts

/etc/hosts (Map IP – Hostname)Type 192.168.1.73 suwit001

/etc/hostname.pcn0 (ก�าหนด IP ให� NIC)Type suwit001 (ก�าหนดให�ตรงก�บไฟลั� /etc/hosts)

/etc/nodename (hostname)Type suwit001 (ก�าหนดให�ตรงก�บไฟลั� /etc/hosts)

$> init 6 (reboot)


1414

1.1 SPARC and IA System Admin Difference1.1 SPARC and IA System Admin Difference

CategoryCategory SPARCSPARC IAIASystem operation before kernel load

OpenBoot PROM BIOSSolaris Device Config Assistant MDB (Multiple Device Boot)

Booting system Command Option at PROM Command Option at MDB


1515


CategoryCategory SPARCSPARC IAIABoot Program bootblk (Pri. boot program)

ufsboot (Sec. boot program)load kernel

mboot (MBR) pboot (Solaris Partition boot program) bootblk

(Pri. boot program)ufsboot (Sec. boot program)load kernel


1616


CategoryCategory SPARCSPARC IAIASystem Shutdown shutdown,init w/o

interventionshutdown,init w/ intervention

Disk Controller SCSI, IDE SCSI and IDE

Disk slice and partition Max. 8 slices (0-7) DiskMax. 4 fdisk partition

Sol fdisk 10 slices (0-9) but 0-7 store data

Diskette drive 3.5-inch diskette drive 3.5, 5.25-inch


1717

1.2 Solaris System Software Evolution1.2 Solaris System Software Evolution

ReleaseRelease FeatureFeatureSolaris 1.0 (SunOS 4.x) Berkeley (BSD) Unix

Solaris 2.0 (SunOS 5.0) SVR4 (AT&T) and BSD

Solaris 2.1 (SunOS 5.1) Admin ToolsGUI, Print/Accout Manager,

Solaris 2.2 (SunOS 5.2) Vol ManagerCDROM

Solaris 2.3 (SunOS 5.3) VFS,Online Backup, PAM, PPP, CacheFS (NFS), NIS+

Solaris 2.4 (SunOS 5.4) Motif GUI (Installation)

Solaris 2.5 (SunOS 5.5) PAX,Soltice Admin Suite, Process Tool (/proc), Telnet client (4.4 BSD version), Improve rlogind, telnetd

Solaris 2.5.1 (SunOS 5.5.1) UserID,GroupID extend to max. sign integer

Solaris 2.6 (SunOS 5.6) Printing Software (NIS,NIS+), Large file support (UFS,NFS, CacheFS), NFS Kerberos use DES, RPC (GSS-API), Y2K compliance, WebNFS, JVM 1.1


1818

ReleaseRelease FeatureFeatureSolaris 7 (SunOS 5.7) 64bits (SPARC only), LDAP, Dynamic reconfiguration, AnswerBook2,

Unicode, RPC security, CDE (new tools)

Solaris 8 (SunOS 5.8) IPv6, Naming LDAP, Java2, Wizard (Installation), UDF (Universal Disk Format), DVD, Smart card, PDA, Multilanguage (90 locals,37 langs), XServer (X11R6.4), RBAC (Role-Based Access Control)

Solaris 8 (SunOS 5.8) (6/00) Mobile IP, Removable Media (DVD,Zip,Jaz,CDROM,diskette)

Solaris 8 (SunOS 5.8) (10/00) IP Multipathing with NICs, WBEM (Web-Based Enterprise Management, Print USB

Solaris 8 (SunOS 5.8) (1/01) LDAP+iPlanet WebServer, SMC 2.0 (RBAC), WBEB (init.wbem, update security, SMC Log viewer), USB (Sun Blade 100, 1000 and Sun Ray system)

Solaris 8 (SunOS 5.8) (4/01) New BIND, sendmail 8.10, IP multipathing with dynamic reconfiguration (DR), Mobile IP (reverse tunnel)

Solaris 8 (SunOS 5.8) (7/01) PPP 4.0 (async,sync comm., PAP, CHAP), NCA (Solaris Network Cache Accelerator), IP Multipathing (IPMP reboot safe)

Solaris 8 (SunOS 5.8) (10/01) DR 3.0 (Automated DR), USB (KB,Mouse,Printer,Audio)

Solaris 8 (SunOS 5.8) (2/02) RPC (Sun ONC+ async protocol)



1919

ReleaseRelease FeatureFeatureSolaris 9 (SunOS 5.9) Resource Manager (allocate resource), Fixed-priority (FX), Web Start

Flash Install (master,clone), Live Upgrade, New option (df, du, ls, 1K unit), pargs and preap (process debugging), NIS+ LDAP, Sun Internet FTP Server, sendmail 8.12, Improve NCA, IPMP (link-up-down), Mobile IP (advertise dynamic if), BIND 8.2.4, Solaris volume manager, SMC 2.1 (6 new tools), smpatch, Solaris Secure Shell, cdrw (Write CD)

Solaris 10 (SunOS 5.10) X86/X64, SPARC

Solaris Container – Grid Container (Isolate App, Service, Allocate resource, Increase resource utilization)

Solaris Secure Execution (File Integrity and Secure Execution, User&Process Right Management, IP Filter Firewall, Cyptographic Service/Secure, Enterprise Authentication – LDAP,PW,MD5,Kerberos,Smartcard)

Solaris Dynamic Tracing (easy to analyze, debug, optimize system, App in Realtime, Patch Management)

Solaris Predictive Self Healing (Auto diagnostic, isolate recovery from H/W, App fault)



2020

1.3 Understanding Superuser Statusnding Superuser Status

Special UID = 0 (/etc/passwd) Root Perform system admin tasks

mount/unmount file system change ownership or permission backup/restore create device file shutdown system


2121

LAB1-2: Become Superuser (su) LAB1-2: Become Superuser (su)

1. Switch user at shell prompt Shell prompt ($>, %>), type su Enter password (root) Environment enable, type su –

su – root su – user1

Exit Superuser status, type exit


2222

LAB1-2: Become Superuser (su) LAB1-2: Become Superuser (su)

2. Logging in as Root Login prompt,

type root (Enter) type password (Enter)

Add user $> useradd –d /export/home/username username

Check logon user $> who am i $> id $> w $> finger


2323

ScreenshotScreenshot


2424

1.4 Communicating with Users1.4 Communicating with Users

Message Of The Day (motd) /etc/motd

Send Message to Individual User write username write username < filename

Send Message to All Users on System or Network wall rwall –n group

walld /etc/inetd.conf

Send Message by E-mail


2525

1.5 Starting Up Systems1.5 Starting Up Systems

Choosing and Init State 0 – Go to Firmware S or s – Single mode (single logon) 1 – Single admin mode – mount all file system 2 – Multi-user without NFS (Network File System) 3 – Multi-user with NFS 4 – No use 5 – Power off (shutdown running services) 6 – Reboot (shutdown running services and restart)


2626


The /etc/inittab file Default run level for system Process start, monitor, and restart if terminate Action to take when system enter new run level

id:rstate:action:processid:rstate:action:process


2727


Run Control Scripts /sbin/rc0 /sbin/rc1 /sbin/rc2 /sbin/rc3 /sbin/rc5 and /sbin/rc6 /sbin/rcS

Finding Run Level for System who -r


2828


Run Control Script Form

S,K[0-9][a-z][A-Z] S10webserver S20dbserver

/etc/rc3.d S10webserver S20dbserver


2929


Using Run Level Run Level 0 Run Level s and S Run Level 1 Run Level 2 Run Level 3 Run Level 4 Run Level 5 Run Level 6


3030


Change Run Level Become superuser $> telinit [run level] (Recommend) $> init [run level] shutdown –y –g [period] –i [run level] [message]

Example shutdown –y –g 30 –i 6 “System will shutdown”


3131


Booting Protocols SPARC Platform (OpenBoot PROM)

bootblk ufsboot kernel init

IA Platform (PC BIOS) mboot (Master Boot Record) pboot (Partition boot program) bootblk ufsboot kernel init


3232


Booting System Turn off system power because of power outage Change kernel parameters in /etc/system Perform system maintenance, backup or restore

system data Repair system configuration file /etc/system Changing pseudo device parameters in /etc/system Add or remove hardware from system Boot kernel debugger to track down system problem


3333


view Boot Message /var/adm/messages

Crash Dump & Reboot system halt –d (save in swap file system) dumpadm (configure crash dump) savecore (/var/crash/hostname)

Boot System for Recovery Purpose SPARC IA


3434


Boot System for Recovery Purpose SPARC IA

Boot from Solaris 10 Installation CD Screen selection mode

b –s $> mount /dev/dsk/c0d0s0 /a $> cd /a/etc $> vi passwd $> vi shadow (in case of password recovery)


3535


Search text in file grep “search string” filename $> grep “Aug 22 13:56” /var/adm/message $> grep –i “Aug 22 13:56” /var/adm/message egrep

Create file with zero byte $> cat > filename $> touch filename $> vi filename (save and exit)


3636


Shutdown System Turn off system power Install a new release Prepare power outage Add hardware to system Perform maintenance file system


3737


Shutdown System Recommendation

/usr/sbin/shutdown /etc/telinit and /sbin/init

Not Recommendation /usr/sbin/halt /usr/sbin/reboot

/usr/sbin/uadmin 2 0


3838

1.5 Monitoring Processes1.5 Monitoring Processes

$> ps $> ps –ef | grep userid $> prstat


3939

Check boot configurationCheck boot configuration

$> cd /usr/platform/i86pc$> eeprom


4040

Desktop Resolution SettingDesktop Resolution Setting

1. Command Login prompt2. Login as root3. $> kdmconfig4. Follow step

- Xsun server- XF86 VMWare- MutipleFrequency 56kHz- 800x600 @16777777


4141

Review all exercisesReview all exercises

System startup Vi Su Adduser


4242

2. Basic OS Commands


4343

List file in directoryList file in directory

$> pwd (Check current pathname) $> ls $> ls –l

Show detail of file Permission Ownership/Group File size Last update date Link (symbolic link)

$> ls –la Show hidden file (prefix (.) )


4444

Monitoring Disk usageMonitoring Disk usage

df หร#อ df /dev/dsk/c1d0d2


4545

Monitoring Disk usage (cont.)Monitoring Disk usage (cont.)

du


4646

File permissionFile permission

rwxrwxrwx filenamer = Readw = Writex = Execute

Ownershipu = Userg = Groupo = Other

Example:rw-rw-rw- root superuser /etc/hosts110110110 666rwxrwxrwx 777r-xr-xr-x 555


4747

Changing File permissionChanging File permission

chmod1. $> chmod 777 filename

rwxrwxrwx filename $> chmod 744 filename

rwxr--r--2. $> chmod u-w filename

r-xrwxrwx3. $> chmod u+w filename

rwxr--r--

Sign ‘+’ = add permissionSign ‘-’ = del permission


4848

User mask (umask)User mask (umask)

Setting default permission with umask It’s subtract 666-umask value (666-222=444, 222 is umask

value)

Example Umask 022 touch data.txt ls -l


4949

Sticky bit permissionsSticky bit permissions

Protected files from being deleted by other users Should be set on the top-level directory Example

chmod +t somedir


5050

Access Control ListAccess Control List

getfacl

setfacl

Example setfacl –m user:username:r– secret.doc


5151

Change ownership of fileChange ownership of file

Chown $> chown userid:groupid filename

Finding file in system find <path> -name filename –print $> find / -name passwd –print

view content of file $> more filename Key ‘/’ search-text Key ‘n’ next search-text


5252

view at the end of file (tail)view at the end of file (tail)

$> tail filename (show last 10 lines) $> tail –f filename (view last update

information)

view at the beginning of file (head)

$> head filename (show first 10 lines)


5353

Solaris Management Console (SMC)Solaris Management Console (SMC)

$> smc & (background running) $> smc (forground running)

Key ‘Ctrl-Z’ Key ‘bg’ Key ‘fg’

Find Disk space $> df –k (1K block) $> df –h (1K unit – KB, MB,GB)

Find Disk Usage $> du –k [pathname] (1k block) $> du –h [pathname] (1K unit – KB, MB,GB)


5454

2.1 Finding User Information

$> who -r


5555

2.2 Creating & Editing Files

$> vi filename Command mode (Key ‘ESC’) Edit mode (Key ‘i’, ‘a’)

$> cat > filename $> touch filename


5656

2.3 Using Manual Page

$> man [keyword] $> man useradd $> man mkdir $> man man


5757

2.4 Finding Disk Information2.4 Finding Disk Information

$> df –k $> df –h

$> man df


5858

Set EnvironmentSet Environment

set command


5959

Set ParameterSet Parameter


6060

3. Understanding Shells3. Understanding Shells


6161

3.1 Tasks Common to All Shells3.1 Tasks Common to All Shells

Aliases History list .profile .cshrc


6262

AliasesAliases

Example Alias dir = “ls –al”


6363

History listHistory list

Example History ![number] for calling


6464

.profile.profile

.profile can contain any commands and environment settings

Example TERM=vt220; export TERM Define in /etc/skel/profile.local


6565

.cshrc.cshrc


6666

Environment VariablesEnvironment Variables

Environment Variable

Example:


6767

Shell commandShell command

Source (.) Basename Cat Cd Chgrp Date Find Grep


6868

Shell command (cont.)Shell command (cont.)

Head Less Ls Mkdir More Pwd Rmdir tail


6969

Source (.)Source (.)

Common Path /etc/myscript.sh

Source Path .myscript.sh sh myscript.sh ./myscript.sh


7070

DemonstrationDemonstration

Shell Command Source (.) Basename Cat Cd Chgrp Date Find Grep

Grep Head Less Ls Mkdir More Pwd Rmdir Tail wc


7171

Changing Shells from command lineChanging Shells from command line

$> csh $> ksh $> sh $> bash $> tcsh

Exit from Shells $> exit


7272

Shell ScriptsShell Scripts

.Profile script Shell argument


7373

Demonstration: Shell script #1Demonstration: Shell script #1

touch count_line.sh Chmod +x count_lines.sh vi count_lines.sh

#!/bin/sh Echo “Number of lines infile” $1 wc –l $1

Execute ./count_lines.sh /etc/group


7474


vi count_lines.sh #!/bin/sh If test –a $1 then echo “Number of lines infile” $1 wc –l $1 Else

Echo “the file” $1” does not exist” fi

Execute ./count_lines.sh /etc/group


7575


vi count_lines.sh #!/bin/sh If test –r $1 then echo “I can read the file” $1 else

Echo “I can’t read the file” $1

fi Execute

./count_lines.sh /etc/group


7676

Test facility Test facility

-a All -b file is a special block file. -c file is a special character file. -d file is a directory. -f File is a normal file -h File is a symbolic link. -p File is a named pipe. -s File has nonzero size. -w File is writable by the current user. -x File is executable by the current user.


7777

Demonstration: Shell script Looping #1Demonstration: Shell script Looping #1

touch loop1.sh vi loop1.sh

#!/bin/sh For i in apple orange lemon kiwi guava Do

DATAFILE=$i”.dat” echo “Checking” $DATAFILE if test –s $DATAFILE then

echo $DATAFILE “is OK” else

echo $DATAFILE “has zero-length” fi

done


7878

4. User Accounts and Groups4. User Accounts and Groups


7979

Database User&Group InfrastructureDatabase User&Group Infrastructure

/etc/passwd

/etc/shadow

/etc/group

Root


8080

4.1 Tools for Adding and Admin User Accounts4.1 Tools for Adding and Admin User Accounts

$> smc & $> useradd $> userdel

Creating password for user $> passwd username


8181

4.2 Adding an user Account (smc)4.2 Adding an user Account (smc)


8282

Adding an user account (useradd)Adding an user account (useradd)

Example


8383

How to use useraddHow to use useradd


8484

Create Multiple UsersCreate Multiple Users (smc)(smc)


8585

Create Multiple Users (cont.)Create Multiple Users (cont.)


8686

Delete user (userdel)Delete user (userdel)

Example Userdel –r user1


8787

4.3 Setting Up & Admin Groups (smc)4.3 Setting Up & Admin Groups (smc)


8888

GroupaddGroupadd

Example Groupadd office Groupadd –g 120 engineer

/etc/group


8989

GroupmodGroupmod


9090

Change PasswordChange Password

Password

root

owner


9191

5. Rights and Roles5. Rights and Roles


9292

5.1 Using SMC to Grant Access Rights to Users5.1 Using SMC to Grant Access Rights to Users


9393

5.2 Using SMC to Admin Role Accounts5.2 Using SMC to Admin Role Accounts


9494

Using SMC to Admin Role Accounts (cont.)Using SMC to Admin Role Accounts (cont.)


9595

5.3 RBAC Databases5.3 RBAC Databases

/etc/user_attr/etc/security/auth_attr

Root

RolesRights


9696

5.4 Command to Manage RBAC5.4 Command to Manage RBAC


9797

6. File Systems


9898

File System OverviewFile System Overview

New Disk

Controller

SCSI/IDE

target No target

DiskCwTxDySz

Slice0

Slice1


9999

Disk arrangementDisk arrangement

Cwtxdysz Example

C0t0d0s0 C : Controller T : Target D : Disk S : Slice (partition)


100100

FormattingFormatting

Example Format , Press Enter key.


101101

TypeType of File Systemsof File Systems

Disk based Network based virtual (formerly pseudo)

Disk based file system UFS (Unix File System) HSFS (ISO 9660)

CDROM Readonly PCFS (PC File System)

DOS-format, Floppy disk UDFS (Universal Disk Format file system)

(CDRW, DVD-ROM)


102102


Network based NFS (Network File System)

NFS Server NFS Client

virtual File System CacheFS

Boot CDROM, mount file system store in Memory TMPFS (Temporary File System)

/tmp, /var/run


103103


virtual File System CacheFS

Boot CDROM, mount file system store in Memory

TMPFS (Temporary File System) /tmp, /var/run

PROCFS (Process file system) /proc


104104

Example: FormattingExample: Formatting

IDE

Disk

Fdisk

Partition

NewFS > mnt


105105

Adding new HarddiskAdding new Harddisk

$> touch /reconfigure $> telinit 5 Install new HDD+ Power on $> format

0: c0d0 1: c0d1 2: c0d2


106106


$> format format> partition partition> help partition> 0 (0-7) partition> tag id partition> permission flag (wm) partition> size (Cylinder) partition> label (Save partition) partition> quit


107107


$> newfs /dev/rdsk/c0d[1]s[0] $> man newfs

Mounting file system Create mount point $> mkdir /export/software

/export/software /dev/dsk/c0d1s0 $> mount /dev/dsk/c0d1s0 /export/software


108108


Mount on booting Edit in file /etc/vfstab


109109

Setting up Disk SlicesSetting up Disk Slices

SliceSlice File systemFile system DescriptionDescription Client/ServerClient/Server

0 Root Hold files and directories that make OS Both

1 Swap Provide virtual memory or swap space Both

2 Backup Refer to the entire disk, by format command Both

3 - Up to design Both

4 - Up to design Both

5 /opt Hold App software added to the system Both

6 /usr Hold OS command, run by users, document, system program

Both

7 /export/home Hold home folder from remote system Both

8 - Contain the boot slice info at the beginning of Solaris partition – enable boot from HDD

Both

9 - Provide area reserved for alternative disk block. Alternative sector slice.

Both


110110

Day 2Day 2

7. Administering Systems8. Printing Service9. Network Service & Remote access10. Software Packages & Patches11. Tuning & Recognizing File Access Problems12. New Feature Enhancements in Solaris 10


111111

7. Administering Systems


112112

Determine HostidDetermine Hostid

$> hostid $> sysdef –h $> sysdef > /tmp/sysdef.txt

Host information $> uname –a

Display System Information $> prtconf


113113

How long a system has been upHow long a system has been up

$> uptime

Find system was booted $> who –b

System date / time $> dateSetting date / time $> date mmddHHMMyy


114114

Changing TimezoneChanging Timezone

Edit in file /etc/TIMEZONE TZ=“Asia/Bangkok”

The complete list of time zone variables /usr/share/lib/zoneinfo


115115

Checking the data consistency of File systemChecking the data consistency of File system

$> fsck /dev/rdsk/c0d1s0

Finding whether need to checking /dev/rdsk/c0d1s0 /export/data $> umount /export/data $> fsck –m /dev/rdsk/c0d1s0 If need, init S or s $> fsck /dev/rdsk/c0d1s0 $> man fsck


116116

Backup & Restore File SystemBackup & Restore File System

Tape Device /dev/rmt/0 Tape 1 /dev/rmt/1 Tape 2

Backup file system $> ufsdump 0cuf /dev/rmt/0 /dev/dsk/c0d0s0 $> man ufsdump

Restore file system $> ufsrestore $> man ufsrestore


117117

Ufsdump CommandUfsdump Command


118118

Ufsdump parameterUfsdump parameter

/usr/sbin/ufsdump [options] [arguments] files to dump Options

-f : dump to file -u: update the dump record -v: verify -c: Cartridge Example

Entire Slice> Tape : ufsdump 5fuv /dev/rmt/1 /dev/rdsk/c0t3d0s6


119119

Ufsrestore CommandUfsrestore Command


120120

Ufsrestore parameterUfsrestore parameter

/usr/sbin/ufsrestore -i : Interfactive -f : Restore selected file -t : Testing -a: archive_file

Example Restore Entire Media: ufsrestore if /tmp/backup.dat


121121

Ufsrestore (Interactive)Ufsrestore (Interactive)


122122


Backup Strategy Full Backup Differential Backup Incremental Backup

Full

Full

Full

D

TUEMON WED THU FRI

DIFF

INC

NORM Full Full Full Full

D D D

I I I I


123123


/dev/dsk/c0d0s0 /dbasefile

/dev/dsk/c0d1s0 /backup

$> ufsdump 0a /backup/full.dat /dev/dsk/c0d0s0 /backup/full.dat

$> ufsdump 0c /dev/rmt/0 /dev/dsk/c0d0s0


124124


List Table of content $> ufsrestore ta /backup/full.dat

Extract data from backup device $> ufsrestore ia /backup/full.dat ufsrestore> help ufsrestore> ls ufsrestore> add [filename] ufsrestore> extract


125125


Disk Duplicate Backup full disk space $> dd if=/dev/dsk/c0d0s2 of=/dev/dsk/c0d1s2

Tar file $> cd / $> tar cvf /export/data/full.tar ./etcUntar file $> cd /export/extract $> tar xvf /export/data/full.tar [.]

$> compress –f full.tar full.tar.Z $> uncompress full.tar.Z tar xvf full.tar

$> tar cvf - ./etc | gzip - > /export/data/full.tgz $> gunzip full.tgz tar xvf full.tar


126126

Creating data CDsCreating data CDs

$> cdrw


127127

8. Printing Service


128128

Printer OverviewPrinter Overview

ServerPrinter

Print Device

Print DeviceClient

Desktop


129129

Solaris Print ManagerSolaris Print Manager


130130

Printer ManagerPrinter Manager

$> /usr/sadm/admin/bin/printmgr & Name service = File Click Menu Printer

Add Attached Printer Add Network Printer

$> lpadmin $> lpq


131131

New Attach PrinterNew Attach Printer


132132

Setting Print Server (P421-422)Setting Print Server (P421-422)

Printer Name Server Name Network printer access name IP address for the printer Protocol (TCP)


133133

How to Set Printer with command lineHow to Set Printer with command line

Install printer Install Printer Device Lpadmin Accept (Print Queue) Enable (Activate Printer for Lp)

Monitoring Lpstat

Using Printer Lp, Lpr


134134

Lpadmin commandLpadmin command


135135

Example: Lpadmin Example: Lpadmin


136136

Accept CommandAccept Command


137137

Enable CommandEnable Command


138138

Lpstat CommandLpstat Command


139139

Lp commandLp command


140140

Setting Print Server Step by StepSetting Print Server Step by Step

Login as root $> lpadmin –p HPLJ4050 –v /dev/null $> accept HPLJ4050 $> enable HPLJ4050 $> lpstat –p HPLJ4050 $> lpstat –p HPLJ4050 –l For more Information

Printing $> lp –d HPLJ4050 –n 1 filename

Cancelling Printing $> lpstat –p HPLJ4050 Find request-id $> cancel [request-id]


141141

9. Network Services & Remote Access9. Network Services & Remote Access


142142

Configure Host and IP address w/ Multi-NICsConfigure Host and IP address w/ Multi-NICs

$> touch /reconfigure $> init 5 Install Network Cards Power On $> cd /etc $> vi hosts

IP address0 hostname0 IP address1 hostname1 IP address2 hostname2

/etc/hostname.[interface] hostname.pcn0 hostname0 hostname.pcn1 hostname1 hostname.pcn2 hostname2


143143

Configure Host and IP address w/ Multi-IPConfigure Host and IP address w/ Multi-IP

$> cd /etc $> vi hosts

IP address1 hostname1 IP address2 hostname2 IP address3 hostname3

/etc/hostname.[interface]:[1-99] hostname.pcn0:1 hostname1 hostname.pcn0:2 hostname2 hostname.pcn0:3 hostname3


144144

NFS (Network File System)NFS (Network File System)

Server Login as root $> ps –ef | grep nfsd $> mkdir /export/share $> share –F nfs –o rw /export/share

/etc/init.d/nfs.server start $> share Check sharing $> dfshares Check sharingClient $> mkdir /export/share $> mount –F nfs hostname:/export/share /export/share $> mount Check mounting $> df Check mounting


145145

ExampleExample


146146

Start / Stop processStart / Stop process

$> processname [&] [&] is for running as background process

$> processname CTRL-Z $> bg $> fg (For running as forground process

$> ps –ef | grep processname $> kill [process id] $> pkill [processname]


147147

Network Setting UpNetwork Setting Up

Define IP address [Static IP] Edit /etc/hosts

192.168.1.200 suwit001 Edit /etc/hostname.pcn0

suwit001 Edit /etc/nodename

suwit001

DHCP Client $> /sbin/dhcpagent

Request Network Information from DHCP Server


148148

Checking Network SetupChecking Network Setup

$> ifconfig –a Check ip address

$> netstat –rn netstat –r –n Check routing table (Look for line default)

$> more /etc/resolv.conf Check nameserver (DNS)

$> more /etc/defaultrouter [Static ip]

Manually add routing table route add default [gateway ip]

$> route add default 192.168.1.1


149149

Network Setting with Multiple NICsNetwork Setting with Multiple NICs

ServerServer

pcn0 pcn1

203.151.100.0 / 24203.151.100.0 / 24 192.168.1.0 / 24192.168.1.0 / 24

203.151.100.1203.151.100.1 .10.10

Route add [NetworkID] [Gateway IP]Route add [NetworkID] [Gateway IP]$> route add 0.0.0.0 203.151.100.1$> route add 0.0.0.0 203.151.100.1$> route add default 203.151.100.1 $> route add default 203.151.100.1

192.168.1.1192.168.1.1

192.168.9.0 / 24192.168.9.0 / 24

Route add [NetworkID] [Gateway IP]Route add [NetworkID] [Gateway IP]$> route add 192.168.9.0 192.168.1.1$> route add 192.168.9.0 192.168.1.1$> route add 192.168.9.9 192.168.1.1$> route add 192.168.9.9 192.168.1.1

.10.10

File /etc/rc3.d/S69staticrouteFile /etc/rc3.d/S69staticrouteRoute add [networkid] [gateway ip] Route add [networkid] [gateway ip]


150150

Remote LoginRemote Login

Desktop Manager Click Remote Login Click Choose from list…

Terminal Remote Login $> rlogin hostname [ip address of remote system] $> telnet hostname [ip address]

Root for remote login Edit file /etc/default/login Comment line “#CONSOLE=….”


151151

Check remote system how long be upCheck remote system how long be up

$> rup hostname [ip address]

Check remote system alive $> ping hostname [ip address] $> ping –s hostname (infinity loop)


152152

FTP – File Transfer ProtocolFTP – File Transfer Protocol

/etc/ftpd/*.* $> ftp hostname [ip address]

Login / password ftp> help ftp> get [filename] download ftp> mget [filename *.*] multiple get ftp> put [filename] upload ftp> mput [filename *.*] multiple put ftp> binary Binary file (exe, jpg, gif) ftp> ascii Text file (txt) ftp> prompt Toggle interactive mode ftp> hash Show Progress print ‘#’ ftp> quit / bye


153153

Checking Packet from NetworkChecking Packet from Network

$> snoop $> snoop –o /tmp/packet.txt Capture to file $> snoop –d pcn1 $> snoop | grep hostname1[192.168.1.190] $> ethereal & $> nmap

Read from captured file $> snoop –i /tmp/packet.txt


154154

Check which Port binding by ProcessCheck which Port binding by Process

http://www.sunfreeware.com $> /usr/local/bin.lsof –l | grep TCP | more

Process name Binding Port

Installation Get file lsof.4.74*local.gz $> gunzip lsof4.74.gz $> lsof4.74*local $> pkgadd –d lsof*local

/usr/local/bin /usr/local/man

$> man –M /usr/local/man lsof


155155

Package InstallationPackage Installation

Source CDROM Software Companion CD NFS Sharing

Installation $> cd Package $> installer

Select package


156156

Setting EnvironmentSetting Environment

Edit .profile> PATH=$PATH:/opt/sfw/bin:.

> export $PATH Enable in current terminal

$> . /.profile


157157

10. Software Packages & Patches10. Software Packages & Patches


158158

Package InstallationPackage Installation

Web Start Insert CDROM package $> ./installer Select desire to install

Command Line $> pkginfo [Package Name] check if exist. $> pkgrm [Package Name] remove package $> pkgadd –d [Path] [Package Name] install package


159159

Installer Installer


160160

Installer (Cont.)Installer (Cont.)


161161

Pkginfo commandPkginfo command


162162

Pkgrm commandPkgrm command


163163

Pkgadd commandPkgadd command


164164

Scheduler with CrontabScheduler with Crontab

$> man cron /usr/sbin/cron

$> man crontab $> cd

/var/spool/cron/crontabs root username

$> cd /etc/cron.d File cron.allow File cron.deny


165165

LAB:LAB: Cron vs At commandCron vs At command

Edit file crontab $> vi

/var/spool/cron/crontab/root 30 11 * * * /tmp/echo.sh $> chmod +x /tmp/echo.sh

$> ps –ef | grep cron $> kill [cron pid] restart

cron to read new crontab $> date check time/date Execute /tmp/echo.sh

/var/spool/cron/atjobs/[jobid] $> at –m 1141 at> /tmp/echo.sh CTRL-D


166166

11. Tuning & Recognizing File Access Problems11. Tuning & Recognizing File Access Problems


167167

Recognize Problem with Search PathsRecognize Problem with Search Paths

Problem: Command not found $> echo $PATH

Borne/Korn Shell PATH=$PATH:/sbin:/opt/sfw/bin:. export PATH $> . [.profile] Full Path of profileC Shell setenv PATH ( $PATH /sbin /opt/sfw/bin . ) $> source [.cshrc] Full Path of profile

$> which [command] Show fullpath of command


168168

Recognize Problem with Permission, OwnershipRecognize Problem with Permission, Ownership

Change permission of file for execution Create Shell script $> chmod [nnn] [shell script]

nnn = 755 rwxr-xr-x

$> chmod +x [shell script] Change ownership of file/directory

$> chown [userid]:[groupid] [file, directory] $> chown –R [userid]:[groupid] [file, directory]


169169

12. New Features Enhancement in Solaris 1012. New Features Enhancement in Solaris 10


170170

Solaris Zone Partitioning TechnologySolaris Zone Partitioning Technology

Create virtual OE (Operating Environment) Zone

sOwn file system, device, network, resource, security


171171

Zone configurationZone configuration


172172

Zone configurationZone configuration


173173

NIS Setting upNIS Setting up

NIS Server $> svcadm enable network/nis/server $> svcs network/nis/server $> domainname suwit.com $> ypinit –m $> ypstart


174174

NIS Setting upNIS Setting up

NIS Client $> domainname suwit.com $> ypinit –c $> ypstart Edit file /etc/nsswitch.conf

passwd: nis file hosts: dns file


175175

Solaris Web Server (Apache)Solaris Web Server (Apache)

Start script file /etc/rc3.d/S50apache [start|stop]

Configuration file $> cp /etc/apache/httpd.conf-example httpd.conf $> /etc/rc3.d/S50apache start

Check http running $> ps –ef | grep httpd

Web Browser IE, Webbrowser http://[hostname, ip address]


176176

Configuration file - /etc/apache/httpd.confConfiguration file - /etc/apache/httpd.conf

Web page location


177177

Solaris IP Filter FirewallSolaris IP Filter Firewall

http://www.muine.org/~hoang/solnat.html Lock down the box Setup network interfaces in the Solaris box Enable packet forwarding, dhcp, firewall and

network address translation Configure machines behind NAT Familiarize with IPFilter IPsec Reference


178178

SAMBASAMBA

Script file location $> /etc/rc3.d/S90samba [start|stop]

Create configuration file $> cp /etc/sfw/smb.conf-example smb.conf $> /etc/rc3.d/S90samba start


179179

Wrapping up SessionWrapping up Session

Further information www.sun.com www.bigadmin.com Discussion/Forum www.sunfreeware.com Free Software sunsolve.sun.com Patche docs.sun.com Document

Keeping in touch with Instructor [email protected]

Documents

หลักสูตร UNIX Solaris System & Network Administrator