Wednesday, October 24, 2012

solaris 11 zone creation & cloning notes

this is for me and me alone. i'll prettify it eventually.

prepare zfs. export is a good place to start.
zfs create rpool/export/zones

create the virtual NIC:

Create 1 vnic for each zone you want to run:
dladm create-vnic -l net0 vnic1

To see the VNIC you have just added:
dladm show-vnic

We're doing exclusive IP-type zones.

Create a profile for the system.
sysconfig create-profile -o /tmp/zone1.xml

Create Zone

zonecfg -z zone1
set zonepath=/exports/zones/zone1
set ip-type=exclusive
set autoboot=true
add net
set physical=vnic1
add dedicated-cpu
set ncpus=1
add fs
set dir=/opt/SUNWspro
set special=/opt/SUNWspro
set type=lofs
set dir=/opt/csw
set special=/opt/csw
set type=lofs

Now, install the zone with pre-populated settings:
zoneadm -z zone1 install -c /tmp/zone1.xml

Boot the zone:
zoneadm -z zone1 boot

; sol10
To finish the process login to the zone:
zlogin -C zone1

; sol11
zlogin zone1

create an xml file for system 0-state
sysconfig create-profile -o /tmp/zone1.xml

then import said xml file
sysconfig configure -g system -c /tmp/zone1.xml

zoneadm -z zone1 halt & reboot.

Clone Zone
zonecfg -z zone1 export > zone1clone.cfg
zonecfg -z zone1clone -f zone1clone.cfg
zoneadm -z zone1clone clone -c /root/profiles/zone1clone.xml zone1

NB zone1clone.xml is an edited copy of zone1.xml .  i put under root.

Monday, October 15, 2012

i was cut today

by the way of our man in upper volta:
%WINDIR%\system32>sc config "SnazzyDemon" start= auto
[SC] ChangeServiceConfig SUCCESS

%WINDIR%\system32>sc config "SnazzyDemon" start=auto
[SC] Barf

         Modifies a service entry in the registry and Service Database.
         sc  config [service name]  ...
         REM remove that space and I cut you.

Thursday, October 11, 2012

i installed what version of sunstudio?

yes you did.
# pkginfo | grep SPRO
application SPROatd    Sun Studio 12 update 1 Advanced Tools Development Module
application SPROcc     Sun Studio 12 update 1 C Compiler
application SPROcmpl   Sun Studio 12 update 1 C++ Complex Library
application SPROcpl    Sun Studio 12 update 1 C++ Compiler
application SPROcplx   Sun Studio 12 update 1 C++ 64-bit Libraries
but what about CC?
/opt/SUNWspro/bin/CC -V
that'll tell you the patch level.

Monday, October 8, 2012

reverse ssh tunnel for tar over ssh

I have two systems. One is on a local LAN. The other is in a DMZ. I will call them: LAN and DMZ.

I need to copy an awful lot of data from DMZ to LAN. The data are so large that I can't just tar and gzip it up on DMZ and issue an scp from LAN. That would be too easy. Instead, since I need to preserve the permissions, symlinks, &c., I'll need to issue a tar over ssh; the best way for me to do this is to set up a reverse ssh tunnel.

I'm going to set it up on port 19999. So, this means the DMZ system will connect to DMZ loopback port 19999 and will have access to LAN, and all the LAN resources as available to LAN via 19999. Neat.

LAN has a pubkey on DMZ for passwordless logon. The account I'm doing the initial connection from on LAN is toor. The DMZ account is root.

setup initial connection via LAN:
~toor ssh -R 19999:localhost:22 root@DMZ
open a shell on DMZ, test it out:
# ssh -l toor -p 19999 localhost
# exit
It works, yay. Do it:
# tar cvf - /opt/stuff | ssh -l toor -p 19999 localhost "tar -xf - -C /tmp/DMZ.stuff"

Tuesday, October 2, 2012

sunstudio secrets

sun studio doesn't like to install. not always. but it usually does. this is really quick and dirty, and a fin way of getting the thing from a good distro to a bad one.

tar -cvf - /opt/SUNWspro | ssh -l root targetserver 'cd /opt/ ; tar xf -'
man that's lazy.

Monday, October 1, 2012

solaris 7 & 8 allow root telnet

What a boring post. But, what a tedious topic.

# chmod 644 /etc/default/login
# vi /etc/default/login

# If CONSOLE is set, root can only login on that device. # Comment this line out to allow remote login by root. # CONSOLE=/dev/console
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.