28 October 2009

MS Word: changing individual bullets

Managing lists has always been a pain in MS Word.
My most recent issue: whenever you change an item in a list in MS Word 2007, the whole list tends to change along and you see the dreaded lightning icon, indication MS Word did more than you asked:

Sometimes you don't want that, e.g.  i could use different bullets within a list level to convey a special meaning:

This tip gave me a solution: If you only want to change one item in the list, select the end of paragraph mark of the item (supposing you have enabled displaying these) and then change the bullet. Your modification will be limited to this one bullet.

23 October 2009

Search engine client virus

A recent bunch of virusses (gumblar and bahama botnet (youtube demo)) redirect your search results to advertising sites before going to the desired target.
You never get to see the intermediate sites, but they gain money through advertisement hits.

14 October 2009

Solaris zones components

  • zoneadm: manage a zone
  • zonecfg: configure a zone
  • zlogin: login to a zone

    • -C: console
  • ps –z <zone>: list only <zone> processes from global zone
Zone state transitions and associated commandsimage 
  • Alternate commands can exist
  • A Solaris OS in a zone is only initialised (sysidtool) upon first console login.
  • The shutdown commands are executed from within the zone.
  • zoneadmd: zone manager
  • zsched:  scheduler in the zone
  • /etc/zones/index: index configured zones (and their state)
  • /etc/zones/<zone>.xml: per zone configuration file (from zonecfg)
BrandZ FAQ
Zones limitations\
Sun Management Center GUI

13 October 2009

Add an external USB disk to solaris (x86)

These are the steps I took to add an external USB disk to my x86 Solaris station, partition it and put ufs filesystems on it.

  • Tell the removable volume manager to leave USB disks alone

    • edit /etc/vold.conf

      # commented the following line
      # use rmdisk drive /dev/rdsk/c*s2 dev_rmdisk.so rmdisk%d

    • Activate the configuration change

      # svcadm refresh volfs

  • attach the USB drive
  • lookup the USB device name

    # rmformat
    Looking for devices...
         1. Volmgt Node: /vol/dev/aliases/cdrom0
            Logical Node: /dev/rdsk/c0t0d0s2
            Physical Node: /pci@0,0/pci-ide@6/ide@0/sd@0,0
            Connected Device: LITE-ON  DVD SOHD-16P9S   F3S2
            Device Type: DVD Reader
         2. Logical Node: /dev/rdsk/c2t0d0p0
            Physical Node: /pci@0,0/pci108e,5347@2,1/storage@4/disk@0,0
            Connected Device: ST316021 2A               0000
            Device Type: Removable

  • Solaris x86: create a Solaris fdisk partition on the device

    # fdisk -B /dev/rdsk/c2t0d0p0

  • Partition the drive. The format expert option is needed for the drive to show up:

    # format -e
    Searching for disks...done

           0. c1t0d0 <DEFAULT cyl 9726 alt 2 hd 255 sec 63>
          1 . c2t0d0 <DEFAULT cyl 19454 alt 2 hd 255 sec 63>
    Specify disk (enter its number): 1

  • Now partition the drive.

    • Solaris x86: keep clear of cylinder0. It is in slice 8 and reserved for the VTOC and booting (grub).

  • create a file system on your partition(s) (I ignored the warning)

    # newfs /dev/rdsk/c2t0d0s0
    Warning: setting rpm to 60
    newfs: construct a new file system /dev/rdsk/c2t0d0s0: (y/n)? y

  • Add the file system to /etc/vfstab

    /dev/dsk/c2t0d0s0       /dev/rdsk/c2t0d0s0      / stuff      ufs     1       yes

  • mount the file system
# mount /stuff

12 October 2009

Command line SunSolve registration

Before you can use smpatch you need to register your system with SunSolve.
After installing you are prompted for installation when you log in to the desktop.
If you did not do this, you can register from the Applications>Utilities>Update Manager GUI program.
Both utilities also allow you to create a sunsolve user account if you did not have one yet.
If you only want to register your system from the commandline, here's the procedure

# cp /usr/lib/breg/data/RegistrationProfile.properties /tmp
# vi /tmp/RegistrationProfile.properties
# sconadm register -a -r /tmp/RegistrationProfile.properties
# rm /tmp/RegistrationProfile.properties

11 October 2009

Solaris Volume Manager Components




Manage state database replicas
  • metadb
    • -a: add
      • -f: force: overwrite existing data
      • -c n: count, number of replica on each slice
      # metadb –a –c 2 c1t1d0s7 c2t1d0s7 c3t1d0s7
    • -d: delete all replicas on a slice
      # metadb –d c3t1d0s7
    • -i: info
Information on logical volumes and their status
  • metastat [<volume>]
    • -p: print in md.tab format
Manage logical volumes
  • metainit: create logical volumes
    • Soft partition: logical volume on a part of a physical partition or disk. As long as space remains on the device, you can make additional soft partitions.
# metainit -p d<number> <device> <soft partition size>
# metainit -p d20 c0t1d0s6 10G
    • RAID 0
      # metainit d<number> <length> <width> <device> [<width> <device>]...
      # metainit d1 2 2 c1t1d0s6 c2t1d0s6 3 c0t1d0s5 c1t1d0s5 c2t1d0s5
      • <length> is the number of concatenations
      • <width> is the number of stripes in each concatenation
      • -f: force creation even if data is present. Data can be preserved if width=1.
    • RAID 1
      # metainit -m d<number> <logical volume>
      # metainit -m d10 d1
      RAID 5
      # metainit -r d<number> <device>...
      # metainit -r d20 c0t1d0s5 c1t1d0s5 c2t1d0s5
         Hot spare pool
      # metainit -hsp<number>  <device>...
      # metainit -hsp010 c1t1d0s5 c2t1d0s5
    • Soft partitions
  • # metainit d<number> –p <device> <size>
    # metainit d20 -p c1t3d0s2 4g


  •  /etc/lvm/md.tab: default location for reading (metainit) and writing (metastat) metadevice configuration

  • /etc/lvm/md.cf: system privat file with meatainit state (as in md.tab)

  • /etc/lvm/mddb.cf: metastate database locations

  • /kernel/drv/md.conf: kernel file with metastate database info (do not edit) and volume manager configuration info (e.g. maximum number of logical volumes)

Standard RAID levels

RAID stands for Redundant Array of Inexpensive Disks, because these techniques were originally applied to replace en expensive reliable disk with multiple cheap unreliable disks.

  • RAID 0: not one of the original RAID levels as it does not increase reliability
    • striping: write evenly across two disks (or partitions)
    • concatenation: continue on another disk when the first is full
      • often not considered RAID0
  • RAID 1: mirroring, write all data to multiple disks
  • RAID 0+1, RAID 1+0: stripe and mirror, mirror and stripe
  • RAID 2: write all data evenly to multiple disks, but use dedicated disk for parity checks. Distribute data at the bit level. Obsolete, because individual disks now use bit level parity checking..
  • RAID 3: Same as RAID 2, but distribute data at the byte level. Rarely used.
  • RAID 4: Same as RAID 2, but distribute data at the block (stripe) level. Rarely used.
  • RAID 5: Same as RAID 4, but no dedicated parity disk. Commonly used.
  • RAID 6: Same as RAID 5, but uses two parity blocks.
    • Not one of the original RAID levels. 
Plenty of vendors use other, non standard numbers and variant

Solaris Role Based Access Control (RBAC) components


Files, relations and informative commands


  • An execution profile record belongs to the rights profile that is in its first (name) field.
  • Default rights profiles and authorisations are in /etc/security/policy.conf

Configuration commands

  • usermod/rolemod
  • useradd/roleadd
  • userdel/roledel
    • -R roles (only for usermod/useradd)
    • -P rights profiles
    • -A authorisations

10 October 2009

BSD 4 unix man page bugs

  • ls

    • ls has too many options

  • tunefs

    • You can tune a file system but you can't tune a fish

inetd and SMF

The internet daemon, , listens on ports for network service requests. When a request arrives it starts the appropriate service. Before Solaris 10 services under control of inetd were configured using the  /etc/inet/inetd.conf file.
In Solaris 10inetd still has the same function, but network services are now configured using SMF (see SMF components).

Runninig inetconv will convert all inetd.conf services to SMF services and enable them. When Solaris 10 boots for the first time it will run inetconv -e.This options does not convert services to SMF, but only enables inetd.conf services that already exist in SMF.

In the SMF manifest files for network services, you can see that SMF delegates management to inetd. Here are some lines from /var/svc/manifest/network/ftp.xml (S10u7):

                <service_fmri value='svc:/network/inetd:default' />

inetadm will list all services under inetd control. It has options that allow you to do things similar to svcadm and svccfg.

9 October 2009

Service Management Facility (SMF) components

In SMF, service instances are identified by a Fault Management Resource Indicator. The structure of an FMRI is <prefix>:/<class>/<service>:<instance>Example: svc:/system/cron:default

  • svc: SMF managed services
  • lrc: legacy run command, pre Solaris 10 style services
  • file: for expressing dependencies on files


  • svcs: services information.
    • svcs [FMRI|pattern]: list services, pattern can be a part of an FMRI and can include wildcards (example: “*nfs*”)
      • -a: all - include disabled services
      • -d: dependencies - show services this service depends upon
      • -D: dependents - show services that depend on this service
      • -xv: which services are in maintenance mode (not running) and why (v = verbose)
      • -p: list associated processes
  • svcprop <FMRI>: list service properties
    • -p <[group/]property> : list only these properties

      # svcprop –p start/exec cron

  • svcadm: Service administration (management)
    • svcadm enable <FMRI>: start (and monitor)
      • -t: temporary - the service will not be restarted after reboot
    • svcadm disable <FMRI>: stop
      • -t: temporary - the service will still be restarted on reboot
    • svcadm restart: stop, then start
    • svcadm refresh: reread configuration (after svccfg)
    • svcadm clear: clear maintenance mode, ask the service monitor to start a service after an error condition is resolved
    • svcadm milestone FMRI: go to milestone (does not change run level)
      • -d: set milestone as default target for system boots (initial default: all)
  • svccfg: service configuration
    • svccfg import <file>: import an xml service manifest in the binary service repository
    • svccfg export <FMRI>: write an xml service manifest to standard output
    • svccfg delete <FMRI>: remove a service definition from the binary service reporitory
    • svccfg extract > site.xml: extract current services state (enabled/disabled…) to a file
    • svccfg apply <file>: apply state (enabled/disabled…) of services in file
    • svccfg –s <FMRI> setprop <some/property> = value: set property
    • svccfg: interactive mode
      # svccfg
      svc:> list

      svc:> select cron
      svc:/system/cron> listprop *
      usr dependency start/user astring root

      svc:/system/cron> setprop start/user = astring: sys
      svc:/system/cron> quit
  • /usr/svc/bin/restore_repository: restore (corrupt) binary repository from automatic backup


  • /lib/svc/bin/svc.configd: performs the actions scheduled by configuration commands like svccfg
  • /lib/svc/bin/svc.startd: monitors and restarts services


  • /var/svc/manifest/<class>/<service>.xml: manifest for <service> of <class>
    • example: /var/svc/manifest/system/cron.xml
    • stores service definition
    • managed using SMF commands
  • /var/svc/profile/<profile>.xml: predefined service (enabled/disabled…) configurations.
    Profiles automatically applied after OS install/upgrade:
    • generic.xml: OS profile
    • site.xml: site specific profile
  • /etc/svc/repository.db: binary service repository
  • /lib/svc/method: directory with start, stop, restart scripts. Manifests refer to these scripts
    • example: /lib/svc/method/svc-cron
    • scripts are similar to legacy /etc/init.d scripts
  • /var/svc/log/<class>-<service>:<instance>.log
    • per <service> <instance> log
    • example: /var/svc/log/system-cron:default.log
  • /etc/svc/volatile/class>-<service>:<instance>.log
    • logs before the single user milestone is reached '(only root mounted)
    • example: /etc/svc/volatile/system-zones:default.log


    • smc
    • webmin


    8 October 2009

    Solaris patch access

    While the Solaris OS is free, support comes at a cost. The exact policy is not very stable.
    Currently, even to access the recommended patches you need a support contract. When a new Solaris update is released (roughly twice a year), it is freely downloadable and will include all recommended patches.
    Only a limited number of patches are free (like patches to the patch tools). Since Sun was acquired by Oracle free access to security patches has stopped. Here are the links to see all Solaris patches since the last update (takes a while to load):

    For SPARC-based systems:
    For x86–based systems:
    The non-free patches have the ic_key_2 symbol at the left.

    5 October 2009

    Solaris version numbering

    SunOS 4
    Solaris 1 (retroactive name)
    BSD (Berkeley)
    SunOS 5.0
    Solaris 2.0
    SVR4 (System five)
    SunOS 5.1
    Solaris 2.1
    SVR4 (System five)

    SunOS 5.6
    Solaris 2.6

    SunOS 5.7
    Solaris 7

    SunOS 5.8
    Solaris 8

    To get the SunOS release number:
    $ uname –r
    To get the update within a release:
    $ cat /etc/release
    Solaris 10 5/09 s10s_u7wos_08 SPARC

    This is Solaris 10 update 7, released 5/2009
    Solaris user commands are typically in /usr/bin.
    You find other flavours  of these commands (if different) in
    • /usr/ucb (Berkeley)
    • /usr/xpg4/bin (X/Open Portability Guide v4 compliant)