Solaris 10 patch error codes

0 No error
1 Usage error
2 Attempt to apply a patch that’s already been applied
3 Effective UID is not root
4 Attempt to save original files failed
5 pkgadd failed
6 Patch is obsoleted
7 Invalid package directory
8 Attempting to patch a package that is not installed
9 Cannot access /usr/sbin/pkgadd (client problem)
10 Package validation errors
11 Error adding patch to root template
12 Patch script terminated due to signal
13 Symbolic link included in patch
14 NOT USED
15 The prepatch script had a return code other than 0.
16 The postpatch script had a return code other than 0.
17 Mismatch of the -d option between a previous patch install and the current one.
18 Not enough space in the file systems that are targets of the patch.
19 $SOFTINFO/INST_RELEASE file not found
20 A direct instance patch was required but not found
21 The required patches have not been installed on the manager
22 A progressive instance patch was required but not found
23 A restricted patch is already applied to the package
24 An incompatible patch is applied
25 A required patch is not applied
26 The user specified backout data can’t be found
27 The relative directory supplied can’t be found
28 A pkginfo file is corrupt or missing
29 Bad patch ID format
30 Dryrun failure(s)
31 Path given for -C option is invalid
32 Must be running Solaris 2.6 or greater
33 Bad formatted patch file or patch file not found
34 Incorrect patch spool directory
35 Later revision already installed
36 Cannot create safe temporary directory
37 Illegal backout directory specified
38 A prepatch, prePatch or a postpatch script could not be executed
39 A compressed patch was unable to be decompressed
40 Error downloading a patch
41 Error verifying signed patch
42 Error unable to retrieve patch information from SQL DB.
43 Error unable to update the SQL DB.
44 Lock file not available
45 Unable to copy patch data to partial spool directory. ‘,

Enable TCP wrappers in Solaris 10

Enable TCP wrappers in Solaris 10

=========================================
To determine if TCP wrappers are enabled:
=========================================

# svcprop -p defaults inetd

defaults/tcp_wrappers boolean false

==============================================
To enable TCP wrappers for all inetd services:
==============================================

1. set the property
# svccfg -s inetd setprop defaults/tcp_wrappers=true

2. reload inetd:

# svcadm refresh inetd

3. Show that it is now enabled:

# svcprop -p defaults inetd | grep tcp_wrappers

defaults/tcp_wrappers boolean true

==================================================
To disable TCP wrappers for an individual service:
==================================================

# inetadm -m tcp_wrappers=false’,

Solaris 10 steps to debug NFS client automount

1.
Verify connectivity with the server. Use ping

2.
Attempt to manual mount

3.
Check /etc/vfstab. should be 7 entries seperated by tabs
pluto:/home/raid – /home/raid nfs – yes rw,bg

4.
check to see what is not running
#svcs -xv
#svcs -a|grep nfs
#svcs -a|grep nis
#svcs -a|grep dns

Turn it all on (you/they may not want to do this)
#svcadm -v enable -r network/nfs/server

If cliend is disabled enable with svcadm
If they are using nis this must be enabled
If they are using dns this must be enabled

5.
Check /etc/hosts for the server name

6.
Check nslookup for the server name

7.
Check /etc/nsswitch.conf. the ipnode line should look like this
ipnodes: files
the other stuff like [NOTFOUND=return] is for ipv6

8.
Check /etc/resolve.conf
The nameserver that resolves to the outside (internet) should be the first entry

9.
check /etc/nfs.conf
should be version=2, if talking to anything other than a Solaris 10 server

run web server as non root and still run at port 80

With Solaris 10, Sun introduced role based access control (RBAC) extended with privileges, which can be used to solve this issue in a very simple way.
Here are two links to understand more on RBAC concepts and how to practically use RBAC for day to day tasks.

http://www.softpanorama.org/Solaris/Security/solaris_privilege_sets.shtml#Privileges_and_RBAC
http://www.samag.com/documents/s=7667/sam0213c/0213c.htm

Coming back to the question on how to run a web server at port 80 (or any number less than 1024) as a non root user – on Solaris 10, you need to provide ‘net_privaddr’ privileges to a non root user and start the server as this user.

For e,g, let us say that you would like to start the server as ‘webservd’ (Sun creates this user by default on Solaris 10) ,

# become root
# /usr/sbin/usermod -K defaultpriv=basic,net_privaddr webservd

If in case, you would like to start the server as some other user, then you will need to appropriately change the last parameter in the above command to reflect that user.

Solaris 10: enable NFS

The NFS server service is dependent on a slew of other services. Manually enabling all of these services would be tedious. The svcadm command makes this simple with one command:

svcadm -v enable -r network/nfs/server

The -v option makes the command output verbose details about the services enabled. You can use the -t option (..enable -rt network…) to enable these services temporarily (so that they will not be automatically enabled when the system reboots). By default, enabling a service will enable it permanently (persistent across reboots until it is disabled).

Solaris 10 metadevices remain in the state: need maintenance

Solaris 10 metadevices remain in the state: need maintenance

On a machine running Solaris[TM] 10 Operating System (DNS client) and Solaris[TM] Volume Manager (SVM) used to mirror some disks (boot disks), once the machine reboots, metadevices remain in the state "Need maintenance" because resyncing is not called.

Check to see what is NOT running

#svcs -xv

svc:/system/metainit:default (SVM initialization)
State: disabled since Wed Mar 28 22:28:31 2007
Reason: Disabled by an administrator.
See: http://sun.com/msg/SMF-8000-05
See: man -M /usr/share/man -s 1M metainit
Impact: 1 dependent service is not running:
svc:/system/mdmonitor:default

This symptom is also seen when "svc:/system/mdmonitor:default" service is disabled or offline.

# svcs -a | grep mdmonitor
disabled 12:23:30 svc:/system/mdmonitor:default

To enable metasync during boot this service should be enabled. To enable this service run:

# svcadm enable svc:/system/mdmonitor:default

Check if the service is enabled or online now.

# svcs -a | grep mdmonitor
online 12:30:28 svc:/system/mdmonitor:default

The final step is to sync the submirrors and then reboot the system.

# metasync
# reboot

After the system is rebooted, the submirrors should be in "Okay" state.

Solaris 10 Sites you should know about:

Solaris 10 Sites you should know about:

Download or Order Solaris 10 from Sun.

http://www.sun.com/software/solaris/get.jsp

BeleniX is an OpenSolaris distribution which is currently a LiveCD
(runs directly off the CD). It includes all the features of OpenSolaris
and adds a whole variety of opensource packages. It can be installed
to harddisk as well.BeleniX is free to use modify and distribute.

http://www.genunix.org/distributions/belenix_site/belenix_home.html

Solaris Express, Community Release is Sun’s binary release for developers
(code named Nevada).

http://www.opensolaris.org/os/downloads/sol_ex_dvd/

Here is Sun’s homepage for all things related to supporting sun products ( including Solaris).

http://sunsolve.sun.com

Recently Sun opensourced parts of Solaris. This is the home page for the
community around that project.

http://opensolaris.org/os/

One of the longest running, pure sun/solaris news and information sites around. A great resource.

http://sunhelp.org

While not always about Solaris, Ben’s blog is chock full of good solaris info.

http://cuddletech.com/blog

Here you can find the blogs of the opensolaris developers.

http://www.opensolaris.org/os/blogs/

Sun’s Offical blog site

http://blogs.sun.com/

Sun’s ZFS documentation

http://docs.sun.com/app/docs/doc/819-5461?q=zfs

More ZFS information

http://www.opensolaris.org/os/community/zfs/

A wiki for zfs information
http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Guide

An article from sun explaining how to use zfs and containers effectivly.

http://www.sun.com/software/solaris/howtoguides/zfshowto.jsp

Explains the magic of ZFS snapshots

http://blogs.sun.com/ahrens/entry/is_it_magic

Sun’s Dtrace User Guide

http://docs.sun.com/app/docs/doc/817-6223?q=dtrace

Dtrace information from the opensolaris community

http://www.opensolaris.org/os/community/dtrace/

A great site with lots of examples and scripts.

http://brendangregg.com/dtrace.htmlDtrace Tools

An article by sun for developers. Goes through the process
of using dtrace for device driver development

http://developers.sun.com/solaris/articles/dtrace_for_dev.html

A good post of how Dtrace can help you track down performance problems.

http://www.lethargy.org/~jesus/archives/74-PostgreSQL-performance-through-the-eyes-of-DTrace.html

A good general overview of zones and containers

http://opensolaris.org/os/community/zones/faq/

The offical admin guide

http://docs.sun.com/app/docs/doc/817-1592?q=zones

An excellent guide to containers and zones. Part of Sun’s blueprint collection

http://www.sun.com/blueprints/1006/820-0001.html

Big Admin’s guide to SMF.

http://www.sun.com/bigadmin/content/selfheal/sdev_intro.html

Sun’s Blueprint Program as a new PDF out on SMF’s. This is a direct link to the pdf.

http://www.sun.com/blueprints/0206/819-5150.pdf

Straight from docs.sun.com

http://docs.sun.com/app/docs/doc/817-1985

An Accelerated Introduction to Solaris 10: Part 1

http://cuddletech.com/blog/pivot/entry.php?id=562

Looking for a package and can’t seem to find it? Blastwave.org just might have it

http://www.blastwave.orgg

Sunfreeware provides pkg’s for well, freeware..

http://sunfreeware.com

How to setup and configure the bundled MySQL with Solaris 10.

http://meljr.com/~meljr/mysql_Sol10.html

How to setup and configure the bundled Postgresql with Solaris 10.

http://www.sun.com/software/solaris/postgresql.jsp

And as always

http://www.dracko.com

Disable sendmail on Solaris 10

1. Check/and confirm that sendmail is running:

# ps -ef | grep sendmail
root 1373 1360 0 09:49:45 pts/1 0:00 grep sendmail
root 514 1 0 Jun 03 ? 0:13 /usr/lib/sendmail -bd -q15m
smmsp 513 1 0 Jun 03 ? 0:01 /usr/lib/sendmail -Ac -q15m
#

2. At this point, we disable sendmail and when doing so, it stops
the two sendmail daemons from running as well (part of disable feature):

# svcs -a | grep sendmail
online Jun_03 svc:/network/smtp:sendmail
#
# svcadm disable svc:/network/smtp:sendmail
#
# svcs -a | grep sendmail
disabled 9:51:44 svc:/network/smtp:sendmail
#
# ps -ef | grep sendmail
#

3. Now reboot the S10 system. Upon reboot, we see that the sendmail
daemons are not running….as a result of the sendmail FMRI being
in a "disabled’ state:

# svcs -a | grep sendmail
disabled 9:54:02 svc:/network/smtp:sendmail
#
# ps -ef | grep sendmail
root 524 512 0 09:55:29 pts/1 0:00 grep sendmail
#