SUN Solaris 8 CSA 2 Exam
Study Guide, written by Yu Chak Tin
Michael
Abstract
This ExamNotes Study Guide intends to
provide you with information to prepare for the SUN
Solaris 8 CSA Part 2 Exam.
Before you start
This study guide provides you with information on the many
different aspects of “Solaris 8 System
Administration”. You should not
use this information as your first step into Solaris, as this exam is targeted
towards candidates with
solid background on Solaris administration. Backgrounds on Unix
systems and
networking certainly help,
but since Solaris has many proprietary stuff, watch out when studying. There
are topics in this exam that
overlap with what you can find in the CSA 1 exam. You are encouraged to read
those study notes as
well.
You should setup one machine for experimenting with Solaris. This
test has its focuses on a single machine
administration, while the CNA
test focuses on the networking aspect. The test has questions on SUN
hardware. If you do not
have access to Sun machines, at least get an evaluation copy of Solaris 8 X86
version and try out the
commands as well as the GUI.
Solaris 2.6 and 7 are almost identical to Solaris 8 in terms of
test content – meaning you can
use these older
versions to practice for the exam, or vice versa.
There are fill in the blanks, drag and drop and MC questions in
the exam. Be sure you know the
commands well!
By all means read more than one book on the subject and make sure
you understand the material well
enough so that you
could be ready for the scenario questions. There is no quick way to succeed for
this
topic. The exam has a
lot of command questions. You must fully understand all the related concepts
and
be able to think intelligently
to decide what command to be used under different situations. This study
note can only provide
you with a certain degree for assistance in preparation. You must work things
out
and gain experience before even
trying to sign up for the exam. Run the commands, and remember the
screen output.
Solaris exams are all about COMMANDS and CONFIGURATION FILES. You
should browse
through SUN’s online AnswerBook and learn
the commands in detail.
In this examnotes you will see many
commands being mentioned. Please read the
corresponding MAN pages
of these commands before taking the exams. Know all the switches
and the options. All
the necessary MAN pages are installed with your Solaris8 installation by
default.
Books for Solaris 8 CSA 2 Exams
Sun Certified System Administrator for Solaris 8 Study Guide (Exam
310-011 & 310-012) -- by
Syngress Media Inc;
Hardcover
Solaris 8 System Administration Training Guide Exams 310-011 and
310-012 (With CD-ROM)
by Bill Calkins (Paperback)
Solaris 8 System Administrator Exam Cram (Exam: 310-011, 310-012)
by Darrell L. Ambro (Paperback)
Sun Certified Solaris 8 System Administrator All-In-One Exam Guide
with CD-ROM
by Paul A. Watters (Hardcover)
Device administration
Device driver:
• low-level program
• allows the operating system to
communicate with a specific piece of hardware
• serves as the operating system's
"interpreter" for the hardware
Kernel:
• configured automatically
• a kernel module is a hardware or
software component that performs a specific task on the system
• loadable kernel module = device
driver that is loaded when the device is accessed.
• platform-independent kernel: /kernel/genunix
• platform-specific component:
/platform/`uname -m`/kernel/unix
Kernel files locations:
/platform/`uname -m`
/kernel
Platform-specific kernel components
/kernel Kernel components common to all
platforms
/usr/kernel Kernel
components common to all platforms but within a particular
instruction set
Autoconfiguration:
• used by a system administrator when
adding a new device to the system
• needs a reconfiguration boot for the
system to recognize the new device
• Main memory is used more efficiently
• no need to recompile the kernel when
new devices are added
Useful commands:
prtconf Displays system configuration information, including:
! total amount of memory
! device configuration
sysdef Displays device configuration information, including:
! system hardware
! pseudo devices
! loadable modules
! selected kernel parameters
dmesg Displays system diagnostic messages
Displays a list of devices attached to the system since the last
reboot
Physical device name:
• represents the full device pathname
in the device information hierarchy
• device files are found in the
/devices directory.
• displayed by using the following
commands:
o dmesg
o format
o sysdef
o prtconf
Instance name:
• represents the kernel's abbreviation
name for every device
• mapped in the /etc/path_to_inst file
• displayed by using the following
commands:
o dmesg
o sysdef
o prtconf
Logical device name:
• used by most file system commands to
refer to devices
• device files in the /dev directory
are symbolically linked to physical device files in the /devices
directory
Permissions and Security
Permission settings:
• Default file ownership: root
• Default directory ownership: root
• Files and directories previously (in
earlier Solaris versions) having default permissions of 775 -> in
version 8, changed to
755
• Files and directories previously (in
earlier Solaris versions) having default permissions of 664 -> in
version 8, changed to
644
• Default umask
of the system: 022
• Keep in mind that:
o All files and directories must have root as the default owner
o Directories and executables must have default permissions of 555
or 755
o Ordinary files must have default permissions of 644 or 444
File Administration Commands:
ls Lists the files in a directory and their information
chown Changes the ownership of a file.
chgrp Changes the group ownership of a file.
chmod Changes permissions on a file.
symbolic mode – uses
letters and symbols
absolute mode – uses
octal numbers
ACL commands:
setfacl Configure ACL entries
getfacl Displays ACL entries
Restricted shell:
! rsh
! located in the /usr/lib
directory
! user is limited to the home directory
! user can't use cd
to change directories
! user can use only commands in the
PATH set by the system administrator
! user can't change the PATH variable
! user can access only files in the
home directory and its subdirectories
! user can't name commands or files
using a complete path name
! user cannot redirect output with >
or >>
Monitor Who Is Using the su Command
(steps):
1. Become superuser.
2. Edit the /etc/default/su file.
3. Uncomment the line: SULOG=/var/adm/sulog
Restrict Superuser (root) Login to the
Console (steps):
1. Become superuser.
2. Edit the /etc/default/login file.
3. Uncomment the line: CONSOLE=/dev/console
Networking and NFS
TCP/IP Basics:
OSI Layer OSI Layer Equivalent TCP/IP Layer TCP/IP Protocols
7
5
6
Application
Session
Presentation
Application NFS
DNS
telnet
ftp
rlogin
rsh
rcp
4 Transport Transport TCP
UDP
3 Network Internet IP
ICMP
2 Data Link Data Link PPP
IEEE 802.2
1 Physical Physical Network Ethernet
Token Ring
NFS:
• provides file services for the
Solaris operating environment
• a computer that makes the file system
available to other computers on the network acts as a
server
• the computers that are accessing that
file system are said to be clients
• a computer can play the role of
client, server, or both
• default transport protocol for the
NFS protocol is TCP
AutoFS:
• client-side service
• allows file systems shared through
the NFS service to be mounted using automatic mounting
• initialized by automount,
which is run automatically when a system is booted
• automount daemon - automountd
• mounting need not be done at boot
time
• the user does not have to know the superuser password to mount a directory
• users need not use the mount and umount commands
share
• Exports resource for mounting
• Works on the remote file system of
type FSType
• When the option -F FSType is omitted, the first file system type listed in
/etc/dfs/fstypes will be
used as the default
unshare
• Makes a shared local resource
unavailable as file system type FSType
• When the option -F FSType is omitted, the first file system type listed in
file /etc/dfs/fstypes will be
used as the default
shareall
• Shares all listed resources when
there is no argument
• With the operand hyphen (-), the
share command lines are obtained from the standard input
• /etc/dfs/dfstab
is the default file to be used
share_nfs
• Makes local NFS file systems
available for mounting by the remote systems
• With no argument, it displays all
file systems currently shared, including NFS file systems and file
systems shared through
other distributed file system packages
mountd
• RPC server
• Answers requests for NFS access
information
• Answers requests for file system
mount requests
• Contacted by nfsd
running on the local server the first time an NFS client tries to access the
file
system to determine
whether the client should get read-write, read-only, or no access
showmount
• Shows all the clients that have
remotely mounted a filesystem from host
• Information maintained by mountd on host
• Information saved across crashes in
the file /etc/rmtab
• NOTE: The default value for host is
returned by the hostname command
rcp
• Copies files between machines
• Does not prompt for passwords
• Your current local user name must
exist on hostname
• Can handle third party copies -
neither source nor target files are on the current machine
rsh
• Connects to the specified hostname
• Executes the specified command
• Terminates when the remote command
does
• Without any command, it logs you in
on the remote host using rlogin
rlogin
• Establishes remote login session from
your terminal to the remote machine
• Hostnames are listed in /etc/hosts
file, the Network Information Service (NIS) hosts map, the
Internet domain name server…etc
• Each host has one official name and
some optional nicknames
• Either official hostnames or
nicknames may be used with the command
sendmail
• Sends message to one or more people
• Intended for pre-formatted messages
• Takes care of message routing
• Does not provide user-friendly front
ends
• Local addresses are looked up in the
local aliases file or in a name service
Name Services for TCP/IP
• provides centralized control over
network administration services
Domain Name System
• provides host names to the IP address
service
• also serves as a database for mail
administration
ypinit
• Set up an
• Only super-user can run this command
• Should be run whenever a new
• Should be run whenever an existing
• Prompts for a list of
/etc/hosts along with its IP address. It stores the list in file /var/yp/binding/domain/ypservers.
ypbind
• Daemon process
• Activated at system startup time
• Activated by the startup script /etc/init.d/rpc
• By default it is invoked as ypbind –broadcast
• Runs on all
• Remembers information that lets all
server process
Processes and Jobs
Terminologies:
Process ! An
instance of program in execution
Lightweight process
(LWP)
! A virtual CPU or execution resource
! Scheduled by the kernel to use
available CPU resources based on their
scheduling class and
priority
! Example: a kernel thread
Application thread ! instructions with a separate stack
! execute independently in a user's
address space.
! can be multiplexed on top of LWPs
Common commands:
ps
pgrep
prstat
! check the status of active processes
on a system
! display detailed information about
the processes
dispadmin ! list
default scheduling policies
priocntl ! assign
processes to a priority class
! manage process priorities
nice ! change the priority of a process
cron
• Starts a process that executes
commands at specified dates and times
• Good for regularly scheduled commands
• Follows the instructions found in crontab files in the directory /var/spool/cron/crontabs
• Users submit their own crontab file using the crontab
command
• To enable logging for cron actions, set CRONLOG=YES in the /etc/default/cron file
• NOTE that for commands which are to
be executed only once, use the at command instead
• /etc/cron.d
- the main cron directory
• /etc/default/cron
- contains the cron default settings
• /var/cron/log
- cron history iinformation
• /var/spool/cron
– the cron spool area
• use the at command instead if this is
a one off schedule
SAF
Modems basic configurations:
• Dial-out
• Dial-in
• Bidirectional
Port:
• a channel through which a device communicates
with the operating system
• a "receptacle" into which a
terminal or modem cable might be plugged
• port monitor is a program for
continuously monitoring for requests
sacadm
• The administrative command for the
upper level of the Service Access Facility hierarchy
• Performs the following functions:
o adds or removes a port monitor
o starts or stops a port monitor
o enables or disables a port monitor
o installs or replaces a per-system configuration script
o installs or replaces a per-port monitor configuration script
o prints requested port monitor information
pmadm
• Administrative command for the lower
level of the Service Access Facility hierarchy – the ports
• Note that a port may have only one
service associated with it
• Note that the same service may be
available through more than one port
• Performs the following functions:
o add or remove a service
o enable or disable a service
o install or replace a per-service configuration script
o print requested service information
ttymon
• STREAMS-based
• TTY port monitor
• Monitors ports
• Sets for each port the:
o Terminal modes
o Baud rates
o Line disciplines
• Connect users to services associated
with the ports
• Normally run under the Service Access
Controller
• Will write prompt and wait for user
input
Jumpstart
The custom JumpStart installation
method:
• command line interface
• enables you to automatically install
or upgrade several systems
• uses profiles to define specific
software installation requirements
• can incorporate shell scripts to include
preinstallation and postinstallation
tasks
• creation of a custom JumpStart environment is time consuming
Factory Jumpstart:
• automatically installs the Solaris
software on a new SPARC system when you insert the Solaris 8
Software 1 of 2 CD into the CD-ROM drive and turn on the
system.
• uses a default profile for the model
and disk size of your system
• boot image is preinstalled on all new
SPARC based systems
• for older SPARC based system, you can
add the JumpStart installation method by using the repreinstall
command
• cannot be used on X86 based systems
Solstice
Solstice DiskSuite:
• Mirroring
• RAID-5
• Hot Spare
• Online system recovery
• UFS Logging
Solstice AdminSuite:
• An integrated collection of graphical
user interfaces to perform administrative tasks
• Can be operated either with GUI or
Command Line Interface
• Host Management with Host Manager
• User Management with User Manager
• Group Management with Group Manager
• Administrative Data Management with
Database Manager
• Printer Management with Printer
Manager
• Serial Port Management with Serial
Port Manager
• Storage Management with Storage
Manager - File System Manager and Disk Manager
• Software Usage Monitoring
Important configuration files for the exam:
/etc/bootparams
Holds information regarding network boot clients
/etc/cron.d/cron.allow and /etc/cron.d/cron.deny
Specifies access to cron for users
listed
If the file does not exist, access is permitted for users not in
the /etc/cron.d/cron.deny file.
/etc/defaultdomain
The
/etc/default/cron
Configures cron logging
Involves the CRONLOG variable
/etc/default/login
Controls root logins
Specification of CONSOLE variable
Contains variables for login logging thresholds
Specifies password requirements
/etc/default/su
Determines logging activity for su
attempts
Involves the SULOG and SYSLOG variables
Configure initial environment variables for su
sessions
/etc/dfs/dfstab
Determines the NFS-shared directories at boot time
Each line uses a share command
/etc/dfs/sharetab
Holds a table of shared resources
Shared resources = resources shared via the share command
/etc/group
Groupname translation
information
/etc/hostname.interface
Assigns hostname to interface
Also assigns IP address by cross referencing /etc/inet/hosts
/etc/hosts.allow and /etc/hosts.deny
Determine hosts access to TCP wrapper mediated services
/etc/hosts.equiv
Determines which hosts will not need to provide passwords when
using the following commands:
• rlogin
• rsh
• rexec
CRITICAL INFORMATION - According to SUN’s
AnswerBook:
• Each remote machine may have a file
named /etc/hosts.equiv containing a list of trusted
hostnames with which it
shares usernames.
• Users with the same username on both
the local and remote machine may rlogin from the
machines listed in the
remote machine's /etc/hosts.equiv file without
supplying a password.
• Individual users may set up a similar
private equivalence list with the file .rhosts in
their home
directories.
• An entry in a remote user's .rhosts file permits the user named username who is logged
into
hostname to log in to the
remote machine as the remote user without supplying a password.
• If the name of the local host is not
found in the /etc/hosts.equiv file on the remote
machine, and
the local username and hostname
are not found in the remote user's .rhosts file, then
the remote
machine will prompt for
a password.
• Hostnames listed in /etc/hosts.equiv and .rhosts files
must be the official hostnames listed in the
hosts database.
/etc/hosts
Associates hostnames and IP addresses
/etc/inetd.conf
Identifies the services started by inetd
Specifies the use of TCP wrappers for a service
/etc/inittab
Used by init
Determines scripts for different run levels
Determine scripts for default run level
/etc/logindevperm
Holds information for changing permissions of devices upon
console logins.
/etc/magic
Holds the magic numbers
Identifies file types for file
/etc/mail/aliases
Holds mail aliases
Used by the sendmail program
/etc/mail/sendmail.cf
The mail configuration file
Used by sendmail
/etc/mnttab
Holds information about currently mounted resources.
/etc/name_to_major
Holds the list of currently configured major device numbers
Used by drvconfig
/etc/netconfig
Network configuration database
Will be read during network initialization
/etc/netgroup
Groups of hosts and/or users
/etc/netmasks
The default netmask settings
/etc/nsswitch.conf
Determines the order in which different information sources are
accessed
Used during a lookup operation
/etc/path_to_inst
Contents of the physical device tree
Uses physical device names and instance numbers
Read only at boot time
Updated by add_drv and drvconfig
/etc/protocols
List of known protocols
/etc/remote
Holds the attributes for tip sessions
/etc/rmtab
Holds the list of currently mounted file systems
/etc/rpc
List of available RPC programs
/etc/services
List of well-known networking services
List of the associated port numbers
/etc/syslog.conf
Configures logging
Used by syslogd
/etc/system
For forcing kernel module loading
For setting kernel parameters
/etc/vfstab
Information for mounting local file systems
Information for mounting remote file systems
/var/adm/messages
The main log file
Used by syslogd
/var/adm/sulog
The default log for recording the use of su
/var/lp/log
Log used by the Print services
/var/sadm/install/contents
A database of installed software packages on the system
/var/saf/_log
Logs used by the Service Access Facility
This study guide is written by Yu Chak
Tin Michael. Please feel free to reach him at [email protected]. His
personal web site is
located at: http://michaelyu.freeservers.com