$Id: Welcome.html,v 1.5 1995/10/24 23:35:30 cshenton Exp $

These notes are being developed and are pretty week at this point; they should become more useful as I flesh them out, probably in the next month or so.

Disk Partitioning

Boot from CDROM. To reboot, you can use STOP-A or L1-A to get to the monitor, then use:

ok> boot cdrom

(We saw a boot message ``old SSA firmware V1.3 -- please upgrade'', and we'll cover that below.)

We navigated the menus, most of which had obvious answers, traversing

Disk partitioning
Use internal disk only
Select all partitions (not just /, /usr, and swap)
Select default partition layout
Customize partition selection

This gave us something sane to start with, then allowed us to tweak partitions to change sizes for our expected memory upgrade, and for a latter addition of a disk array. Here's the before and after view of the partitions for the internal 1002MB disk; I only show new values if we changed them.

Original		New
Name	Size	Name	Size
/	15		24
swap	32		256
/usr/openwin	126
/var	110
/opt	173
/usr	101
/export/home	445	/export/spare	209

Software Installation

Of the software selections (eg: minimal, end user, developer, etc), we chose the kitchen sink: everything plus OEM stuff. I think it took about 350MB. I figured we have the space and don't want to miss anything. All user files and www/ftp server data will live on the disk array, so the internal disk is for system stuff only. The install went uneventfully, taking maybe an hour (we went out for coffee).

Install Storage Array Software

We have a SPARC Storage Array which we're going to be using as a RAID disk. From CDROM, we installed the Storage Array and the Volume Manager 2.0 software, all from the same CD. Again, most of the questions were routine, but we selected ALL and HEAVY when queried about the kinds of load we expected; it took up more disk but supposedly gives much better performance. I noticed it installing stuff in /opt/SUNWxvvm in the bin, man, and other directories.

We then used the vxinstall command, as directed in the CDROM instructions to configure the software. We specified that the system boot drive was c0t3d0, to prevent it from including our system disk in the storage array (!), and that the array got devices c1t[0-5]d0, corresponding to disk0[1-6].

We then needed to update the firmware in the array. This is because the boot message told us we had version 1.3; the version on the CDROM was 1.9. We confirmed this with the command

ssacli display c1

where the last argument is the controller device. The firmware upgrade was invoked with:

ssacli -s -f /opt/SUNWssa/lib/1.9/ssafirmware download c1

I hope I got that right in the notes; it's in the instructions which came with the CDROM anyway. Then you have to power-cycle the array so it gets the new firmware.

Now when the array boots up, the icons for tool (a wrench) and something else comes up, in addition to the markers for each disk and the indicator for the fiber link to the workstation. Not sure what it means yet but it doesn't look promising :-(

Network and Wrapping

The software install procedure prodded us for much of the system configuration information, such as IP address. A couple other things need to be specified to get it to resolve machine names and get off the subnet.

/etc/nsswitch.conf

Change the hostname from the simple /etc/hosts file to use the Domain Name System by changing the appropriate hosts line as in the example below; this is our actual file.

passwd:     files
group:      files
hosts:      dns	files
networks:   files
protocols:  files
rpc:        files
ethers:     files
netmasks:   files	
bootparams: files
publickey:  files
netgroup:   files
automount:  files
aliases:    files
services:   files
sendmailvars:   files

/etc/resolv.conf

Specify the nameservers you want to query in this file, eg:

domain          hq.nasa.gov
nameserver      131.182.1.28
nameserver      131.182.230.28
nameserver      128.102.16.2

Default route

We didn't have to specify a default route because Solaris started up routed -q for us. If you do change your ifconfig, you'll need to kill and restart routed so it finds routes again.

TCP Wrappers

Now that we were on the net, we immediately snarfed the tcp_wrappers (aka: tcpd) from another Solaris box we had built them on. We installed tcpd in /usr/sbin and modified /etc/inetd.conf as follows:

ftp	stream	tcp	nowait	root	/usr/sbin/tcpd		in.ftpd
telnet	stream	tcp	nowait	root	/usr/sbin/tcpd		in.telnetd
name	dgram	udp	wait	root	/usr/sbin/tcpd		in.tnamed
shell	stream	tcp	nowait	root	/usr/sbin/tcpd		in.rshd
login	stream	tcp	nowait	root	/usr/sbin/tcpd		in.rlogind
exec	stream	tcp	nowait	root	/usr/sbin/tcpd		in.rexecd
comsat	dgram	udp	wait	root	/usr/sbin/tcpd		in.comsat
talk	dgram	udp	wait	root	/usr/sbin/tcpd		in.talkd
uucp	stream	tcp	nowait	root	/usr/sbin/tcpd		in.uucpd
#tftp	dgram	udp	wait	root	/usr/sbin/tcpd		in.tftpd -s /tftpboot
finger	stream	tcp	nowait	nobody	/usr/sbin/tcpd		in.fingerd

We then created a /etc/hosts.allow like:

ALL:			localhost		venus.hq.nasa.gov
in.ftpd in.telnetd:	wirehead.hq.nasa.gov	latte.hq.nasa.gov

so we could have all access on the machine itself (venus) and get in via telnet and ftp from our normal workstations. We then block everything else in /etc/hosts.deny:

ALL:	ALL

You have to kill -HUP the inetd to get it to reread /etc/inetd.conf before this will take effect. Test it out from some host you want to let in as well as some ones you want to deny. You'll not be very happy if you get back to your desk and find you've wrapped yourself out!

Logs of attempt, both successful and unsuccessful, are logged via syslog to /var/adm/messages. I believe this uses the MAIL.INFO facility.level of syslog, but don't quote me on that. Check the tcp_wrappers sources for the real info.

User config for compiling

I found that to use the Sun C compiler (possibly installed later) and some other tools that I had to have some mutant, unexpected directory (/usr/ccs/bin) in my PATH. Here's what I just hacked down in .cshrc to get me going as I started installing software from the net:

if (! $?prompt) exit

setenv PATH /usr/local/bin:/opt/gnu/bin:/usr/sbin:/usr/bin:/usr/ccs/bin:/usr/openwin/bin:/usr/ucb

set whoami=`whoami`
set suffix="<\!> "
if ( "$whoami" == "root" ) set suffix="[\!]# "
set prompt="$whoami@`hostname | sed 's/\..*//'`${suffix}"

set history=1000

Install GNU C and Associates

I chose not to install Sun CC, since I find most things compile quite happily -- even preferentially -- under GNU C. But you have to bootstrap yourself up to the latest version.

You can get Solaris binaries for GNU C and the gzip suite. You'll need 'em to build anything else. I got them from ftp://prep.ai.mit.edu/pub/gnu/sparc-sun-solaris2/. I got the gcc-binaries and gzip tarballs.

They wanted to unpack in / so they could expanded into /opt/gnu directories, and I let 'em. That's why I needed /opt/gnu/bin in my PATH.

After they were installed, I went back to ftp://prep.ai.mit.edu/pub/gnu/ to get the latest GCC. It takes a while to build, but just follow the INSTALL file. The only thing I had to do, since I didn't have Solaris CC was to tell it to use my just-installed GNU CC binaries. The relevant make line looked something like:

make LANGUAGES=c CC=gcc

Again, you'll need the /opt/gnu/bin in your path so make can find it. It took maybe an hour to build, mostly just compiling with subsequent stages of the compiler until you compile the compiler with itself.

I then built emacs -- also from prep -- as well as the latest versions of the gzip suite. More later as I need 'em. I'll want to get UCB sendmail, and the whole point of this machine's existence is to be a web server (CERN httpd) and FTP server (WU-FTPD)...

Chris Shenton