Solaris is the Unix variant produced by Sun Microsystems and is the result of over 20 years of continuous development. It is the only Unix variant that can run on commodityIntel PC hardware as well as Sun and Fujitsu hardware using Sparc and UltraSparc processors. Sun makes many changes to Solaris, some of them are big news and many are not. It is usually a system administrator that finds out about a new command or an undocumented command or feature (like the -k switch for netstat). This review is about two different installs of Solaris Express on different hardware to show some of the many features of the new release.Solaris Express is the first product of Sun's Software Express program, where administrators and users can download monthly releases and test-drive the newest Sun software products. This is available for both Sparc and Intel versions of Solaris Express. This review is of Solaris Express releases 8/03 through 11/03.
Reduced Networking Support Installation of Solaris Express
I used my Ultra 30 as the machine for a standard CD ROM install of Solaris Express; this machine has the following hardware:
250 MHz UltraSparc II CPU
1024 MB of memory (16 x 501-2480 64 MB DIMMs)
2 x 9 GB IBM DDRS 903170 SCSI hard disks
Creator 3D frame buffer
ViewSonic A90 19" monitor
Integrated hme 10/100 Ethernet adapter
Sun Type 6 keyboard and mouse
The first step is to turn on the machine and press Stop-A, this gets you to the OpenBoot Prompt or OBP. Load the Software 1 of 2 CD into the drive then issue the following command at the OBP:
boot cdrom
The CD is read and loads the installer loads into memory, if the hardware you intend to install Solaris Express is supported the install will continue. If you have 32-bit hardware (sun4d or sun4m architecture) the install will fail. According to the message printed on screen during the install on my Ultra 2, support for UltraSparc I CPU's will be dropped in future releases (this review is based on the 9/03 release). Since I am using supported hardware the installer loads and I am prompted for the following information:
Language (9 choices, I chose English)
Locale (you have 59 choices, I chose U.S.A. (en_US. ISO8859-1)
Once this is done, the install changes from command line to graphical. Like Solaris 9 Sun has not come up with a replacement to the TWM (Tab Window Manager) to something slicker. You will be prompted for the following information:
Will the system be networked?
Will you be using DHCP?
Host name
IP Address
System part of a subnet?
Netmask?
Enable IPv6?
Default Route? Here you have the option of Having Solaris detect it on reboot, to specify one, or you have no default route. I selected to specify one and typed the IP address in.
Configure Kerberos Security?
Name Service? Your choices are NIS+, NIS, DNS, LDAP, and none.
Time Zone (Country)
Country or Region
Time Zone
Date and Time
Now the Solaris Interactive Installation program loads and you have two install options, either Standard or Flash. To take advantage of a Flash install you would have had to create a Flash Archive (using Solaris Flash) of an existing system of similar hardware and either have a JumpStart server or a web server configured for Flash Installs, a tape drive, or a CD of a Flash Archive. I pressed F2 for Standard since I do not have a configured JumpStart or web server.
You will be asked if you want the system to reboot automatically or not. If the Installation Program detects a previous Solaris installation you will be prompted to either Upgrade or to select an Initial Install of Solaris. In this case I chose an Initial Install of Solaris. The next screen will prompt you for additional Geographic Regions you might want to support. I pressed F2 to continue since I do not want support for other Regions. New to Solaris Express is the screen Select System Locale in which you have the following choices:
POSIX C
U.S.A. (en_US.ISO8859-1) (I chose this option)
U.S.A. (en_US.ISO8859-15)
With Solaris, you have a choice of the system is installed by choosing install clusters; each cluster adds more software and functionality (and more security holes). The install clusters are as follows:
Reduced Networking Core System Support (new to Solaris Express)
Core System Support
End User System Support
Developer System Support
Entire Distribution
Entire Distribution plus OEM Support
I tried a Reduced Networking Core System Support install just to see what would be installed. This is a new feature of Solaris Express that Sun feels will appeal to system administrators building firewalls, DNS servers, and other machines where nothing more than the minimal OS is required. This install cluster uses the Software 1 of 2 CD only (like the Core System Support install cluster) except it does not install the following:
Console Frame Buffer support
FTP server or client
Telnet server or client
Secure Shell server or client (this is on the Software 2 of 2 CD)
No sendmail support
Routing support for IPv6
Volume Management (ability to mount CD ROM, Zip, jaz, and floppy drives automatically)
What it does install is interesting though, but not surprising since Sun determines what is necessary and leaves it up to the system administrator to determine what to remove:
Audio Drivers
X11 ISO8859-1 and ISO8859-15 Codeset Support (the install cluster does not support X)
Kerberos Version 5 support (specified no support for Kerberos)
NIS Support (specified no Name Service)
USB Support (an Ultra 30 does not have USB ports)
WAN boot support
And as part of every install of Solaris you get the following installed:
Sun GigaSwift Ethernet Adapter Driver
Sun RIO 10/100 Mb Ethernet Drivers
Sun FCIP IP/ARP over FibreChannel Device Driver
Sun FCP SCSI Device Driver
Sun Fibre Channel Transport layer
Qlogic ISP 2200/2202 Fibre Channel Device Driver
A total of 43 packages were installed, this is a vast improvement over previous versions of Solaris where the Core System Support cluster had to be selected to get a minimal system and you always got far more than you wanted. After the reboot I logged in as root, set the root password (on the Reduced Networking and Core installs the root password is not set until after the system is installed and rebooted). I then added myself as a user in the sysadmin group and started looking around. The major detractor to this install cluster is no remote connectivity whatsoever! I had to install 6 packages to get Secure Shell support (SUNWsshcu, SUNWsshdr, SUNWsshdu, SUNWsshr, SUNWsshu, SUNWzlib). And this is on 2 CD's, zlib on the first and the rest on the second. Sun should include the SSH packages on the first CD so that they are installed with all clusters, not just Developers Support and higher install clusters. At least now the SSH built into Solaris does not require SUNWbash (the bash shell) as a dependency.
Security minded system administrators try to reduce the system to only the absolute necessary packages for the system to operate. However, you have to be careful when removing packages, this is the result after removing WAN Boot support (SUNWwbsup) and trying to use the pkginfo command:
pkginfo | grep SUNWwbsup
ld.so.1: pkginfo: fatal: libwanboot.so.1: open failed: No such file or directory
Any attempt to reinstall the package failed with the same error, so a complete reinstall is in order (the nice thing about test boxes). There has been some lively discussion in the past about what is necessary on a Solaris system, this web site goes into detail about what constitutes a minimal Solaris build and who makes the claims:
http://www.mgmg-interactive.com/mgmg/
If this install was automated using JumpStart, Secure Shell and other packages could have been added as necessary. Then after the install was completed the administrator could create a Solaris Flash image to clone the installation on any number of machines using tape, a web server, NFS server, or a bootable CD. For someone who wants to minimize a system to make it more secure I would recommend getting to know the pkginfo, pkgchk, and ldd commands.
- "Solaris Express review, Page 1"
- "Solaris Express review, Page 2"
- "Solaris Express review, Page 3"
