Author: rdircio

Create the archive

# archiveadm create -r -z zone2 /archives/zone2.uar

in the target system, the zpool should already exist, then we create the zone and use the archive to install the zone.

# zonecfg -z zone2 create -a /root/zone2.uar
# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris share
zone2 configured /zone2pool solaris excl

# zoneadm -z zone2 uninstall
# zoneadm -z zone2 install -a /root/zone2.uar

if “install” fails try this script:

#!/bin/bash

Z=$1
set -x

pkg -R /zones/$Z/root set-publisher -G http://sunutil5:10000/ solaris
pkg -R /zones/$Z/root variant -H variant.arch
pkg -R /zones/$Z/root set-property use-system-repo true
pkg -R /zones/$Z/root publisher -H -F tsv
pkg -R /zones/$Z/root refresh –full
pkg -R /zones/$Z/root uninstall VRTSvlic VRTSperl
zoneadm -z $Z attach -u

# zoneadm -z zone2 boot

# iscsiadm add discovery-address 192.168.5.100:3260
# iscsiadm add static-config iqn.2022-02.lan.hoshi:solaris01,192.168.5.100
# iscsiadm list target -v iqn.2022-02.lan.hoshi:solaris01,192.168.5.100
# iscsiadm modify discovery -t enable
# iscsiadm modify discovery –static enable
# devfsadm -i iscsi

from:

https://docs.oracle.com/cd/E23824_01/html/821-1459/fnnop.html#gkgng

https://docs.oracle.com/cd/E18752_01/html/817-5093/fncpi.html

If you get this error while labeling a disk inside “format”:

format> la
 WARNING - This disk may be in use by an application that has
 modified the fdisk table. Ensure that this disk is
 not currently in use before proceeding to use fdisk.

Issue the “fdisk” command inside format

format> fdisk
 No fdisk table exists. The default partition for the disk is:

a 100% "SOLARIS System" partition

Type "y" to accept the default partition, otherwise type "n" to edit the
 partition table.

After this, you can label the disk

https://docs.oracle.com/cd/E53394_01/html/E54756/gnzib.html

IDMU=Identity Management for Unix has been deprecated from AD, the last AD version to support it is 2012, but the RFC 2307(unix) attributes still exist in AD, we just need to edit them manually in ADUC=Active Directory Users and Computers manually for each user, via Advanced Options. See the link below :

https://www.ibm.com/docs/en/spectrum-scale/5.0.5?topic=imwr2a-configuring-id-mappings-in-active-directory-users-computers-windows-server-2016-subsequent-versions

These are the attributes to edit:

Field on IMU Unix Attributes tab	RFC2307 AD attribute
UID	uidNumber
Logon Shell	loginShell
Home Directory	unixHomeDirectory
Primary group name or group identifier (GID)	primaryGroupID

Very few network cards are supported, in this case i have an Ateros chipset card i plugged off from an acer aspire one

root@solaris01:~# dladm show-phys
LINK MEDIA STATE SPEED DUPLEX DEVICE
net0 Ethernet unknown 100 full bfe0
net1 WiFi up 54 unknown arn0

Create the ip address object

root@solaris01:~# ipadm create-ip net1

Verify the nic has been created as an ipadm object

root@solaris01:~# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
net0 ip ok yes --
net1 ip ok yes --

Scan wifi networks

root@solaris01:~# dladm scan-wifi
LINK ESSID BSSID SEC STRENGTH MODE SPEED
net1 DunderMifflin 4:95:e6:de:d6:f1 wpa excellent n 54Mb

Create the encrypted object to store the wpa key

root@solaris01:~# dladm create-secobj -c wpa mykey
provide value for mykey:
confirm value for mkey:

Connect to the network

root@solaris01:~# dladm connect-wifi -e DunderMifflin -k mykey
root@solaris01:~# ipadm create-addr -T dhcp net1

parted --script /dev/sdb "mklabel gpt" 
parted --script /dev/sdb "mkpart primary 0% 100%"

1. Change the file /etc/ssh/sshd_config PermitRootLogin yes with PermitRootLogin no and save file.

    vi /etc/ssh/sshd_config  

  PermitRootLogin yes

2. Comment out the “CONSOLE=/dev/console” line in /etc/default/login.

    vi /etc/default/login

  #CONSOLE=/dev/console

3.Remove “;type=role” from the root entry in /etc/user_attr or use the below command.

 rolemod -K type=normal root

4. Restart the Services.

#svcadm restart svc:/network/ssh:default

zpool create zone1pool /dev/dsk/c3d0s4
zfs create zone1pool/zone1
zfs set mountpoint=none zone1pool
zfs set mountpoint=/zone01 zone1pool/zone1

zonecfg -z zone01
Use ‘create’ to begin configuring a new zone.
zonecfg:zone01> create -b
create: Using system default template ‘SYSdefault’
zonecfg:zone01> set zonepath=/zone01
zonecfg:zone01> set autoboot=true
zonecfg:zone01> set bootargs=”-m verbose”
zonecfg:zone01> verify
zonecfg:zone01> commit
zonecfg:zone01> exit

zoneadm list -icv
zoneadm -z zone01 install
zoneadm list -icv
zfs list | grep -i zone
zoneadm -z zone01 boot
zlogin -C zone01

Create the zpool to hold the repos

root@solaris01:/sol_11_repo# zpool create sol_11_repo c3d0s2
root@solaris01:/sol_11_repo# zfs set atime=off sol_11_repo
root@solaris01:/sol_11_repo# zfs set compression=zstd sol_11_repo
root@solaris01:/sol_11_repo# zfs set compression=lz4 sol_11_repo

Copy the 5 zip files to the directory you will use and unzip them

root@solaris01:/sol_11_repo# ls *zip
sol-11_4-repo_1of5.zip sol-11_4-repo_2of5.zip sol-11_4-repo_3of5.zip sol-11_4-repo_4of5.zip sol-11_4-repo_5of5.zip
root@solaris01:/sol_11_repo# ls *zip | while read f;do unzip -oq $f; done

Create the repo and refresh it

root@solaris01:/sol_11_repo# pkgrepo create /sol_11_repo
root@solaris01:/sol_11_repo# pkgrepo -s /sol_11_repo refresh
root@solaris01:/sol_11_repo# pkgrepo -s /sol_11_repo/ info
root@solaris01:/sol_11_repo# zfs set sharenfs=on sol_11_repo
root@solaris01:/sol_11_repo# svccfg -s application/pkg/server setprop pkg/inst_root=/sol_11_repo
root@solaris01:/sol_11_repo# svccfg -s application/pkg/server setprop pkg/readonly=true
root@solaris01:/sol_11_repo# svcprop -p pkg/inst_root application/pkg/server
root@solaris01:/sol_11_repo# svcadm refresh application/pkg/server
root@solaris01:/sol_11_repo# pkgrepo refresh -s /sol_11_repo
Initiating repository refresh.

Make sure it is running in port 80

root@solaris01:~# svccfg -s application/pkg/server listprop | grep -i port
pkg/port count 80
root@solaris01:~# svcadm refresh application/pkg/server
root@solaris01:~# svcadm enable application/pkg/server
root@solaris01:~# svcs | grep -i pkg/server
online 9:53:25 svc:/application/pkg/server:default

Get all the new packages from Oracle

root@solaris01:/sol_11_repo# export PKG_SRC=http://pkg.oracle.com/solaris/release/
root@solaris01:/sol_11_repo# export PKG_DEST=/sol_11_repo
root@solaris01:/sol_11_repo# pkgrecv ‘*’

Receive all packages that do not already exist and all changed content
from the repository located at http://pkg.oracle.com/solaris/release/
to the repository located at /export/repoSolaris11.

root@solaris01:/sol_11_repo# pkgrecv -s http://pkg.oracle.com/solaris/release/ -d /sol_11_repo -m all-timestamps '*'

Setup a client to use our repo, and remove Oracle’s

# pkg set -G ‘*’ -g http://192.168.5.17/ solaris