Solaris Admin Quick Reference (Page 2 of 3) in pdf

$HOME/.dt/sessionetc

/etc/pam.conf

httpd.conf (https.conf)

per user CDE session start file (script with execute perm).

pluggable authentication configuration file.

Apache web server configuration file. ( )

$HOME/.dt/sessionexit

/etc/power.conf

smb.conf

per user CDE exit file (script with execute permission).

power configuration.

Samba (window server) configuration file. ( )

/{usr | etc}/dt/config/C/Xresources

/etc/printers.conf

control attribute of login screen, for example, to disable session

BSD printer configuration.

Miscellaneous Commands

menu, uncomment following line

/etc/magic

SUN patch files and freeware

Dtlogin*session_menus*sensitive:

False

used by “file” command to determine file type.

/{usr | etc}/dt/config/C/sys.resources

/etc/security/*

session resource, for example, to disable automatic screen lock,

security audit related files.

Forget root password

set timout to 0

/etc/syslog.conf

boot –s cdrom

dtsession*lockTimeout: 0

system log daemon configuration file.

find out root partition with “format” command

$HOME/.dt/sessions/{current | home}

/etc/notrouter

mount /dev/dsk/c0t0d0s0 /mnt (suppose c0t0d0s0 is root part.)

current (home) session files.

specify this host is not a router.

edit /mnt/etc/shadow

/{usr | etc}/dt/config/Xconfig

Disable auto-logout feature for tcsh

configuration file for login screen (dtconfig), after change use

Default info for various programs

Put following line in .cshrc or .tcshrc

dtconfig –reset

unset autologout

/etc/default/power

/usr/dt/config/Xstartup

edit /etc/inittab

power management parameters.

this script run after user login but before user session.

remove sc:234:respawn:/usr/lib/saf/sac –t 300

/etc/default/Solregis

/usr/dt/config/Xaccess

disable serial device (modem) login.

put DISABLE=1 to disable solaris registration screen.

Control access to Xserver.

showmount –e host_name

/etc/default/su

/usr/dt/bin/Xsession

show export file systems on host_name.

settings for “su” command.

start CDE session

rpcinfo –p host_name

/etc/default/sys-suspend

/usr/dt/config/Xsession.d/*

check RPC services on host_name.

users permitted to put system in suspend mode.

Scripts auto executed by Xsession.

ldd program

/etc/default/passwd

usr/dt/config/Xsession.ow

show what dynamic libraries needed by program.

minimum password length.

start OpenWindow session.

LD_LIBRARY_PATH is the search path for dynamic libraries.

/etc/default/login

/usr/dt/config/Xreset

useradd –d homedir –u UID –g GID –c “comment” –s shell

Command executed after the session end.

add new user account.

disable root login by telnet (rlogin).

/usr/dt/bin/dtconfig –e|-d|-kill

man foo | col –b > foo.txt

/etc/default/init

-e|-d: enable (disable) autostart login server.

save manual page for command “foo” in pure text.

time zone, CMASK (default 022)

-kill: kill dtlogin and all its child process.

pkgadd –d pkgfile

/etc/default/kbd

$HOME/.dt/icons

add solaris package file.

KEYBOARD_ABORT=disable

$/{usr|etc}/dt/appconfig/icons/C

boot –r

default icons search path.

Reconfiguration system after adding new hardware.

Application Configuration

who –r

/etc/ssh2/ssh2_configure ($HOME/.ssh2/ssh2_config)

System Configuration

show current run level.

SSH client system wide (per user) configuration file.

volcheck –v

/etc/passwd, /etc/shadow, /etc/group

/etc/ssh2/sshd2_config ($HOME/.ssh2/sshd2_config)

check if new floppy/cdrom is inserted.

user account information.

SSH server system wide (per user) configuration file.

fuser –u [-k] /cdrom

/etc/ftpusers

Setup SSH2 to accept hostbased authtication

Show which program is using the cdrom (or floppy).

users NOT allowed to use FTP.

(1)

Server side

/usr/sbin/eeprom

/etc/system

In sshd2_config, includes hostbased, like this

show settings in eeprom.

Kernel parameters

AllowedAuthentications hostbased, publickey, password

/usr/sbin/prtconf –vb

Example: disable execution in stack

In /etc/hosts, use client’s full qualified domain name (FQDN).

show system information.

set noexec_user_stack=1

In .rhosts (.shosts), also use FQDN, make user these files are

find / -type f –perm -4000 –user root –print

set noexec_user_stack_log=1

owned by that user and not writeble by other users.

find set UID to root program.

set maxuprc = 128

# maximum no. of user process

Copy client’s hostkey.pub to server’s /etc/ssh2/knownhosts and

m64config –res 1024x768x75 –depth 24

set sys:coredumpsize = 0 # prevent core dump

name it as FQDN.ssh-dss.pub (e.g., bluebear.la.asu.edu.ssh-

set screen resolution, color depth for M64 frame buffer.

/etc/hosts.equiv, ($HOME/.rhosts)

dss.pub).

(ffbconfig on Ultra -60)

system wide (per user) trust hosts.

(2)

Client side

fsck –F ufs –y /dev/rdsk/c0t0d0s0

/etc/motd, (/etc/issue)

In ssh2_config, includes hostbased authentication, like this

file system check, answer “y” to all questions.

message after (before) login.

AllowedAuthentications hostbased, publickey, password

xv –root –quit foo.gif

/etc/shells

Also need to set DefaultDomain keyword, like

set CDE screen background.

allowed shell program.

DefaultDomain la.asu.edu

/etc/init.d/script {start | stop}

/etc/initab

run a script in /etc/init.d directory.

run level configuration.

/usr/local/lib/pine.conf

newfs –v /dev/rdsk/c0t0d0s6

/etc/rc{S, | 1 | 2 | 3 | 5 | 6}.d

system wide PINE configuration, overwrite by $HOME/.pinerc

construct new file system after format.

scripts for different run levels.

/usr/local/lib/pine.conf.fixed

/usr/sbin/sys-unconfig

/etc/bootparams

system wide PINE configuration, NOT overwrite by ~/.pinerc

reconfiguring the system.

rpc.bootparamd configuration file.

Solaris Admin Quick Reference Page 2

Related Articles

Related forms

Related Categories