[Level 2] Solaris 10 Technical Conference ( 2009/10/25,11/13,12/4 ) -- Basic SMF hands-on lab
The following is my lab file, please refer to it.
Wish this helps.
regards,
Stanley Huang
Wish this helps.
regards,
Stanley Huang
****************************************************************************************************
The purpose of this lab is to let you have basic SMF administration skill. And then you will have the following capabilities.
Lab 1:
* list service.
* check service dependenty.
* manage service.
Lab 1:
1. list services
# svcs -a; ## list all service included 'disabled services'
----------------------------
STATE STIME FMRI
...
----------------------------
# svcs */milestone/*;
----------------------------------------------------------------------------
STATE STIME FMRI
online 8:40:05 svc:/milestone/network:default
online 8:40:08 svc:/milestone/name-services:default
online 8:40:08 svc:/milestone/devices:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
online 8:40:25 svc:/milestone/multi-user:default
online 8:40:26 svc:/milestone/multi-user-server:default
----------------------------------------------------------------------------
2. list service associated instance.
# svcs -p inetd;
--------------------------------------------------
STATE STIME FMRI
online 8:40:13 svc:/network/inetd:default
8:40:13 434 inetd
--------------------------------------------------
3. list service messages.
# svcs -l inetd;
-------------------------------------------------------------------
fmri svc:/network/inetd:default
name inetd
enabled true
state online
next_state none
state_time Sun Oct 18 08:40:13 2009
logfile /var/svc/log/network-inetd:default.log
restarter svc:/system/svc/restarter:default
contract_id 70
dependency require_any/error svc:/network/loopback (online)
dependency require_all/error svc:/system/filesystem/local (online)
dependency optional_all/error svc:/milestone/network (online)
dependency optional_all/error svc:/network/rpc/bind (online)
dependency optional_all/none svc:/network/inetd-upgrade (disabled)
dependency require_all/none svc:/milestone/sysconfig (online) svc:/milestone/name-services (online)
-------------------------------------------------------------------
4. list service error message.
# svcs -vx;
-------------------------------------------------------------------------------
svc:/system/cluster/cl-svc-cluster-milestone:default (Synchronizing the cluster userland services)
State: disabled since Sun Oct 18 08:39:54 2009
Reason: Disabled by an administrator.
See: http://sun.com/msg/SMF-8000-05
Impact: 1 dependent service is not running:
svc:/system/cluster/sckeysync:default
-------------------------------------------------------------------------------
5. check service dependency. (-d: for parent, -D for child)
# svcs */milestone/*;
online 8:40:05 svc:/milestone/network:default
online 8:40:08 svc:/milestone/name-services:default
online 8:40:08 svc:/milestone/devices:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
online 8:40:25 svc:/milestone/multi-user:default
online 8:40:26 svc:/milestone/multi-user-server:default
# svcs -d multi-user | grep milestone;
online 8:40:08 svc:/milestone/name-services:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
# svcs -D multi-user | grep milestone;
online 8:40:26 svc:/milestone/multi-user-server:default
6. manage service.
# svcs *ssh*
STATE STIME FMRI
online 8:40:14 svc:/network/ssh:default
** stop service, service will not start next server boot.
# svcadm disable svc:/network/ssh:default
# svcadm disable ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled false
-----------------------------
** start service, service will start next server boot.
# svcadm enable svc:/network/ssh:default
# svcadm enable ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled true
-----------------------------
** restart service
# svcadm restart svc:/network/ssh:default
# svcadm restart ssh
** temporary start/stop service, service will start next server boot.
# svcadm enable -t ssh
# svcadm disable -t ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled true (temporary)
-----------------------------
7. manage services with profiles.
** with secure net policy. stop un-secure service, like telnet, ftp, rpc...
# svccfg apply /var/svc/profile/generic_limited_net.xml
# cat /var/svc/profile/generic_limited_net.xml
PS. partial of the xml file.
-----------------------------------------------------------
...
...
-----------------------------------------------------------
** with generial net policy. start un-secure service, like telnet, ftp, rpc...
# svccfg apply /var/svc/profile/generic_open.xml
# cat /var/svc/profile/generic_open.xml
PS. partial of the xml file.
-----------------------------------------------------------
...
...
-----------------------------------------------------------
Lab 1:
* list service.
* check service dependenty.
* manage service.
Lab 1:
1. list services
# svcs -a; ## list all service included 'disabled services'
----------------------------
STATE STIME FMRI
...
----------------------------
# svcs */milestone/*;
----------------------------------------------------------------------------
STATE STIME FMRI
online 8:40:05 svc:/milestone/network:default
online 8:40:08 svc:/milestone/name-services:default
online 8:40:08 svc:/milestone/devices:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
online 8:40:25 svc:/milestone/multi-user:default
online 8:40:26 svc:/milestone/multi-user-server:default
----------------------------------------------------------------------------
2. list service associated instance.
# svcs -p inetd;
--------------------------------------------------
STATE STIME FMRI
online 8:40:13 svc:/network/inetd:default
8:40:13 434 inetd
--------------------------------------------------
3. list service messages.
# svcs -l inetd;
-------------------------------------------------------------------
fmri svc:/network/inetd:default
name inetd
enabled true
state online
next_state none
state_time Sun Oct 18 08:40:13 2009
logfile /var/svc/log/network-inetd:default.log
restarter svc:/system/svc/restarter:default
contract_id 70
dependency require_any/error svc:/network/loopback (online)
dependency require_all/error svc:/system/filesystem/local (online)
dependency optional_all/error svc:/milestone/network (online)
dependency optional_all/error svc:/network/rpc/bind (online)
dependency optional_all/none svc:/network/inetd-upgrade (disabled)
dependency require_all/none svc:/milestone/sysconfig (online) svc:/milestone/name-services (online)
-------------------------------------------------------------------
4. list service error message.
# svcs -vx;
-------------------------------------------------------------------------------
svc:/system/cluster/cl-svc-cluster-milestone:default (Synchronizing the cluster userland services)
State: disabled since Sun Oct 18 08:39:54 2009
Reason: Disabled by an administrator.
See: http://sun.com/msg/SMF-8000-05
Impact: 1 dependent service is not running:
svc:/system/cluster/sckeysync:default
-------------------------------------------------------------------------------
5. check service dependency. (-d: for parent, -D for child)
# svcs */milestone/*;
online 8:40:05 svc:/milestone/network:default
online 8:40:08 svc:/milestone/name-services:default
online 8:40:08 svc:/milestone/devices:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
online 8:40:25 svc:/milestone/multi-user:default
online 8:40:26 svc:/milestone/multi-user-server:default
# svcs -d multi-user | grep milestone;
online 8:40:08 svc:/milestone/name-services:default
online 8:40:09 svc:/milestone/single-user:default
online 8:40:13 svc:/milestone/sysconfig:default
# svcs -D multi-user | grep milestone;
online 8:40:26 svc:/milestone/multi-user-server:default
6. manage service.
# svcs *ssh*
STATE STIME FMRI
online 8:40:14 svc:/network/ssh:default
** stop service, service will not start next server boot.
# svcadm disable svc:/network/ssh:default
# svcadm disable ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled false
-----------------------------
** start service, service will start next server boot.
# svcadm enable svc:/network/ssh:default
# svcadm enable ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled true
-----------------------------
** restart service
** The option "restart" will not start the service status.
** If you want to start the service, please use "enable" option as above.# svcadm restart svc:/network/ssh:default
# svcadm restart ssh
** temporary start/stop service, service will start next server boot.
# svcadm enable -t ssh
# svcadm disable -t ssh
# svcs -l ssh | grep enabled
-----------------------------
enabled true (temporary)
-----------------------------
7. manage services with profiles.
** with secure net policy. stop un-secure service, like telnet, ftp, rpc...
# svccfg apply /var/svc/profile/generic_limited_net.xml
# cat /var/svc/profile/generic_limited_net.xml
PS. partial of the xml file.
-----------------------------------------------------------
...
...
-----------------------------------------------------------
** with generial net policy. start un-secure service, like telnet, ftp, rpc...
# svccfg apply /var/svc/profile/generic_open.xml
# cat /var/svc/profile/generic_open.xml
PS. partial of the xml file.
-----------------------------------------------------------
...
...
-----------------------------------------------------------
I am unable to enable network/ftp:default service which is set in disabled state. No errors are coming, but is it true that only a restart will effect the changes? is there a way to apply without a server restart?
ReplyDeleteHi Diabolic:
ReplyDeleteIf ftp service is stoped,
you cannot use the "restart" option to enable it.
You should use the option "enable" as the following commands:
# svcadm enable ftp;
Wish this helps,
Stanely Huang