solaris 8 operating environemnt system administration i
TRANSCRIPT
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
1/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I April 2001
Solaris 8 Operating Environment
System Administration I
SA-238
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
2/451
Copyright 2001 Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, California 94303, U.S.A. All rights reserved.Thisproduct or document is protected by copyright and distributed under licensesrestrictingits use, copying, distribution, and decompilation. No part of this product or document may
be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any.
Third-party software, including font technology, is copyrighted and licensed from Sun suppliers.
Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusivelylicensed through X/Open Company, Ltd.
Sun, Sun Microsystems, the Sun logo, CacheFS, JumpStart, OpenBoot, Solaris, Solaris Management Console, Solaris Web Start, Sun Enterprise 3000, Sun Enterprise 10000, SunOS, andUltra are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries.
All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trade-marks are based upon an architecture developed by Sun Microsystems, Inc.
The OPEN LOOK and Sun Graphical User Interface was developed by Sun Microsystems, Inc.for its users and licensees. Sun acknowledges the pioneering effortsof Xerox in researchingand developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, whichlicense also covers Suns licensees who implement OPEN LOOK GUIs and otherwise comply with Suns written license agreements.
U.S. Government approval required when exporting the product.
RESTRICTED RIGHTS: Use, duplication, or disclosure by the U.S. Government is subject to restrictions of FAR 52.227-14(g) (2)(6/87) and FAR 52.227-19(6/87), or DFAR 252.227-7015(b)(6/95) and DFAR 227.7202-3(a).
DOCUMENTATION IS PROVIDED AS ISAND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTYOF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS AREHELD TO BE LEGALLY INVALID.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
3/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I April 2001
Preface
About This Course
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
4/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide ii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Course Goal
Administering the Solaris 8 Operating Environment
involves many tasks, including standalone installation, filesystem management, backups, process control, useradministration, and device management. Students taking thisclass should gain the necessary knowledge and skills to
perform these essential system administration tasks in theSolaris 8 Operating Environment.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
5/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide iii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Course Overview
The primary objective of this course is to teach new system
administrators the basics of administering Sunworkstations. You will perform basic administration tasks,such as:
Installing a standalone system Adding users
Backing up and restoring file systems
Adding printer support
Creating file systems and managing disks
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
6/451
Sun Educational Services
Course Map
Software Installation and Administration
Introduction
Introducing theSolaris 8 OperatingEnvironment System
Administration
Users, Initialization Files, and Security
AddingUsers
SystemSecurity
Devices, Disks, and File Systems
The DirectoryHierarchy
DeviceConfiguration
Disks, Slices,and Format
The Solaris ufsFile System
MountingFile Systems
MaintainingFile Systems
Processes and Printing
ScheduledProcessControl
The SolarisLP PrintService
System Firmware, Boot Process, and Run Levels
TheBoot PROM
The SystemBoot Process
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
7/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide v of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Module-by-Module Overview
Module 1 Introducing the Solaris 8 Operating
Environment System Administration Module 2 Adding Users
Module 3 System Security
Module 4 The Directory Hierarchy
Module 5 Device Configuration
Module 6 Disks, Slices, and Format Module 7 The Solaris Operating Environment ufs
File System
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
8/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide vi of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Module-by-Module Overview
Module 8 Mounting File Systems
Module 9 Maintaining File Systems
Module 10 Scheduled Process Control
Module 11 The Solaris Operating Environment LPPrint Service
Module 12 The Boot PROM
Module 13 The System Boot Process Module 14 Installing the Solaris 8 Operating
Environment on a Standalone System
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
9/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide vii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Module-by-Module Overview
Module 15 Administrating Software Packages
Module 16 Managing Software Patches
Module 17 Backup and Recovery
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
10/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide viii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Course Objectives
Upon completion of this course, you should be able to:
Define basic system administration tasks and terms
Add users and groups to the system
Configure user initialization files Implement basic system security
Create access control lists (ACLs) on files
Identify disks configured on a system
Define disk slices on a new disk
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
11/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide ix of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Course Objectives
Create and mount a file system
Repair a corrupted file system
View and manage processes
Configure and administer printers Identify the default boot device
Describe the boot process
Change system run levels
Install the Solaris 8 Operating Environment softwareon a standalone workstation
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
12/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide x of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Course Objectives
Add software packages
Add a software patch
Perform a root file system backup and restore
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
13/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xi of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Skills Gained by Module
Module
Skills Gained 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17Define basic system administrationtasks and terms
Add users and groups to the system
Configure user initialization files
Implement basic system security
Create ACLs on files
Identify disks configured on asystem
Define disk slices on a new disk
Create and mount a file system
Repair a corrupted file system
View and manage processes
Configure and administer printers
Identify the default boot device
Describe the boot process
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
14/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Change system run levels
Install the Solaris 8 OperatingEnvironment software on a
standalone workstation
Add a software packages
Add software patch
Perform a root file system backupand restore
Module
Skills Gained 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
15/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xiii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Guidelines for Module Pacing
Module Day 1 Day 2 Day 3 Day 4 Day 5
About This Course A.M.
Introducing the Solaris 8 OperatingEnvironment System Administration
A.M.
Adding Users A.M.
System Security P.M.The Directory Hierarchy P.M.
Device Configuration A.M.
Disks, Slices, and Format A.M./P.M.
The Solaris Operating Environmentufs FileSystem
P.M.
Mounting File Systems A.M.
Maintaining File Systems A.M.
Scheduled Process Control P.M.
The Solaris Operating Environment LP PrintService
P.M.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
16/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xiv of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The Boot PROM A.M.
The System Boot Process A.M./P.M.
Installing the Solaris 8 Operating
Environment on a Standalone System
P.M.
Administrating Software Packages A.M.
Managing Software Patches A.M.
Backup and Recovery P.M.
Module Day 1 Day 2 Day 3 Day 4 Day 5
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
17/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xv of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Topics Not Covered
Basic UNIX commands Covered in SA-118:
Fundamentals of Solaris 8 Operating Environment forSystem Administrators
Thevi editor Covered in SA-118: Fundamentals of theSolaris 8 Operating Environment for System
Administrators
Basic UNIX file security Covered in SA-118:Fundamentals of the Solaris 8 Operating Environment for
System Administrators JumpStart Covered in SA-288: Solaris 8 Operating
Environment System Administration II
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
18/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xvi of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Topics Not Covered
Solaris Management Console Covered in SA-288:
Solaris 8 Operating Environment System Administration II NFS configuration Covered in SA-288: Solaris 8
Operating Environment System Administration II
Naming services Covered in SA-288: Solaris 8Operating Environment System Administration II
Troubleshooting Covered in ST-350: Sun SystemsFault Analysis Workshop
System tuning Covered in SA-400: Solaris SystemPerformance Management
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
19/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xvii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
How Prepared Are You?
To be sure you are prepared to take this course, can you
answer yes to the following questions? Can you use basic UNIX commands to navigate the
Solaris Operating Environment directory tree and tosearch for or manipulate directories and files?
Can you use the vi text editor to create or modify files?
Can you change access permissions on files anddirectories?
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
20/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xviii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Introductions
Name
Company affiliation
Title, function, and job responsibility
System administrator experience
Reasons for enrolling in this course
Expectations for this course
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
21/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xix of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
How to Use Course Materials
Course map
Objectives
Lecture
Exercise
Check your progress
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
22/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xx of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
How to Use the Icons
Additional resources
Demonstration
Discussion
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
23/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xxi of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise objective
Caution
Warning
!
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
24/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Preface, slide xxii of xxiiCopyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Typographical Conventions andSymbols
Courier is used for the names of commands, files, anddirectories, as well as on-screen computer output.
Courier bold is used for characters and numbers that
you type.
Courier italic is used for variables andcommand-line placeholders that are replaced with a
real name or value.
Palatino italic is used for book titles, new words or terms,or words that are emphasized.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
25/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I April 2001
Module 1
Introducing the Solaris 8 OperatingEnvironment System Administration
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
26/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 2 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Objectives
Upon completion of this module, you should be able to:
Define the roles of a Solaris Operating Environmentsystem administrator
Define common system administration terms
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
27/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 3 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Administering Standalone Systems
Managing user accounts
Maintaining system security
Configuring new devices
Installing and partitioning disk drives
Managing file systems
Scheduling system-related jobs
Maintaining print services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
28/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 4 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Administering Standalone Systems
Managing the boot programmable read-only memory
(PROM) Configuring system initialization files
Installing the Solaris Operating Environment software
Administering software packages and patches
Performing backup and recovery operations
Managing disaster recovery
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
29/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 5 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Administering Client/Server Systems
Configuring a network environment
Setting up the syslog utility
Configuring and administering an NFS environment
Configuring CacheFS file systems
Using automount
Setting up name services
Installing the Solaris Operating Environment using theSolaris JumpStart program
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
30/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 6 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
System Administration Terms
Some common system administration terms are:
Host
Host name
Internet (IP) address
Ethernet address
Server
Client
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
31/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 7 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Distributed Computing Environment
Host 1 Host 2
Clientprocess
Serverprocess
Clientprocess
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
32/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 1, slide 8 of 8Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Check Your Progress
Define the roles of a Solaris Operating Environment
system administrator Define common system administration terms
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
33/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I April 2001
Module 2
Adding Users
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
34/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 2 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Objectives
Upon completion of this module, you should be able to:
Create and manage user accounts on the local systemusing the admintoolutility
Describe the format of the files /etc/passwd and
/etc/shadow for securing login access Describe the format of the /etc/group file for
maintaining shared and restricted access to files anddirectories
Add, modify, and delete user accounts on the localsystem with the commands useradd, usermod, anduserdel
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
35/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 3 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Objectives
Add, modify, and delete group accounts for the local
system with the commandsgroupadd
,groupmod
, andgroupdel
Define the two different types of shell initialization files
Describe the shell startup activities during login for thethree main Solaris Operating Environment shells
List the shell initialization files used to set up a userswork environment at login
Describe the purpose of the /etc/skel directory
Modify the initialization files to customize a userswork environment
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
36/451
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
37/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 5 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Managing User Accounts
Before you can add user accounts to the system, you must
determine the following information for each new user: Login name
User identification (UID) number
Group identification (GID) number
Comment
home
directory Login shell
Password aging
S Ed i l S i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
38/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 6 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Managing User Accounts Withadmintool
admintool enables system administrators to maintain andmodify local system files from the following categories:
Users
Groups
Hosts
Printers
Serial ports
Software
S Ed i l S i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
39/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 7 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Storing User and Group AccountInformation
The Solaris Operating Environment stores user account andgroup account information in the following system files:
/etc/passwd Authorized system users have login
account entries in the /etc/passwd file. /etc/shadow All passwords are encrypted and
maintained in a separate shadow file named/etc/shadow.
/etc/group The /etc/group file defines the defaultsystem group accounts.
S Ed ti l S i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
40/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 8 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The /etc/passwdFile
root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
smtp:x:0:0:Mail Daemon User:/:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/
lib/uucp/uucico
listen:x:37:4:Network Admin:/usr/net/nls:nobody:x:60001:60001:Nobody:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x Nobody:/:
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
41/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 9 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The /etc/shadowFile
root:LXeoktCoMtwZN:6445::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
smtp:NP:6445::::::uucp:NP:6445::::::
nuucp:NP:6445::::::
listen:*LK*:::::::
nobody:NP:6445::::::noaccess:NP:6445::::::
nobody4:NP:6445::::::
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
42/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 10 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The /etc/groupFile
root::0:rootother::1:
bin::2:root,bin,daemonsys::3:root,bin,sys,admadm::4:root,adm,daemonuucp::5:root,uucpmail::6:root
tty::7:root,tty,admlp::8:root,lp,admnuucp::9:root,nuucpstaff::10:daemon::12:root,daemon
sysadmin::14:lister,toreynobody::60001:noaccess::60002:nogroup::65534:
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
43/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 11 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Creating and Managing AccountsFrom the Command Line
The following command-line tools add, modify, and deleteuser accounts and group accounts on the local system:
useradd Adds a new user account
usermod Modifies a users account
userdel Deletes a users account
groupadd Adds (creates) a new group account
groupmod Modifies a group account
groupdel Deletes a group account
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
44/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 12 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Creating User Accounts
You use the useradd command to add an entry for thenew user into the /etc/passwd and /etc/shadow files.
The useradd command also automatically copies allthe initialization files in the/etc/skeldirectory to theusers new home directory.
Command format:
useradd [-u uid][-g gid][-G gid[,gid,.. ]]
[-d dir][-m][-s shell][-c comment] loginname
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
45/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 13 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Modifying User Accounts
You use the usermod command to modify a userslogin information on the system.
Command format:
usermod [ -u uid[ -o ] ] [ -g gid]
[ -G gid[ , gid] ] [ -d dir] [ -m ][ -s shell ] [ -c comment ] [ -l newlogname ]
[ -f inactive ] [ -e expire ] login
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
46/451
Sun Educational Services
Solaris 8 Operating Environment System Administration I Module 2, slide 14 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Deleting User Accounts
You use the userdel command to delete a users loginaccount from the system.
This command also removes the users home directoryand all of its contents, if you request it to do so.
Command format:userdel [ -r ] login
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
47/451
Solaris 8 Operating Environment System Administration I Module 2, slide 15 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Adding Group Accounts
As root, you create new group accounts on the localsystem using the groupadd command.
This command adds an entry for the new group intothe /etc/group file.
Command format:groupadd [-g gid[ -o ]] groupname
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
48/451
Solaris 8 Operating Environment System Administration I Module 2, slide 16 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Modifying Group Account s
You use the groupmod command to modify thedefinitions of the specified group by modifying theappropriate entry in the /etc/group file.
Command format:
groupmod [-g gid[ -o ]][-n name] groupname
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
49/451
Solaris 8 Operating Environment System Administration I Module 2, slide 17 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Deleting Group Accounts
You use the groupdel command to delete a groupaccount from the system.
It deletes the appropriate entry from the /etc/groupfile.
Command format:groupdel groupname
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
50/451
Solaris 8 Operating Environment System Administration I Module 2, slide 18 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise: Adding Users and Groups
Exercise Objective
Preparation
Task Summary
Tasks
Exercise Summary
Task Solutions
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
51/451
Solaris 8 Operating Environment System Administration I Module 2, slide 19 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Understanding Initialization Files When users log in to the system, their login shells look
for and execute two different types of initializationfiles.
w The first type controls the system-wideenvironment.
w The second type controls the users environment.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
52/451
Solaris 8 Operating Environment System Administration I Module 2, slide 20 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
System-Wide Initialization Files As the system administrator, you maintain the system
initialization files to provide an environment for theentire community of users who log in to the system.
These files are provided by the Solaris OperatingEnvironment and reside in the /etc directory.
The two main system initialization files are:
w /etc/profile
w /etc/.login
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
53/451
Solaris 8 Operating Environment System Administration I Module 2, slide 21 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
User Initialization Files As the system administrator, you set up the users
initialization files and place them in each users homedirectory.
The primary job of a user initialization file is to definethe characteristics of a users work environment, such
as a users search path, environment variables, andwindowing environment.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
54/451
Solaris 8 Operating Environment System Administration I Module 2, slide 22 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Initialization Files for the Six Shells
Shells
System-wide
InitializationFiles
Primary User
Initialization FilesRead at Login
User InitializationFiles Read When a
New Shell IsStarted AfterLogin
Shell PathName
Bourne /etc/profile $HOME/.profile /bin/sh
Korn /etc/profile $HOME/.profile$HOME/.kshrc
$HOME/.kshrc /bin/ksh
C /etc/.login $HOME/.cshrc$HOME/.login
$HOME/.cshrc /bin/csh
Z /etc/zshenv/etc/zprofile
/etc/zshrc
/etc/zlogin
$HOME/.zshenv
$HOME/.zprofile
$HOME/.zlogin
$HOME/.zshrc /bin/zsh
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
55/451
Solaris 8 Operating Environment System Administration I Module 2, slide 23 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Initialization Files for the Six Shells
ShellsSystem-wideInitializationFiles
Primary UserInitialization FilesRead at Login
UserInitialization
Files Read Whena New Shell IsStarted AfterLogin
Shell PathName
Bash /etc/profile $HOME/.bash_profile
$HOME/.bash_login$HOME/.profile
$HOME/.bashrc /bin/bash
TC /etc/csh.cshrc/etc/csh.login
$HOME/.cshrc
or
$HOME/.login
$HOME/.tcshrc
or$HOME/.cshrc
/bin/tcsh
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
56/451
Solaris 8 Operating Environment System Administration I Module 2, slide 24 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Shell VariablesVariable Name Set By Description
LOGNAME Login Defines the users login name.
HOME Login Sets the path to the users home directory. The defaultargument for cd.
SHELL Login Sets the path to the default shell.
PATH Login Sets the default path the shell searches to findcommands.
MAIL Login Sets the path to the users mailbox.
TERM Not set bydefault
Defines the terminal.
LPDEST Not set by
default
Sets the users default printer.
PWD Shell Defines the current working directory.
PS1 Shell Defines the shell prompt for the Bourne or Korn shell.
prompt Shell Defines the shell prompt for the C shell.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
57/451
Solaris 8 Operating Environment System Administration I Module 2, slide 25 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Setting Environment Variables in UserInitialization Files
Shell Users Initialization FileBourne or Korn VARIABLE=value ; export VARIABLE
For example:
PS1=$HOSTNAME ! $ ; export PS1
C setenv variable value
For example:
setenv prompt \! uname -n %
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
58/451
Solaris 8 Operating Environment System Administration I Module 2, slide 26 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Default User Initialization Files
ShellInitialization FileTemplates
Users InitializationFiles
Bourne /etc/skel/local.profile $HOME/.profile
Korn /etc/skel/local.profile $HOME/.profile
C /etc/skel/local.login $HOME/.login
/etc/skel/local.cshrc $HOME/.cshrc
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
59/451
Solaris 8 Operating Environment System Administration I Module 2, slide 27 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise: Modifying Initialization Files Exercise Objective
Preparation Task Summary
Tasks
Exercise Summary
Task Solutions
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
60/451
Solaris 8 Operating Environment System Administration I Module 2, slide 28 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Check Your Progress Create and manage user accounts on the local system
using the admintoolutility
Describe the format of the files /etc/passwd and/etc/shadow for securing login access
Describe the format of the /etc/group file formaintaining shared and restricted access to files anddirectories
Add, modify, and delete user accounts on the local
system with the commands useradd, usermod, anduserdel
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
61/451
Solaris 8 Operating Environment System Administration I Module 2, slide 29 of 29Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Check Your Progress Add, modify, and delete group accounts for the local
system with the commands groupadd, groupmod, andgroupdel
Define the two different types of shell initialization files
Describe the shell startup activities during login for thethree main Solaris Operating Environment shells
List the shell initialization files used to set up a userswork environment at login
Describe the purpose of the /etc/skel directory
Modify the initialization files to customize a userswork environment
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
62/451
Solaris 8 Operating Environment System Administration I April 2001
Module 3
System Security
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
63/451
Solaris 8 Operating Environment System Administration I Module 3, slide 2 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ObjectivesUpon completion of this module, you should be able to:
Create the /var/adm/loginlog file to save failed loginattempts
Monitor system usage with the commands finger,last
, andrusers
Use the su command to become the root user oranother user on the system
Modify the /etc/default/login file to restrict rootaccess
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
64/451
Solaris 8 Operating Environment System Administration I Module 3, slide 3 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Objectives Use the commandsidandgroups to identify users and
their group memberships
Change a files owner or a files group using thecommands chown and chgrp, respectively
Explain how the special permissions setuid, setgid,and the Sticky Bit can affect system security
Create, modify, and delete access control lists (ACLs)on files
Control remote login access by maintaining three basicnetwork files: /etc/hosts.equiv, $HOME/.rhosts,and /etc/ftpusers
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
65/451
Solaris 8 Operating Environment System Administration I Module 3, slide 4 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Managing System Security OverviewSome basic steps that you should take to manage security atthe user, file, system, and network level include:
Maintaining password and login control
Monitoring system usage
Restricting access to data contained in files
Tracking root logins
Monitoring setuid programs
Controlling remote access on the network
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
66/451
Solaris 8 Operating Environment System Administration I Module 3, slide 5 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The pwconvCommand The pwconv command creates and updates the
/etc/shadow file with information from the/etc/passwd file.
It is the pwconv command that relies on the specialvalue of x in the password field of /etc/passwd.
The x indicates the password for the user alreadyexists in the /etc/shadow file.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
67/451
Solaris 8 Operating Environment System Administration I Module 3, slide 6 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Recording Failed Login Attempts You can save failed login attempts to a file, which is a
useful tool for determining if attempts are being made
to break into a system.
You can record failed login attempts in the file/var/adm/loginlog.
By default, the loginlog file does not exist. To enablelogging, you must create this file with read and writepermissions for root only; for example:
# touch /var/adm/loginlog
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
68/451
Solaris 8 Operating Environment System Administration I Module 3, slide 7 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Monitoring System Access All systems should be monitored routinely for
unauthorized user access.
Use the who command to see who is on the system. Itlooks in the /var/adm/utmpx file to obtain thisinformation.
The who command displays a list of users currentlylogged in to the local system.
If a user is logged in remotely, the remote host name for
that user is displayed.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
69/451
Solaris 8 Operating Environment System Administration I Module 3, slide 8 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Displaying User Information To display detailed information about users either
locally or remotely, use the finger command.
The finger command displays the users login name,home directory path, login time, login device name,data contained in the comment field of the
/etc/passwd file, login shell, and the name of the host,if logged in remotely.
Command format:
finger -m username
finger -m username@remotehostname
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
70/451
Solaris 8 Operating Environment System Administration I Module 3, slide 9 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Displaying a Record of Login Activity Use the last command to display a record of all logins
and logouts with the most recent activity at the top of
the output.
The last command looks in the /var/adm/wtmpx file,which records all logins and logouts.
Each entry includes the user name, the login device, thehost logged in from, the date and time logged in, thetime of logout, and the total login time in hours andminutes, including entries for system reboot times.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
71/451
Solaris 8 Operating Environment System Administration I Module 3, slide 10 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Displaying Users on Remote Systems The rusers command produces output similar to the
who command but displays users logged in on remote
hosts.
A remote host responds only to the rusers commandif its rpc.rusersddaemon is enabled. It is the network
server daemon that returns the list of users on theremote hosts.
Command format:
rusers [ -l ]
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
72/451
Solaris 8 Operating Environment System Administration I Module 3, slide 11 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Accessing rootPrivileges You should log in only to the root account to perform
administration tasks. You should avoid performing
routine work as the root user.
This helps protect the system from unauthorizedaccess, as it reduces the likelihood that the system will
be left unattended with root logged in. You can become root on a system by either:
w Logging in directly as root and supplying the root
passwordw Logging in as a regular user and then invoking the
su command and supplying the root password
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
73/451
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
74/451
Solaris 8 Operating Environment System Administration I Module 3, slide 13 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Effective User ID and EffectiveGroup ID
When you run the su command, the effective user ID(EUID) and effective group ID (EGID) are changed tothe new user to whom you have switched.
Access to files and directories is determined by the
value of the EUID and EGID for the switched user,rather than the user ID (UID) number and group ID(GID) numbers of the user who originally logged in tothe system.
This is important because file and directory access isdetermined based on the value of the EUID and EGIDof the user that you have become.
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
75/451
Solaris 8 Operating Environment System Administration I Module 3, slide 14 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the whoamiCommand The whoami command displays the switched users
effective current user ID (EUID) number.
# whoami
The who am i command displays the users real userID (UID) number.
# who am i
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
76/451
Solaris 8 Operating Environment System Administration I Module 3, slide 15 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand toBecome root
To use thesu
command to becomeroot
:1. Log in directly (from the login window) as a regular
user.
2. At the shell prompt in a terminal window, type su,and press Return. Type the root password, andpress Return.
$ suPassword:
#
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
77/451
Solaris 8 Operating Environment System Administration I Module 3, slide 16 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand to Becomeroot
3. To display the original login, type the commandwho am i, and press Return.
# who am iuser1 pts/11 Apr 25 15:45 (:0.0)
4. To determine the login name of the user to whichyou switched, type whoami, and press Return.
# whoami
root
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
78/451
Solaris 8 Operating Environment System Administration I Module 3, slide 17 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand to Becomeroot
5. To determine where the user is currently located,type pwd, and press Return. The location is theoriginal users home directory.
# pwd
6. To exit the root session and return to the originaluser, type exit, and press Return.
# exit
$
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
79/451
Solaris 8 Operating Environment System Administration I Module 3, slide 18 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand to BecomeAnother Regular User
To switch to another user and have that users environment:1. At the shell prompt, type su with the dash () option
and the name of the user to become, and pressReturn. Type the password for the user account, and
press Return.
$ su - user2Password:
$
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
80/451
Solaris 8 Operating Environment System Administration I Module 3, slide 19 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand to BecomeAnother Regular User
2. Determine the login name of the user you switchedto by typing whoami and pressing Return.
$ whoamiuser2
3. Determine where the user is located by typing pwdand pressing Return. The location is the new usershome directory.
$ pwd
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
81/451
Solaris 8 Operating Environment System Administration I Module 3, slide 20 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Using the suCommand to BecomeAnother Regular User
4. Display the login name of the user originally loggedin as by typing who am i and pressing Return.
$ who am i
user1 pts/4 Apr 25 15:55 (:0.0)
5. To return to the original user status and homedirectory, type exit, and press Return.
$ exit
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
82/451
Solaris 8 Operating Environment System Administration I Module 3, slide 21 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise: User Access Exercise Objective
Preparation Task Summary
Tasks
Exercise Summary
Task Solutions
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
83/451
Solaris 8 Operating Environment System Administration I Module 3, slide 22 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Check Your Progress Create the /var/adm/loginlog file to save failed login
attempts
Monitor system usage with the commands finger,last, and rusers
Use the su command to become the root user or
another user on the system
Modify the /etc/default/login file to restrict rootaccess
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
84/451
Solaris 8 Operating Environment System Administration I Module 3, slide 23 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Determining a Users GroupMembership
The groups command displays group memberships for theuser.
To see to which groups you belong:
# groupsstaff class
To list the groups to which a specific user belongs:
# groups user5staff class sysadmin
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
85/451
Solaris 8 Operating Environment System Administration I Module 3, slide 24 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Identifying a User AccountYou use theidcommand to identify users by listing their UID,user name, GID number, and group name.
To view your user account information:
$ id
uid=101(user1) gid=300(class)
To view all account information for a specific user:
$ id -a user1
uid=101(user1) gid=300(class) groups=14(sysadmin)
Sun Educational Services
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
86/451
Solaris 8 Operating Environment System Administration I Module 3, slide 25 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Changing a Files Ownership With thechownCommand
You use the chown command to change the original owner ofa file or directory to another user on the system.
In this example, user1 owns a file called file7.
# cd /export/home/user1# ls -l file7-rw-r--r-- 1 user1 staff 672 Jun 1 15:11 file7#
w Give this file to a new user named user2.
# chown user2 file7# ls -l file7-rw-r--r-- 1 user2 staff 672 Jun 1 15:12 file7
Sun Educational Services
Ch O h
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
87/451
Solaris 8 Operating Environment System Administration I Module 3, slide 26 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Changing Directory Ownership In this example, user1 owns a directory called dir4.
# ls -ld dir4drwxr-xr-x 8 user1 staff 512 Apr 22 12:51 dir4
#
Give this directory and all of its contents (files and
subdirectories) to user2.
# chown -R user2 dir4# ls -ld dir4drwxr-xr-x 8 user2 staff 512 Jun 1 15:14 dir4
#
Sun Educational Services
Ch i U d G O hi
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
88/451
Solaris 8 Operating Environment System Administration I Module 3, slide 27 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Changing User and Group OwnershipSimultaneously
The chown command gives the owner the ability tochange both the ownership and group membership ofa file or directory at the same time:
# chown user3:class file2
You can use the -R option to recursively descend adirectory hierarchy, changing ownership and groupmembership on the directory and its contents,simultaneously:
# chown -R user3:class dir1
Sun Educational Services
Ch i Fil G O hi
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
89/451
Solaris 8 Operating Environment System Administration I Module 3, slide 28 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Changing a Files Group OwnershipWith thechgrpCommand
Use the chgrp command to change the group ownership offiles or directories to another group on the system.
For example, the file called file4 currently belongs toa group named staff.
# ls -l file4-rw-r--r-- 1 user1 staff 874 Jun 1 15:08 file4
Use thechgrpcommand to give this file to a new group
named class.# chgrp class file4# ls -l file4-rw-r--r-- 1 user1 class 874 Jun 1 15:09 file4
Sun Educational Services
S i l Fil P i i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
90/451
Solaris 8 Operating Environment System Administration I Module 3, slide 29 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Special File PermissionsThree types of special permissions are available for executablefiles and public directories.
Set-user identification (setuid) permission
Set-group identification (setgid) permission
Sticky Bit permission
Sun Educational Services
Th t idP i i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
91/451
Solaris 8 Operating Environment System Administration I Module 3, slide 30 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The setuidPermissionThe setuid permission displays as an s in the ownersexecute field; for example:
-r-sr-xr-x 1 root sys 17156 Jan 5 17:03 /usr/bin/su
To set thesetuidpermissions on an executable file, use
the chmod command and the octal value 4000; forexample:
# chmod 4555 executable_file
Sun Educational Services
Th t idP i i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
92/451
Solaris 8 Operating Environment System Administration I Module 3, slide 31 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The setgidPermissionThe setgid permission displays as an s in the groupsexecute field; for example:
-r-x--s--x 1 root mail 61288 Jan 5 16:57 /usr/bin/mail
To set a setgid permission on an executable file, use
the chmod command and the octal value 2000; forexample:
# chmod 2555 executable_file
Sun Educational Services
Th Sti k Bit P i i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
93/451
Solaris 8 Operating Environment System Administration I Module 3, slide 32 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The Sticky Bit PermissionThe Sticky Bit displays as the letter t in the execute field forother; for example:
# ls -ld /tmp
drwxrwxrwt 6 root sys 719 May 31 03:30 /tmp
To set the Sticky Bit permission on a directory, use thechmod command and the octal value 1000; forexample:
# chmod 1777 public_directory
Sun Educational Services
Exercise: Working With File Owners
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
94/451
Solaris 8 Operating Environment System Administration I Module 3, slide 33 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise: Working With File Owners,Groups, and Special Permissions
Exercise Objective
Preparation
Task Summary
Tasks
Exercise Summary
Task Solutions
Sun Educational Services
Check Your Progress
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
95/451
Solaris 8 Operating Environment System Administration I Module 3, slide 34 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Check Your Progress Use the commandsidandgroups to identify users and
their group memberships
Change a files owner or a files group using thecommands chown and chgrp, respectively
Explain how the special permissions setuid, setgid,
and the Sticky Bit can affect system security
Sun Educational Services
Access Control Lists (ACLs)
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
96/451
Solaris 8 Operating Environment System Administration I Module 3, slide 35 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Access Control Lists (ACLs)ACLs can provide greater control over file access permissionsand provide better file security for the file owner, file group,
other, specific users, and specific groups.
Sun Educational Services
ACL Commands and Options
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
97/451
Solaris 8 Operating Environment System Administration I Module 3, slide 36 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ACL Commands and OptionsCommand/Option Description
getfacl
filename(s)
Displays ACL entries on files.
setfacl options
filename(s)
Sets, adds, modifies, and deletes ACL entrieson files.
setfacl -macl_entries
Creates or modifies ACL entries on files.
setfacl -s
acl_entries
Removes old ACL entries on files andreplaces them with new ACL entries.
setfacl -d
acl_entries
Deletes one or more ACL entries on files.
Sun Educational Services
ACL Commands and Options
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
98/451
Solaris 8 Operating Environment System Administration I Module 3, slide 37 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ACL Commands and OptionsCommand/Option Description
setfacl -f
acl_file
Specifies an ACL configuration file
containing a list of permissions to be set onother files. acl_file is used as an argumentwith this command only.
setfacl -r Recalculates permissions for the ACL mask.
Sun Educational Services
ACL Entries
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
99/451
Solaris 8 Operating Environment System Administration I Module 3, slide 38 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ACL EntriesACL Fields Description
entry-type The type of entry to set file permissions for owner,
owners group, specific users, additional groups, orthe ACL mask.
UID or GID The users name or identification number (UID).The groups name or identification number (GID).
perm Permissions set for entry-type. You can setpermissions symbolically using r, w, x, and - or byusing octal values from 0 to 7.
Sun Educational Services
ACL Entry Examples
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
100/451
Solaris 8 Operating Environment System Administration I Module 3, slide 39 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ACL Entry Examples u[ser]::perm Sets permissions for the file owner.
g[roup]::perm Sets permissions for the ownersgroup.
o[ther]:perm Sets permissions for users other thanthe owner or owners group.
u[ser]:UID:perm or u[ser]:username:perm Sets permissions for a specific user.
g[roup]:GID:perm or
g[roup]:groupname:perm Sets permissions for aspecific group.
Sun Educational Services
ACL Entry Examples
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
101/451
Solaris 8 Operating Environment System Administration I Module 3, slide 40 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
ACL Entry Examples m[ask]:perm Sets the ACL mask, which indicates
the maximum permissions allowed for all users, except
the owner, and for all groups.
Sun Educational Services
Adding and Modifying ACLPermissions on a File
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
102/451
Solaris 8 Operating Environment System Administration I Module 3, slide 41 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Adding and Modifying ACLPermissions on a File
You can use the setfacl -m command to add or modify ACLpermissions on one or more of the files ACL entries; for example:
# setfacl -m user:user8:6 file.txt
# getfacl file.txt
# file: file.txt# owner: user1
# group: class
user::rwx
user::user8:rw- #effective:r--
group::r-- #effective:r--
mask:r--
other:---
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
103/451
Sun Educational Services
Determining if a File Has an ACL
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
104/451
Solaris 8 Operating Environment System Administration I Module 3, slide 43 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Determining if a File Has an ACLThere are two ways to determine if a file has an ACL:
Use the getfacl command Use the ls -l command
Using the ls -l command on any file that has an ACL
displays a plus (+) sign at the end of the permission modefield; for example:
# ls -l file.txt-rwxr-----+ 1 user1 class 167 Apr 18 11:13 file.txt
Sun Educational Services
Deleting an ACL Entry on a File
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
105/451
Solaris 8 Operating Environment System Administration I Module 3, slide 44 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Deleting an ACL Entry on a FileTo delete an ACL entry from a file, use the setfacl -dcommand and specify the entry type and the UID (user name)
or GID (group name). This example deletes an ACL entry from file.txt.
# setfacl -d u:user8 file.txt
Sun Educational Services
Replacing an Entire ACL on a File
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
106/451
Solaris 8 Operating Environment System Administration I Module 3, slide 45 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Replacing an Entire ACL on a FileTo replace the entire ACL on a file, you must specify at leastthe basic set of user, group, other, and mask permissions and
file names; for example:# setfacl -s user::rw-,group::r--,other:---,mask:rw-,user:user8:rw- file.txt
# getfacl file.txt# file: file.txt# owner: user1# group: classuser::rw-user:user8:rw- #effective:rw-group::r-- #effective:r--mask:rw-other:---
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
107/451
Sun Educational Services
Check Your Progress
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
108/451
Solaris 8 Operating Environment System Administration I Module 3, slide 47 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
g Create, modify, and delete ACLs on files
Sun Educational Services
Managing Remote Access Issues
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
109/451
Solaris 8 Operating Environment System Administration I Module 3, slide 48 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
g gThree network files provide certain schemes for handlingbasic security issues involving remote user access of a local
system: The /etc/hosts.equiv file
The $HOME/.rhosts file
The /etc/ftpusers file
Sun Educational Services
The /etc/hosts.equivand$HOME/.rhostsFiles
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
110/451
Solaris 8 Operating Environment System Administration I Module 3, slide 49 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
q$HOME/.rhostsFiles
Typically, when a remote user requests login access to a local
host, the first file read is its /etc/passwd file.
If there is no entry in the local hosts /etc/passwd filefor the remote user, access is denied.
The/etc/hosts.equiv and$HOME/.rhostsfiles bypass thisstandard password-based authentication to determine if aremote user is allowed access to the local host.
The information contained in these two files (if theyexist) determines if remote user access is granted ordenied.
Sun Educational Services
Remote Access
Authentication1
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
111/451
user1host1
rlogin rcp rsh
Accessallowed
Password
user1/ in/etc/passwd
Superuser
host1in /etc/
hosts.equiv
host1in
$HOME/.rhosts
Password
No
No
No
Yes
Yes
Yes
host1
host5
Yes
Yes
rlogin
No
Sun Educational Services
Entries in the /etc/hosts.equivand$HOME/.rhostsFiles
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
112/451
Solaris 8 Operating Environment System Administration I Module 3, slide 51 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
$ O /. osts es
While these two files have the same format, the same entries
in each file have different effects.
The /etc/hosts.equiv file applies to the entiresystem, while individual users can maintain their own
$HOME/.rhosts files in their home directoriesBoth files contain a list of one-line entries, which can include:
hostname
hostname username
+
Sun Educational Services
The /etc/hosts.equivFile
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
113/451
Solaris 8 Operating Environment System Administration I Module 3, slide 52 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
For regular users, this file identifies remote hosts and remoteusers who are considered to be trusted.
If a local hosts /etc/hosts.equiv file contains thehost name of the remote host, then all regular users ofthat remote host are trusted and do not need to supplya password to log in to the local host.
This is particularly useful for sites where it is commonfor regular users to have accounts on many differentsystems, eliminating the security risk of sending ASCII
passwords over the network. The /etc/hosts.equiv file does not exist by default.
Sun Educational Services
The $HOME/.rhostsFile
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
114/451
Solaris 8 Operating Environment System Administration I Module 3, slide 53 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
While the /etc/hosts.equiv file applies system-wide fornon-root users, the .rhosts file applies to a specific user.
All users, including root, can create and maintain theirown .rhosts files in their home directory.
If the remote host name is listed in this file, it is
considered to be a trusted host and remote user access;in this case, root access is granted on the local host.
The $HOME/.rhosts file does not exist by default; youmust create it in the users home directory.
Sun Educational Services
Restricting FTP Loginsh fil l h f h
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
115/451
Solaris 8 Operating Environment System Administration I Module 3, slide 54 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Use the /etc/ftpusers file to list the names of users who areprohibited from running an ftp login on the system.
Each line entry contains the login name for eachrestricted user.
By default, ftpusers lists these system account entries:
rootdaemonbinsysadmlp
uucpnuucplistennobodynoaccessnobody4
Sun Educational Services
The /etc/shellsFileTh / / fil i li f h h ll h
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
116/451
Solaris 8 Operating Environment System Administration I Module 3, slide 55 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The /etc/shells file contains a list of the shells on thesystem. This file does not exist by default.
If this file does not exist, then getusershells(3c)uses its own list of shells.
By creating this file, each shell that you want to be recognized
by the system must have a single-line entry, consisting of theshells path, relative to / (root); for example:
# vi /etc/shells
/sbin/sh/bin/sh
/bin/ksh
Sun Educational Services
Exercise: Managing Remote SecurityIssues
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
117/451
Solaris 8 Operating Environment System Administration I Module 3, slide 56 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Exercise Objective
Preparation
Task Summary
Tasks Exercise Summary
Task Solutions
Sun Educational Services
Check Your ProgressC t l t l i b i t i i th b i
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
118/451
Solaris 8 Operating Environment System Administration I Module 3, slide 57 of 57Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Control remote login access by maintaining three basicnetwork files: /etc/hosts.equiv, $HOME/.rhosts,
and /etc/ftpusers
Sun Educational Services
Module 4
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
119/451
Solaris 8 Operating Environment System Administration I April 2001
Module 4
The Directory Hierarchy
Sun Educational Services
ObjectivesUpon completion of this module you should be able to:
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
120/451
Solaris 8 Operating Environment System Administration I Module 4, slide 2 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Upon completion of this module, you should be able to:
Identify the four main file types in the SolarisOperating Environment
Describe the functions provided by regular files,directories, symbolic links, device files, and hard links
Define the function of each subdirectory found directlywithin the root directory
Sun Educational Services
The Solaris Operating EnvironmentFile Types
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
121/451
Solaris 8 Operating Environment System Administration I Module 4, slide 3 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The Solaris Operating Environment supports a standard set of
files, which provides for storing data, activating devices, orallowing inter-process communication.
Of the different types of files that exist, there are four
main file types in Solaris Operating Environment,which include:
w Regular or ordinary files
w
Directoriesw Symbolic links
w Device files
Sun Educational Services
Identifying File TypesUse the ls l command to distinguish different file types
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
122/451
Solaris 8 Operating Environment System Administration I Module 4, slide 4 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Use the ls l command to distinguish different file types.
The character in the first column of informationindicates the file type; for example:
# cd /etc ; ls -l
drwxr-xr-x 2 adm adm 512 Apr 3 10:42 acct
lrwxrwxrwx 1 root root 14 Apr 3 11:05 aliases -> ./
mail/aliases
-rw-r--r-- 1 root bin 50 Apr 3 10:45 auto_home
(output truncated)
# cd /devices/pci@1f,0/pci@1,1/ide@3 ; ls -l
brw------- 1 root sys 136, 0 Apr 3 11:11 dad@0,0:a
crw------- 1 root sys 136, 0 Apr 3 11:11 dad@0,0:a,raw
(output truncated)
Sun Educational Services
Identifying File TypesThe character in the first column identifies each files type as
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
123/451
Solaris 8 Operating Environment System Administration I Module 4, slide 5 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
The character in the first column identifies each file s type, asfollows:
- Regular files
d Directories
l
Symbolic links b Block-special device files
c Character-special device files
Sun Educational Services
File Names, Inodes, and Data BlocksAll files in the Solaris Operating Environment make use of a
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
124/451
Solaris 8 Operating Environment System Administration I Module 4, slide 6 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
All files in the Solaris Operating Environment make use of afile name and a record called an inode. Most files also make
use of data blocks. File names are the objects most often used to access and
manipulate files.
Inodes are the objects the system uses to recordinformation about a file.
Data blocks are units of disk space used to store data.
Sun Educational Services
File Names, Inodes, and Data BlocksA file name is associated with an inode, and an inode provides
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
125/451
Solaris 8 Operating Environment System Administration I Module 4, slide 7 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
A file name is associated with an inode, and an inode providesaccess to data blocks.
Data blocks
Inode numberfile name
Sun Educational Services
Regular FilesA regular file holds data.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
126/451
Solaris 8 Operating Environment System Administration I Module 4, slide 8 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
A regular file holds data.
Data blocks
Inode 1282file1
Creation methods
Text editors
Compilers
Application programs
Database programs
Commands (for example touch)
Data
Text
Binaries
Images
Application data
Databases
Purpose
Regular files store data
Sun Educational Services
DirectoriesDirectories store information that associates file names with
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
127/451
Solaris 8 Operating Environment System Administration I Module 4, slide 9 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
inode numbers.
Data blocks
file1 = inode 1282
dirA = inode 5314
Inode 4221dir1
Creation methods
mkdir name
Data
Directory
information
Purpose
Directories store data that
associates files names with
inode numbers.
Sun Educational Services
Symbolic LinksA symbolic link is a file that points to another file. A symbolic
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
128/451
Solaris 8 Operating Environment System Administration I Module 4, slide 10 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
y p ylink contains the path name of the file to which it points.
Data block
./file2
Data blocks
Inode 3561 Inode 1282link1 file2
Data
SinglePathname
Creation method
ln -spathname target
Purpose
Symbolic links refer to other file names.A symbolic link contains the pathname
of the file to which it points.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
129/451
Sun Educational Services
Device File ExampleThis example shows the relationship between a device file
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
130/451
Solaris 8 Operating Environment System Administration I Module 4, slide 12 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
p pdad@0,0:a and the disk device it controls. The inode
information fordad@0,0:a
contains major number 136 andminor number 0.
Inode 90681
dad driver (136)
unix
Device file
Disk device
Kernel modules
(device drivers)
dad@0,0:a
136, 0
Sun Educational Services
Two Categories of Device Files
Device files fall into two categories: character-special devices
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
131/451
Solaris 8 Operating Environment System Administration I Module 4, slide 13 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
and block-special devices.
Character-special device files:
w The file type c identifies character-special devicefiles.
crw------- 1 root sys 136, 0 Apr 3 11:11 dad@0,0:a,raw
Block-special device files:
w The file type b identifies block-special device files.
brw------- 1 root sys 136, 0 Apr 3 11:11 dad@0,0:a
Sun Educational Services
Hard Links
A hard link is the association between a file name and and h d l k f fil
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
132/451
Solaris 8 Operating Environment System Administration I Module 4, slide 14 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
inode. A hard link is not a separate type of file.
Data blocks Data blocks
file1 = inode 1282
Inode 1282 Inode 4221file1 dir1
Sun Educational Services
File Names Associated With an InodeNumber
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
133/451
Solaris 8 Operating Environment System Administration I Module 4, slide 15 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
Use the ln command to create new hard links to regular files.
ln file1 file2 creates a new directory called file2,associated with the same inode associated with file1.
Data blocks Data blocks
file1 = inode 1282
file2 = inode 1282
Inode 1282 Inode 4221file1
file2
dir1
Sun Educational Services
The rootSubdirectories
The Solaris Operating Environment consists of a hierarchy ofiti l t di t i d fil th t f th
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
134/451
Solaris 8 Operating Environment System Administration I Module 4, slide 16 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
critical system directories and files that are necessary for the
operating system to function properly. / The root of the overall file system name space.
/bin The directory location for standard system
commands or binary files. /dev The primary location for logical device names.
/devices The primary location for physical device
names.
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
135/451
Sun Educational Services
The rootSubdirectories
/opt The default directory or mount point for add-on application packages
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
136/451
Solaris 8 Operating Environment System Administration I Module 4, slide 18 of 21Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. Enterprise Services April 2001, Revision B
on application packages.
/platform The directory of platform-dependentloadable kernel modules.
/sbin Essential executables used in the booting
process and in manual system failure recovery. /tmp Temporary files; cleared during the boot
sequence.
/usr The directory for programs, scripts, andlibraries used by all system users.
Sun Educational Services
The rootSubdirectories
/var The directory for varying files, which usuallyincludes temporary logging or status files
-
8/14/2019 Solaris 8 Operating Environemnt System Administration I
137/451
Solaris